admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-01-15T15:00:25.498018+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-01-15 15:03:52 +00:00
parent 02063f2273
commit a62b6276eb
45 changed files with 1633 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2019/CVE-2019-173xx/CVE-2019-17365.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-17365", "id": "CVE-2019-17365",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2019-10-09T22:15:10.670", "published": "2019-10-09T22:15:10.670",
"lastModified": "2024-11-21T04:32:11.367", "lastModified": "2025-01-15T14:29:23.370",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -85,9 +85,9 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:nixos:nix:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:nixos:nix:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.3", "versionEndIncluding": "2.3",
"matchCriteriaId": "3DEB5AAA-DCAD-478D-ACC4-ED5CF3E0E365" "matchCriteriaId": "41CBEDE7-C5CA-4533-8F81-940E20658FDF"
} }
] ]
} }

34
CVE-2020/CVE-2020-92xx/CVE-2020-9222.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-9222", "id": "CVE-2020-9222",
"sourceIdentifier": "psirt@huawei.com", "sourceIdentifier": "psirt@huawei.com",
"published": "2024-12-27T10:15:15.270", "published": "2024-12-27T10:15:15.270",
"lastModified": "2025-01-13T18:49:33.693", "lastModified": "2025-01-15T14:50:26.910",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -83,7 +83,6 @@
], ],
"configurations": [ "configurations": [
{ {
"operator": "AND",
"nodes": [ "nodes": [
{ {
"operator": "OR", "operator": "OR",
@ -91,39 +90,28 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:huawei:fusioncompute_firmware:6.3.0:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:huawei:fusioncompute:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24301715-CA45-41FE-8BE3-0DE0C468F4A6" "matchCriteriaId": "319C5290-36D1-4A96-80D3-18978161557D"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:huawei:fusioncompute_firmware:6.3.1:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:huawei:fusioncompute:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A57A27E-C385-44FD-BF7B-3BA107159327" "matchCriteriaId": "9EFA1D96-F198-4424-8F5A-1C7DFF3F42AE"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:huawei:fusioncompute_firmware:6.5.0:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:huawei:fusioncompute:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00EEB3EE-2387-475F-996B-B23CE13E7B16" "matchCriteriaId": "EB149F98-77DF-40C3-A307-21D7B9BCB6DA"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:huawei:fusioncompute_firmware:6.5.1:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:huawei:fusioncompute:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A84ADDDE-0AA5-4152-B0DD-53FFD1444BA7" "matchCriteriaId": "916284A3-6895-4F2C-9426-240F4EB7336F"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:huawei:fusioncompute_firmware:8.0.0:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:huawei:fusioncompute:8.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A3FA7E81-258C-4B44-BEE6-3E3D4FC95A17" "matchCriteriaId": "00E095D9-7778-4371-9D9E-3176AAFAB70D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:huawei:fusioncompute:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3B98FF-4563-431D-A1C2-C0932BC49594"
} }
] ]
} }

68
CVE-2024/CVE-2024-110xx/CVE-2024-11029.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-11029",
"sourceIdentifier": "secalert@redhat.com",
"published": "2025-01-15T13:15:08.940",
"lastModified": "2025-01-15T14:15:27.683",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the worst-case scenario, where the journal log is centralized, users with access to it can have improper access to the FreeIPA administrator credentials."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un fallo en la auditor\u00eda de la API de FreeIPA, donde env\u00eda toda la l\u00ednea de comandos de FreeIPA a journalctl. Como consecuencia, durante el proceso de instalaci\u00f3n de FreeIPA, filtra inadvertidamente las credenciales de usuario administrativo, incluida la contrase\u00f1a de administrador, a la base de datos del diario. En el peor de los casos, donde el registro del diario est\u00e1 centralizado, los usuarios con acceso a \u00e9l pueden tener acceso indebido a las credenciales de administrador de FreeIPA."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-497"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2025:0334",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-11029",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325557",
"source": "secalert@redhat.com"
}
]
}

56
CVE-2024/CVE-2024-113xx/CVE-2024-11322.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-11322",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2025-01-15T14:15:27.943",
"lastModified": "2025-01-15T14:15:27.943",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A denial-of-service vulnerability exists in CyberPower PowerPanel Business (PPB) 4.11.0. \nAn unauthenticated remote attacker can restart the ppbd.exe process via the PowerPanel Business Service Watchdog service listening on TCP port 2003. The attacker can repeatedly restart ppbd.exe to render it unavailable."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://www.tenable.com/security/research/tra-2025-01",
"source": "vulnreport@tenable.com"
}
]
}

4
CVE-2024/CVE-2024-125xx/CVE-2024-12593.json
View File

@ -9,6 +9,10 @@
{ {
"lang": "en", "lang": "en",
"value": "The PDF for WPForms + Drag and Drop Template Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's yeepdf_dotab shortcode in all versions up to, and including, 4.6.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." "value": "The PDF for WPForms + Drag and Drop Template Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's yeepdf_dotab shortcode in all versions up to, and including, 4.6.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento PDF para WPForms + Drag and Drop Template Builder para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del c\u00f3digo corto yeepdf_dotab del complemento en todas las versiones hasta la 4.6.0 incluida debido a una desinfecci\u00f3n de entrada y a un escape de salida insuficiente en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
} }
], ],
"metrics": { "metrics": {

68
CVE-2024/CVE-2024-132xx/CVE-2024-13215.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-13215",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-15T13:15:09.263",
"lastModified": "2025-01-15T13:15:09.263",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.13.10 via the 'render' function in modules/modal-popup/widgets/modal-popup.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, scheduled, and draft template data."
},
{
"lang": "es",
"value": "El complemento Elementor Addon Elements para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 1.13.10 incluida a trav\u00e9s de la funci\u00f3n \"render\" en modules/modal-popup/widgets/modal-popup.php. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, extraigan datos confidenciales de plantillas privadas, pendientes, programadas y en borrador."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-359"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/modal-popup/widgets/modal-popup.php#L1058",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3221982/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4feacb75-0533-4f53-8ce9-3e45ee8336e2?source=cve",
"source": "security@wordfence.com"
}
]
}

45
CVE-2024/CVE-2024-364xx/CVE-2024-36476.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-36476",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:09.460",
"lastModified": "2025-01-15T13:15:09.460",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rtrs: Ensure 'ib_sge list' is accessible\n\nMove the declaration of the 'ib_sge list' variable outside the\n'always_invalidate' block to ensure it remains accessible for use\nthroughout the function.\n\nPreviously, 'ib_sge list' was declared within the 'always_invalidate'\nblock, limiting its accessibility, then caused a\n'BUG: kernel NULL pointer dereference'[1].\n ? __die_body.cold+0x19/0x27\n ? page_fault_oops+0x15a/0x2d0\n ? search_module_extables+0x19/0x60\n ? search_bpf_extables+0x5f/0x80\n ? exc_page_fault+0x7e/0x180\n ? asm_exc_page_fault+0x26/0x30\n ? memcpy_orig+0xd5/0x140\n rxe_mr_copy+0x1c3/0x200 [rdma_rxe]\n ? rxe_pool_get_index+0x4b/0x80 [rdma_rxe]\n copy_data+0xa5/0x230 [rdma_rxe]\n rxe_requester+0xd9b/0xf70 [rdma_rxe]\n ? finish_task_switch.isra.0+0x99/0x2e0\n rxe_sender+0x13/0x40 [rdma_rxe]\n do_task+0x68/0x1e0 [rdma_rxe]\n process_one_work+0x177/0x330\n worker_thread+0x252/0x390\n ? __pfx_worker_thread+0x10/0x10\n\nThis change ensures the variable is available for subsequent operations\nthat require it.\n\n[1] https://lore.kernel.org/linux-rdma/6a1f3e8f-deb0-49f9-bc69-a9b03ecfcda7@fujitsu.com/"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: RDMA/rtrs: garantizar que 'ib_sge list' sea accesible Mueva la declaraci\u00f3n de la variable 'ib_sge list' fuera del bloque 'always_invalidate' para garantizar que permanezca accesible para su uso en toda la funci\u00f3n. Anteriormente, 'ib_sge list' se declaraba dentro del bloque 'always_invalidate', lo que limitaba su accesibilidad y luego causaba un 'BUG: kernel NULL pointer dereference'[1]. ? __die_body.cold+0x19/0x27 ? page_fault_oops+0x15a/0x2d0 ? search_module_extables+0x19/0x60 ? search_bpf_extables+0x5f/0x80 ? exc_page_fault+0x7e/0x180 ? asm_exc_page_fault+0x26/0x30 ? rxe_pool_get_index+0x4b/0x80 [rdma_rxe] copy_data+0xa5/0x230 [rdma_rxe] rxe_requester+0xd9b/0xf70 [rdma_rxe] ? finish_task_switch.isra.0+0x99/0x2e0 rxe_sender+0x13/0x40 [rdma_rxe] do_task+0x68/0x1e0 [rdma_rxe] process_one_work+0x177/0x330 worker_thread+0x252/0x390 ? __pfx_worker_thread+0x10/0x10 Este cambio garantiza que la variable est\u00e9 disponible para operaciones posteriores que la requieran. [1] https://lore.kernel.org/linux-rdma/6a1f3e8f-deb0-49f9-bc69-a9b03ecfcda7@fujitsu.com/"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/143378075904e78b3b2a810099bcc3b3d82d762f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/32e1e748a85bd52b20b3857d80fd166d22fa455a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6ffb5c1885195ae5211a12b4acd2d51843ca41b0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7eaa71f56a6f7ab87957213472dc6d4055862722",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b238f61cc394d5fef27b26d7d9aa383ebfddabb0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fb514b31395946022f13a08e06a435f53cf9e8b3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-392xx/CVE-2024-39282.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-39282",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:09.740",
"lastModified": "2025-01-15T13:15:09.740",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: wwan: t7xx: Fix FSM command timeout issue\n\nWhen driver processes the internal state change command, it use an\nasynchronous thread to process the command operation. If the main\nthread detects that the task has timed out, the asynchronous thread\nwill panic when executing the completion notification because the\nmain thread completion object has been released.\n\nBUG: unable to handle page fault for address: fffffffffffffff8\nPGD 1f283a067 P4D 1f283a067 PUD 1f283c067 PMD 0\nOops: 0000 [#1] PREEMPT SMP NOPTI\nRIP: 0010:complete_all+0x3e/0xa0\n[...]\nCall Trace:\n <TASK>\n ? __die_body+0x68/0xb0\n ? page_fault_oops+0x379/0x3e0\n ? exc_page_fault+0x69/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? complete_all+0x3e/0xa0\n fsm_main_thread+0xa3/0x9c0 [mtk_t7xx (HASH:1400 5)]\n ? __pfx_autoremove_wake_function+0x10/0x10\n kthread+0xd8/0x110\n ? __pfx_fsm_main_thread+0x10/0x10 [mtk_t7xx (HASH:1400 5)]\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x38/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n </TASK>\n[...]\nCR2: fffffffffffffff8\n---[ end trace 0000000000000000 ]---\n\nUse the reference counter to ensure safe release as Sergey suggests:\nhttps://lore.kernel.org/all/da90f64c-260a-4329-87bf-1f9ff20a5951@gmail.com/"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: wwan: t7xx: Soluci\u00f3n del problema de tiempo de espera del comando FSM Cuando el controlador procesa el comando de cambio de estado interno, utiliza un hilo asincr\u00f3nico para procesar la operaci\u00f3n del comando. Si el hilo principal detecta que se agot\u00f3 el tiempo de espera de la tarea, el hilo asincr\u00f3nico entrar\u00e1 en p\u00e1nico al ejecutar la notificaci\u00f3n de finalizaci\u00f3n porque se liber\u00f3 el objeto de finalizaci\u00f3n del hilo principal. ERROR: no se puede manejar el error de p\u00e1gina para la direcci\u00f3n: fffffffffffffff8 PGD 1f283a067 P4D 1f283a067 PUD 1f283c067 PMD 0 Oops: 0000 [#1] PREEMPT SMP NOPTI RIP: 0010:complete_all+0x3e/0xa0 [...] Seguimiento de llamadas: ? __die_body+0x68/0xb0 ? page_fault_oops+0x379/0x3e0 ? exc_page_fault+0x69/0xa0 ? asm_exc_page_fault+0x22/0x30 ? complete_all+0x3e/0xa0 fsm_main_thread+0xa3/0x9c0 [mtk_t7xx (HASH:1400 5)] ? __pfx_autoremove_wake_function+0x10/0x10 kthread+0xd8/0x110 ? __pfx_fsm_main_thread+0x10/0x10 [mtk_t7xx (HASH:1400 5)] ? __pfx_kthread+0x10/0x10 ret_from_fork+0x38/0x50 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1b/0x30 [...] CR2: fffffffffffffff8 ---[ fin del seguimiento 000000000000000 ]--- Utilice el contador de referencia para garantizar una liberaci\u00f3n segura como sugiere Sergey: https://lore.kernel.org/all/da90f64c-260a-4329-87bf-1f9ff20a5951@gmail.com/"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0cd3bde081cd3452c875fa1e5c55834c670d6e05",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4f619d518db9cd1a933c3a095a5f95d0c1584ae8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b8ab9bd0c8855cd5a6f4e0265083576257ff3fc5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e6e6882a1590cbdaca77a31a02f4954327237e14",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

6
CVE-2024/CVE-2024-455xx/CVE-2024-45593.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-45593", "id": "CVE-2024-45593",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-10T16:15:21.760", "published": "2024-09-10T16:15:21.760",
"lastModified": "2024-09-20T19:57:55.573", "lastModified": "2025-01-15T14:29:23.370",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -90,10 +90,10 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:nixos:nix:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:nixos:nix:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.24.0", "versionStartIncluding": "2.24.0",
"versionEndExcluding": "2.24.6", "versionEndExcluding": "2.24.6",
"matchCriteriaId": "423F7CD7-8C2C-4133-947F-8F42F5F7CECD" "matchCriteriaId": "29F960E4-D262-4A4B-A212-709CB43F1325"
} }
] ]
} }

37
CVE-2024/CVE-2024-51xx/CVE-2024-5198.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-5198",
"sourceIdentifier": "security@openvpn.net",
"published": "2025-01-15T13:15:15.090",
"lastModified": "2025-01-15T13:15:15.090",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt."
},
{
"lang": "es",
"value": "OpenVPN ovpn-dco para Windows versi\u00f3n 1.1.1 permite que un atacante local sin privilegios env\u00ede mensajes de control de E/S con datos no v\u00e1lidos al controlador, lo que genera una desreferencia de puntero NULL que provoca la detenci\u00f3n del sistema."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@openvpn.net",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://community.openvpn.net/openvpn/wiki/CVE-2024-5198",
"source": "security@openvpn.net"
}
]
}

29
CVE-2024/CVE-2024-536xx/CVE-2024-53681.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-53681",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:10.963",
"lastModified": "2025-01-15T13:15:10.963",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: Don't overflow subsysnqn\n\nnvmet_root_discovery_nqn_store treats the subsysnqn string like a fixed\nsize buffer, even though it is dynamically allocated to the size of the\nstring.\n\nCreate a new string with kstrndup instead of using the old buffer."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nvmet: No desborde subsysnqn nvmet_root_discovery_nqn_store trata la cadena subsysnqn como un b\u00fafer de tama\u00f1o fijo, aunque se le asigna din\u00e1micamente el tama\u00f1o de la cadena. Cree una nueva cadena con kstrndup en lugar de usar el b\u00fafer anterior."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/4db3d750ac7e894278ef1cb1c53cc7d883060496",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/86645d8d062af3fdcbdaa0a289b95de55bca827d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-540xx/CVE-2024-54031.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-54031",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:11.203",
"lastModified": "2025-01-15T13:15:11.203",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext\n\nAccess to genmask field in struct nft_set_ext results in unaligned\natomic read:\n\n[ 72.130109] Unable to handle kernel paging request at virtual address ffff0000c2bb708c\n[ 72.131036] Mem abort info:\n[ 72.131213] ESR = 0x0000000096000021\n[ 72.131446] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 72.132209] SET = 0, FnV = 0\n[ 72.133216] EA = 0, S1PTW = 0\n[ 72.134080] FSC = 0x21: alignment fault\n[ 72.135593] Data abort info:\n[ 72.137194] ISV = 0, ISS = 0x00000021, ISS2 = 0x00000000\n[ 72.142351] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 72.145989] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 72.150115] swapper pgtable: 4k pages, 48-bit VAs, pgdp=0000000237d27000\n[ 72.154893] [ffff0000c2bb708c] pgd=0000000000000000, p4d=180000023ffff403, pud=180000023f84b403, pmd=180000023f835403,\n+pte=0068000102bb7707\n[ 72.163021] Internal error: Oops: 0000000096000021 [#1] SMP\n[...]\n[ 72.170041] CPU: 7 UID: 0 PID: 54 Comm: kworker/7:0 Tainted: G E 6.13.0-rc3+ #2\n[ 72.170509] Tainted: [E]=UNSIGNED_MODULE\n[ 72.170720] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-stable202302-for-qemu 03/01/2023\n[ 72.171192] Workqueue: events_power_efficient nft_rhash_gc [nf_tables]\n[ 72.171552] pstate: 21400005 (nzCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)\n[ 72.171915] pc : nft_rhash_gc+0x200/0x2d8 [nf_tables]\n[ 72.172166] lr : nft_rhash_gc+0x128/0x2d8 [nf_tables]\n[ 72.172546] sp : ffff800081f2bce0\n[ 72.172724] x29: ffff800081f2bd40 x28: ffff0000c2bb708c x27: 0000000000000038\n[ 72.173078] x26: ffff0000c6780ef0 x25: ffff0000c643df00 x24: ffff0000c6778f78\n[ 72.173431] x23: 000000000000001a x22: ffff0000c4b1f000 x21: ffff0000c6780f78\n[ 72.173782] x20: ffff0000c2bb70dc x19: ffff0000c2bb7080 x18: 0000000000000000\n[ 72.174135] x17: ffff0000c0a4e1c0 x16: 0000000000003000 x15: 0000ac26d173b978\n[ 72.174485] x14: ffffffffffffffff x13: 0000000000000030 x12: ffff0000c6780ef0\n[ 72.174841] x11: 0000000000000000 x10: ffff800081f2bcf8 x9 : ffff0000c3000000\n[ 72.175193] x8 : 00000000000004be x7 : 0000000000000000 x6 : 0000000000000000\n[ 72.175544] x5 : 0000000000000040 x4 : ffff0000c3000010 x3 : 0000000000000000\n[ 72.175871] x2 : 0000000000003a98 x1 : ffff0000c2bb708c x0 : 0000000000000004\n[ 72.176207] Call trace:\n[ 72.176316] nft_rhash_gc+0x200/0x2d8 [nf_tables] (P)\n[ 72.176653] process_one_work+0x178/0x3d0\n[ 72.176831] worker_thread+0x200/0x3f0\n[ 72.176995] kthread+0xe8/0xf8\n[ 72.177130] ret_from_fork+0x10/0x20\n[ 72.177289] Code: 54fff984 d503201f d2800080 91003261 (f820303f)\n[ 72.177557] ---[ end trace 0000000000000000 ]---\n\nAlign struct nft_set_ext to word size to address this and\ndocumentation it.\n\npahole reports that this increases the size of elements for rhash and\npipapo in 8 bytes on x86_64."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: nft_set_hash: lectura at\u00f3mica no alineada en la estructura nft_set_ext El acceso al campo genmask en la estructura nft_set_ext da como resultado una lectura at\u00f3mica no alineada: [72.130109] No se puede manejar la solicitud de paginaci\u00f3n del kernel en la direcci\u00f3n virtual ffff0000c2bb708c [72.131036] Informaci\u00f3n de cancelaci\u00f3n de memoria: [72.131213] ESR = 0x0000000096000021 [72.131446] EC = 0x25: DABT (EL actual), IL = 32 bits [72.132209] SET = 0, FnV = 0 [72.133216] EA = 0, S1PTW = 0 [ 72.134080] FSC = 0x21: error de alineaci\u00f3n [ 72.135593] Informaci\u00f3n de cancelaci\u00f3n de datos: [ 72.137194] ISV = 0, ISS = 0x00000021, ISS2 = 0x00000000 [ 72.142351] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 72.145989] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 72.150115] swapper pgtable: p\u00e1ginas de 4k, VA de 48 bits, pgdp=0000000237d27000 [ 72.154893] [ffff0000c2bb708c] pgd=0000000000000000, p4d=180000023ffff403, pud=180000023f84b403, pmd=180000023f835403, +pte=0068000102bb7707 [ 72.163021] Error interno: Oops: 0000000096000021 [#1] SMP [...] [ 72.170041] CPU: 7 UID: 0 PID: 54 Comm: kworker/7:0 Contaminado: GE 6.13.0-rc3+ #2 [ 72.170509] Contaminado: [E]=UNSIGNED_MODULE [ 72.170720] Nombre del hardware: QEMU QEMU Virtual M\u00e1quina, BIOS edk2-stable202302-for-qemu 03/01/2023 [ 72.171192] Cola de trabajo: events_power_efficient nft_rhash_gc [nf_tables] [ 72.171552] pstate: 21400005 (nzCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 72.171915] pc : nft_rhash_gc+0x200/0x2d8 [nf_tables] [ 72.172166] lr : nft_rhash_gc+0x128/0x2d8 [nf_tables] [ 72.172546] sp : ffff800081f2bce0 [ 72.172724] x29: ffff800081f2bd40 x28: ffff0000c2bb708c x27: 0000000000000038 [ 72.173078] x26: ffff0000c6780ef0 x25: ffff0000c643df00 x24: ffff0000c6778f78 [ 72.173431] x23: 000000000000001a x22: ffff0000c4b1f000 x21: ffff0000c6780f78 [ 72.173782] x20: ffff0000c2bb70dc x19: ffff0000c2bb7080 x18: 0000000000000000 [ 72.174135] x17: ffff0000c0a4e1c0 x16: 0000000000003000 x15: 0000ac26d173b978 [ 72.174485] x14: ffffffffffffffffff x13: 0000000000000030 x12: ffff0000c6780ef0 [ 72.174841] x11: 000000000000000 x10: ffff800081f2bcf8 x9 : ffff0000c3000000 [ 72.175193] x8 : 00000000000004be x7 : 0000000000000000 x6 : 0000000000000000 [ 72.175544] x5 : 0000000000000040 x4 : ffff0000c3000010 x3 : 0000000000000000 [ 72.175871] x2 : 0000000000003a98 x1 : ffff0000c2bb708c x0 : 0000000000000004 [ 72.176207] Rastreo de llamadas: [ 72.176316] nft_rhash_gc+0x200/0x2d8 [nf_tables] (P) [ 72.176653] process_one_work+0x178/0x3d0 [ 72.176831] worker_thread+0x200/0x3f0 [ 72.176995] kthread+0xe8/0xf8 [ 72.177130] ret_from_fork+0x10/0x20 [ 72.177289] C\u00f3digo: 54fff984 d503201f d2800080 91003261 (f820303f) [ 72.177557] ---[ fin de seguimiento 0000000000000000 ]--- Alinear estructura nft_set_ext al tama\u00f1o de palabra para abordar esto y documentarlo. pahole informa que esto aumenta el tama\u00f1o de los elementos para rhash y pipapo en 8 bytes en x86_64."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/277f00b0c2dca8794cf4837722960bdc4174911f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/352f8eaaabd008f09d1e176194edc261a7304084",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4f49349c1963e507aa37c1ec05178faeb0103959",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/542ed8145e6f9392e3d0a86a0e9027d2ffd183e4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/607774a13764676d4b8be9c8b9c66b8cf3469043",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6a14b46052eeb83175a95baf399283860b9d94c4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d24cbc43cc7b41a0824b0bc6ec4d8436d8d7a9c0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-577xx/CVE-2024-57795.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-57795",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:11.563",
"lastModified": "2025-01-15T13:15:11.563",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Remove the direct link to net_device\n\nThe similar patch in siw is in the link:\nhttps://git.kernel.org/rdma/rdma/c/16b87037b48889\n\nThis problem also occurred in RXE. The following analyze this problem.\nIn the following Call Traces:\n\"\nBUG: KASAN: slab-use-after-free in dev_get_flags+0x188/0x1d0 net/core/dev.c:8782\nRead of size 4 at addr ffff8880554640b0 by task kworker/1:4/5295\n\nCPU: 1 UID: 0 PID: 5295 Comm: kworker/1:4 Not tainted\n6.12.0-rc3-syzkaller-00399-g9197b73fd7bb #0\nHardware name: Google Compute Engine/Google Compute Engine,\nBIOS Google 09/13/2024\nWorkqueue: infiniband ib_cache_event_task\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n dev_get_flags+0x188/0x1d0 net/core/dev.c:8782\n rxe_query_port+0x12d/0x260 drivers/infiniband/sw/rxe/rxe_verbs.c:60\n __ib_query_port drivers/infiniband/core/device.c:2111 [inline]\n ib_query_port+0x168/0x7d0 drivers/infiniband/core/device.c:2143\n ib_cache_update+0x1a9/0xb80 drivers/infiniband/core/cache.c:1494\n ib_cache_event_task+0xf3/0x1e0 drivers/infiniband/core/cache.c:1568\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa65/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f2/0x390 kernel/kthread.c:389\n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n </TASK>\n\"\n\n1). In the link [1],\n\n\"\n infiniband syz2: set down\n\"\n\nThis means that on 839.350575, the event ib_cache_event_task was sent andi\nqueued in ib_wq.\n\n2). In the link [1],\n\n\"\n team0 (unregistering): Port device team_slave_0 removed\n\"\n\nIt indicates that before 843.251853, the net device should be freed.\n\n3). In the link [1],\n\n\"\n BUG: KASAN: slab-use-after-free in dev_get_flags+0x188/0x1d0\n\"\n\nThis means that on 850.559070, this slab-use-after-free problem occurred.\n\nIn all, on 839.350575, the event ib_cache_event_task was sent and queued\nin ib_wq,\n\nbefore 843.251853, the net device veth was freed.\n\non 850.559070, this event was executed, and the mentioned freed net device\nwas called. Thus, the above call trace occurred.\n\n[1] https://syzkaller.appspot.com/x/log.txt?x=12e7025f980000"
},
{
"lang": "es",
"value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: RDMA/rxe: eliminar el enlace directo a net_device El parche similar en siw se encuentra en el enlace: https://git.kernel.org/rdma/rdma/c/16b87037b48889 Este problema tambi\u00e9n se produjo en RXE. A continuaci\u00f3n se analiza este problema. En los siguientes seguimientos de llamadas: \"ERROR: KASAN: slab-use-after-free en dev_get_flags+0x188/0x1d0 net/core/dev.c:8782 Lectura de tama\u00f1o 4 en la direcci\u00f3n ffff8880554640b0 por la tarea kworker/1:4/5295 CPU: 1 UID: 0 PID: 5295 Comm: kworker/1:4 No contaminado 6.12.0-rc3-syzkaller-00399-g9197b73fd7bb #0 Nombre del hardware: Google Compute Engine/Google Compute Engine, BIOS Google 13/09/2024 Cola de trabajo: infiniband ib_cache_event_task Seguimiento de llamadas: __dump_stack lib/dump_stack.c:94 [en l\u00ednea] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 imprimir_direcci\u00f3n_descripci\u00f3n mm/kasan/report.c:377 [en l\u00ednea] imprimir_report+0x169/0x550 mm/kasan/report.c:488 kasan_report+0x143/0x180 mm/kasan/report.c:601 dev_get_flags+0x188/0x1d0 net/core/dev.c:8782 rxe_query_port+0x12d/0x260 drivers/infiniband/sw/rxe/rxe_verbs.c:60 __ib_query_port drivers/infiniband/core/device.c:2111 [en l\u00ednea] ib_query_port+0x168/0x7d0 drivers/infiniband/core/device.c:2143 ib_cache_update+0x1a9/0xb80 drivers/infiniband/core/cache.c:1494 ib_cache_event_task+0xf3/0x1e0 drivers/infiniband/core/cache.c:1568 process_one_work kernel/workqueue.c:3229 [en l\u00ednea] process_scheduled_works+0xa65/0x1850 kernel/workqueue.c:3310 worker_thread+0x870/0xd30 kernel/workqueue.c:3391 kthread+0x2f2/0x390 kernel/kthread.c:389 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 \" 1). En el enlace [1], \" infiniband syz2: set down \" Esto significa que en 839.350575, se envi\u00f3 el evento ib_cache_event_task y se puso en cola en ib_wq. 2). En el enlace [1], \" team0 (unregistering): Port device team_slave_0 removed \" Esto indica que antes de 843.251853, se debe liberar el dispositivo de red. 3). En el enlace [1], \" BUG: KASAN: slab-use-after-free en dev_get_flags+0x188/0x1d0 \" Esto significa que en 850.559070, ocurri\u00f3 este problema de slab-use-after-free. En total, el 839.350575, se envi\u00f3 el evento ib_cache_event_task y se puso en cola en ib_wq, antes del 843.251853, se liber\u00f3 el dispositivo de red veth. El 850.559070, se ejecut\u00f3 este evento y se llam\u00f3 al dispositivo de red liberado mencionado. Por lo tanto, se produjo el seguimiento de la llamada anterior. [1] https://syzkaller.appspot.com/x/log.txt?x=12e7025f980000"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2ac5415022d16d63d912a39a06f32f1f51140261",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9f6f54e6a6863131442b40e14d1792b090c7ce21",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-578xx/CVE-2024-57801.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-57801",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:11.713",
"lastModified": "2025-01-15T13:15:11.713",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Skip restore TC rules for vport rep without loaded flag\n\nDuring driver unload, unregister_netdev is called after unloading\nvport rep. So, the mlx5e_rep_priv is already freed while trying to get\nrpriv->netdev, or walk rpriv->tc_ht, which results in use-after-free.\nSo add the checking to make sure access the data of vport rep which is\nstill loaded."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/mlx5e: Omitir reglas de restauraci\u00f3n de TC para vport rep sin indicador cargado Durante la descarga del controlador, se llama a unregister_netdev despu\u00e9s de descargar vport rep. Por lo tanto, mlx5e_rep_priv ya est\u00e1 liberado al intentar obtener rpriv-&gt;netdev, o recorrer rpriv-&gt;tc_ht, lo que da como resultado un use-after-free. Por lo tanto, agregue la verificaci\u00f3n para asegurarse de acceder a los datos de vport rep que a\u00fan est\u00e1n cargados."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3e45dd1622a2c1a83c11bf42fdd8c1810123d6c0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/47c78d3fc26e38ab805613a0f592dc8a820c7c64",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5a03b368562a7ff5f5f1f63b5adf8309cbdbd5be",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-578xx/CVE-2024-57802.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-57802",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:11.853",
"lastModified": "2025-01-15T13:15:11.853",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetrom: check buffer length before accessing it\n\nSyzkaller reports an uninit value read from ax25cmp when sending raw message\nthrough ieee802154 implementation.\n\n=====================================================\nBUG: KMSAN: uninit-value in ax25cmp+0x3a5/0x460 net/ax25/ax25_addr.c:119\n ax25cmp+0x3a5/0x460 net/ax25/ax25_addr.c:119\n nr_dev_get+0x20e/0x450 net/netrom/nr_route.c:601\n nr_route_frame+0x1a2/0xfc0 net/netrom/nr_route.c:774\n nr_xmit+0x5a/0x1c0 net/netrom/nr_dev.c:144\n __netdev_start_xmit include/linux/netdevice.h:4940 [inline]\n netdev_start_xmit include/linux/netdevice.h:4954 [inline]\n xmit_one net/core/dev.c:3548 [inline]\n dev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3564\n __dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349\n dev_queue_xmit include/linux/netdevice.h:3134 [inline]\n raw_sendmsg+0x654/0xc10 net/ieee802154/socket.c:299\n ieee802154_sock_sendmsg+0x91/0xc0 net/ieee802154/socket.c:96\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n __sys_sendmsg net/socket.c:2667 [inline]\n __do_sys_sendmsg net/socket.c:2676 [inline]\n __se_sys_sendmsg net/socket.c:2674 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2674\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x44/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x5e9/0xb10 mm/slub.c:3523\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560\n __alloc_skb+0x318/0x740 net/core/skbuff.c:651\n alloc_skb include/linux/skbuff.h:1286 [inline]\n alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6334\n sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2780\n sock_alloc_send_skb include/net/sock.h:1884 [inline]\n raw_sendmsg+0x36d/0xc10 net/ieee802154/socket.c:282\n ieee802154_sock_sendmsg+0x91/0xc0 net/ieee802154/socket.c:96\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n __sys_sendmsg net/socket.c:2667 [inline]\n __do_sys_sendmsg net/socket.c:2676 [inline]\n __se_sys_sendmsg net/socket.c:2674 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2674\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x44/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nCPU: 0 PID: 5037 Comm: syz-executor166 Not tainted 6.7.0-rc7-syzkaller-00003-gfbafc3e621c3 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023\n=====================================================\n\nThis issue occurs because the skb buffer is too small, and it's actual\nallocation is aligned. This hides an actual issue, which is that nr_route_frame\ndoes not validate the buffer size before using it.\n\nFix this issue by checking skb->len before accessing any fields in skb->data.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netrom: comprobar la longitud del b\u00fafer antes de acceder a \u00e9l Syzkaller informa de un valor no inicializado le\u00eddo desde ax25cmp al enviar un mensaje sin formato a trav\u00e9s de la implementaci\u00f3n de ieee802154. ======================================================= ERROR: KMSAN: valor no inicializado en ax25cmp+0x3a5/0x460 net/ax25/ax25_addr.c:119 ax25cmp+0x3a5/0x460 net/ax25/ax25_addr.c:119 nr_dev_get+0x20e/0x450 net/netrom/nr_route.c:601 nr_route_frame+0x1a2/0xfc0 net/netrom/nr_route.c:774 nr_xmit+0x5a/0x1c0 net/netrom/nr_dev.c:144 __netdev_start_xmit include/linux/netdevice.h:4940 [en l\u00ednea] netdev_start_xmit include/linux/netdevice.h:4954 [en l\u00ednea] xmit_one net/core/dev.c:3548 [en l\u00ednea] dev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3564 __dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349 dev_queue_xmit include/linux/netdevice.h:3134 [en l\u00ednea] raw_sendmsg+0x654/0xc10 net/ieee802154/socket.c:299 ieee802154_sock_sendmsg+0x91/0xc0 net/ieee802154/socket.c:96 sock_sendmsg_nosec net/socket.c:730 [en l\u00ednea] __sock_sendmsg net/socket.c:745 [en l\u00ednea] ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584 ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638 __sys_sendmsg net/socket.c:2667 [en l\u00ednea] __do_sys_sendmsg net/socket.c:2676 [en l\u00ednea] __se_sys_sendmsg net/socket.c:2674 [en l\u00ednea] __x64_sys_sendmsg+0x307/0x490 net/socket.c:2674 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0x44/0x110 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x63/0x6b Se cre\u00f3 un unit en: slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768 slab_alloc_node mm/slub.c:3478 [en l\u00ednea] kmem_cache_alloc_node+0x5e9/0xb10 mm/slub.c:3523 kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560 __alloc_skb+0x318/0x740 net/core/skbuff.c:651 alloc_skb include/linux/skbuff.h:1286 [en l\u00ednea] alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6334 sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2780 sock_alloc_send_skb include/net/sock.h:1884 [en l\u00ednea] raw_sendmsg+0x36d/0xc10 net/ieee802154/socket.c:282 ieee802154_sock_sendmsg+0x91/0xc0 net/ieee802154/socket.c:96 sock_sendmsg_nosec net/socket.c:730 [en l\u00ednea] __sock_sendmsg net/socket.c:745 [en l\u00ednea] ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584 ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638 __sys_sendmsg net/socket.c:2667 [en l\u00ednea] __do_sys_sendmsg net/socket.c:2676 [en l\u00ednea] __se_sys_sendmsg net/socket.c:2674 [en l\u00ednea] __x64_sys_sendmsg+0x307/0x490 net/socket.c:2674 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0x44/0x110 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x63/0x6b CPU: 0 PID: 5037 Comm: syz-executor166 No contaminado 6.7.0-rc7-syzkaller-00003-gfbafc3e621c3 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 17/11/2023 ======================================================= Este problema se produce porque el b\u00fafer skb es demasiado peque\u00f1o, y su asignaci\u00f3n actual est\u00e1 alineada. Esto oculta un problema real, que es que nr_route_frame no valida el tama\u00f1o del b\u00fafer antes de usarlo. Solucione este problema comprobando skb-&gt;len antes de acceder a cualquier campo en skb-&gt;data. Encontrado por Linux Verification Center (linuxtesting.org) con Syzkaller."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3ba7f80d98d4965349cfcd258dd78418496c1625",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/64e9f54a14f2887be8634fb85cd2f13bec18a184",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/769e36c2119a51070faf58819c58274f57a088db",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/78a110332ae268d0b005247c3b9a7d703b875c49",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a4fd163aed2edd967a244499754dec991d8b4c7d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cf6befa7c569787f53440274bbed1405fc07738d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f647d72245aadce30618f4c8fd3803904418dbec",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2024/CVE-2024-578xx/CVE-2024-57841.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2024-57841",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:12.130",
"lastModified": "2025-01-15T13:15:12.130",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix memory leak in tcp_conn_request()\n\nIf inet_csk_reqsk_queue_hash_add() return false, tcp_conn_request() will\nreturn without free the dst memory, which allocated in af_ops->route_req.\n\nHere is the kmemleak stack:\n\nunreferenced object 0xffff8881198631c0 (size 240):\n comm \"softirq\", pid 0, jiffies 4299266571 (age 1802.392s)\n hex dump (first 32 bytes):\n 00 10 9b 03 81 88 ff ff 80 98 da bc ff ff ff ff ................\n 81 55 18 bb ff ff ff ff 00 00 00 00 00 00 00 00 .U..............\n backtrace:\n [<ffffffffb93e8d4c>] kmem_cache_alloc+0x60c/0xa80\n [<ffffffffba11b4c5>] dst_alloc+0x55/0x250\n [<ffffffffba227bf6>] rt_dst_alloc+0x46/0x1d0\n [<ffffffffba23050a>] __mkroute_output+0x29a/0xa50\n [<ffffffffba23456b>] ip_route_output_key_hash+0x10b/0x240\n [<ffffffffba2346bd>] ip_route_output_flow+0x1d/0x90\n [<ffffffffba254855>] inet_csk_route_req+0x2c5/0x500\n [<ffffffffba26b331>] tcp_conn_request+0x691/0x12c0\n [<ffffffffba27bd08>] tcp_rcv_state_process+0x3c8/0x11b0\n [<ffffffffba2965c6>] tcp_v4_do_rcv+0x156/0x3b0\n [<ffffffffba299c98>] tcp_v4_rcv+0x1cf8/0x1d80\n [<ffffffffba239656>] ip_protocol_deliver_rcu+0xf6/0x360\n [<ffffffffba2399a6>] ip_local_deliver_finish+0xe6/0x1e0\n [<ffffffffba239b8e>] ip_local_deliver+0xee/0x360\n [<ffffffffba239ead>] ip_rcv+0xad/0x2f0\n [<ffffffffba110943>] __netif_receive_skb_one_core+0x123/0x140\n\nCall dst_release() to free the dst memory when\ninet_csk_reqsk_queue_hash_add() return false in tcp_conn_request()."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: se corrige p\u00e9rdida de memoria en tcp_conn_request() Si inet_csk_reqsk_queue_hash_add() devuelve falso, tcp_conn_request() devolver\u00e1 sin liberar la memoria dst, que se asign\u00f3 en af_ops-&gt;route_req. Aqu\u00ed est\u00e1 la pila de kmemleak: objeto sin referencia 0xffff8881198631c0 (tama\u00f1o 240): comm \"softirq\", pid 0, jiffies 4299266571 (edad 1802.392s) volcado hexadecimal (primeros 32 bytes): 00 10 9b 03 81 88 ff ff 80 98 da bc ff ff ff ff ff ................ 81 55 18 bb ff ff ff ff ff 00 00 00 00 00 00 00 00 .U.............. backtrace: [] kmem_cache_alloc+0x60c/0xa80 [] dst_alloc+0x55/0x250 [] rt_dst_alloc+0x46/0x1d0 [] __mkroute_output+0x29a/0xa50 [] ip_route_output_key_hash+0x10b/0x240 [] ip_route_output_flow+0x1d/0x90 [] inet_csk_route_req+0x2c5/0x500 [] tcp_conn_request+0x691/0x12c0 [] tcp_rcv_state_process+0x3c8/0x11b0 [] tcp_v4_do_rcv+0x156/0x3b0 [] tcp_v4_rcv+0x1cf8/0x1d80 [] ip_protocol_deliver_rcu+0xf6/0x360 [] ip_local_deliver_finish+0xe6/0x1e0 [] ip_local_deliver+0xee/0x360 [] ip_rcv+0xad/0x2f0 [] __netif_receive_skb_one_core+0x123/0x140 Llame a dst_release() para liberar la memoria dst cuando inet_csk_reqsk_queue_hash_add() devuelva falso en tcp_conn_request()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2af69905180b3fea12f9c1db374b153a06977021",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4f4aa4aa28142d53f8b06585c478476cfe325cfc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9d38959677291552d1b0ed2689a540af279b5bf8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b0b190218c78d8aeecfba36ea3a90063b3ede52d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/de3f999bf8aee16e9da1c1224191abdc69e97c9d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-578xx/CVE-2024-57844.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-57844",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:12.277",
"lastModified": "2025-01-15T13:15:12.277",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Fix fault on fd close after unbind\n\nIf userspace holds an fd open, unbinds the device and then closes it,\nthe driver shouldn't try to access the hardware. Protect it by using\ndrm_dev_enter()/drm_dev_exit(). This fixes the following page fault:\n\n<6> [IGT] xe_wedged: exiting, ret=98\n<1> BUG: unable to handle page fault for address: ffffc901bc5e508c\n<1> #PF: supervisor read access in kernel mode\n<1> #PF: error_code(0x0000) - not-present page\n...\n<4> xe_lrc_update_timestamp+0x1c/0xd0 [xe]\n<4> xe_exec_queue_update_run_ticks+0x50/0xb0 [xe]\n<4> xe_exec_queue_fini+0x16/0xb0 [xe]\n<4> __guc_exec_queue_fini_async+0xc4/0x190 [xe]\n<4> guc_exec_queue_fini_async+0xa0/0xe0 [xe]\n<4> guc_exec_queue_fini+0x23/0x40 [xe]\n<4> xe_exec_queue_destroy+0xb3/0xf0 [xe]\n<4> xe_file_close+0xd4/0x1a0 [xe]\n<4> drm_file_free+0x210/0x280 [drm]\n<4> drm_close_helper.isra.0+0x6d/0x80 [drm]\n<4> drm_release_noglobal+0x20/0x90 [drm]\n\n(cherry picked from commit 4ca1fd418338d4d135428a0eb1e16e3b3ce17ee8)"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe: Se corrige un error en el cierre de fd despu\u00e9s de desvincular Si el espacio de usuario mantiene abierto un fd, desvincula el dispositivo y luego lo cierra, el controlador no deber\u00eda intentar acceder al hardware. Prot\u00e9jalo usando drm_dev_enter()/drm_dev_exit(). Esto corrige el siguiente error de p\u00e1gina: &lt;6&gt; [IGT] xe_wedged: saliendo, ret=98 &lt;1&gt; ERROR: no se puede manejar el error de p\u00e1gina para la direcci\u00f3n: ffffc901bc5e508c &lt;1&gt; #PF: acceso de lectura del supervisor en modo kernel &lt;1&gt; #PF: error_code(0x0000) - not-present page ... &lt;4&gt; xe_lrc_update_timestamp+0x1c/0xd0 [xe] &lt;4&gt; xe_exec_queue_update_run_ticks+0x50/0xb0 [xe] &lt;4&gt; xe_exec_queue_fini+0x16/0xb0 [xe] &lt;4&gt; __guc_exec_queue_fini_async+0xc4/0x190 [xe] &lt;4&gt; guc_exec_queue_fini_async+0xa0/0xe0 [xe] &lt;4&gt; guc_exec_queue_fini+0x23/0x40 [xe] &lt;4&gt; xe_exec_queue_destroy+0xb3/0xf0 [xe] &lt;4&gt; xe_file_close+0xd4/0x1a0 [xe] &lt;4&gt; drm_file_free+0x210/0x280 [drm] &lt;4&gt; drm_close_helper.isra.0+0x6d/0x80 [drm] &lt;4&gt; drm_release_noglobal+0x20/0x90 [drm] (seleccionado de la confirmaci\u00f3n 4ca1fd418338d4d135428a0eb1e16e3b3ce17ee8)"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/924d43bd10a1f6723ac5181a6e6cc2196ba98cdd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fe39b222a4139354d32ff9d46b88757f63f71d63",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-578xx/CVE-2024-57857.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-57857",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:12.403",
"lastModified": "2025-01-15T13:15:12.403",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/siw: Remove direct link to net_device\n\nDo not manage a per device direct link to net_device. Rely\non associated ib_devices net_device management, not doubling\nthe effort locally. A badly managed local link to net_device\nwas causing a 'KASAN: slab-use-after-free' exception during\nsiw_query_port() call."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: RDMA/siw: eliminar el enlace directo a net_device No administrar un enlace directo por dispositivo a net_device. Conf\u00ede en la administraci\u00f3n de net_device de ib_devices asociada, sin duplicar el esfuerzo localmente. Un enlace local mal administrado a net_device estaba causando una excepci\u00f3n 'KASAN: slab-use-after-free' durante la llamada siw_query_port()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/16b87037b48889d21854c8e97aec8a1baf2642b3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4eafeb4f021c50d13f199239d913b37de3c83135",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-578xx/CVE-2024-57882.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-57882",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:12.510",
"lastModified": "2025-01-15T13:15:12.510",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix TCP options overflow.\n\nSyzbot reported the following splat:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\nCPU: 1 UID: 0 PID: 5836 Comm: sshd Not tainted 6.13.0-rc3-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024\nRIP: 0010:_compound_head include/linux/page-flags.h:242 [inline]\nRIP: 0010:put_page+0x23/0x260 include/linux/mm.h:1552\nCode: 90 90 90 90 90 90 90 55 41 57 41 56 53 49 89 fe 48 bd 00 00 00 00 00 fc ff df e8 f8 5e 12 f8 49 8d 5e 08 48 89 d8 48 c1 e8 03 <80> 3c 28 00 74 08 48 89 df e8 8f c7 78 f8 48 8b 1b 48 89 de 48 83\nRSP: 0000:ffffc90003916c90 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: 0000000000000008 RCX: ffff888030458000\nRDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: dffffc0000000000 R08: ffffffff898ca81d R09: 1ffff110054414ac\nR10: dffffc0000000000 R11: ffffed10054414ad R12: 0000000000000007\nR13: ffff88802a20a542 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f34f496e800(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f9d6ec9ec28 CR3: 000000004d260000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n <TASK>\n skb_page_unref include/linux/skbuff_ref.h:43 [inline]\n __skb_frag_unref include/linux/skbuff_ref.h:56 [inline]\n skb_release_data+0x483/0x8a0 net/core/skbuff.c:1119\n skb_release_all net/core/skbuff.c:1190 [inline]\n __kfree_skb+0x55/0x70 net/core/skbuff.c:1204\n tcp_clean_rtx_queue net/ipv4/tcp_input.c:3436 [inline]\n tcp_ack+0x2442/0x6bc0 net/ipv4/tcp_input.c:4032\n tcp_rcv_state_process+0x8eb/0x44e0 net/ipv4/tcp_input.c:6805\n tcp_v4_do_rcv+0x77d/0xc70 net/ipv4/tcp_ipv4.c:1939\n tcp_v4_rcv+0x2dc0/0x37f0 net/ipv4/tcp_ipv4.c:2351\n ip_protocol_deliver_rcu+0x22e/0x440 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x341/0x5f0 net/ipv4/ip_input.c:233\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n __netif_receive_skb_one_core net/core/dev.c:5672 [inline]\n __netif_receive_skb+0x2bf/0x650 net/core/dev.c:5785\n process_backlog+0x662/0x15b0 net/core/dev.c:6117\n __napi_poll+0xcb/0x490 net/core/dev.c:6883\n napi_poll net/core/dev.c:6952 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:7074\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0x57/0xc0 arch/x86/kernel/apic/apic.c:1049\n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702\nRIP: 0033:0x7f34f4519ad5\nCode: 85 d2 74 0d 0f 10 02 48 8d 54 24 20 0f 11 44 24 20 64 8b 04 25 18 00 00 00 85 c0 75 27 41 b8 08 00 00 00 b8 0f 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 75 48 8b 15 24 73 0d 00 f7 d8 64 89 02 48 83\nRSP: 002b:00007ffec5b32ce0 EFLAGS: 00000246\nRAX: 0000000000000001 RBX: 00000000000668a0 RCX: 00007f34f4519ad5\nRDX: 00007ffec5b32d00 RSI: 0000000000000004 RDI: 0000564f4bc6cae0\nRBP: 0000564f4bc6b5a0 R08: 0000000000000008 R09: 0000000000000000\nR10: 00007ffec5b32de8 R11: 0000000000000246 R12: 0000564f48ea8aa4\nR13: 0000000000000001 R14: 0000564f48ea93e8 R15: 00007ffec5b32d68\n </TASK>\n\nEric noted a probable shinfo->nr_frags corruption, which indeed\noccurs.\n\nThe root cause is a buggy MPTCP option len computation in some\ncircumstances: the ADD_ADDR option should be mutually exclusive\nwith DSS since the blamed commit.\n\nStill, mptcp_established_options_add_addr() tries to set the\nrelevant info in mptcp_out_options, if \n---truncated---"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mptcp: corrige el desbordamiento de opciones TCP. Syzbot inform\u00f3 el siguiente splat: Oops: error de protecci\u00f3n general, probablemente para la direcci\u00f3n no can\u00f3nica 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref en el rango [0x000000000000008-0x000000000000000f] CPU: 1 UID: 0 PID: 5836 Comm: sshd No contaminado 6.13.0-rc3-syzkaller #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 25/11/2024 RIP: 0010:_compound_head include/linux/page-flags.h:242 [en l\u00ednea] RIP: 0010:put_page+0x23/0x260 include/linux/mm.h:1552 C\u00f3digo: 90 90 90 90 90 90 90 55 41 57 41 56 53 49 89 fe 48 bd 00 00 00 00 00 fc ff df e8 f8 5e 12 f8 49 8d 5e 08 48 89 d8 48 c1 e8 03 &lt;80&gt; 3c 28 00 74 08 48 89 df e8 8f c7 78 f8 48 8b 1b 48 89 de 48 83 RSP: 0000:ffffc90003916c90 EFLAGS: 00010202 RAX: 0000000000000001 RBX: 00000000000000008 RCX: ffff888030458000 RDX: 00000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 RBP: dffffc0000000000 R08: ffffffff898ca81d R09: 1ffff110054414ac R10: dffffc0000000000 R11: ffffed10054414ad R12: 0000000000000007 R13: ffff88802a20a542 R14: 0000000000000000 R15: 00000000000000000 FS: 00007f34f496e800(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f9d6ec9ec28 CR3: 000000004d260000 CR4: 00000000003526f0 DR0: 000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Seguimiento de llamadas: skb_page_unref include/linux/skbuff_ref.h:43 [inline] __skb_frag_unref include/linux/skbuff_ref.h:56 [inline] skb_release_data+0x483/0x8a0 net/core/skbuff.c:1119 skb_release_all net/core/skbuff.c:1190 [inline] __kfree_skb+0x55/0x70 net/core/skbuff.c:1204 tcp_clean_rtx_queue net/ipv4/tcp_input.c:3436 [inline] tcp_ack+0x2442/0x6bc0 net/ipv4/tcp_input.c:4032 tcp_rcv_state_process+0x8eb/0x44e0 net/ipv4/tcp_input.c:6805 tcp_v4_do_rcv+0x77d/0xc70 net/ipv4/tcp_ipv4.c:1939 tcp_v4_rcv+0x2dc0/0x37f0 net/ipv4/tcp_ipv4.c:2351 ip_protocol_deliver_rcu+0x22e/0x440 net/ipv4/ip_input.c:205 ip_local_deliver_finish+0x341/0x5f0 net/ipv4/ip_input.c:233 NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314 NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314 __netif_receive_skb_one_core net/core/dev.c:5672 [inline] __netif_receive_skb+0x2bf/0x650 net/core/dev.c:5785 process_backlog+0x662/0x15b0 net/core/dev.c:6117 __napi_poll+0xcb/0x490 net/core/dev.c:6883 napi_poll net/core/dev.c:6952 [inline] net_rx_action+0x89b/0x1240 net/core/dev.c:7074 handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561 __do_softirq kernel/softirq.c:595 [inline] invoke_softirq kernel/softirq.c:435 [inline] __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662 irq_exit_rcu+0x9/0x30 kernel/softirq.c:678 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline] sysvec_apic_timer_interrupt+0x57/0xc0 arch/x86/kernel/apic/apic.c:1049 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 RIP: 0033:0x7f34f4519ad5 Code: 85 d2 74 0d 0f 10 02 48 8d 54 24 20 0f 11 44 24 20 64 8b 04 25 18 00 00 00 85 c0 75 27 41 b8 08 00 00 00 b8 0f 01 00 00 0f 05 &lt;48&gt; 3d 00 f0 ff ff 76 75 48 8b 15 24 73 0d 00 f7 d8 64 89 02 48 83 RSP: 002b:00007ffec5b32ce0 EFLAGS: 00000246 RAX: 0000000000000001 RBX: 00000000000668a0 RCX: 00007f34f4519ad5 RDX: 00007ffec5b32d00 RSI: 0000000000000004 RDI: 0000564f4bc6cae0 RBP: 0000564f4bc6b5a0 R08: 0000000000000008 R09: 0000000000000000 R10: 00007ffec5b32de8 R11: 0000000000000246 R12: 0000564f48ea8aa4 R13: 0000000000000001 R14: 0000564f48ea93e8 R15: 00007ffec5b32d68 Eric not\u00f3 una probable corrupci\u00f3n de shinfo-&gt;nr_frags, que de hecho ocurre. La causa ra\u00edz es un c\u00e1lculo defectuoso de la longitud de la opci\u00f3n MPTCP en algunas circunstancias: la opci\u00f3n ADD_ADDR deber\u00eda ser mutuamente excluyente con DSS desde la confirmaci\u00f3n culpable. A\u00fan as\u00ed, mptcp_established_options_add_addr() intenta establecer la informaci\u00f3n ---truncado---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/09ba95321a269019b5aa8e0c3bc80cf86d91fd18",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/53fe947f67c93a5334aed3a7259fcc8a204f8bb6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cbb26f7d8451fe56ccac802c6db48d16240feebd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fb08e6b0ba284e3dcdc9378de26dcb51d90710f5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-578xx/CVE-2024-57883.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-57883",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:12.637",
"lastModified": "2025-01-15T13:15:12.637",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: hugetlb: independent PMD page table shared count\n\nThe folio refcount may be increased unexpectly through try_get_folio() by\ncaller such as split_huge_pages. In huge_pmd_unshare(), we use refcount\nto check whether a pmd page table is shared. The check is incorrect if\nthe refcount is increased by the above caller, and this can cause the page\ntable leaked:\n\n BUG: Bad page state in process sh pfn:109324\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x66 pfn:0x109324\n flags: 0x17ffff800000000(node=0|zone=2|lastcpupid=0xfffff)\n page_type: f2(table)\n raw: 017ffff800000000 0000000000000000 0000000000000000 0000000000000000\n raw: 0000000000000066 0000000000000000 00000000f2000000 0000000000000000\n page dumped because: nonzero mapcount\n ...\n CPU: 31 UID: 0 PID: 7515 Comm: sh Kdump: loaded Tainted: G B 6.13.0-rc2master+ #7\n Tainted: [B]=BAD_PAGE\n Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015\n Call trace:\n show_stack+0x20/0x38 (C)\n dump_stack_lvl+0x80/0xf8\n dump_stack+0x18/0x28\n bad_page+0x8c/0x130\n free_page_is_bad_report+0xa4/0xb0\n free_unref_page+0x3cc/0x620\n __folio_put+0xf4/0x158\n split_huge_pages_all+0x1e0/0x3e8\n split_huge_pages_write+0x25c/0x2d8\n full_proxy_write+0x64/0xd8\n vfs_write+0xcc/0x280\n ksys_write+0x70/0x110\n __arm64_sys_write+0x24/0x38\n invoke_syscall+0x50/0x120\n el0_svc_common.constprop.0+0xc8/0xf0\n do_el0_svc+0x24/0x38\n el0_svc+0x34/0x128\n el0t_64_sync_handler+0xc8/0xd0\n el0t_64_sync+0x190/0x198\n\nThe issue may be triggered by damon, offline_page, page_idle, etc, which\nwill increase the refcount of page table.\n\n1. The page table itself will be discarded after reporting the\n \"nonzero mapcount\".\n\n2. The HugeTLB page mapped by the page table miss freeing since we\n treat the page table as shared and a shared page table will not be\n unmapped.\n\nFix it by introducing independent PMD page table shared count. As\ndescribed by comment, pt_index/pt_mm/pt_frag_refcount are used for s390\ngmap, x86 pgds and powerpc, pt_share_count is used for x86/arm64/riscv\npmds, so we can reuse the field as pt_share_count."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm: hugetlb: recuento compartido de la tabla de p\u00e1ginas PMD independiente El recuento de referencias de folio puede aumentar inesperadamente a trav\u00e9s de try_get_folio() por un llamador como split_huge_pages. En huge_pmd_unshare(), usamos el recuento de referencias para verificar si una tabla de p\u00e1ginas pmd est\u00e1 compartida. La comprobaci\u00f3n es incorrecta si el llamador anterior aumenta el refcount, y esto puede provocar una fuga de la tabla de p\u00e1ginas: ERROR: Estado de p\u00e1gina incorrecto en proceso sh pfn:109324 p\u00e1gina: refcount:0 mapcount:0 mapping:0000000000000000 \u00edndice:0x66 pfn:0x109324 indicadores: 0x17ffff800000000(nodo=0|zona=2|lastcpupid=0xfffff) tipo_p\u00e1gina: f2(tabla) sin procesar: 017ffff800000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 sin procesar: 0000000000000066 0000000000000000 00000000f2000000 0000000000000000 p\u00e1gina volcada porque: mapcount distinto de cero ... CPU: 31 UID: 0 PID: 7515 Comm: sh Kdump: cargado Contaminado: GB 6.13.0-rc2master+ #7 Contaminado: [B]=BAD_PAGE Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015 Call trace: show_stack+0x20/0x38 (C) dump_stack_lvl+0x80/0xf8 dump_stack+0x18/0x28 bad_page+0x8c/0x130 free_page_is_bad_report+0xa4/0xb0 free_unref_page+0x3cc/0x620 __folio_put+0xf4/0x158 split_huge_pages_all+0x1e0/0x3e8 split_huge_pages_write+0x25c/0x2d8 full_proxy_write+0x64/0xd8 vfs_write+0xcc/0x280 ksys_write+0x70/0x110 __arm64_sys_write+0x24/0x38 invoke_syscall+0x50/0x120 el0_svc_common.constprop.0+0xc8/0xf0 do_el0_svc+0x24/0x38 el0_svc+0x34/0x128 el0t_64_sync_handler+0xc8/0xd0 el0t_64_sync+0x190/0x198 El problema puede ser provocado por damon, offline_page, page_idle, etc., que aumentar\u00e1n el recuento de referencias de la tabla de p\u00e1ginas. 1. La tabla de p\u00e1ginas en s\u00ed se descartar\u00e1 despu\u00e9s de informar el \"recuento de mapas distinto de cero\". 2. La p\u00e1gina HugeTLB mapeada por la tabla de p\u00e1ginas no se libera ya que tratamos la tabla de p\u00e1ginas como compartida y una tabla de p\u00e1ginas compartida no se desasignar\u00e1. Arr\u00e9glelo introduciendo un recuento de p\u00e1ginas compartidas de tabla de p\u00e1ginas PMD independiente. Como se describe en el comentario, pt_index/pt_mm/pt_frag_refcount se utilizan para s390 gmap, x86 pgds y powerpc, pt_share_count se utiliza para x86/arm64/riscv pmds, por lo que podemos reutilizar el campo como pt_share_count."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2e31443a0d18ae43b9d29e02bf0563f07772193d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/59d9094df3d79443937add8700b2ef1a866b1081",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-578xx/CVE-2024-57884.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-57884",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:12.757",
"lastModified": "2025-01-15T13:15:12.757",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim()\n\nThe task sometimes continues looping in throttle_direct_reclaim() because\nallow_direct_reclaim(pgdat) keeps returning false. \n\n #0 [ffff80002cb6f8d0] __switch_to at ffff8000080095ac\n #1 [ffff80002cb6f900] __schedule at ffff800008abbd1c\n #2 [ffff80002cb6f990] schedule at ffff800008abc50c\n #3 [ffff80002cb6f9b0] throttle_direct_reclaim at ffff800008273550\n #4 [ffff80002cb6fa20] try_to_free_pages at ffff800008277b68\n #5 [ffff80002cb6fae0] __alloc_pages_nodemask at ffff8000082c4660\n #6 [ffff80002cb6fc50] alloc_pages_vma at ffff8000082e4a98\n #7 [ffff80002cb6fca0] do_anonymous_page at ffff80000829f5a8\n #8 [ffff80002cb6fce0] __handle_mm_fault at ffff8000082a5974\n #9 [ffff80002cb6fd90] handle_mm_fault at ffff8000082a5bd4\n\nAt this point, the pgdat contains the following two zones:\n\n NODE: 4 ZONE: 0 ADDR: ffff00817fffe540 NAME: \"DMA32\"\n SIZE: 20480 MIN/LOW/HIGH: 11/28/45\n VM_STAT:\n NR_FREE_PAGES: 359\n NR_ZONE_INACTIVE_ANON: 18813\n NR_ZONE_ACTIVE_ANON: 0\n NR_ZONE_INACTIVE_FILE: 50\n NR_ZONE_ACTIVE_FILE: 0\n NR_ZONE_UNEVICTABLE: 0\n NR_ZONE_WRITE_PENDING: 0\n NR_MLOCK: 0\n NR_BOUNCE: 0\n NR_ZSPAGES: 0\n NR_FREE_CMA_PAGES: 0\n\n NODE: 4 ZONE: 1 ADDR: ffff00817fffec00 NAME: \"Normal\"\n SIZE: 8454144 PRESENT: 98304 MIN/LOW/HIGH: 68/166/264\n VM_STAT:\n NR_FREE_PAGES: 146\n NR_ZONE_INACTIVE_ANON: 94668\n NR_ZONE_ACTIVE_ANON: 3\n NR_ZONE_INACTIVE_FILE: 735\n NR_ZONE_ACTIVE_FILE: 78\n NR_ZONE_UNEVICTABLE: 0\n NR_ZONE_WRITE_PENDING: 0\n NR_MLOCK: 0\n NR_BOUNCE: 0\n NR_ZSPAGES: 0\n NR_FREE_CMA_PAGES: 0\n\nIn allow_direct_reclaim(), while processing ZONE_DMA32, the sum of\ninactive/active file-backed pages calculated in zone_reclaimable_pages()\nbased on the result of zone_page_state_snapshot() is zero. \n\nAdditionally, since this system lacks swap, the calculation of inactive/\nactive anonymous pages is skipped.\n\n crash> p nr_swap_pages\n nr_swap_pages = $1937 = {\n counter = 0\n }\n\nAs a result, ZONE_DMA32 is deemed unreclaimable and skipped, moving on to\nthe processing of the next zone, ZONE_NORMAL, despite ZONE_DMA32 having\nfree pages significantly exceeding the high watermark.\n\nThe problem is that the pgdat->kswapd_failures hasn't been incremented.\n\n crash> px ((struct pglist_data *) 0xffff00817fffe540)->kswapd_failures\n $1935 = 0x0\n\nThis is because the node deemed balanced. The node balancing logic in\nbalance_pgdat() evaluates all zones collectively. If one or more zones\n(e.g., ZONE_DMA32) have enough free pages to meet their watermarks, the\nentire node is deemed balanced. This causes balance_pgdat() to exit early\nbefore incrementing the kswapd_failures, as it considers the overall\nmemory state acceptable, even though some zones (like ZONE_NORMAL) remain\nunder significant pressure.\n\n\nThe patch ensures that zone_reclaimable_pages() includes free pages\n(NR_FREE_PAGES) in its calculation when no other reclaimable pages are\navailable (e.g., file-backed or anonymous pages). This change prevents\nzones like ZONE_DMA32, which have sufficient free pages, from being\nmistakenly deemed unreclaimable. By doing so, the patch ensures proper\nnode balancing, avoids masking pressure on other zones like ZONE_NORMAL,\nand prevents infinite loops in throttle_direct_reclaim() caused by\nallow_direct_reclaim(pgdat) repeatedly returning false.\n\n\nThe kernel hangs due to a task stuck in throttle_direct_reclaim(), caused\nby a node being incorrectly deemed balanced despite pressure in certain\nzones, such as ZONE_NORMAL. This issue arises from\nzone_reclaimable_pages\n---truncated---"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm: vmscan: tiene en cuenta las p\u00e1ginas libres para evitar un bucle infinito en throttle_direct_reclaim() La tarea a veces contin\u00faa en bucle en throttle_direct_reclaim() porque allow_direct_reclaim(pgdat) sigue devolviendo falso. #0 [ffff80002cb6f8d0] __switch_to en ffff8000080095ac #1 [ffff80002cb6f900] __schedule en ffff800008abbd1c #2 [ffff80002cb6f990] schedule en ffff800008abc50c #3 [ffff80002cb6f9b0] throttle_direct_reclaim en ffff800008273550 #4 [ffff80002cb6fa20] try_to_free_pages en ffff800008277b68 #5 [ffff80002cb6fae0] __alloc_pages_nodemask en ffff8000082c4660 #6 [ffff80002cb6fc50] alloc_pages_vma en ffff8000082e4a98 #7 [ffff80002cb6fca0] do_anonymous_page en ffff80000829f5a8 #8 [ffff80002cb6fce0] __handle_mm_fault en ffff8000082a5974 #9 [ffff80002cb6fd90] handle_mm_fault en ffff8000082a5bd4 En este punto, el pgdat contiene las siguientes dos zonas: NODO: 4 ZONA: 0 DIRECCI\u00d3N: ffff00817fffe540 NOMBRE: \"DMA32\" TAMA\u00d1O: 20480 M\u00cdN./BAJO/ALTO: 11/28/45 ESTAD\u00cdSTICA DE VM: NR_P\u00c1GINAS_LIBRES: 359 NR_ZONA_INACTIVA_ANON: 18813 NR_ZONA_ACTIVA_ANON: 0 NR_ZONA_ARCHIVO_INACTIVO: 50 NR_ZONA_ARCHIVO_ACTIVO: 0 NR_ZONA_UNEVICTABLE: 0 NR_ZONA_ESCRITURA_PENDIENTE: 0 NR_MLOCK: 0 NR_BOUNCE: 0 NR_ZSPAGES: 0 NR_P\u00c1GINAS_CMA_LIBRES: 0 NODO: 4 ZONA: 1 DIRECCI\u00d3N: ffff00817fffec00 NOMBRE: \"Normal\" TAMA\u00d1O: 8454144 PRESENTE: 98304 M\u00cdN./BAJO/ALTO: 68/166/264 ESTAD\u00cdSTICO_VM: NR_P\u00c1GINAS_LIBRES: 146 NR_ZONE_INACTIVE_ANON: 94668 NR_ZONE_ACTIVE_ANON: 3 NR_ZONE_INACTIVE_FILE: 735 NR_ZONE_ACTIVE_FILE: 78 NR_ZONE_UNEVICTABLE: 0 NR_ZONE_WRITE_PENDING: 0 NR_MLOCK: 0 NR_BOUNCE: 0 NR_ZSPAGES: 0 NR_FREE_CMA_PAGES: 0 En allow_direct_reclaim(), mientras se procesa ZONE_DMA32, la suma de p\u00e1ginas inactivas/activas respaldadas por archivos calculada en zone_reclaimable_pages() en funci\u00f3n del resultado de zone_page_state_snapshot() es cero. Adem\u00e1s, dado que este sistema carece de intercambio, se omite el c\u00e1lculo de p\u00e1ginas an\u00f3nimas inactivas/activas. crash&gt; p nr_swap_pages nr_swap_pages = $1937 = { counter = 0 } Como resultado, ZONE_DMA32 se considera irrecuperable y se omite, pasando al procesamiento de la siguiente zona, ZONE_NORMAL, a pesar de que ZONE_DMA32 tiene p\u00e1ginas libres que exceden significativamente la marca de agua alta. El problema es que pgdat-&gt;kswapd_failures no se ha incrementado. crash&gt; px ((struct pglist_data *) 0xffff00817fffe540)-&gt;kswapd_failures $1935 = 0x0 Esto se debe a que el nodo se considera equilibrado. La l\u00f3gica de equilibrio de nodos en balance_pgdat() eval\u00faa todas las zonas colectivamente. Si una o m\u00e1s zonas (por ejemplo, ZONE_DMA32) tienen suficientes p\u00e1ginas libres para cumplir con sus marcas de agua, todo el nodo se considera equilibrado. Esto hace que balance_pgdat() salga antes de incrementar kswapd_failures, ya que considera que el estado general de la memoria es aceptable, aunque algunas zonas (como ZONE_NORMAL) permanezcan bajo una presi\u00f3n significativa. El parche garantiza que zone_reclaimable_pages() incluya p\u00e1ginas libres (NR_FREE_PAGES) en su c\u00e1lculo cuando no haya otras p\u00e1ginas recuperables disponibles (por ejemplo, p\u00e1ginas an\u00f3nimas o respaldadas por archivos). Este cambio evita que zonas como ZONE_DMA32, que tienen suficientes p\u00e1ginas libres, se consideren por error no recuperables. Al hacerlo, el parche garantiza un equilibrio adecuado de los nodos, evita enmascarar la presi\u00f3n en otras zonas como ZONE_NORMAL y evita bucles infinitos en throttle_direct_reclaim() causados por allow_direct_reclaim(pgdat) que devuelve falso repetidamente. El n\u00facleo se cuelga debido a una tarea atascada en throttle_direct_reclaim(), causada por un nodo que se considera incorrectamente equilibrado a pesar de la presi\u00f3n en ciertas zonas, como ZONE_NORMAL. Este problema surge de zone_reclaimable_pages ---truncado---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1ff2302e8aeac7f2eedb551d7a89617283b5c6b2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/58d0d02dbc67438fc80223fdd7bbc49cf0733284",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/63eac98d6f0898229f515cb62fe4e4db2430e99c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/66cd37660ec34ec444fe42f2277330ae4a36bb19",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6aaced5abd32e2a57cd94fd64f824514d0361da8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bfb701192129803191c9cd6cdd1f82cd07f8de2c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d675fefbaec3815b3ae0af1bebd97f27df3a05c8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-578xx/CVE-2024-57885.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-57885",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:12.893",
"lastModified": "2025-01-15T13:15:12.893",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/kmemleak: fix sleeping function called from invalid context at print message\n\nAddress a bug in the kernel that triggers a \"sleeping function called from\ninvalid context\" warning when /sys/kernel/debug/kmemleak is printed under\nspecific conditions:\n- CONFIG_PREEMPT_RT=y\n- Set SELinux as the LSM for the system\n- Set kptr_restrict to 1\n- kmemleak buffer contains at least one item\n\nBUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\nin_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 136, name: cat\npreempt_count: 1, expected: 0\nRCU nest depth: 2, expected: 2\n6 locks held by cat/136:\n #0: ffff32e64bcbf950 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xb8/0xe30\n #1: ffffafe6aaa9dea0 (scan_mutex){+.+.}-{3:3}, at: kmemleak_seq_start+0x34/0x128\n #3: ffff32e6546b1cd0 (&object->lock){....}-{2:2}, at: kmemleak_seq_show+0x3c/0x1e0\n #4: ffffafe6aa8d8560 (rcu_read_lock){....}-{1:2}, at: has_ns_capability_noaudit+0x8/0x1b0\n #5: ffffafe6aabbc0f8 (notif_lock){+.+.}-{2:2}, at: avc_compute_av+0xc4/0x3d0\nirq event stamp: 136660\nhardirqs last enabled at (136659): [<ffffafe6a80fd7a0>] _raw_spin_unlock_irqrestore+0xa8/0xd8\nhardirqs last disabled at (136660): [<ffffafe6a80fd85c>] _raw_spin_lock_irqsave+0x8c/0xb0\nsoftirqs last enabled at (0): [<ffffafe6a5d50b28>] copy_process+0x11d8/0x3df8\nsoftirqs last disabled at (0): [<0000000000000000>] 0x0\nPreemption disabled at:\n[<ffffafe6a6598a4c>] kmemleak_seq_show+0x3c/0x1e0\nCPU: 1 UID: 0 PID: 136 Comm: cat Tainted: G E 6.11.0-rt7+ #34\nTainted: [E]=UNSIGNED_MODULE\nHardware name: linux,dummy-virt (DT)\nCall trace:\n dump_backtrace+0xa0/0x128\n show_stack+0x1c/0x30\n dump_stack_lvl+0xe8/0x198\n dump_stack+0x18/0x20\n rt_spin_lock+0x8c/0x1a8\n avc_perm_nonode+0xa0/0x150\n cred_has_capability.isra.0+0x118/0x218\n selinux_capable+0x50/0x80\n security_capable+0x7c/0xd0\n has_ns_capability_noaudit+0x94/0x1b0\n has_capability_noaudit+0x20/0x30\n restricted_pointer+0x21c/0x4b0\n pointer+0x298/0x760\n vsnprintf+0x330/0xf70\n seq_printf+0x178/0x218\n print_unreferenced+0x1a4/0x2d0\n kmemleak_seq_show+0xd0/0x1e0\n seq_read_iter+0x354/0xe30\n seq_read+0x250/0x378\n full_proxy_read+0xd8/0x148\n vfs_read+0x190/0x918\n ksys_read+0xf0/0x1e0\n __arm64_sys_read+0x70/0xa8\n invoke_syscall.constprop.0+0xd4/0x1d8\n el0_svc+0x50/0x158\n el0t_64_sync+0x17c/0x180\n\n%pS and %pK, in the same back trace line, are redundant, and %pS can void\n%pK service in certain contexts.\n\n%pS alone already provides the necessary information, and if it cannot\nresolve the symbol, it falls back to printing the raw address voiding\nthe original intent behind the %pK.\n\nAdditionally, %pK requires a privilege check CAP_SYSLOG enforced through\nthe LSM, which can trigger a \"sleeping function called from invalid\ncontext\" warning under RT_PREEMPT kernels when the check occurs in an\natomic context. This issue may also affect other LSMs.\n\nThis change avoids the unnecessary privilege check and resolves the\nsleeping function warning without any loss of information."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/kmemleak: se corrige la funci\u00f3n inactiva llamada desde un contexto no v\u00e1lido en el mensaje de impresi\u00f3n Se soluciona un error en el kernel que activa una advertencia de \"funci\u00f3n inactiva llamada desde un contexto no v\u00e1lido\" cuando se imprime /sys/kernel/debug/kmemleak en condiciones espec\u00edficas: - CONFIG_PREEMPT_RT=y - Establezca SELinux como el LSM para el sistema - Establezca kptr_restrict en 1 - el b\u00fafer de kmemleak contiene al menos un elemento ERROR: funci\u00f3n inactiva llamada desde un contexto no v\u00e1lido en kernel/locking/spinlock_rt.c:48 in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 136, name: cat preempt_count: 1, expected: 0 Profundidad de anidaci\u00f3n de RCU: 2, expected: 2 6 bloqueos mantenidos por cat/136: #0: ffff32e64bcbf950 (&amp;p-&gt;bloqueo){+.+.}-{3:3}, en: seq_read_iter+0xb8/0xe30 #1: ffffafe6aaa9dea0 (scan_mutex){+.+.}-{3:3}, en: kmemleak_seq_start+0x34/0x128 #3: ffff32e6546b1cd0 (&amp;object-&gt;bloqueo){....}-{2:2}, en: kmemleak_seq_show+0x3c/0x1e0 #4: ffffafe6aa8d8560 (rcu_lectura_bloqueo){....}-{1:2}, en: has_ns_capability_noaudit+0x8/0x1b0 #5: ffffafe6aabbc0f8 (notif_bloqueo){+.+.}-{2:2}, en: avc_compute_av+0xc4/0x3d0 marca de evento de irq: 136660 hardirqs habilitados por \u00faltima vez en (136659): [] _raw_spin_unlock_irqrestore+0xa8/0xd8 hardirqs deshabilitados por \u00faltima vez en (136660): [] _raw_spin_lock_irqsave+0x8c/0xb0 softirqs habilitados por \u00faltima vez en (0): [] copy_process+0x11d8/0x3df8 softirqs deshabilitados por \u00faltima vez en (0): [&lt;0000000000000000&gt;] 0x0 Preempci\u00f3n deshabilitada en: [] kmemleak_seq_show+0x3c/0x1e0 CPU: 1 UID: 0 PID: 136 Comm: cat Contaminado: GE 6.11.0-rt7+ #34 Contaminado: [E]=UNSIGNED_MODULE Nombre del hardware: linux,dummy-virt (DT) Rastreo de llamadas: dump_backtrace+0xa0/0x128 show_stack+0x1c/0x30 dump_stack_lvl+0xe8/0x198 dump_stack+0x18/0x20 rt_spin_lock+0x8c/0x1a8 avc_perm_nonode+0xa0/0x150 cred_has_capability.isra.0+0x118/0x218 selinux_capable+0x50/0x80 security_capable+0x7c/0xd0 has_ns_capability_noaudit+0x94/0x1b0 has_capability_noaudit+0x20/0x30 puntero_restringido+0x21c/0x4b0 puntero+0x298/0x760 vsnprintf+0x330/0xf70 seq_printf+0x178/0x218 impresi\u00f3n_sin_referencia+0x1a4/0x2d0 kmemleak_seq_show+0xd0/0x1e0 seq_read_iter+0x354/0xe30 seq_read+0x250/0x378 lectura_proxy_completa+0xd8/0x148 vfs_read+0x190/0x918 ksys_read+0xf0/0x1e0 __arm64_sys_read+0x70/0xa8 %pS y %pK, en la misma l\u00ednea de seguimiento inverso, son redundantes, y %pS puede anular el servicio %pK en ciertos contextos. %pS solo ya proporciona la informaci\u00f3n necesaria, y si no puede resolver el s\u00edmbolo, vuelve a imprimir la direcci\u00f3n sin formato anulando la intenci\u00f3n original detr\u00e1s de %pK. Adem\u00e1s, %pK requiere una verificaci\u00f3n de privilegios CAP_SYSLOG aplicada a trav\u00e9s del LSM, que puede activar una advertencia de \"funci\u00f3n inactiva llamada desde un contexto no v\u00e1lido\" en kernels RT_PREEMPT cuando la verificaci\u00f3n ocurre en un contexto at\u00f3mico. Este problema tambi\u00e9n puede afectar a otros LSM. Este cambio evita la verificaci\u00f3n de privilegios innecesaria y resuelve la advertencia de funci\u00f3n inactiva sin ninguna p\u00e9rdida de informaci\u00f3n."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/64b2d32f22597b2a1dc83ac600b2426588851a97",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/86d946f3f9992aaa12abcfd09f925446c2cd42a2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cddc76b165161a02ff14c4d84d0f5266d9d32b9e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-578xx/CVE-2024-57886.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-57886",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:13.010",
"lastModified": "2025-01-15T13:15:13.010",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/damon/core: fix new damon_target objects leaks on damon_commit_targets()\n\nPatch series \"mm/damon/core: fix memory leaks and ignored inputs from\ndamon_commit_ctx()\".\n\nDue to two bugs in damon_commit_targets() and damon_commit_schemes(),\nwhich are called from damon_commit_ctx(), some user inputs can be ignored,\nand some mmeory objects can be leaked. Fix those.\n\nNote that only DAMON sysfs interface users are affected. Other DAMON core\nAPI user modules that more focused more on simple and dedicated production\nusages, including DAMON_RECLAIM and DAMON_LRU_SORT are not using the buggy\nfunction in the way, so not affected.\n\n\nThis patch (of 2):\n\nWhen new DAMON targets are added via damon_commit_targets(), the newly\ncreated targets are not deallocated when updating the internal data\n(damon_commit_target()) is failed. Worse yet, even if the setup is\nsuccessfully done, the new target is not linked to the context. Hence,\nthe new targets are always leaked regardless of the internal data setup\nfailure. Fix the leaks."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/damon/core: corrige nuevas fugas de objetos damon_target en damon_commit_targets() Serie de parches \"mm/damon/core: corrige fugas de memoria y entradas ignoradas de damon_commit_ctx()\". Debido a dos errores en damon_commit_targets() y damon_commit_schemes(), que se llaman desde damon_commit_ctx(), algunas entradas de usuario pueden ignorarse y algunos objetos de memoria pueden filtrarse. Arr\u00e9glelos. Tenga en cuenta que solo los usuarios de la interfaz sysfs de DAMON se ven afectados. Otros m\u00f3dulos de usuario de la API del n\u00facleo de DAMON que se centran m\u00e1s en usos de producci\u00f3n simples y dedicados, incluidos DAMON_RECLAIM y DAMON_LRU_SORT, no utilizan la funci\u00f3n con errores de la misma manera, por lo que no se ven afectados. Este parche (de 2): Cuando se agregan nuevos objetivos DAMON a trav\u00e9s de damon_commit_targets(), los objetivos reci\u00e9n creados no se desasignan cuando falla la actualizaci\u00f3n de los datos internos (damon_commit_target()). Peor a\u00fan, incluso si la configuraci\u00f3n se realiza correctamente, el nuevo objetivo no est\u00e1 vinculado al contexto. Por lo tanto, los nuevos objetivos siempre se filtran independientemente de la falla de configuraci\u00f3n de los datos internos. Corrija las filtraciones."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3647932d0b3e609c762c55e8f9fe10a09776e0a7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8debfc5b1aa569d3d2ac836af2553da037611c61",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-578xx/CVE-2024-57887.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-57887",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:13.130",
"lastModified": "2025-01-15T13:15:13.130",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: adv7511: Fix use-after-free in adv7533_attach_dsi()\n\nThe host_node pointer was assigned and freed in adv7533_parse_dt(), and\nlater, adv7533_attach_dsi() uses the same. Fix this use-after-free issue\nby\u00a0dropping of_node_put() in adv7533_parse_dt() and calling of_node_put()\nin error path of probe() and also in the remove()."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm: adv7511: Se corrige el use-after-free en adv7533_attach_dsi() El puntero host_node se asign\u00f3 y liber\u00f3 en adv7533_parse_dt() y, posteriormente, adv7533_attach_dsi() utiliza el mismo. Corrija este problema de use-after-free eliminando of_node_put() en adv7533_parse_dt() y llamando a of_node_put() en la ruta de error de probe() y tambi\u00e9n en remove()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1f49aaf55652580ae63ab83d67211fe6a55d83dc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/81adbd3ff21c1182e06aa02c6be0bfd9ea02d8e8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ca9d077350fa21897de8bf64cba23b198740aab5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-578xx/CVE-2024-57888.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-57888",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:13.240",
"lastModified": "2025-01-15T13:15:13.240",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nworkqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker\n\nAfter commit\n746ae46c1113 (\"drm/sched: Mark scheduler work queues with WQ_MEM_RECLAIM\")\namdgpu started seeing the following warning:\n\n [ ] workqueue: WQ_MEM_RECLAIM sdma0:drm_sched_run_job_work [gpu_sched] is flushing !WQ_MEM_RECLAIM events:amdgpu_device_delay_enable_gfx_off [amdgpu]\n...\n [ ] Workqueue: sdma0 drm_sched_run_job_work [gpu_sched]\n...\n [ ] Call Trace:\n [ ] <TASK>\n...\n [ ] ? check_flush_dependency+0xf5/0x110\n...\n [ ] cancel_delayed_work_sync+0x6e/0x80\n [ ] amdgpu_gfx_off_ctrl+0xab/0x140 [amdgpu]\n [ ] amdgpu_ring_alloc+0x40/0x50 [amdgpu]\n [ ] amdgpu_ib_schedule+0xf4/0x810 [amdgpu]\n [ ] ? drm_sched_run_job_work+0x22c/0x430 [gpu_sched]\n [ ] amdgpu_job_run+0xaa/0x1f0 [amdgpu]\n [ ] drm_sched_run_job_work+0x257/0x430 [gpu_sched]\n [ ] process_one_work+0x217/0x720\n...\n [ ] </TASK>\n\nThe intent of the verifcation done in check_flush_depedency is to ensure\nforward progress during memory reclaim, by flagging cases when either a\nmemory reclaim process, or a memory reclaim work item is flushed from a\ncontext not marked as memory reclaim safe.\n\nThis is correct when flushing, but when called from the\ncancel(_delayed)_work_sync() paths it is a false positive because work is\neither already running, or will not be running at all. Therefore\ncancelling it is safe and we can relax the warning criteria by letting the\nhelper know of the calling context.\n\nReferences: 746ae46c1113 (\"drm/sched: Mark scheduler work queues with WQ_MEM_RECLAIM\")"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: workqueue: No advertir al cancelar el trabajo de WQ_MEM_RECLAIM del trabajador !WQ_MEM_RECLAIM Despu\u00e9s de la confirmaci\u00f3n 746ae46c1113 (\"drm/sched: Marcar las colas de trabajo del programador con WQ_MEM_RECLAIM\") amdgpu comenz\u00f3 a ver la siguiente advertencia: [ ] workqueue: WQ_MEM_RECLAIM sdma0:drm_sched_run_job_work [gpu_sched] is flushing !WQ_MEM_RECLAIM events:amdgpu_device_delay_enable_gfx_off [amdgpu] ... [ ] Workqueue: sdma0 drm_sched_run_job_work [gpu_sched] ... [ ] Call Trace: [ ] ... [ ] ? check_flush_dependency+0xf5/0x110 ... [ ] cancel_delayed_work_sync+0x6e/0x80 [ ] amdgpu_gfx_off_ctrl+0xab/0x140 [amdgpu] [ ] amdgpu_ring_alloc+0x40/0x50 [amdgpu] [ ] amdgpu_ib_schedule+0xf4/0x810 [amdgpu] [ ] ? drm_sched_run_job_work+0x22c/0x430 [gpu_sched] [ ] amdgpu_job_run+0xaa/0x1f0 [amdgpu] [ ] drm_sched_run_job_work+0x257/0x430 [gpu_sched] [ ] process_one_work+0x217/0x720 ... [ ] La intenci\u00f3n de la verificaci\u00f3n realizada en check_flush_depedency es asegurar el progreso hacia adelante durante la recuperaci\u00f3n de memoria, marcando los casos en los que un proceso de recuperaci\u00f3n de memoria o un elemento de trabajo de recuperaci\u00f3n de memoria se vac\u00edan de un contexto no marcado como seguro para la recuperaci\u00f3n de memoria. Esto es correcto durante el vaciado, pero cuando se llama desde las rutas cancel(_delayed)_work_sync() es un falso positivo porque el trabajo ya se est\u00e1 ejecutando o no se ejecutar\u00e1 en absoluto. Por lo tanto, cancelarlo es seguro y podemos relajar los criterios de advertencia informando al asistente del contexto de llamada. Referencias: 746ae46c1113 (\"drm/sched: Marcar las colas de trabajo del programador con WQ_MEM_RECLAIM\")"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/de35994ecd2dd6148ab5a6c5050a1670a04dec77",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ffb231471a407c96e114070bf828cd2378fdf431",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-578xx/CVE-2024-57889.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-57889",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:13.347",
"lastModified": "2025-01-15T13:15:13.347",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking\n\nIf a device uses MCP23xxx IO expander to receive IRQs, the following\nbug can happen:\n\n BUG: sleeping function called from invalid context\n at kernel/locking/mutex.c:283\n in_atomic(): 1, irqs_disabled(): 1, non_block: 0, ...\n preempt_count: 1, expected: 0\n ...\n Call Trace:\n ...\n __might_resched+0x104/0x10e\n __might_sleep+0x3e/0x62\n mutex_lock+0x20/0x4c\n regmap_lock_mutex+0x10/0x18\n regmap_update_bits_base+0x2c/0x66\n mcp23s08_irq_set_type+0x1ae/0x1d6\n __irq_set_trigger+0x56/0x172\n __setup_irq+0x1e6/0x646\n request_threaded_irq+0xb6/0x160\n ...\n\nWe observed the problem while experimenting with a touchscreen driver which\nused MCP23017 IO expander (I2C).\n\nThe regmap in the pinctrl-mcp23s08 driver uses a mutex for protection from\nconcurrent accesses, which is the default for regmaps without .fast_io,\n.disable_locking, etc.\n\nmcp23s08_irq_set_type() calls regmap_update_bits_base(), and the latter\nlocks the mutex.\n\nHowever, __setup_irq() locks desc->lock spinlock before calling these\nfunctions. As a result, the system tries to lock the mutex whole holding\nthe spinlock.\n\nIt seems, the internal regmap locks are not needed in this driver at all.\nmcp->lock seems to protect the regmap from concurrent accesses already,\nexcept, probably, in mcp_pinconf_get/set.\n\nmcp23s08_irq_set_type() and mcp23s08_irq_mask/unmask() are called under\nchip_bus_lock(), which calls mcp23s08_irq_bus_lock(). The latter takes\nmcp->lock and enables regmap caching, so that the potentially slow I2C\naccesses are deferred until chip_bus_unlock().\n\nThe accesses to the regmap from mcp23s08_probe_one() do not need additional\nlocking.\n\nIn all remaining places where the regmap is accessed, except\nmcp_pinconf_get/set(), the driver already takes mcp->lock.\n\nThis patch adds locking in mcp_pinconf_get/set() and disables internal\nlocking in the regmap config. Among other things, it fixes the sleeping\nin atomic context described above."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: pinctrl: mcp23s08: Se corrige la suspensi\u00f3n en un contexto at\u00f3mico debido al bloqueo de regmap Si un dispositivo usa el expansor de E/S MCP23xxx para recibir IRQ, puede ocurrir el siguiente error: ERROR: funci\u00f3n de suspensi\u00f3n llamada desde un contexto no v\u00e1lido en kernel/locking/mutex.c:283 in_atomic(): 1, irqs_disabled(): 1, non_block: 0, ... preempt_count: 1, expected: 0 ... Seguimiento de llamadas: ... __might_resched+0x104/0x10e __might_sleep+0x3e/0x62 mutex_lock+0x20/0x4c regmap_lock_mutex+0x10/0x18 regmap_update_bits_base+0x2c/0x66 Observamos el problema mientras experiment\u00e1bamos con un controlador de pantalla t\u00e1ctil que usaba el expansor de E/S MCP23017 (I2C). El mapa de reglas en el controlador pinctrl-mcp23s08 usa un mutex para protecci\u00f3n contra accesos concurrentes, que es el valor predeterminado para los mapas de reglas sin .fast_io, .disable_locking, etc. mcp23s08_irq_set_type() llama a regmap_update_bits_base(), y este \u00faltimo bloquea el mutex. Sin embargo, __setup_irq() bloquea el spinlock desc-&gt;lock antes de llamar a estas funciones. Como resultado, el sistema intenta bloquear el mutex que contiene el spinlock. Parece que los bloqueos internos del mapa de reglas no son necesarios en este controlador en absoluto. mcp-&gt;lock parece proteger el mapa de reglas de accesos concurrentes, excepto, probablemente, en mcp_pinconf_get/set. mcp23s08_irq_set_type() y mcp23s08_irq_mask/unmask() se llaman bajo chip_bus_lock(), que llama a mcp23s08_irq_bus_lock(). Este \u00faltimo toma mcp-&gt;lock y habilita el almacenamiento en cach\u00e9 del mapa de reglas, de modo que los accesos I2C potencialmente lentos se posponen hasta chip_bus_unlock(). Los accesos al mapa de reglas desde mcp23s08_probe_one() no necesitan bloqueo adicional. En todos los lugares restantes donde se accede al mapa de reglas, excepto mcp_pinconf_get/set(), el controlador ya toma mcp-&gt;lock. Este parche agrega bloqueo en mcp_pinconf_get/set() y deshabilita el bloqueo interno en la configuraci\u00f3n de regmap. Entre otras cosas, corrige el problema de suspensi\u00f3n en el contexto at\u00f3mico descrito anteriormente."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0310cbad163a908d09d99c26827859365cd71fcb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/788d9e9a41b81893d6bb8faa05f045c975278318",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/830f838589522404cd7c2f0f540602f25034af61",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8c6fd5803b988a5e78c9b9e42c70a936d7cfc6ec",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9372e160d8211a7e17f2abff8370794f182df785",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a37eecb705f33726f1fb7cd2a67e514a15dfe693",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c55d186376a87b468c9ee30f2195e0f3857f61a0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-578xx/CVE-2024-57890.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-57890",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:13.473",
"lastModified": "2025-01-15T13:15:13.473",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/uverbs: Prevent integer overflow issue\n\nIn the expression \"cmd.wqe_size * cmd.wr_count\", both variables are u32\nvalues that come from the user so the multiplication can lead to integer\nwrapping. Then we pass the result to uverbs_request_next_ptr() which also\ncould potentially wrap. The \"cmd.sge_count * sizeof(struct ib_uverbs_sge)\"\nmultiplication can also overflow on 32bit systems although it's fine on\n64bit systems.\n\nThis patch does two things. First, I've re-arranged the condition in\nuverbs_request_next_ptr() so that the use controlled variable \"len\" is on\none side of the comparison by itself without any math. Then I've modified\nall the callers to use size_mul() for the multiplications."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: RDMA/uverbs: Evitar problema de desbordamiento de enteros En la expresi\u00f3n \"cmd.wqe_size * cmd.wr_count\", ambas variables son valores u32 que provienen del usuario, por lo que la multiplicaci\u00f3n puede provocar un encapsulamiento de enteros. Luego, pasamos el resultado a uverbs_request_next_ptr(), que tambi\u00e9n podr\u00eda potencialmente encapsularse. La multiplicaci\u00f3n \"cmd.sge_count * sizeof(struct ib_uverbs_sge)\" tambi\u00e9n puede desbordarse en sistemas de 32 bits, aunque est\u00e1 bien en sistemas de 64 bits. Este parche hace dos cosas. Primero, he reorganizado la condici\u00f3n en uverbs_request_next_ptr() para que la variable controlada por uso \"len\" est\u00e9 en un lado de la comparaci\u00f3n por s\u00ed misma sin ning\u00fan c\u00e1lculo. Luego, he modificado todos los llamadores para usar size_mul() para las multiplicaciones."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/346db03e9926ab7117ed9bf19665699c037c773c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/42a6eb4ed7a9a41ba0b83eb0c7e0225b5fca5608",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b3ef4ae713360501182695dd47d6b4f6e1a43eb8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b92667f755749cf10d9ef1088865c555ae83ffb7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c2f961c46ea0e5274c5c320d007c2dd949cf627a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c57721b24bd897338a81a0ca5fff41600f0f1ad1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d0257e089d1bbd35c69b6c97ff73e3690ab149a9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-578xx/CVE-2024-57891.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-57891",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:13.590",
"lastModified": "2025-01-15T13:15:13.590",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched_ext: Fix invalid irq restore in scx_ops_bypass()\n\nWhile adding outer irqsave/restore locking, 0e7ffff1b811 (\"scx: Fix raciness\nin scx_ops_bypass()\") forgot to convert an inner rq_unlock_irqrestore() to\nrq_unlock() which could re-enable IRQ prematurely leading to the following\nwarning:\n\n raw_local_irq_restore() called with IRQs enabled\n WARNING: CPU: 1 PID: 96 at kernel/locking/irqflag-debug.c:10 warn_bogus_irq_restore+0x30/0x40\n ...\n Sched_ext: create_dsq (enabling)\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : warn_bogus_irq_restore+0x30/0x40\n lr : warn_bogus_irq_restore+0x30/0x40\n ...\n Call trace:\n warn_bogus_irq_restore+0x30/0x40 (P)\n warn_bogus_irq_restore+0x30/0x40 (L)\n scx_ops_bypass+0x224/0x3b8\n scx_ops_enable.isra.0+0x2c8/0xaa8\n bpf_scx_reg+0x18/0x30\n ...\n irq event stamp: 33739\n hardirqs last enabled at (33739): [<ffff8000800b699c>] scx_ops_bypass+0x174/0x3b8\n hardirqs last disabled at (33738): [<ffff800080d48ad4>] _raw_spin_lock_irqsave+0xb4/0xd8\n\nDrop the stray _irqrestore()."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: sched_ext: Arreglar restauraci\u00f3n de irq no v\u00e1lida en scx_ops_bypass() Al agregar el bloqueo de irqsave/restore externo, 0e7ffff1b811 (\"scx: Arreglar la agresividad en scx_ops_bypass()\") olvid\u00f3 convertir un rq_unlock_irqrestore() interno en rq_unlock() que podr\u00eda volver a habilitar IRQ prematuramente, lo que genera la siguiente advertencia: raw_local_irq_restore() llamado con IRQ habilitados ADVERTENCIA: CPU: 1 PID: 96 en kernel/locking/irqflag-debug.c:10 warn_bogus_irq_restore+0x30/0x40 ... Sched_ext: create_dsq (habilitando) pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : warn_bogus_irq_restore+0x30/0x40 lr : warn_bogus_irq_restore+0x30/0x40 ... Rastreo de llamadas: warn_bogus_irq_restore+0x30/0x40 (P) warn_bogus_irq_restore+0x30/0x40 (L) scx_ops_bypass+0x224/0x3b8 scx_ops_enable.isra.0+0x2c8/0xaa8 bpf_scx_reg+0x18/0x30 ... marca de evento irq: 33739 hardirqs habilitados por \u00faltima vez en (33739): [] scx_ops_bypass+0x174/0x3b8 hardirqs deshabilitados por \u00faltima vez en (33738): [] _raw_spin_lock_irqsave+0xb4/0xd8 Elimina el _irqrestore() perdido."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/18b2093f4598d8ee67a8153badc93f0fa7686b8a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/786362ce60d79967875f43e0ba55ad7a5376c133",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-578xx/CVE-2024-57892.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-57892",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:13.710",
"lastModified": "2025-01-15T13:15:13.710",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix slab-use-after-free due to dangling pointer dqi_priv\n\nWhen mounting ocfs2 and then remounting it as read-only, a\nslab-use-after-free occurs after the user uses a syscall to\nquota_getnextquota. Specifically, sb_dqinfo(sb, type)->dqi_priv is the\ndangling pointer.\n\nDuring the remounting process, the pointer dqi_priv is freed but is never\nset as null leaving it to be accessed. Additionally, the read-only option\nfor remounting sets the DQUOT_SUSPENDED flag instead of setting the\nDQUOT_USAGE_ENABLED flags. Moreover, later in the process of getting the\nnext quota, the function ocfs2_get_next_id is called and only checks the\nquota usage flags and not the quota suspended flags.\n\nTo fix this, I set dqi_priv to null when it is freed after remounting with\nread-only and put a check for DQUOT_SUSPENDED in ocfs2_get_next_id.\n\n[akpm@linux-foundation.org: coding-style cleanups]"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ocfs2: se corrige slab-use-after-free debido al puntero colgante dqi_priv Al montar ocfs2 y luego volver a montarlo como de solo lectura, se produce un slab-use-after-free despu\u00e9s de que el usuario usa una llamada al sistema a quota_getnextquota. Espec\u00edficamente, sb_dqinfo(sb, type)-&gt;dqi_priv es el puntero colgante. Durante el proceso de remontaje, el puntero dqi_priv se libera pero nunca se establece como nulo, dej\u00e1ndolo para que se pueda acceder a \u00e9l. Adem\u00e1s, la opci\u00f3n de solo lectura para remontaje establece el indicador DQUOT_SUSPENDED en lugar de establecer los indicadores DQUOT_USAGE_ENABLED. Adem\u00e1s, m\u00e1s adelante en el proceso de obtenci\u00f3n de la siguiente cuota, se llama a la funci\u00f3n ocfs2_get_next_id y solo verifica los indicadores de uso de cuota y no los indicadores de cuota suspendida. Para solucionar esto, establezco dqi_priv en nulo cuando se libera despu\u00e9s de volver a montar con solo lectura y pongo una marca de verificaci\u00f3n para DQUOT_SUSPENDED en ocfs2_get_next_id. [akpm@linux-foundation.org: limpiezas de estilo de codificaci\u00f3n]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2e3d203b1adede46bbba049e497765d67865be18",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5f3fd772d152229d94602bca243fbb658068a597",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ba950a02d8d23811aa1120affd3adedcfac6153d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-578xx/CVE-2024-57893.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-57893",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:13.820",
"lastModified": "2025-01-15T13:15:13.820",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: seq: oss: Fix races at processing SysEx messages\n\nOSS sequencer handles the SysEx messages split in 6 bytes packets, and\nALSA sequencer OSS layer tries to combine those. It stores the data\nin the internal buffer and this access is racy as of now, which may\nlead to the out-of-bounds access.\n\nAs a temporary band-aid fix, introduce a mutex for serializing the\nprocess of the SysEx message packets."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ALSA: seq: oss: Se corrigen las ejecuciones al procesar mensajes SysEx El secuenciador OSS maneja los mensajes SysEx divididos en paquetes de 6 bytes y la capa OSS del secuenciador ALSA intenta combinarlos. Almacena los datos en el b\u00fafer interno y este acceso es acelerado a partir de ahora, lo que puede llevar al acceso fuera de los l\u00edmites. Como soluci\u00f3n temporal, introduzca un mutex para serializar el proceso de los paquetes de mensajes SysEx."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0179488ca992d79908b8e26b9213f1554fc5bacc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9d382112b36382aa65aad765f189ebde9926c101",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cff1de87ed14fc0f2332213d2367100e7ad0753a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d2392b79d8af3714ea8878b71c66dc49d3110f44",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-578xx/CVE-2024-57894.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-57894",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:13.943",
"lastModified": "2025-01-15T13:15:13.943",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_core: Fix sleeping function called from invalid context\n\nThis reworks hci_cb_list to not use mutex hci_cb_list_lock to avoid bugs\nlike the bellow:\n\nBUG: sleeping function called from invalid context at kernel/locking/mutex.c:585\nin_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5070, name: kworker/u9:2\npreempt_count: 0, expected: 0\nRCU nest depth: 1, expected: 0\n4 locks held by kworker/u9:2/5070:\n #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3229 [inline]\n #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x8e0/0x1770 kernel/workqueue.c:3335\n #1: ffffc90003b6fd00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3230 [inline]\n #1: ffffc90003b6fd00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x91b/0x1770 kernel/workqueue.c:3335\n #2: ffff8880665d0078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0 net/bluetooth/hci_event.c:6914\n #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline]\n #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:750 [inline]\n #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0 net/bluetooth/hci_event.c:6915\nCPU: 0 PID: 5070 Comm: kworker/u9:2 Not tainted 6.8.0-syzkaller-08073-g480e035fc4c7 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nWorkqueue: hci0 hci_rx_work\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n __might_resched+0x5d4/0x780 kernel/sched/core.c:10187\n __mutex_lock_common kernel/locking/mutex.c:585 [inline]\n __mutex_lock+0xc1/0xd70 kernel/locking/mutex.c:752\n hci_connect_cfm include/net/bluetooth/hci_core.h:2004 [inline]\n hci_le_create_big_complete_evt+0x3d9/0xae0 net/bluetooth/hci_event.c:6939\n hci_event_func net/bluetooth/hci_event.c:7514 [inline]\n hci_event_packet+0xa53/0x1540 net/bluetooth/hci_event.c:7569\n hci_rx_work+0x3e8/0xca0 net/bluetooth/hci_core.c:4171\n process_one_work kernel/workqueue.c:3254 [inline]\n process_scheduled_works+0xa00/0x1770 kernel/workqueue.c:3335\n worker_thread+0x86d/0xd70 kernel/workqueue.c:3416\n kthread+0x2f0/0x390 kernel/kthread.c:388\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n </TASK>"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: hci_core: Se corrige la funci\u00f3n inactiva llamada desde un contexto no v\u00e1lido. Esto modifica hci_cb_list para que no use mutex hci_cb_list_lock para evitar errores como el siguiente: ERROR: funci\u00f3n inactiva llamada desde un contexto no v\u00e1lido en kernel/locking/mutex.c:585 in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5070, name: kworker/u9:2 preempt_count: 0, expected: 0 RCU nest depth: 1, expected: 0 4 locks held by kworker/u9:2/5070: #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3229 [inline] #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x8e0/0x1770 kernel/workqueue.c:3335 #1: ffffc90003b6fd00 ((work_completion)(&amp;hdev-&gt;rx_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3230 [inline] #1: ffffc90003b6fd00 ((work_completion)(&amp;hdev-&gt;rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x91b/0x1770 kernel/workqueue.c:3335 #2: ffff8880665d0078 (&amp;hdev-&gt;lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0 net/bluetooth/hci_event.c:6914 #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline] #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:750 [inline] #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0 net/bluetooth/hci_event.c:6915 CPU: 0 PID: 5070 Comm: kworker/u9:2 Not tainted 6.8.0-syzkaller-08073-g480e035fc4c7 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Workqueue: hci0 hci_rx_work Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 __might_resched+0x5d4/0x780 kernel/sched/core.c:10187 __mutex_lock_common kernel/locking/mutex.c:585 [inline] __mutex_lock+0xc1/0xd70 kernel/locking/mutex.c:752 hci_connect_cfm include/net/bluetooth/hci_core.h:2004 [inline] hci_le_create_big_complete_evt+0x3d9/0xae0 net/bluetooth/hci_event.c:6939 hci_event_func net/bluetooth/hci_event.c:7514 [inline] hci_event_packet+0xa53/0x1540 net/bluetooth/hci_event.c:7569 hci_rx_work+0x3e8/0xca0 net/bluetooth/hci_core.c:4171 process_one_work kernel/workqueue.c:3254 [inline] process_scheduled_works+0xa00/0x1770 kernel/workqueue.c:3335 worker_thread+0x86d/0xd70 kernel/workqueue.c:3416 kthread+0x2f0/0x390 kernel/kthread.c:388 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 "
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/028a68886ead0764f4b26adfcaebf9f1955e76ea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4a31c018bfe4de84c0741aadd2c913a2490b186d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4d94f05558271654670d18c26c912da0c1c15549",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bef333418368c58690b501894324c09124e4614f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-578xx/CVE-2024-57895.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-57895",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:14.060",
"lastModified": "2025-01-15T13:15:14.060",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: set ATTR_CTIME flags when setting mtime\n\nDavid reported that the new warning from setattr_copy_mgtime is coming\nlike the following.\n\n[ 113.215316] ------------[ cut here ]------------\n[ 113.215974] WARNING: CPU: 1 PID: 31 at fs/attr.c:300 setattr_copy+0x1ee/0x200\n[ 113.219192] CPU: 1 UID: 0 PID: 31 Comm: kworker/1:1 Not tainted 6.13.0-rc1+ #234\n[ 113.220127] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014\n[ 113.221530] Workqueue: ksmbd-io handle_ksmbd_work [ksmbd]\n[ 113.222220] RIP: 0010:setattr_copy+0x1ee/0x200\n[ 113.222833] Code: 24 28 49 8b 44 24 30 48 89 53 58 89 43 6c 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 48 89 df e8 77 d6 ff ff e9 cd fe ff ff <0f> 0b e9 be fe ff ff 66 0\n[ 113.225110] RSP: 0018:ffffaf218010fb68 EFLAGS: 00010202\n[ 113.225765] RAX: 0000000000000120 RBX: ffffa446815f8568 RCX: 0000000000000003\n[ 113.226667] RDX: ffffaf218010fd38 RSI: ffffa446815f8568 RDI: ffffffff94eb03a0\n[ 113.227531] RBP: ffffaf218010fb90 R08: 0000001a251e217d R09: 00000000675259fa\n[ 113.228426] R10: 0000000002ba8a6d R11: ffffa4468196c7a8 R12: ffffaf218010fd38\n[ 113.229304] R13: 0000000000000120 R14: ffffffff94eb03a0 R15: 0000000000000000\n[ 113.230210] FS: 0000000000000000(0000) GS:ffffa44739d00000(0000) knlGS:0000000000000000\n[ 113.231215] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 113.232055] CR2: 00007efe0053d27e CR3: 000000000331a000 CR4: 00000000000006b0\n[ 113.232926] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 113.233812] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 113.234797] Call Trace:\n[ 113.235116] <TASK>\n[ 113.235393] ? __warn+0x73/0xd0\n[ 113.235802] ? setattr_copy+0x1ee/0x200\n[ 113.236299] ? report_bug+0xf3/0x1e0\n[ 113.236757] ? handle_bug+0x4d/0x90\n[ 113.237202] ? exc_invalid_op+0x13/0x60\n[ 113.237689] ? asm_exc_invalid_op+0x16/0x20\n[ 113.238185] ? setattr_copy+0x1ee/0x200\n[ 113.238692] btrfs_setattr+0x80/0x820 [btrfs]\n[ 113.239285] ? get_stack_info_noinstr+0x12/0xf0\n[ 113.239857] ? __module_address+0x22/0xa0\n[ 113.240368] ? handle_ksmbd_work+0x6e/0x460 [ksmbd]\n[ 113.240993] ? __module_text_address+0x9/0x50\n[ 113.241545] ? __module_address+0x22/0xa0\n[ 113.242033] ? unwind_next_frame+0x10e/0x920\n[ 113.242600] ? __pfx_stack_trace_consume_entry+0x10/0x10\n[ 113.243268] notify_change+0x2c2/0x4e0\n[ 113.243746] ? stack_depot_save_flags+0x27/0x730\n[ 113.244339] ? set_file_basic_info+0x130/0x2b0 [ksmbd]\n[ 113.244993] set_file_basic_info+0x130/0x2b0 [ksmbd]\n[ 113.245613] ? process_scheduled_works+0xbe/0x310\n[ 113.246181] ? worker_thread+0x100/0x240\n[ 113.246696] ? kthread+0xc8/0x100\n[ 113.247126] ? ret_from_fork+0x2b/0x40\n[ 113.247606] ? ret_from_fork_asm+0x1a/0x30\n[ 113.248132] smb2_set_info+0x63f/0xa70 [ksmbd]\n\nksmbd is trying to set the atime and mtime via notify_change without also\nsetting the ctime. so This patch add ATTR_CTIME flags when setting mtime\nto avoid a warning."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ksmbd: establecer indicadores ATTR_CTIME al configurar mtime David inform\u00f3 que la nueva advertencia de setattr_copy_mgtime aparece de la siguiente manera. [ 113.215316] ------------[ cortar aqu\u00ed ]------------ [ 113.215974] ADVERTENCIA: CPU: 1 PID: 31 en fs/attr.c:300 setattr_copy+0x1ee/0x200 [ 113.219192] CPU: 1 UID: 0 PID: 31 Comm: kworker/1:1 No contaminado 6.13.0-rc1+ #234 [ 113.220127] Nombre del hardware: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014 [ 113.221530] Workqueue: ksmbd-io handle_ksmbd_work [ksmbd] [ 113.222220] RIP: 0010:setattr_copy+0x1ee/0x200 [ 113.222833] Code: 24 28 49 8b 44 24 30 48 89 53 58 89 43 6c 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 48 89 df e8 77 d6 ff ff e9 cd fe ff ff &lt;0f&gt; 0b e9 be fe ff ff 66 0 [ 113.225110] RSP: 0018:ffffaf218010fb68 EFLAGS: 00010202 [ 113.225765] RAX: 0000000000000120 RBX: ffffa446815f8568 RCX: 0000000000000003 [ 113.226667] RDX: ffffaf218010fd38 RSI: ffffa446815f8568 RDI: ffffffff94eb03a0 [ 113.227531] RBP: ffffaf218010fb90 R08: 0000001a251e217d R09: 00000000675259fa [ 113.228426] R10: 0000000002ba8a6d R11: ffffa4468196c7a8 R12: ffffaf218010fd38 [ 113.229304] R13: 0000000000000120 R14: ffffffff94eb03a0 R15: 0000000000000000 [ 113.230210] FS: 0000000000000000(0000) GS:ffffa44739d00000(0000) knlGS:0000000000000000 [ 113.231215] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.232055] CR2: 00007efe0053d27e CR3: 000000000331a000 CR4: 00000000000006b0 [ 113.232926] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 113.233812] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 113.234797] Call Trace: [ 113.235116] [ 113.235393] ? __warn+0x73/0xd0 [ 113.235802] ? setattr_copy+0x1ee/0x200 [ 113.236299] ? report_bug+0xf3/0x1e0 [ 113.236757] ? handle_bug+0x4d/0x90 [ 113.237202] ? exc_invalid_op+0x13/0x60 [ 113.237689] ? asm_exc_invalid_op+0x16/0x20 [ 113.238185] ? setattr_copy+0x1ee/0x200 [ 113.238692] btrfs_setattr+0x80/0x820 [btrfs] [ 113.239285] ? get_stack_info_noinstr+0x12/0xf0 [ 113.239857] ? __module_address+0x22/0xa0 [ 113.240368] ? handle_ksmbd_work+0x6e/0x460 [ksmbd] [ 113.240993] ? __module_text_address+0x9/0x50 [ 113.241545] ? __module_address+0x22/0xa0 [ 113.242033] ? unwind_next_frame+0x10e/0x920 [ 113.242600] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 113.243268] notify_change+0x2c2/0x4e0 [ 113.243746] ? stack_depot_save_flags+0x27/0x730 [ 113.244339] ? set_file_basic_info+0x130/0x2b0 [ksmbd] [ 113.244993] set_file_basic_info+0x130/0x2b0 [ksmbd] [ 113.245613] ? process_scheduled_works+0xbe/0x310 [ 113.246181] ? worker_thread+0x100/0x240 [ 113.246696] ? kthread+0xc8/0x100 [ 113.247126] ? ret_from_fork+0x2b/0x40 [ 113.247606] ? ret_from_fork_asm+0x1a/0x30 [ 113.248132] smb2_set_info+0x63f/0xa70 [ksmbd] ksmbd est\u00e1 intentando configurar atime y mtime mediante notify_change sin configurar tambi\u00e9n ctime. Por lo tanto, este parche agrega indicadores ATTR_CTIME al configurar mtime para evitar una advertencia."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1d7ee876b8b96efc14e177a7fe8d45ac25d68849",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/21e46a79bbe6c4e1aa73b3ed998130f2ff07b128",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/52cefcff6a4a814f4f8e357422fcfb71fd2ebf75",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-578xx/CVE-2024-57896.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-57896",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:14.200",
"lastModified": "2025-01-15T13:15:14.200",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: flush delalloc workers queue before stopping cleaner kthread during unmount\n\nDuring the unmount path, at close_ctree(), we first stop the cleaner\nkthread, using kthread_stop() which frees the associated task_struct, and\nthen stop and destroy all the work queues. However after we stopped the\ncleaner we may still have a worker from the delalloc_workers queue running\ninode.c:submit_compressed_extents(), which calls btrfs_add_delayed_iput(),\nwhich in turn tries to wake up the cleaner kthread - which was already\ndestroyed before, resulting in a use-after-free on the task_struct.\n\nSyzbot reported this with the following stack traces:\n\n BUG: KASAN: slab-use-after-free in __lock_acquire+0x78/0x2100 kernel/locking/lockdep.c:5089\n Read of size 8 at addr ffff8880259d2818 by task kworker/u8:3/52\n\n CPU: 1 UID: 0 PID: 52 Comm: kworker/u8:3 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n Workqueue: btrfs-delalloc btrfs_work_helper\n Call Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n __lock_acquire+0x78/0x2100 kernel/locking/lockdep.c:5089\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5849\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0xd5/0x120 kernel/locking/spinlock.c:162\n class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:551 [inline]\n try_to_wake_up+0xc2/0x1470 kernel/sched/core.c:4205\n submit_compressed_extents+0xdf/0x16e0 fs/btrfs/inode.c:1615\n run_ordered_work fs/btrfs/async-thread.c:288 [inline]\n btrfs_work_helper+0x96f/0xc40 fs/btrfs/async-thread.c:324\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n </TASK>\n\n Allocated by task 2:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n unpoison_slab_object mm/kasan/common.c:319 [inline]\n __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:345\n kasan_slab_alloc include/linux/kasan.h:250 [inline]\n slab_post_alloc_hook mm/slub.c:4104 [inline]\n slab_alloc_node mm/slub.c:4153 [inline]\n kmem_cache_alloc_node_noprof+0x1d9/0x380 mm/slub.c:4205\n alloc_task_struct_node kernel/fork.c:180 [inline]\n dup_task_struct+0x57/0x8c0 kernel/fork.c:1113\n copy_process+0x5d1/0x3d50 kernel/fork.c:2225\n kernel_clone+0x223/0x870 kernel/fork.c:2807\n kernel_thread+0x1bc/0x240 kernel/fork.c:2869\n create_kthread kernel/kthread.c:412 [inline]\n kthreadd+0x60d/0x810 kernel/kthread.c:767\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\n Freed by task 24:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2338 [inline]\n slab_free mm/slub.c:4598 [inline]\n kmem_cache_free+0x195/0x410 mm/slub.c:4700\n put_task_struct include/linux/sched/task.h:144 [inline]\n delayed_put_task_struct+0x125/0x300 kernel/exit.c:227\n rcu_do_batch kernel/rcu/tree.c:2567 [inline]\n rcu_core+0xaaa/0x17a0 kernel/rcu/tree.c:2823\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:554\n run_ksoftirqd+0xca/0x130 kernel/softirq.c:943\n \n---truncated---"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: btrfs: vaciar la cola de trabajadores delalloc antes de detener el kthread del limpiador durante el desmontaje Durante la ruta de desmontaje, en close_ctree(), primero detenemos el kthread del limpiador, utilizando kthread_stop() que libera el task_struct asociado, y luego detenemos y destruimos todas las colas de trabajo. Sin embargo, despu\u00e9s de detener el limpiador, es posible que a\u00fan tengamos un trabajador de la cola delalloc_workers ejecutando inode.c:submit_compressed_extents(), que llama a btrfs_add_delayed_iput(), que a su vez intenta despertar el kthread del limpiador, que ya se destruy\u00f3 antes, lo que resulta en un uso despu\u00e9s de la liberaci\u00f3n en el task_struct. Syzbot inform\u00f3 esto con los siguientes seguimientos de pila: ERROR: KASAN: slab-use-after-free en __lock_acquire+0x78/0x2100 kernel/locking/lockdep.c:5089 Lectura de tama\u00f1o 8 en la direcci\u00f3n ffff8880259d2818 por la tarea kworker/u8:3/52 CPU: 1 UID: 0 PID: 52 Comm: kworker/u8:3 No contaminado 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 13/09/2024 Cola de trabajo: btrfs-delalloc btrfs_work_helper Seguimiento de llamadas: __dump_stack lib/dump_stack.c:94 [en l\u00ednea] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:378 [en l\u00ednea] print_report+0x169/0x550 mm/kasan/report.c:489 kasan_report+0x143/0x180 mm/kasan/report.c:602 __lock_acquire+0x78/0x2100 kernel/locking/lockdep.c:5089 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5849 __raw_spin_lock_irqsave incluir/linux/spinlock_api_smp.h:110 [en l\u00ednea] _raw_spin_lock_irqsave+0xd5/0x120 kernel/locking/spinlock.c:162 class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:551 [en l\u00ednea] try_to_wake_up+0xc2/0x1470 kernel/sched/core.c:4205 submit_compressed_extents+0xdf/0x16e0 fs/btrfs/inode.c:1615 run_ordered_work fs/btrfs/async-thread.c:288 [en l\u00ednea] btrfs_work_helper+0x96f/0xc40 fs/btrfs/async-thread.c:324 process_one_work kernel/workqueue.c:3229 [en l\u00ednea] process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310 Asignado por la tarea 2: kasan_save_stack mm/kasan/common.c:47 [en l\u00ednea] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 unpoison_slab_object mm/kasan/common.c:319 [en l\u00ednea] __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:345 kasan_slab_alloc include/linux/kasan.h:250 [en l\u00ednea] gancho de alloc de publicaci\u00f3n de losa mm/slub.c:4104 [en l\u00ednea] nodo de alloc de losa mm/slub.c:4153 [en l\u00ednea] nodo de alloc de cach\u00e9 kmem_noprof+0x1d9/0x380 mm/slub.c:4205 nodo de estructura de tareas de asignaci\u00f3n kernel/fork.c:180 [en l\u00ednea] estructura de tareas dup+0x57/0x8c0 kernel/fork.c:1113 proceso de copia+0x5d1/0x3d50 kernel/fork.c:2225 clon de kernel+0x223/0x870 kernel/fork.c:2807 kernel_thread+0x1bc/0x240 kernel/fork.c:2869 create_kthread kernel/kthread.c:412 [en l\u00ednea] kthreadd+0x60d/0x810 kernel/kthread.c:767 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 Liberado por la tarea 24: kasan_save_stack mm/kasan/common.c:47 [en l\u00ednea] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582 poison_slab_object mm/kasan/common.c:247 [en l\u00ednea] __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264 kasan_slab_free include/linux/kasan.h:233 [en l\u00ednea] gancho slab_free mm/slub.c:2338 [en l\u00ednea] slab_free mm/slub.c:4598 [en l\u00ednea] kmem_cache_free+0x195/0x410 mm/slub.c:4700 put_task_struct include/linux/sched/task.h:144 [en l\u00ednea] delayed_put_task_struct+0x125/0x300 kernel/exit.c:227 rcu_do_batch kernel/rcu/tree.c:2567 [en l\u00ednea] rcu_core+0xaaa/0x17a0 kernel/rcu/tree.c:2823 handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:554 run_ksoftirqd+0xca/0x130 kernel/softirq.c:943 ---truncado---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1ea629e7bb2fb40555e5e01a1b5095df31287017",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/35916b2f96505a18dc7242a115611b718d9de725",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/63f4b594a688bf922e8691f0784679aa7af7988c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a2718ed1eb8c3611b63f8933c7e68c8821fe2808",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d77a3a99b53d12c061c007cdc96df38825dee476",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f10bef73fb355e3fc85e63a50386798be68ff486",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2024/CVE-2024-578xx/CVE-2024-57897.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2024-57897",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:14.317",
"lastModified": "2025-01-15T13:15:14.317",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Correct the migration DMA map direction\n\nThe SVM DMA device map direction should be set the same as\nthe DMA unmap setting, otherwise the DMA core will report\nthe following warning.\n\nBefore finialize this solution, there're some discussion on\nthe DMA mapping type(stream-based or coherent) in this KFD\nmigration case, followed by https://lore.kernel.org/all/04d4ab32\n-45a1-4b88-86ee-fb0f35a0ca40@amd.com/T/.\n\nAs there's no dma_sync_single_for_*() in the DMA buffer accessed\nthat because this migration operation should be sync properly and\nautomatically. Give that there's might not be a performance problem\nin various cache sync policy of DMA sync. Therefore, in order to\nsimplify the DMA direction setting alignment, let's set the DMA map\ndirection as BIDIRECTIONAL.\n\n[ 150.834218] WARNING: CPU: 8 PID: 1812 at kernel/dma/debug.c:1028 check_unmap+0x1cc/0x930\n[ 150.834225] Modules linked in: amdgpu(OE) amdxcp drm_exec(OE) gpu_sched drm_buddy(OE) drm_ttm_helper(OE) ttm(OE) drm_suballoc_helper(OE) drm_display_helper(OE) drm_kms_helper(OE) i2c_algo_bit rpcsec_gss_krb5 auth_rpcgss nfsv4 nfs lockd grace netfs xt_conntrack xt_MASQUERADE nf_conntrack_netlink xfrm_user xfrm_algo iptable_nat xt_addrtype iptable_filter br_netfilter nvme_fabrics overlay nfnetlink_cttimeout nfnetlink openvswitch nsh nf_conncount nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c bridge stp llc sch_fq_codel intel_rapl_msr amd_atl intel_rapl_common snd_hda_codec_realtek snd_hda_codec_generic snd_hda_scodec_component snd_hda_codec_hdmi snd_hda_intel snd_intel_dspcfg edac_mce_amd snd_pci_acp6x snd_hda_codec snd_acp_config snd_hda_core snd_hwdep snd_soc_acpi kvm_amd sunrpc snd_pcm kvm binfmt_misc snd_seq_midi crct10dif_pclmul snd_seq_midi_event ghash_clmulni_intel sha512_ssse3 snd_rawmidi nls_iso8859_1 sha256_ssse3 sha1_ssse3 snd_seq aesni_intel snd_seq_device crypto_simd snd_timer cryptd input_leds\n[ 150.834310] wmi_bmof serio_raw k10temp rapl snd sp5100_tco ipmi_devintf soundcore ccp ipmi_msghandler cm32181 industrialio mac_hid msr parport_pc ppdev lp parport efi_pstore drm(OE) ip_tables x_tables pci_stub crc32_pclmul nvme ahci libahci i2c_piix4 r8169 nvme_core i2c_designware_pci realtek i2c_ccgx_ucsi video wmi hid_generic cdc_ether usbnet usbhid hid r8152 mii\n[ 150.834354] CPU: 8 PID: 1812 Comm: rocrtst64 Tainted: G OE 6.10.0-custom #492\n[ 150.834358] Hardware name: AMD Majolica-RN/Majolica-RN, BIOS RMJ1009A 06/13/2021\n[ 150.834360] RIP: 0010:check_unmap+0x1cc/0x930\n[ 150.834363] Code: c0 4c 89 4d c8 e8 34 bf 86 00 4c 8b 4d c8 4c 8b 45 c0 48 8b 4d b8 48 89 c6 41 57 4c 89 ea 48 c7 c7 80 49 b4 84 e8 b4 81 f3 ff <0f> 0b 48 c7 c7 04 83 ac 84 e8 76 ba fc ff 41 8b 76 4c 49 8d 7e 50\n[ 150.834365] RSP: 0018:ffffaac5023739e0 EFLAGS: 00010086\n[ 150.834368] RAX: 0000000000000000 RBX: ffffffff8566a2e0 RCX: 0000000000000027\n[ 150.834370] RDX: ffff8f6a8f621688 RSI: 0000000000000001 RDI: ffff8f6a8f621680\n[ 150.834372] RBP: ffffaac502373a30 R08: 00000000000000c9 R09: ffffaac502373850\n[ 150.834373] R10: ffffaac502373848 R11: ffffffff84f46328 R12: ffffaac502373a40\n[ 150.834375] R13: ffff8f6741045330 R14: ffff8f6741a77700 R15: ffffffff84ac831b\n[ 150.834377] FS: 00007faf0fc94c00(0000) GS:ffff8f6a8f600000(0000) knlGS:0000000000000000\n[ 150.834379] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 150.834381] CR2: 00007faf0b600020 CR3: 000000010a52e000 CR4: 0000000000350ef0\n[ 150.834383] Call Trace:\n[ 150.834385] <TASK>\n[ 150.834387] ? show_regs+0x6d/0x80\n[ 150.834393] ? __warn+0x8c/0x140\n[ 150.834397] ? check_unmap+0x1cc/0x930\n[ 150.834400] ? report_bug+0x193/0x1a0\n[ 150.834406] ? handle_bug+0x46/0x80\n[ 150.834410] ? exc_invalid_op+0x1d/0x80\n[ 150.834413] ? asm_exc_invalid_op+0x1f/0x30\n[ 150.834420] ? check_unmap+0x1cc/0x930\n[ 150.834425] debug_dma_unmap_page+0x86/0x90\n[ 150.834431] ? srso_return_thunk+0x5/0x5f\n[ 150.834435] \n---truncated---"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdkfd: Corrija la direcci\u00f3n del mapa DMA de migraci\u00f3n La direcci\u00f3n del mapa del dispositivo DMA de SVM debe configurarse igual que la configuraci\u00f3n de anulaci\u00f3n del mapa DMA; de lo contrario, el n\u00facleo DMA informar\u00e1 la siguiente advertencia. Antes de finalizar esta soluci\u00f3n, hay una discusi\u00f3n sobre el tipo de mapeo DMA (basado en flujo o coherente) en este caso de migraci\u00f3n KFD, seguido de https://lore.kernel.org/all/04d4ab32 -45a1-4b88-86ee-fb0f35a0ca40@amd.com/T/. Como no hay dma_sync_single_for_*() en el b\u00fafer DMA al que se accede, esto se debe a que esta operaci\u00f3n de migraci\u00f3n debe sincronizarse de manera adecuada y autom\u00e1tica. Dado que es posible que no haya un problema de rendimiento en varias pol\u00edticas de sincronizaci\u00f3n de cach\u00e9 de la sincronizaci\u00f3n DMA. Por lo tanto, para simplificar la alineaci\u00f3n de la configuraci\u00f3n de la direcci\u00f3n DMA, configuremos la direcci\u00f3n del mapa DMA como BIDIRECCIONAL. [ 150.834218] ADVERTENCIA: CPU: 8 PID: 1812 en kernel/dma/debug.c:1028 check_unmap+0x1cc/0x930 [ 150.834225] M\u00f3dulos vinculados en: amdgpu(OE) amdxcp drm_exec(OE) gpu_sched drm_buddy(OE) drm_ttm_helper(OE) ttm(OE) drm_suballoc_helper(OE) drm_display_helper(OE) drm_kms_helper(OE) i2c_algo_bit rpcsec_gss_krb5 auth_rpcgss nfsv4 nfs lockd grace netfs xt_conntrack xt_MASQUERADE nf_conntrack_netlink xfrm_user xfrm_algo iptable_nat xt_addrtype iptable_filter br_netfilter overlay nvme_fabrics nfnetlink_cttimeout nfnetlink openvswitch nsh nf_conncount nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c bridge stp llc sch_fq_codel intel_rapl_msr amd_atl intel_rapl_common snd_hda_codec_realtek snd_hda_codec_generic snd_hda_scodec_component snd_hda_codec_hdmi snd_hda_intel snd_intel_dspcfg edac_mce_amd snd_pci_acp6x snd_hda_codec snd_acp_config snd_hda_core snd_hwdep snd_soc_acpi kvm_amd sunrpc snd_pcm kvm binfmt_misc snd_seq_midi crct10dif_pclmul snd_seq_midi_event ghash_clmulni_intel sha512_ssse3 snd_rawmidi nls_iso8859_1 sha256_ssse3 sha1_ssse3 snd_seq aesni_intel snd_seq_device crypto_simd snd_timer cryptd leds de entrada [ 150.834310] wmi_bmof serio_raw k10temp rapl snd sp5100_tco ipmi_devintf soundcore ccp ipmi_msghandler cm32181 industrialio mac_hid msr parport_pc ppdev lp parport efi_pstore drm(OE) ip_tables x_tables pci_stub crc32_pclmul nvme ahci libahci i2c_piix4 r8169 nvme_core i2c_designware_pci realtek i2c_ccgx_ucsi video wmi hid_generic cdc_ether usbnet usbhid hid r8152 mii [ 150.834354] CPU: 8 PID: 1812 Comm: rocrtst64 Contaminado: G OE 6.10.0-custom #492 [ 150.834358] Nombre del hardware: AMD Majolica-RN/Majolica-RN, BIOS RMJ1009A 13/06/2021 [ 150.834360] RIP: 0010:check_unmap+0x1cc/0x930 [ 150.834363] C\u00f3digo: c0 4c 89 4d c8 e8 34 bf 86 00 4c 8b 4d c8 4c 8b 45 c0 48 8b 4d b8 48 89 c6 41 57 4c 89 ea 48 c7 c7 80 49 b4 84 e8 b4 81 f3 ff &lt;0f&gt; 0b 48 c7 c7 04 83 ac 84 e8 76 ba fc ff 41 8b 76 4c 49 8d 7e 50 [ 150.834365] RSP: 0018:ffffaac5023739e0 EFLAGS: 00010086 [ 150.834368] RAX: 00000000000000000 RBX: ffffffff8566a2e0 RCX: 0000000000000027 [ 150.834370] RDX: ffff8f6a8f621688 RSI: 0000000000000001 RDI: ffff8f6a8f621680 [ 150.834372] RBP: ffffaac502373a30 R08: 00000000000000c9 R09: ffffaac502373850 [ 150.834373] R10: ffffaac502373848 R11: ffffffff84f46328 R12: ffffaac502373a40 [ 150.834375] R13: ffff8f6741045330 R14: ffff8f6741a77700 R15: ffffffff84ac831b [ 150.834377] FS: 00007faf0fc94c00(0000) GS:ffff8f6a8f600000(0000) knlGS:0000000000000000 [ 150.834379] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.834381] CR2: 00007faf0b600020 CR3: 000000010a52e000 CR4: 0000000000350ef0 [ 150.834383] Seguimiento de llamadas: [ 150.834385] [ 150.834387] ? show_regs+0x6d/0x80 [ 150.834393] ? __warn+0x8c/0x140 [ 150.834397] ? check_unmap+0x1cc/0x930 [ 150.834400] ? report_bug+0x193/0x1a0 [ 150.834406] ? exc_invalid_op+0x1d/0x80 [ 150.834413] ? asm_exc_invalid_op+0x1f/0x30 [ 150.834420] ? check_unmap+0x1cc/0x930 [ 150.834425] debug_dma_unmap_page+0x86/0x90 [ 150.834431] ? ---truncado---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/22d36ad92e5703e2e9bdf228990c0999d5d53ea3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/465b18e1c518e799593797d4603f4ab76de4e1d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5c3de6b02d38eb9386edf50490e050bb44398e40",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d0fafe701c6aca785cc8685f9f76fdc73e662f47",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/de39f72953953ca7a2630f9b80ccdfef40568746",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-578xx/CVE-2024-57898.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-57898",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:14.427",
"lastModified": "2025-01-15T13:15:14.427",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: clear link ID from bitmap during link delete after clean up\n\nCurrently, during link deletion, the link ID is first removed from the\nvalid_links bitmap before performing any clean-up operations. However, some\nfunctions require the link ID to remain in the valid_links bitmap. One\nsuch example is cfg80211_cac_event(). The flow is -\n\nnl80211_remove_link()\n cfg80211_remove_link()\n ieee80211_del_intf_link()\n ieee80211_vif_set_links()\n ieee80211_vif_update_links()\n ieee80211_link_stop()\n cfg80211_cac_event()\n\ncfg80211_cac_event() requires link ID to be present but it is cleared\nalready in cfg80211_remove_link(). Ultimately, WARN_ON() is hit.\n\nTherefore, clear the link ID from the bitmap only after completing the link\nclean-up."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: cfg80211: borrar el ID del enlace del mapa de bits durante la eliminaci\u00f3n del enlace despu\u00e9s de la limpieza. Actualmente, durante la eliminaci\u00f3n del enlace, el ID del enlace se elimina primero del mapa de bits valid_links antes de realizar cualquier operaci\u00f3n de limpieza. Sin embargo, algunas funciones requieren que el ID del enlace permanezca en el mapa de bits valid_links. Un ejemplo de ello es cfg80211_cac_event(). El flujo es el siguiente: nl80211_remove_link() cfg80211_remove_link() ieee80211_del_intf_link() ieee80211_vif_set_links() ieee80211_vif_update_links() ieee80211_link_stop() cfg80211_cac_event() cfg80211_cac_event() requiere que el ID del enlace est\u00e9 presente, pero ya se borr\u00f3 en cfg80211_remove_link(). En \u00faltima instancia, se ejecuta WARN_ON(). Por lo tanto, borre el ID del enlace del mapa de bits solo despu\u00e9s de completar la limpieza del enlace."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/ae07daf440d3220d0986e676317a5da66e4f9dfd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b5c32ff6a3a38c74facdd1fe34c0d709a55527fd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-578xx/CVE-2024-57899.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-57899",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:14.540",
"lastModified": "2025-01-15T13:15:14.540",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: fix mbss changed flags corruption on 32 bit systems\n\nOn 32-bit systems, the size of an unsigned long is 4 bytes,\nwhile a u64 is 8 bytes. Therefore, when using\nor_each_set_bit(bit, &bits, sizeof(changed) * BITS_PER_BYTE),\nthe code is incorrectly searching for a bit in a 32-bit\nvariable that is expected to be 64 bits in size,\nleading to incorrect bit finding.\n\nSolution: Ensure that the size of the bits variable is correctly\nadjusted for each architecture.\n\n Call Trace:\n ? show_regs+0x54/0x58\n ? __warn+0x6b/0xd4\n ? ieee80211_link_info_change_notify+0xcc/0xd4 [mac80211]\n ? report_bug+0x113/0x150\n ? exc_overflow+0x30/0x30\n ? handle_bug+0x27/0x44\n ? exc_invalid_op+0x18/0x50\n ? handle_exception+0xf6/0xf6\n ? exc_overflow+0x30/0x30\n ? ieee80211_link_info_change_notify+0xcc/0xd4 [mac80211]\n ? exc_overflow+0x30/0x30\n ? ieee80211_link_info_change_notify+0xcc/0xd4 [mac80211]\n ? ieee80211_mesh_work+0xff/0x260 [mac80211]\n ? cfg80211_wiphy_work+0x72/0x98 [cfg80211]\n ? process_one_work+0xf1/0x1fc\n ? worker_thread+0x2c0/0x3b4\n ? kthread+0xc7/0xf0\n ? mod_delayed_work_on+0x4c/0x4c\n ? kthread_complete_and_exit+0x14/0x14\n ? ret_from_fork+0x24/0x38\n ? kthread_complete_and_exit+0x14/0x14\n ? ret_from_fork_asm+0xf/0x14\n ? entry_INT80_32+0xf0/0xf0\n\n[restore no-op path for no changes]"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: mac80211: se ha corregido la corrupci\u00f3n de indicadores modificados de mbss en sistemas de 32 bits En sistemas de 32 bits, el tama\u00f1o de un unsigned long es de 4 bytes, mientras que un u64 es de 8 bytes. Por lo tanto, al utilizar or_each_set_bit(bit, &amp;bits, sizeof(changed) * BITS_PER_BYTE), el c\u00f3digo busca incorrectamente un bit en una variable de 32 bits que se espera que tenga un tama\u00f1o de 64 bits, lo que lleva a una b\u00fasqueda incorrecta de bits. Soluci\u00f3n: aseg\u00farese de que el tama\u00f1o de la variable bits est\u00e9 correctamente ajustado para cada arquitectura. Seguimiento de llamadas: ? show_regs+0x54/0x58 ? __warn+0x6b/0xd4 ? ieee80211_link_info_change_notify+0xcc/0xd4 [mac80211] ? report_bug+0x113/0x150 ? exc_overflow+0x30/0x30 ? handle_bug+0x27/0x44 ? exc_invalid_op+0x18/0x50 ? handle_exception+0xf6/0xf6 ? exc_overflow+0x30/0x30 ? ieee80211_link_info_change_notify+0xcc/0xd4 [mac80211] ? exc_overflow+0x30/0x30 ? ieee80211_link_info_change_notify+0xcc/0xd4 [mac80211] ? ieee80211_mesh_work+0xff/0x260 [mac80211] ? cfg80211_wiphy_work+0x72/0x98 [cfg80211] ? process_one_work+0xf1/0x1fc ? worker_thread+0x2c0/0x3b4 ? kthread+0xc7/0xf0 ? mod_delayed_work_on+0x4c/0x4c ? kthread_complete_and_exit+0x14/0x14 ? ret_from_fork+0x24/0x38 ? kthread_complete_and_exit+0x14/0x14 ? ret_from_fork_asm+0xf/0x14 ? entry_INT80_32+0xf0/0xf0 [restaurar ruta sin operaci\u00f3n sin cambios]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/36b739637d7042843f9df57212ecee6ed6e0d4b2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/49dba1ded8dd5a6a12748631403240b2ab245c34",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/86772872f9f5097cd03d0e1c6813238bd38c250b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-579xx/CVE-2024-57900.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-57900",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:14.633",
"lastModified": "2025-01-15T13:15:14.633",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: serialize calls to nf_register_net_hooks()\n\nsyzbot found a race in ila_add_mapping() [1]\n\ncommit 031ae72825ce (\"ila: call nf_unregister_net_hooks() sooner\")\nattempted to fix a similar issue.\n\nLooking at the syzbot repro, we have concurrent ILA_CMD_ADD commands.\n\nAdd a mutex to make sure at most one thread is calling nf_register_net_hooks().\n\n[1]\n BUG: KASAN: slab-use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: slab-use-after-free in __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\nRead of size 4 at addr ffff888028f40008 by task dhcpcd/5501\n\nCPU: 1 UID: 0 PID: 5501 Comm: dhcpcd Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n <IRQ>\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:489\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:127 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:185\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626\n nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309\n __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5672\n __netif_receive_skb+0x1d/0x160 net/core/dev.c:5785\n process_backlog+0x443/0x15f0 net/core/dev.c:6117\n __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6883\n napi_poll net/core/dev.c:6952 [inline]\n net_rx_action+0xa94/0x1010 net/core/dev.c:7074\n handle_softirqs+0x213/0x8f0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0x109/0x170 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ila: serializar llamadas a nf_register_net_hooks() syzbot encontr\u00f3 una carrera en ila_add_mapping() [1] la confirmaci\u00f3n 031ae72825ce (\"ila: llamar a nf_unregister_net_hooks() antes\") intent\u00f3 solucionar un problema similar. Al observar la reproducci\u00f3n de syzbot, tenemos comandos ILA_CMD_ADD simult\u00e1neos. Agregue un mutex para asegurarse de que, como m\u00e1ximo, un hilo est\u00e9 llamando a nf_register_net_hooks(). [1] ERROR: KASAN: slab-use-after-free en rht_key_hashfn include/linux/rhashtable.h:159 [en l\u00ednea] ERROR: KASAN: slab-use-after-free en __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604 Lectura de tama\u00f1o 4 en la direcci\u00f3n ffff888028f40008 por la tarea dhcpcd/5501 CPU: 1 UID: 0 PID: 5501 Comm: dhcpcd No contaminado 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 13/09/2024 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:94 [en l\u00ednea] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:378 [en l\u00ednea] print_report+0xc3/0x620 mm/kasan/report.c:489 kasan_report+0xd9/0x110 mm/kasan/report.c:602 rht_key_hashfn include/linux/rhashtable.h:159 [en l\u00ednea] __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604 rhashtable_lookup include/linux/rhashtable.h:646 [en l\u00ednea] rhashtable_lookup_fast include/linux/rhashtable.h:672 [en l\u00ednea] ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:127 [en l\u00ednea] ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [en l\u00ednea] ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:185 nf_hook_entry_hookfn include/linux/netfilter.h:154 [en l\u00ednea] nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626 nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269 NF_HOOK include/linux/netfilter.h:312 [en l\u00ednea] ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309 __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5672 __netif_receive_skb+0x1d/0x160 net/core/dev.c:5785 process_backlog+0x443/0x15f0 net/core/dev.c:6117 __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6883 napi_poll net/core/dev.c:6952 [en l\u00ednea] net_rx_action+0xa94/0x1010 net/core/dev.c:7074 handle_softirqs+0x213/0x8f0 kernel/softirq.c:561 __do_softirq kernel/softirq.c:595 [en l\u00ednea] invoke_softirq kernel/softirq.c:435 [en l\u00ednea] __irq_exit_rcu+0x109/0x170 kernel/softirq.c:662 irq_exit_rcu+0x9/0x30 kernel/softirq.c:678 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [en l\u00ednea] sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1638f430f8900f2375f5de45508fbe553997e190",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/17e8fa894345e8d2c7a7642482267b275c3d4553",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/260466b576bca0081a7d4acecc8e93687aa22d0e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3d1b63cf468e446b9feaf4e4e73182b9cc82f460",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ad0677c37c14fa28913daea92d139644d7acf04e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d3017895e393536b234cf80a83fc463c08a28137",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/eba25e21dce7ec70e2b3f121b2f3a25a4ec43eca",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-579xx/CVE-2024-57901.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-57901",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:14.747",
"lastModified": "2025-01-15T13:15:14.747",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK\n\nBlamed commit forgot MSG_PEEK case, allowing a crash [1] as found\nby syzbot.\n\nRework vlan_get_protocol_dgram() to not touch skb at all,\nso that it can be used from many cpus on the same skb.\n\nAdd a const qualifier to skb argument.\n\n[1]\nskbuff: skb_under_panic: text:ffffffff8a8ccd05 len:29 put:14 head:ffff88807fc8e400 data:ffff88807fc8e3f4 tail:0x11 end:0x140 dev:<NULL>\n------------[ cut here ]------------\n kernel BUG at net/core/skbuff.c:206 !\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 1 UID: 0 PID: 5892 Comm: syz-executor883 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:skb_panic net/core/skbuff.c:206 [inline]\n RIP: 0010:skb_under_panic+0x14b/0x150 net/core/skbuff.c:216\nCode: 0b 8d 48 c7 c6 86 d5 25 8e 48 8b 54 24 08 8b 0c 24 44 8b 44 24 04 4d 89 e9 50 41 54 41 57 41 56 e8 5a 69 79 f7 48 83 c4 20 90 <0f> 0b 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3\nRSP: 0018:ffffc900038d7638 EFLAGS: 00010282\nRAX: 0000000000000087 RBX: dffffc0000000000 RCX: 609ffd18ea660600\nRDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000\nRBP: ffff88802483c8d0 R08: ffffffff817f0a8c R09: 1ffff9200071ae60\nR10: dffffc0000000000 R11: fffff5200071ae61 R12: 0000000000000140\nR13: ffff88807fc8e400 R14: ffff88807fc8e3f4 R15: 0000000000000011\nFS: 00007fbac5e006c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fbac5e00d58 CR3: 000000001238e000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n <TASK>\n skb_push+0xe5/0x100 net/core/skbuff.c:2636\n vlan_get_protocol_dgram+0x165/0x290 net/packet/af_packet.c:585\n packet_recvmsg+0x948/0x1ef0 net/packet/af_packet.c:3552\n sock_recvmsg_nosec net/socket.c:1033 [inline]\n sock_recvmsg+0x22f/0x280 net/socket.c:1055\n ____sys_recvmsg+0x1c6/0x480 net/socket.c:2803\n ___sys_recvmsg net/socket.c:2845 [inline]\n do_recvmmsg+0x426/0xab0 net/socket.c:2940\n __sys_recvmmsg net/socket.c:3014 [inline]\n __do_sys_recvmmsg net/socket.c:3037 [inline]\n __se_sys_recvmmsg net/socket.c:3030 [inline]\n __x64_sys_recvmmsg+0x199/0x250 net/socket.c:3030\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: af_packet: arreglo vlan_get_protocol_dgram() vs MSG_PEEK La confirmaci\u00f3n culpada olvid\u00f3 el caso MSG_PEEK, lo que permiti\u00f3 un bloqueo [1] como lo encontr\u00f3 syzbot. Reelabore vlan_get_protocol_dgram() para que no toque skb en absoluto, de modo que pueda usarse desde muchas CPU en el mismo skb. Agregue un calificador const al argumento skb. [1] skbuff: skb_under_panic: text:ffffffff8a8ccd05 len:29 put:14 head:ffff88807fc8e400 data:ffff88807fc8e3f4 tail:0x11 end:0x140 dev: ------------[ corte aqu\u00ed ]------------ \u00a1ERROR del kernel en net/core/skbuff.c:206! Oops: c\u00f3digo de operaci\u00f3n no v\u00e1lido: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 1 UID: 0 PID: 5892 Comm: syz-executor883 No contaminado 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 13/09/2024 RIP: 0010:skb_panic net/core/skbuff.c:206 [en l\u00ednea] RIP: 0010:skb_under_panic+0x14b/0x150 net/core/skbuff.c:216 C\u00f3digo: 0b 8d 48 c7 c6 86 d5 25 8e 48 8b 54 24 08 8b 0c 24 44 8b 44 24 04 4d 89 e9 50 41 54 41 57 41 56 e8 5a 69 79 f7 48 83 c4 20 90 &lt;0f&gt; 0b 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 RSP: 0018:ffffc900038d7638 EFLAGS: 00010282 RAX: 000000000000087 RBX: dffffc0000000000 RCX: 609ffd18ea660600 RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 RBP: ffff88802483c8d0 R08: ffffffff817f0a8c R09: 1ffff9200071ae60 R10: dffffc0000000000 R11: fffff5200071ae61 R12: 0000000000000140 R13: ffff88807fc8e400 R14: ffff88807fc8e3f4 R15: 0000000000000011 FS: 00007fbac5e006c0(0000) GS:ffff8880b8700000(0000) knlGS:00000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fbac5e00d58 CR3: 000000001238e000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Seguimiento de llamadas: skb_push+0xe5/0x100 net/core/skbuff.c:2636 vlan_get_protocol_dgram+0x165/0x290 net/packet/af_packet.c:585 packet_recvmsg+0x948/0x1ef0 net/packet/af_packet.c:3552 sock_recvmsg_nosec net/socket.c:1033 [en l\u00ednea] sock_recvmsg+0x22f/0x280 net/socket.c:1055 ____sys_recvmsg+0x1c6/0x480 net/socket.c:2803 ___sys_recvmsg net/socket.c:2845 [en l\u00ednea] do_recvmmsg+0x426/0xab0 net/socket.c:2940 __sys_recvmmsg net/socket.c:3014 [en l\u00ednea] __do_sys_recvmmsg net/socket.c:3037 [en l\u00ednea] __se_sys_recvmmsg net/socket.c:3030 [en l\u00ednea] __x64_sys_recvmmsg+0x199/0x250 net/socket.c:3030 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0d3fa6c3c9ca7aa255696150f5b759ac4a4974e1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/560cbdd26b510626f3f4f27d34c44dfd3dd3499d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5d336714db324bef84490c75dcc48b387ef0346e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a693b87692b4d7c50f4fc08a996678d60534a9da",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cd8488fdc7116f6da277515647b167859d4f72b1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/de4f8d477c67ec1d7c28f3486c3e47d147d90a01",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f91a5b8089389eb408501af2762f168c3aaa7b79",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-579xx/CVE-2024-57902.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-57902",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:14.867",
"lastModified": "2025-01-15T13:15:14.867",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_packet: fix vlan_get_tci() vs MSG_PEEK\n\nBlamed commit forgot MSG_PEEK case, allowing a crash [1] as found\nby syzbot.\n\nRework vlan_get_tci() to not touch skb at all,\nso that it can be used from many cpus on the same skb.\n\nAdd a const qualifier to skb argument.\n\n[1]\nskbuff: skb_under_panic: text:ffffffff8a8da482 len:32 put:14 head:ffff88807a1d5800 data:ffff88807a1d5810 tail:0x14 end:0x140 dev:<NULL>\n------------[ cut here ]------------\n kernel BUG at net/core/skbuff.c:206 !\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 0 UID: 0 PID: 5880 Comm: syz-executor172 Not tainted 6.13.0-rc3-syzkaller-00762-g9268abe611b0 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:skb_panic net/core/skbuff.c:206 [inline]\n RIP: 0010:skb_under_panic+0x14b/0x150 net/core/skbuff.c:216\nCode: 0b 8d 48 c7 c6 9e 6c 26 8e 48 8b 54 24 08 8b 0c 24 44 8b 44 24 04 4d 89 e9 50 41 54 41 57 41 56 e8 3a 5a 79 f7 48 83 c4 20 90 <0f> 0b 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3\nRSP: 0018:ffffc90003baf5b8 EFLAGS: 00010286\nRAX: 0000000000000087 RBX: dffffc0000000000 RCX: 8565c1eec37aa000\nRDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000\nRBP: ffff88802616fb50 R08: ffffffff817f0a4c R09: 1ffff92000775e50\nR10: dffffc0000000000 R11: fffff52000775e51 R12: 0000000000000140\nR13: ffff88807a1d5800 R14: ffff88807a1d5810 R15: 0000000000000014\nFS: 00007fa03261f6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffd65753000 CR3: 0000000031720000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n <TASK>\n skb_push+0xe5/0x100 net/core/skbuff.c:2636\n vlan_get_tci+0x272/0x550 net/packet/af_packet.c:565\n packet_recvmsg+0x13c9/0x1ef0 net/packet/af_packet.c:3616\n sock_recvmsg_nosec net/socket.c:1044 [inline]\n sock_recvmsg+0x22f/0x280 net/socket.c:1066\n ____sys_recvmsg+0x1c6/0x480 net/socket.c:2814\n ___sys_recvmsg net/socket.c:2856 [inline]\n do_recvmmsg+0x426/0xab0 net/socket.c:2951\n __sys_recvmmsg net/socket.c:3025 [inline]\n __do_sys_recvmmsg net/socket.c:3048 [inline]\n __se_sys_recvmmsg net/socket.c:3041 [inline]\n __x64_sys_recvmmsg+0x199/0x250 net/socket.c:3041\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: af_packet: arreglo vlan_get_tci() vs MSG_PEEK La confirmaci\u00f3n culpada olvid\u00f3 el caso MSG_PEEK, lo que permiti\u00f3 un bloqueo [1] como lo encontr\u00f3 syzbot. Reelabore vlan_get_tci() para que no toque skb en absoluto, de modo que pueda usarse desde muchas CPU en el mismo skb. Agregue un calificador const al argumento skb. [1] skbuff: skb_under_panic: text:ffffffff8a8da482 len:32 put:14 head:ffff88807a1d5800 data:ffff88807a1d5810 tail:0x14 end:0x140 dev: ------------[ corte aqu\u00ed ]------------ \u00a1ERROR del kernel en net/core/skbuff.c:206! Oops: c\u00f3digo de operaci\u00f3n no v\u00e1lido: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 0 UID: 0 PID: 5880 Comm: syz-executor172 No contaminado 6.13.0-rc3-syzkaller-00762-g9268abe611b0 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 13/09/2024 RIP: 0010:skb_panic net/core/skbuff.c:206 [en l\u00ednea] RIP: 0010:skb_under_panic+0x14b/0x150 net/core/skbuff.c:216 C\u00f3digo: 0b 8d 48 c7 c6 9e 6c 26 8e 48 8b 54 24 08 8b 0c 24 44 8b 44 24 04 4d 89 e9 50 41 54 41 57 41 56 e8 3a 5a 79 f7 48 83 c4 20 90 &lt;0f&gt; 0b 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 RSP: 0018:ffffc90003baf5b8 EFLAGS: 00010286 RAX: 000000000000087 RBX: dffffc0000000000 RCX: 8565c1eec37aa000 RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 RBP: ffff88802616fb50 R08: ffffffff817f0a4c R09: 1ffff92000775e50 R10: dffffc0000000000 R11: fffff52000775e51 R12: 0000000000000140 R13: ffff88807a1d5800 R14: ffff88807a1d5810 R15: 0000000000000014 FS: 00007fa03261f6c0(0000) GS:ffff8880b8600000(0000) knlGS:00000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ffd65753000 CR3: 0000000031720000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Seguimiento de llamadas: skb_push+0xe5/0x100 net/core/skbuff.c:2636 vlan_get_tci+0x272/0x550 net/packet/af_packet.c:565 packet_recvmsg+0x13c9/0x1ef0 net/packet/af_packet.c:3616 sock_recvmsg_nosec net/socket.c:1044 [en l\u00ednea] sock_recvmsg+0x22f/0x280 net/socket.c:1066 ____sys_recvmsg+0x1c6/0x480 net/socket.c:2814 ___sys_recvmsg net/socket.c:2856 [en l\u00ednea] do_recvmmsg+0x426/0xab0 net/socket.c:2951 __sys_recvmmsg net/socket.c:3025 [en l\u00ednea] __do_sys_recvmmsg net/socket.c:3048 [en l\u00ednea] __se_sys_recvmmsg net/socket.c:3041 [en l\u00ednea] __x64_sys_recvmmsg+0x199/0x250 net/socket.c:3041 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/65c67049e9ed481f6b52264b39618b8c6dfb1d3e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/66ffb0cf2125dcf9e902eede4a43653a24fd9cb2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/77ee7a6d16b6ec07b5c3ae2b6b60a24c1afbed09",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7aa78d0d8546d8ce5a764add3f55d72e707c18f1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b65292a548d847099a4fe0fff53122a06e798e25",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d91b4a9baa018a001d5c884e236c0cfd31f9f4a1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fa57f07ba0622c8692f40e1300adca59277b0044",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2024/CVE-2024-579xx/CVE-2024-57903.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2024-57903",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:14.973",
"lastModified": "2025-01-15T13:15:14.973",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: restrict SO_REUSEPORT to inet sockets\n\nAfter blamed commit, crypto sockets could accidentally be destroyed\nfrom RCU call back, as spotted by zyzbot [1].\n\nTrying to acquire a mutex in RCU callback is not allowed.\n\nRestrict SO_REUSEPORT socket option to inet sockets.\n\nv1 of this patch supported TCP, UDP and SCTP sockets,\nbut fcnal-test.sh test needed RAW and ICMP support.\n\n[1]\nBUG: sleeping function called from invalid context at kernel/locking/mutex.c:562\nin_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 24, name: ksoftirqd/1\npreempt_count: 100, expected: 0\nRCU nest depth: 0, expected: 0\n1 lock held by ksoftirqd/1/24:\n #0: ffffffff8e937ba0 (rcu_callback){....}-{0:0}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]\n #0: ffffffff8e937ba0 (rcu_callback){....}-{0:0}, at: rcu_do_batch kernel/rcu/tree.c:2561 [inline]\n #0: ffffffff8e937ba0 (rcu_callback){....}-{0:0}, at: rcu_core+0xa37/0x17a0 kernel/rcu/tree.c:2823\nPreemption disabled at:\n [<ffffffff8161c8c8>] softirq_handle_begin kernel/softirq.c:402 [inline]\n [<ffffffff8161c8c8>] handle_softirqs+0x128/0x9b0 kernel/softirq.c:537\nCPU: 1 UID: 0 PID: 24 Comm: ksoftirqd/1 Not tainted 6.13.0-rc3-syzkaller-00174-ga024e377efed #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n __might_resched+0x5d4/0x780 kernel/sched/core.c:8758\n __mutex_lock_common kernel/locking/mutex.c:562 [inline]\n __mutex_lock+0x131/0xee0 kernel/locking/mutex.c:735\n crypto_put_default_null_skcipher+0x18/0x70 crypto/crypto_null.c:179\n aead_release+0x3d/0x50 crypto/algif_aead.c:489\n alg_do_release crypto/af_alg.c:118 [inline]\n alg_sock_destruct+0x86/0xc0 crypto/af_alg.c:502\n __sk_destruct+0x58/0x5f0 net/core/sock.c:2260\n rcu_do_batch kernel/rcu/tree.c:2567 [inline]\n rcu_core+0xaaa/0x17a0 kernel/rcu/tree.c:2823\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561\n run_ksoftirqd+0xca/0x130 kernel/softirq.c:950\n smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n </TASK>"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: restringir SO_REUSEPORT a sockets inet Despu\u00e9s de la confirmaci\u00f3n culpada, los sockets criptogr\u00e1ficos podr\u00edan destruirse accidentalmente desde la devoluci\u00f3n de llamada de RCU, como lo detect\u00f3 zyzbot [1]. Intentar adquirir un mutex en la devoluci\u00f3n de llamada de RCU no est\u00e1 permitido. Restringir la opci\u00f3n de socket SO_REUSEPORT a los sockets inet. La v1 de este parche admit\u00eda sockets TCP, UDP y SCTP, pero la prueba fcnal-test.sh necesitaba compatibilidad con RAW e ICMP. [1] ERROR: funci\u00f3n inactiva llamada desde un contexto no v\u00e1lido en kernel/locking/mutex.c:562 in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 24, name: ksoftirqd/1 preempt_count: 100, expected: 0 Profundidad de anidaci\u00f3n de RCU: 0, expected: 0 1 bloqueo retenido por ksoftirqd/1/24: #0: ffffffff8e937ba0 (rcu_callback){....}-{0:0}, en: rcu_lock_acquire include/linux/rcupdate.h:337 [en l\u00ednea] #0: ffffffff8e937ba0 (rcu_callback){....}-{0:0}, en: rcu_do_batch kernel/rcu/tree.c:2561 [en l\u00ednea] #0: ffffffff8e937ba0 (rcu_callback){....}-{0:0}, en: rcu_core+0xa37/0x17a0 kernel/rcu/tree.c:2823 Preempci\u00f3n deshabilitada en: [] softirq_handle_begin kernel/softirq.c:402 [en l\u00ednea] [] handle_softirqs+0x128/0x9b0 kernel/softirq.c:537 CPU: 1 UID: 0 PID: 24 Comm: ksoftirqd/1 No contaminado 6.13.0-rc3-syzkaller-00174-ga024e377efed #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 13/09/2024 Llamada Rastro: __dump_stack lib/dump_stack.c:94 [en l\u00ednea] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 __might_resched+0x5d4/0x780 kernel/sched/core.c:8758 __mutex_lock_common kernel/locking/mutex.c:562 [en l\u00ednea] __mutex_lock+0x131/0xee0 kernel/locking/mutex.c:735 crypto_put_default_null_skcipher+0x18/0x70 crypto/crypto_null.c:179 aead_release+0x3d/0x50 crypto/algif_aead.c:489 alg_do_release crypto/af_alg.c:118 [en l\u00ednea] alg_sock_destruct+0x86/0xc0 crypto/af_alg.c:502 __sk_destruct+0x58/0x5f0 net/core/sock.c:2260 rcu_do_batch kernel/rcu/tree.c:2567 [en l\u00ednea] rcu_core+0xaaa/0x17a0 kernel/rcu/tree.c:2823 handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561 run_ksoftirqd+0xca/0x130 kernel/softirq.c:950 smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 "
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3257813a3ae7462ac5cde04e120806f0c0776850",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/579cfa595af1e00ccc9c3a849a4add6bba8b4bad",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5b0af621c3f6ef9261cf6067812f2fd9943acb4b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ad2ad4cd11af9d63187cd074314b71b7cf8a2a59",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ad91a2dacbf8c26a446658cdd55e8324dfeff1e7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2025/CVE-2025-216xx/CVE-2025-21629.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2025-21629",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:15.220",
"lastModified": "2025-01-15T13:15:15.220",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\n\nThe blamed commit disabled hardware offoad of IPv6 packets with\nextension headers on devices that advertise NETIF_F_IPV6_CSUM,\nbased on the definition of that feature in skbuff.h:\n\n * * - %NETIF_F_IPV6_CSUM\n * - Driver (device) is only able to checksum plain\n * TCP or UDP packets over IPv6. These are specifically\n * unencapsulated packets of the form IPv6|TCP or\n * IPv6|UDP where the Next Header field in the IPv6\n * header is either TCP or UDP. IPv6 extension headers\n * are not supported with this feature. This feature\n * cannot be set in features for a device with\n * NETIF_F_HW_CSUM also set. This feature is being\n * DEPRECATED (see below).\n\nThe change causes skb_warn_bad_offload to fire for BIG TCP\npackets.\n\n[ 496.310233] WARNING: CPU: 13 PID: 23472 at net/core/dev.c:3129 skb_warn_bad_offload+0xc4/0xe0\n\n[ 496.310297] ? skb_warn_bad_offload+0xc4/0xe0\n[ 496.310300] skb_checksum_help+0x129/0x1f0\n[ 496.310303] skb_csum_hwoffload_help+0x150/0x1b0\n[ 496.310306] validate_xmit_skb+0x159/0x270\n[ 496.310309] validate_xmit_skb_list+0x41/0x70\n[ 496.310312] sch_direct_xmit+0x5c/0x250\n[ 496.310317] __qdisc_run+0x388/0x620\n\nBIG TCP introduced an IPV6_TLV_JUMBO IPv6 extension header to\ncommunicate packet length, as this is an IPv6 jumbogram. But, the\nfeature is only enabled on devices that support BIG TCP TSO. The\nheader is only present for PF_PACKET taps like tcpdump, and not\ntransmitted by physical devices.\n\nFor this specific case of extension headers that are not\ntransmitted, return to the situation before the blamed commit\nand support hardware offload.\n\nipv6_has_hopopt_jumbo() tests not only whether this header is present,\nbut also that it is the only extension header before a terminal (L4)\nheader."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: volver a habilitar la descarga de NETIF_F_IPV6_CSUM para paquetes TCP GRANDES La confirmaci\u00f3n culpable deshabilit\u00f3 la descarga de hardware de paquetes IPv6 con encabezados de extensi\u00f3n en dispositivos que anuncian NETIF_F_IPV6_CSUM, seg\u00fan la definici\u00f3n de esa caracter\u00edstica en skbuff.h: * * - %NETIF_F_IPV6_CSUM * - El controlador (dispositivo) solo puede realizar la suma de comprobaci\u00f3n de paquetes TCP o UDP simples sobre IPv6. Estos son espec\u00edficamente * paquetes no encapsulados del formato IPv6|TCP o * IPv6|UDP donde el campo Encabezado siguiente en el encabezado IPv6 * es TCP o UDP. Los encabezados de extensi\u00f3n IPv6 * no son compatibles con esta caracter\u00edstica. Esta caracter\u00edstica * no se puede configurar en las caracter\u00edsticas de un dispositivo con * NETIF_F_HW_CSUM tambi\u00e9n configurado. Esta caracter\u00edstica est\u00e1 * OBSOLETA (ver a continuaci\u00f3n). El cambio hace que skb_warn_bad_offload se active para paquetes TCP GRANDES. [ 496.310233] ADVERTENCIA: CPU: 13 PID: 23472 en net/core/dev.c:3129 skb_warn_bad_offload+0xc4/0xe0 [ 496.310297] ? skb_warn_bad_offload+0xc4/0xe0 [ 496.310300] skb_checksum_help+0x129/0x1f0 [ 496.310303] skb_csum_hwoffload_help+0x150/0x1b0 [ 496.310306] validation_xmit_skb+0x159/0x270 [ 496.310309] validation_xmit_skb_list+0x41/0x70 [ 496.310312] sch_direct_xmit+0x5c/0x250 [ 496.310317] __qdisc_run+0x388/0x620 BIG TCP introdujo un encabezado de extensi\u00f3n IPv6_TLV_JUMBO IPv6 para comunicar paquetes longitud, ya que se trata de un jumbograma IPv6. Sin embargo, la funci\u00f3n solo est\u00e1 habilitada en dispositivos que admiten BIG TCP TSO. El encabezado solo est\u00e1 presente para las derivaciones PF_PACKET como tcpdump, y no se transmite por dispositivos f\u00edsicos. Para este caso espec\u00edfico de encabezados de extensi\u00f3n que no se transmiten, regrese a la situaci\u00f3n anterior a la confirmaci\u00f3n culpable y admita la descarga de hardware. ipv6_has_hopopt_jumbo() prueba no solo si este encabezado est\u00e1 presente, sino tambi\u00e9n que sea el \u00fanico encabezado de extensi\u00f3n antes de un encabezado de terminal (L4)."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/68e068cabd2c6c533ef934c2e5151609cf6ecc6d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/95ccf006bbc8b59044313b8c309dcf29c546abd4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ac9cfef69565021c9e1022a493a9c40b03e2caf9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d3b7a9c7597b779039a51d7b34116fbe424bf2b7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2025/CVE-2025-216xx/CVE-2025-21630.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2025-21630",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-15T13:15:15.330",
"lastModified": "2025-01-15T13:15:15.330",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/net: always initialize kmsg->msg.msg_inq upfront\n\nsyzbot reports that ->msg_inq may get used uinitialized from the\nfollowing path:\n\nBUG: KMSAN: uninit-value in io_recv_buf_select io_uring/net.c:1094 [inline]\nBUG: KMSAN: uninit-value in io_recv+0x930/0x1f90 io_uring/net.c:1158\n io_recv_buf_select io_uring/net.c:1094 [inline]\n io_recv+0x930/0x1f90 io_uring/net.c:1158\n io_issue_sqe+0x420/0x2130 io_uring/io_uring.c:1740\n io_queue_sqe io_uring/io_uring.c:1950 [inline]\n io_req_task_submit+0xfa/0x1d0 io_uring/io_uring.c:1374\n io_handle_tw_list+0x55f/0x5c0 io_uring/io_uring.c:1057\n tctx_task_work_run+0x109/0x3e0 io_uring/io_uring.c:1121\n tctx_task_work+0x6d/0xc0 io_uring/io_uring.c:1139\n task_work_run+0x268/0x310 kernel/task_work.c:239\n io_run_task_work+0x43a/0x4a0 io_uring/io_uring.h:343\n io_cqring_wait io_uring/io_uring.c:2527 [inline]\n __do_sys_io_uring_enter io_uring/io_uring.c:3439 [inline]\n __se_sys_io_uring_enter+0x204f/0x4ce0 io_uring/io_uring.c:3330\n __x64_sys_io_uring_enter+0x11f/0x1a0 io_uring/io_uring.c:3330\n x64_sys_call+0xce5/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:427\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nand it is correct, as it's never initialized upfront. Hence the first\nsubmission can end up using it uninitialized, if the recv wasn't\nsuccessful and the networking stack didn't honor ->msg_get_inq being set\nand filling in the output value of ->msg_inq as requested.\n\nSet it to 0 upfront when it's allocated, just to silence this KMSAN\nwarning. There's no side effect of using it uninitialized, it'll just\npotentially cause the next receive to use a recv value hint that's not\naccurate."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: io_uring/net: siempre inicializar kmsg-&gt;msg.msg_inq por adelantado syzbot informa que -&gt;msg_inq puede usarse sin inicializar desde la siguiente ruta: ERROR: KMSAN: valor no inicializado en io_recv_buf_select io_uring/net.c:1094 [en l\u00ednea] ERROR: KMSAN: valor no inicializado en io_recv+0x930/0x1f90 io_uring/net.c:1158 io_recv_buf_select io_uring/net.c:1094 [en l\u00ednea] io_recv+0x930/0x1f90 io_uring/net.c:1158 io_issue_sqe+0x420/0x2130 io_uring/io_uring.c:1740 io_queue_sqe io_uring/io_uring.c:1950 [en l\u00ednea] io_req_task_submit+0xfa/0x1d0 io_uring/io_uring.c:1374 io_handle_tw_list+0x55f/0x5c0 io_uring/io_uring.c:1057 tctx_task_work_run+0x109/0x3e0 io_uring/io_uring.c:1121 tctx_task_work+0x6d/0xc0 io_uring/io_uring.c:1139 task_work_run+0x268/0x310 kernel/task_work.c:239 io_run_task_work+0x43a/0x4a0 io_uring/io_uring.h:343 io_cqring_wait io_uring/io_uring.c:2527 [en l\u00ednea] __do_sys_io_uring_enter io_uring/io_uring.c:3439 [en l\u00ednea] __se_sys_io_uring_enter+0x204f/0x4ce0 io_uring/io_uring.c:3330 __x64_sys_io_uring_enter+0x11f/0x1a0 io_uring/io_uring.c:3330 x64_sys_call+0xce5/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:427 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f y es correcto, ya que nunca se inicializa por adelantado. Por lo tanto, el primer env\u00edo puede terminar us\u00e1ndolo sin inicializar, si la recepci\u00f3n no fue exitosa y la pila de red no respet\u00f3 la configuraci\u00f3n de -&gt;msg_get_inq y no complet\u00f3 el valor de salida de -&gt;msg_inq como se solicit\u00f3. Config\u00farelo en 0 por adelantado cuando se asigne, solo para silenciar esta advertencia de KMSAN. No hay ning\u00fan efecto secundario por usarlo sin inicializar, solo provocar\u00e1 potencialmente que la pr\u00f3xima recepci\u00f3n use una sugerencia de valor de recepci\u00f3n que no sea precisa."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/127c280067167beb88461cd930f7c7a4bb3c7239",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c6e60a0a68b7e6b3c7e33863a16e8e88ba9eee6f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

10
CVE-2025/CVE-2025-230xx/CVE-2025-23013.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-23013", "id": "CVE-2025-23013",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-15T04:15:20.037", "published": "2025-01-15T04:15:20.037",
"lastModified": "2025-01-15T04:15:20.037", "lastModified": "2025-01-15T13:15:15.440",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In Yubico pam-u2f before 1.3.1, local privilege escalation can sometimes occur. This product implements a Pluggable Authentication Module (PAM) that can be deployed to support authentication using a YubiKey or other FIDO compliant authenticators on macOS or Linux. This software package has an issue that allows for an authentication bypass in some configurations. An attacker would require the ability to access the system as an unprivileged user. Depending on the configuration, the attacker may also need to know the user's password." "value": "In Yubico pam-u2f before 1.3.1, local privilege escalation can sometimes occur. This product implements a Pluggable Authentication Module (PAM) that can be deployed to support authentication using a YubiKey or other FIDO compliant authenticators on macOS or Linux. This software package has an issue that allows for an authentication bypass in some configurations. An attacker would require the ability to access the system as an unprivileged user. Depending on the configuration, the attacker may also need to know the user's password."
},
{
"lang": "es",
"value": "En Yubico pam-u2f anterior a la versi\u00f3n 1.3.1, a veces puede producirse una escalada de privilegios locales. Este producto implementa un m\u00f3dulo de autenticaci\u00f3n conectable (PAM) que se puede implementar para admitir la autenticaci\u00f3n mediante una YubiKey u otros autenticadores compatibles con FIDO en macOS o Linux. Este paquete de software tiene un problema que permite omitir la autenticaci\u00f3n en algunas configuraciones. Un atacante necesitar\u00eda poder acceder al sistema como un usuario sin privilegios. Seg\u00fan la configuraci\u00f3n, el atacante tambi\u00e9n podr\u00eda necesitar saber la contrase\u00f1a del usuario."
} }
], ],
"metrics": { "metrics": {
@ -73,6 +77,10 @@
{ {
"url": "https://www.yubico.com/support/security-advisories/ysa-2025-01/", "url": "https://www.yubico.com/support/security-advisories/ysa-2025-01/",
"source": "cve@mitre.org" "source": "cve@mitre.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/01/15/1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
} }
] ]
} }

59
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2025-01-15T13:00:48.921632+00:00 2025-01-15T15:00:25.498018+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2025-01-15T12:15:25.790000+00:00 2025-01-15T14:50:26.910000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -33,38 +33,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
277449 277487
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `18` Recently added CVEs: `38`
- [CVE-2024-11848](CVE-2024/CVE-2024-118xx/CVE-2024-11848.json) (`2025-01-15T12:15:25.303`) - [CVE-2024-57857](CVE-2024/CVE-2024-578xx/CVE-2024-57857.json) (`2025-01-15T13:15:12.403`)
- [CVE-2024-11851](CVE-2024/CVE-2024-118xx/CVE-2024-11851.json) (`2025-01-15T12:15:25.630`) - [CVE-2024-57882](CVE-2024/CVE-2024-578xx/CVE-2024-57882.json) (`2025-01-15T13:15:12.510`)
- [CVE-2024-12593](CVE-2024/CVE-2024-125xx/CVE-2024-12593.json) (`2025-01-15T12:15:25.790`) - [CVE-2024-57883](CVE-2024/CVE-2024-578xx/CVE-2024-57883.json) (`2025-01-15T13:15:12.637`)
- [CVE-2024-35280](CVE-2024/CVE-2024-352xx/CVE-2024-35280.json) (`2025-01-15T11:15:09.087`) - [CVE-2024-57884](CVE-2024/CVE-2024-578xx/CVE-2024-57884.json) (`2025-01-15T13:15:12.757`)
- [CVE-2025-0193](CVE-2025/CVE-2025-01xx/CVE-2025-0193.json) (`2025-01-15T11:15:09.280`) - [CVE-2024-57885](CVE-2024/CVE-2024-578xx/CVE-2024-57885.json) (`2025-01-15T13:15:12.893`)
- [CVE-2025-0434](CVE-2025/CVE-2025-04xx/CVE-2025-0434.json) (`2025-01-15T11:15:09.470`) - [CVE-2024-57886](CVE-2024/CVE-2024-578xx/CVE-2024-57886.json) (`2025-01-15T13:15:13.010`)
- [CVE-2025-0435](CVE-2025/CVE-2025-04xx/CVE-2025-0435.json) (`2025-01-15T11:15:09.580`) - [CVE-2024-57887](CVE-2024/CVE-2024-578xx/CVE-2024-57887.json) (`2025-01-15T13:15:13.130`)
- [CVE-2025-0436](CVE-2025/CVE-2025-04xx/CVE-2025-0436.json) (`2025-01-15T11:15:09.673`) - [CVE-2024-57888](CVE-2024/CVE-2024-578xx/CVE-2024-57888.json) (`2025-01-15T13:15:13.240`)
- [CVE-2025-0437](CVE-2025/CVE-2025-04xx/CVE-2025-0437.json) (`2025-01-15T11:15:09.800`) - [CVE-2024-57889](CVE-2024/CVE-2024-578xx/CVE-2024-57889.json) (`2025-01-15T13:15:13.347`)
- [CVE-2025-0438](CVE-2025/CVE-2025-04xx/CVE-2025-0438.json) (`2025-01-15T11:15:09.930`) - [CVE-2024-57890](CVE-2024/CVE-2024-578xx/CVE-2024-57890.json) (`2025-01-15T13:15:13.473`)
- [CVE-2025-0439](CVE-2025/CVE-2025-04xx/CVE-2025-0439.json) (`2025-01-15T11:15:10.060`) - [CVE-2024-57891](CVE-2024/CVE-2024-578xx/CVE-2024-57891.json) (`2025-01-15T13:15:13.590`)
- [CVE-2025-0440](CVE-2025/CVE-2025-04xx/CVE-2025-0440.json) (`2025-01-15T11:15:10.187`) - [CVE-2024-57892](CVE-2024/CVE-2024-578xx/CVE-2024-57892.json) (`2025-01-15T13:15:13.710`)
- [CVE-2025-0441](CVE-2025/CVE-2025-04xx/CVE-2025-0441.json) (`2025-01-15T11:15:10.287`) - [CVE-2024-57893](CVE-2024/CVE-2024-578xx/CVE-2024-57893.json) (`2025-01-15T13:15:13.820`)
- [CVE-2025-0442](CVE-2025/CVE-2025-04xx/CVE-2025-0442.json) (`2025-01-15T11:15:10.383`) - [CVE-2024-57894](CVE-2024/CVE-2024-578xx/CVE-2024-57894.json) (`2025-01-15T13:15:13.943`)
- [CVE-2025-0443](CVE-2025/CVE-2025-04xx/CVE-2025-0443.json) (`2025-01-15T11:15:10.483`) - [CVE-2024-57895](CVE-2024/CVE-2024-578xx/CVE-2024-57895.json) (`2025-01-15T13:15:14.060`)
- [CVE-2025-0446](CVE-2025/CVE-2025-04xx/CVE-2025-0446.json) (`2025-01-15T11:15:10.580`) - [CVE-2024-57896](CVE-2024/CVE-2024-578xx/CVE-2024-57896.json) (`2025-01-15T13:15:14.200`)
- [CVE-2025-0447](CVE-2025/CVE-2025-04xx/CVE-2025-0447.json) (`2025-01-15T11:15:10.673`) - [CVE-2024-57897](CVE-2024/CVE-2024-578xx/CVE-2024-57897.json) (`2025-01-15T13:15:14.317`)
- [CVE-2025-0448](CVE-2025/CVE-2025-04xx/CVE-2025-0448.json) (`2025-01-15T11:15:10.763`) - [CVE-2024-57898](CVE-2024/CVE-2024-578xx/CVE-2024-57898.json) (`2025-01-15T13:15:14.427`)
- [CVE-2024-57899](CVE-2024/CVE-2024-578xx/CVE-2024-57899.json) (`2025-01-15T13:15:14.540`)
- [CVE-2024-57900](CVE-2024/CVE-2024-579xx/CVE-2024-57900.json) (`2025-01-15T13:15:14.633`)
- [CVE-2024-57901](CVE-2024/CVE-2024-579xx/CVE-2024-57901.json) (`2025-01-15T13:15:14.747`)
- [CVE-2024-57902](CVE-2024/CVE-2024-579xx/CVE-2024-57902.json) (`2025-01-15T13:15:14.867`)
- [CVE-2024-57903](CVE-2024/CVE-2024-579xx/CVE-2024-57903.json) (`2025-01-15T13:15:14.973`)
- [CVE-2025-21629](CVE-2025/CVE-2025-216xx/CVE-2025-21629.json) (`2025-01-15T13:15:15.220`)
- [CVE-2025-21630](CVE-2025/CVE-2025-216xx/CVE-2025-21630.json) (`2025-01-15T13:15:15.330`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `1` Recently modified CVEs: `5`
- [CVE-2024-12569](CVE-2024/CVE-2024-125xx/CVE-2024-12569.json) (`2025-01-15T11:15:08.560`) - [CVE-2019-17365](CVE-2019/CVE-2019-173xx/CVE-2019-17365.json) (`2025-01-15T14:29:23.370`)
- [CVE-2020-9222](CVE-2020/CVE-2020-92xx/CVE-2020-9222.json) (`2025-01-15T14:50:26.910`)
- [CVE-2024-12593](CVE-2024/CVE-2024-125xx/CVE-2024-12593.json) (`2025-01-15T12:15:25.790`)
- [CVE-2024-45593](CVE-2024/CVE-2024-455xx/CVE-2024-45593.json) (`2025-01-15T14:29:23.370`)
- [CVE-2025-23013](CVE-2025/CVE-2025-230xx/CVE-2025-23013.json) (`2025-01-15T13:15:15.440`)
## Download and Usage ## Download and Usage

84
_state.csv
View File

@ -135123,7 +135123,7 @@ CVE-2019-17360,0,0,e9d1374fc4b5a7a669a6ed09bc82d5cc65b822f6e0714be068851d8e693f0
CVE-2019-17361,0,0,f1639cedded3c0f269af4785acf201b67c7a26ae34b6fc9826e0d7f418956de1,2024-11-21T04:32:10.850000 CVE-2019-17361,0,0,f1639cedded3c0f269af4785acf201b67c7a26ae34b6fc9826e0d7f418956de1,2024-11-21T04:32:10.850000
CVE-2019-17362,0,0,9a4d564f9bb63325f690a1307d08440b438078b13924355160f31cd6507191cd,2024-11-21T04:32:11.053000 CVE-2019-17362,0,0,9a4d564f9bb63325f690a1307d08440b438078b13924355160f31cd6507191cd,2024-11-21T04:32:11.053000
CVE-2019-17364,0,0,fbcdc8323be5e03be55d536575bab4b8eac40d56a2bba3567cd087a48c49ef9d,2024-11-21T04:32:11.213000 CVE-2019-17364,0,0,fbcdc8323be5e03be55d536575bab4b8eac40d56a2bba3567cd087a48c49ef9d,2024-11-21T04:32:11.213000
CVE-2019-17365,0,0,c4f66bfd39600fa21f99912edb6090e68afe007eeccc09de7cd2817faf077ebb,2024-11-21T04:32:11.367000 CVE-2019-17365,0,1,a8a9cdfd6d94dceb52d9f3c1aa9f0f2bd295ba02bdf35551a20367b81e853c78,2025-01-15T14:29:23.370000
CVE-2019-17366,0,0,aeaeb278f620952b5286b02ca14f9fd83b74f565277308c80c74c3f41bd5765d,2024-11-21T04:32:11.563000 CVE-2019-17366,0,0,aeaeb278f620952b5286b02ca14f9fd83b74f565277308c80c74c3f41bd5765d,2024-11-21T04:32:11.563000
CVE-2019-17367,0,0,2f815e8f6b5ac36cb977e31c657d7bdc705c8bc4385bf039c4261d0d51077486,2024-11-21T04:32:11.700000 CVE-2019-17367,0,0,2f815e8f6b5ac36cb977e31c657d7bdc705c8bc4385bf039c4261d0d51077486,2024-11-21T04:32:11.700000
CVE-2019-17368,0,0,d03164c42837e13028da2074f0925a00225f37a87ef5525c758189c9ac9843c7,2024-11-21T04:32:11.830000 CVE-2019-17368,0,0,d03164c42837e13028da2074f0925a00225f37a87ef5525c758189c9ac9843c7,2024-11-21T04:32:11.830000
@ -164133,7 +164133,7 @@ CVE-2020-9210,0,0,9675df58b538f3c51e2207eb3caa8a7ae0d32961ff6c3b16376bf7d7f42790
CVE-2020-9211,0,0,f47ed6f32d19c23f0ad6ef15579f9e58d42f926f24404bd791a71efb16f10919,2025-01-13T18:53:58.603000 CVE-2020-9211,0,0,f47ed6f32d19c23f0ad6ef15579f9e58d42f926f24404bd791a71efb16f10919,2025-01-13T18:53:58.603000
CVE-2020-9212,0,0,ba27fda5a1a83f7c8a9792732635631dbc8f62392155cb4a0ecda41f0eb0c3fe,2024-11-21T05:40:10.563000 CVE-2020-9212,0,0,ba27fda5a1a83f7c8a9792732635631dbc8f62392155cb4a0ecda41f0eb0c3fe,2024-11-21T05:40:10.563000
CVE-2020-9213,0,0,4cb4f2d9c83e4508a8bf6c989885c005f775d5e8a40a232cc9d6e497bff4cf1e,2024-11-21T05:40:10.703000 CVE-2020-9213,0,0,4cb4f2d9c83e4508a8bf6c989885c005f775d5e8a40a232cc9d6e497bff4cf1e,2024-11-21T05:40:10.703000
CVE-2020-9222,0,0,d0e9667c7c30f63cd0cd5b42ee49ccaf99d71cc52fb2c34c1ccc912713187f77,2025-01-13T18:49:33.693000 CVE-2020-9222,0,1,a65dcc7b4a247ed83ff5278789feaf158e49e9a35e1ed6d27c447d4418ecedf7,2025-01-15T14:50:26.910000
CVE-2020-9223,0,0,d2caf95754ffa4f54d6c3a94c77e1a52ce9347d87c8c5ee51ea3d1614f384636,2024-11-21T05:40:11.200000 CVE-2020-9223,0,0,d2caf95754ffa4f54d6c3a94c77e1a52ce9347d87c8c5ee51ea3d1614f384636,2024-11-21T05:40:11.200000
CVE-2020-9225,0,0,26661ec5a217e1ca10ed2eecb9876148cf698b088c73c9df81306b0ca7e34623,2024-11-21T05:40:11.343000 CVE-2020-9225,0,0,26661ec5a217e1ca10ed2eecb9876148cf698b088c73c9df81306b0ca7e34623,2024-11-21T05:40:11.343000
CVE-2020-9226,0,0,4f4dede2041ff04c7e1bc23d10d200b2e9fe8515e3639ca5f3a2aae5391012cd,2024-11-21T05:40:11.470000 CVE-2020-9226,0,0,4f4dede2041ff04c7e1bc23d10d200b2e9fe8515e3639ca5f3a2aae5391012cd,2024-11-21T05:40:11.470000
@ -244098,6 +244098,7 @@ CVE-2024-11024,0,0,87779106a741ba601b519f131f81c931c23a093ff656ecff41f50e830ac8e
CVE-2024-11025,0,0,3f6e108019cd6982fd5b3c54f07c198819fe40cc0972828c5e5b6725a3c4dc5a,2024-11-27T11:17:41.740000 CVE-2024-11025,0,0,3f6e108019cd6982fd5b3c54f07c198819fe40cc0972828c5e5b6725a3c4dc5a,2024-11-27T11:17:41.740000
CVE-2024-11026,0,0,b66e024362935c10f9944a10c902d96b8ed7a7829eef62e33bfb07c3c33abe0a,2024-11-23T01:44:05.947000 CVE-2024-11026,0,0,b66e024362935c10f9944a10c902d96b8ed7a7829eef62e33bfb07c3c33abe0a,2024-11-23T01:44:05.947000
CVE-2024-11028,0,0,be5701b1791efbf2de8ae4ea20b2a6d8d846ef340e5e6b5f9a4b779b0ccd543b,2024-11-19T15:38:19.023000 CVE-2024-11028,0,0,be5701b1791efbf2de8ae4ea20b2a6d8d846ef340e5e6b5f9a4b779b0ccd543b,2024-11-19T15:38:19.023000
CVE-2024-11029,1,1,4eda01b6e45e7b9ef4dd4937afa078645f0e59c8ba59f467e2aadd7840ac0eaf,2025-01-15T14:15:27.683000
CVE-2024-1103,0,0,67facb6d0111ac9feaedb0e1ff15fb0365b23c4e06ac8bf95d1880d6a65dec1e,2024-11-21T08:49:48.223000 CVE-2024-1103,0,0,67facb6d0111ac9feaedb0e1ff15fb0365b23c4e06ac8bf95d1880d6a65dec1e,2024-11-21T08:49:48.223000
CVE-2024-11032,0,0,193d7f15f7d6fb6acc69100150013c956a0f9f1c2928bed67c10b42c014fff09,2024-11-26T10:15:04.343000 CVE-2024-11032,0,0,193d7f15f7d6fb6acc69100150013c956a0f9f1c2928bed67c10b42c014fff09,2024-11-26T10:15:04.343000
CVE-2024-11034,0,0,3ab7c1e6f92ed311ef7c84bc99d8afea9fbbf7ceee2269128230e97b66af0fb8,2024-11-23T12:15:16.090000 CVE-2024-11034,0,0,3ab7c1e6f92ed311ef7c84bc99d8afea9fbbf7ceee2269128230e97b66af0fb8,2024-11-23T12:15:16.090000
@ -244336,6 +244337,7 @@ CVE-2024-11319,0,0,b2525c1047d7ff1bfba18dd4732d0fdd16b37c4c17410be8f3cbcdb9380d2
CVE-2024-1132,0,0,64c4b3a1b0ca764dc48eff5cdafebd13449c822d7cb009b4886f58138464c117,2024-11-21T08:49:52.017000 CVE-2024-1132,0,0,64c4b3a1b0ca764dc48eff5cdafebd13449c822d7cb009b4886f58138464c117,2024-11-21T08:49:52.017000
CVE-2024-11320,0,0,043dd45fc8afc6a3f6d5124b009a260902c28d8e6731495b55f0e622c6d087a7,2024-11-26T17:26:33.327000 CVE-2024-11320,0,0,043dd45fc8afc6a3f6d5124b009a260902c28d8e6731495b55f0e622c6d087a7,2024-11-26T17:26:33.327000
CVE-2024-11321,0,0,bd940b5bb9138ac791f1f36cf5b55c26ead6b58be5a4ef8bb1b1e965db09ef4a,2024-12-06T14:15:19.810000 CVE-2024-11321,0,0,bd940b5bb9138ac791f1f36cf5b55c26ead6b58be5a4ef8bb1b1e965db09ef4a,2024-12-06T14:15:19.810000
CVE-2024-11322,1,1,c64b40e36649eb98a8c1b8bcf266279a8134e0b15d8eadba77c15b48e179353e,2025-01-15T14:15:27.943000
CVE-2024-11323,0,0,b21512b61028c73cc1de57f12898b09b963c30c0d7f4179739451d39c1bfb5ba,2024-12-06T09:15:06.157000 CVE-2024-11323,0,0,b21512b61028c73cc1de57f12898b09b963c30c0d7f4179739451d39c1bfb5ba,2024-12-06T09:15:06.157000
CVE-2024-11324,0,0,55d7ccc413e27e03ca55705c584d56ff127a26670d0ff07867577116e215726f,2024-12-05T10:31:39.313000 CVE-2024-11324,0,0,55d7ccc413e27e03ca55705c584d56ff127a26670d0ff07867577116e215726f,2024-12-05T10:31:39.313000
CVE-2024-11325,0,0,96d539af849f72e86bc30d45c134273d928f773df65fa65b9a7fb4618c89893e,2024-12-03T10:15:05.067000 CVE-2024-11325,0,0,96d539af849f72e86bc30d45c134273d928f773df65fa65b9a7fb4618c89893e,2024-12-03T10:15:05.067000
@ -244828,10 +244830,10 @@ CVE-2024-11841,0,0,29b2d8ff488587d8a4e1b1dd2198cfdea87c7a6a53f626f6147622127a803
CVE-2024-11842,0,0,b468b59966d33ed9e284180ae3d4b6da56e7697d6ed23bc6f677a3b17c040944,2024-12-27T19:15:07.700000 CVE-2024-11842,0,0,b468b59966d33ed9e284180ae3d4b6da56e7697d6ed23bc6f677a3b17c040944,2024-12-27T19:15:07.700000
CVE-2024-11844,0,0,04412f8d1e89e121c8013622c692022d4f804bc36ac5e0beee05cf8987e8ae7f,2024-12-03T09:15:04.473000 CVE-2024-11844,0,0,04412f8d1e89e121c8013622c692022d4f804bc36ac5e0beee05cf8987e8ae7f,2024-12-03T09:15:04.473000
CVE-2024-11846,0,0,6d979cf66f6dd3ee37d22418790e77ab7d59d601391d04e5f4d4d86dc19d9a82,2025-01-02T18:15:15.860000 CVE-2024-11846,0,0,6d979cf66f6dd3ee37d22418790e77ab7d59d601391d04e5f4d4d86dc19d9a82,2025-01-02T18:15:15.860000
CVE-2024-11848,1,1,b4f189a102bd9221234b516bd2b5015aef773491815514a59419618205cc8c8e,2025-01-15T12:15:25.303000 CVE-2024-11848,0,0,b4f189a102bd9221234b516bd2b5015aef773491815514a59419618205cc8c8e,2025-01-15T12:15:25.303000
CVE-2024-11849,0,0,fb65e5751887cf6f925710b520da76940b8a448761cc265aabd26f7c6635383f,2025-01-06T14:15:07.883000 CVE-2024-11849,0,0,fb65e5751887cf6f925710b520da76940b8a448761cc265aabd26f7c6635383f,2025-01-06T14:15:07.883000
CVE-2024-1185,0,0,4ecd1740115bf103fbc8dca69b2cfbb42ac9a6d23eecf86cdd29f9e498ced7fa,2024-11-21T08:49:59.223000 CVE-2024-1185,0,0,4ecd1740115bf103fbc8dca69b2cfbb42ac9a6d23eecf86cdd29f9e498ced7fa,2024-11-21T08:49:59.223000
CVE-2024-11851,1,1,ee62c08a86056122e74117ab58f255a108a7be018783957a35ab69db7711197e,2025-01-15T12:15:25.630000 CVE-2024-11851,0,0,ee62c08a86056122e74117ab58f255a108a7be018783957a35ab69db7711197e,2025-01-15T12:15:25.630000
CVE-2024-11852,0,0,fcae6a31251538fa21922d7f8a34f94ee6c6390a3a29cfb5a4e8903a4faa77f7,2024-12-22T02:15:16.510000 CVE-2024-11852,0,0,fcae6a31251538fa21922d7f8a34f94ee6c6390a3a29cfb5a4e8903a4faa77f7,2024-12-22T02:15:16.510000
CVE-2024-11853,0,0,34e99eba0841fa956ba4d7c4a308f8505540f1a8e5d486ec7f2fdd3d46494b2f,2024-12-03T08:15:06.710000 CVE-2024-11853,0,0,34e99eba0841fa956ba4d7c4a308f8505540f1a8e5d486ec7f2fdd3d46494b2f,2024-12-03T08:15:06.710000
CVE-2024-11854,0,0,999afde0352966c3848f9613a3046f97c5bfc972302cd671fa92812a3b6bafdc,2024-12-04T12:15:19.250000 CVE-2024-11854,0,0,999afde0352966c3848f9613a3046f97c5bfc972302cd671fa92812a3b6bafdc,2024-12-04T12:15:19.250000
@ -245383,7 +245385,7 @@ CVE-2024-12564,0,0,0abcb221861e5fc99f1edf43c59fea9ce50a3b4bd68b4b9a5961d76741772
CVE-2024-12566,0,0,9a77156e8936936c9005583c058b94eca6806bafd8414772c10336a297ecd3f8,2025-01-13T15:15:07.893000 CVE-2024-12566,0,0,9a77156e8936936c9005583c058b94eca6806bafd8414772c10336a297ecd3f8,2025-01-13T15:15:07.893000
CVE-2024-12567,0,0,aac6e230ccf263ce1a1e69fd067297b7d8115ef287b9153bec5930f76ee445cd,2025-01-13T15:15:08.060000 CVE-2024-12567,0,0,aac6e230ccf263ce1a1e69fd067297b7d8115ef287b9153bec5930f76ee445cd,2025-01-13T15:15:08.060000
CVE-2024-12568,0,0,91b045e507ca54393cbb5679e99498006a0e0f9f9c51393fc6c10f417ca0d495,2025-01-13T15:15:08.223000 CVE-2024-12568,0,0,91b045e507ca54393cbb5679e99498006a0e0f9f9c51393fc6c10f417ca0d495,2025-01-13T15:15:08.223000
CVE-2024-12569,0,1,bd60226a001a29a390cdced3c6f55db99e39b3713e55c8fed0c7f84a20d6c3ac,2025-01-15T11:15:08.560000 CVE-2024-12569,0,0,bd60226a001a29a390cdced3c6f55db99e39b3713e55c8fed0c7f84a20d6c3ac,2025-01-15T11:15:08.560000
CVE-2024-1257,0,0,7cc030c8f0ebfb33a80da788a5513945114551aaaa2999db4fa614a5f6b08a9b,2024-11-21T08:50:10.443000 CVE-2024-1257,0,0,7cc030c8f0ebfb33a80da788a5513945114551aaaa2999db4fa614a5f6b08a9b,2024-11-21T08:50:10.443000
CVE-2024-12570,0,0,be94920192af405ec932f38181a462713be2ef7292a21e90f93bf4238cc63d84,2024-12-12T12:15:22.660000 CVE-2024-12570,0,0,be94920192af405ec932f38181a462713be2ef7292a21e90f93bf4238cc63d84,2024-12-12T12:15:22.660000
CVE-2024-12571,0,0,4f61ab2b24612e0b1a75d43cf9d9be2b77f4416d126de6e970d9338abb76a3be,2024-12-20T07:15:12.380000 CVE-2024-12571,0,0,4f61ab2b24612e0b1a75d43cf9d9be2b77f4416d126de6e970d9338abb76a3be,2024-12-20T07:15:12.380000
@ -245403,7 +245405,7 @@ CVE-2024-1259,0,0,1c6bb100fc9cba505c4d696801bfd3102c508e530bb2e36c86a6685675278b
CVE-2024-12590,0,0,217ef4dab25f45d20c71439c17fd49c4f82558ccd785c0d0a569568075f7d918,2025-01-07T04:15:09.607000 CVE-2024-12590,0,0,217ef4dab25f45d20c71439c17fd49c4f82558ccd785c0d0a569568075f7d918,2025-01-07T04:15:09.607000
CVE-2024-12591,0,0,ab3753b6008fbe3e6034e40f9f857196cd212596c7c67b4ab270eba30c140899,2024-12-21T10:15:09.177000 CVE-2024-12591,0,0,ab3753b6008fbe3e6034e40f9f857196cd212596c7c67b4ab270eba30c140899,2024-12-21T10:15:09.177000
CVE-2024-12592,0,0,138962a75cfdc3c83ee816d4268752d65e3f8b81d264b25dbcea90b78c661e78,2025-01-07T04:15:09.783000 CVE-2024-12592,0,0,138962a75cfdc3c83ee816d4268752d65e3f8b81d264b25dbcea90b78c661e78,2025-01-07T04:15:09.783000
CVE-2024-12593,1,1,c941e932b3f1dcd2abe0d9c5fba3b43267c886d18aa026d68dd3af90c8ca0e5f,2025-01-15T12:15:25.790000 CVE-2024-12593,0,1,1fe841292f8460cce03e6fb573f45da092e954880ca5d7e3ec21e091f7a5057f,2025-01-15T12:15:25.790000
CVE-2024-12594,0,0,594b37b561926a174996b6f220ac2c193da316e698a771fbe44cfee2e4625e76,2024-12-24T06:15:33.297000 CVE-2024-12594,0,0,594b37b561926a174996b6f220ac2c193da316e698a771fbe44cfee2e4625e76,2024-12-24T06:15:33.297000
CVE-2024-12595,0,0,d10767ce84f7e81d5a6ad487503289a59f4d01b86cd7eb0b224ee74e49237f41,2025-01-06T21:15:14.003000 CVE-2024-12595,0,0,d10767ce84f7e81d5a6ad487503289a59f4d01b86cd7eb0b224ee74e49237f41,2025-01-06T21:15:14.003000
CVE-2024-12596,0,0,5fc66f30988060a8b7bb1a593c82bd6c3fc2c995268e617c35d93ef410dc9a09,2024-12-18T04:15:08.253000 CVE-2024-12596,0,0,5fc66f30988060a8b7bb1a593c82bd6c3fc2c995268e617c35d93ef410dc9a09,2024-12-18T04:15:08.253000
@ -245833,6 +245835,7 @@ CVE-2024-13210,0,0,127e3de5b01fd275f14befb3eb9083d2caebd6f189a1117ba2466bb322bd3
CVE-2024-13211,0,0,ce07bd4dec4e71ee51c53bd7e26b1aa6c9e58b64ba82b1ae528c62444e9a6f63,2025-01-09T04:15:12.077000 CVE-2024-13211,0,0,ce07bd4dec4e71ee51c53bd7e26b1aa6c9e58b64ba82b1ae528c62444e9a6f63,2025-01-09T04:15:12.077000
CVE-2024-13212,0,0,5d3d9340b90adc02a73b2a397cbc7b9a824f5e41958bbb77ca0e0a733f439b87,2025-01-09T04:15:12.277000 CVE-2024-13212,0,0,5d3d9340b90adc02a73b2a397cbc7b9a824f5e41958bbb77ca0e0a733f439b87,2025-01-09T04:15:12.277000
CVE-2024-13213,0,0,3077bf102e80b6ad26d9de82b06cecbfeedc1b0a01c454e5ec2b3b19555a517b,2025-01-09T04:15:12.453000 CVE-2024-13213,0,0,3077bf102e80b6ad26d9de82b06cecbfeedc1b0a01c454e5ec2b3b19555a517b,2025-01-09T04:15:12.453000
CVE-2024-13215,1,1,2cf6f0084be0a9fe5a33e4045196786b0da0bee172b3bed5b1fc1d9fb2e98dd5,2025-01-15T13:15:09.263000
CVE-2024-1322,0,0,a87df03aa9d8a817a942ae8ebad8afc3111ac175155d7ee73a384181ec986bff,2024-11-21T08:50:19.883000 CVE-2024-1322,0,0,a87df03aa9d8a817a942ae8ebad8afc3111ac175155d7ee73a384181ec986bff,2024-11-21T08:50:19.883000
CVE-2024-1323,0,0,63ac2cb10ca4755662ac35d59563526e26b5fa0e58c6b5db1bc1601423d748c8,2024-11-21T08:50:20.007000 CVE-2024-1323,0,0,63ac2cb10ca4755662ac35d59563526e26b5fa0e58c6b5db1bc1601423d748c8,2024-11-21T08:50:20.007000
CVE-2024-13237,0,0,757f6068109954aeb708ce365b1ff5e5adf5204baad7d55d37a565a85d7816ad,2025-01-09T21:15:24.977000 CVE-2024-13237,0,0,757f6068109954aeb708ce365b1ff5e5adf5204baad7d55d37a565a85d7816ad,2025-01-09T21:15:24.977000
@ -258200,7 +258203,7 @@ CVE-2024-35276,0,0,4c959b5ba1a33576ed209445d5bbc58fbac65866e46c0631f77c80bdc2461
CVE-2024-35277,0,0,1f41c5934d010de66ad104c6e38cd26c146e0cb4b1b59e8e833cdfbc61bc9a2c,2025-01-14T14:15:30.130000 CVE-2024-35277,0,0,1f41c5934d010de66ad104c6e38cd26c146e0cb4b1b59e8e833cdfbc61bc9a2c,2025-01-14T14:15:30.130000
CVE-2024-35278,0,0,dba5ee459729d0618f30372e7418d89fc2322b58b80fc5a2eaca09ea6cc469e1,2025-01-14T14:15:30.280000 CVE-2024-35278,0,0,dba5ee459729d0618f30372e7418d89fc2322b58b80fc5a2eaca09ea6cc469e1,2025-01-14T14:15:30.280000
CVE-2024-3528,0,0,73792362235e828bd56025419c83c67ec901a0e2b04dfa37d11c551a857b0238,2024-11-21T09:29:47.207000 CVE-2024-3528,0,0,73792362235e828bd56025419c83c67ec901a0e2b04dfa37d11c551a857b0238,2024-11-21T09:29:47.207000
CVE-2024-35280,1,1,e22e82835d59e884bad53a41c9918e2e24695af5d6ee50fb2ce5a4fc81a55a71,2025-01-15T11:15:09.087000 CVE-2024-35280,0,0,e22e82835d59e884bad53a41c9918e2e24695af5d6ee50fb2ce5a4fc81a55a71,2025-01-15T11:15:09.087000
CVE-2024-35282,0,0,174e154b42e127fa67b7958222015b753e479a85266f575b2e2ca4b3057942d7,2024-09-20T19:44:17.557000 CVE-2024-35282,0,0,174e154b42e127fa67b7958222015b753e479a85266f575b2e2ca4b3057942d7,2024-09-20T19:44:17.557000
CVE-2024-35283,0,0,fdb32a776c5efc323466eaba6c259cf3489c6c6ec5c750c58fec77f2eb007c63,2024-11-21T09:20:03.977000 CVE-2024-35283,0,0,fdb32a776c5efc323466eaba6c259cf3489c6c6ec5c750c58fec77f2eb007c63,2024-11-21T09:20:03.977000
CVE-2024-35284,0,0,277d9a5f01a809bf78700b423f1bf84acc1c72d215de5cf4ec67e6bf8fd3241f,2024-11-21T09:20:04.203000 CVE-2024-35284,0,0,277d9a5f01a809bf78700b423f1bf84acc1c72d215de5cf4ec67e6bf8fd3241f,2024-11-21T09:20:04.203000
@ -259188,6 +259191,7 @@ CVE-2024-36472,0,0,2141a82cf2963fc87ad353f49c6d6e9a36ee98eea852abcc6337f04d66077
CVE-2024-36473,0,0,464af3dc48eed905b23512cfd65ac4ca881cdd106c7b0890012fdcab698d056f,2024-11-21T09:22:14.983000 CVE-2024-36473,0,0,464af3dc48eed905b23512cfd65ac4ca881cdd106c7b0890012fdcab698d056f,2024-11-21T09:22:14.983000
CVE-2024-36474,0,0,c6326bd8b9714adac09be987e683c4a23e8086c5abc0c8254213e6de6cdeb724,2024-11-21T09:22:15.087000 CVE-2024-36474,0,0,c6326bd8b9714adac09be987e683c4a23e8086c5abc0c8254213e6de6cdeb724,2024-11-21T09:22:15.087000
CVE-2024-36475,0,0,adc81ee421cc0d62608283a0eaf7146ba146a092b410236d1fec5e85ec0e2260,2024-11-21T09:22:15.240000 CVE-2024-36475,0,0,adc81ee421cc0d62608283a0eaf7146ba146a092b410236d1fec5e85ec0e2260,2024-11-21T09:22:15.240000
CVE-2024-36476,1,1,b4ae127a9e2c9e12a2d8ade1a188283ff54f54bf08493756920669ed1caa4337,2025-01-15T13:15:09.460000
CVE-2024-36477,0,0,6675b402ffdea85719f18cca79852910b0ef1caf645b50047a401b33d739dc9d,2024-11-21T09:22:15.493000 CVE-2024-36477,0,0,6675b402ffdea85719f18cca79852910b0ef1caf645b50047a401b33d739dc9d,2024-11-21T09:22:15.493000
CVE-2024-36478,0,0,238d158212ab0e4f6079da39ed5847f632dffce1f07ef80950ab3c4538806296,2024-12-02T08:15:05.787000 CVE-2024-36478,0,0,238d158212ab0e4f6079da39ed5847f632dffce1f07ef80950ab3c4538806296,2024-12-02T08:15:05.787000
CVE-2024-36479,0,0,25dd44146306bbffa7073d4eb554b38625898f25e38bd21ca3e31ebb72eb7c58,2024-12-14T21:15:18.730000 CVE-2024-36479,0,0,25dd44146306bbffa7073d4eb554b38625898f25e38bd21ca3e31ebb72eb7c58,2024-12-14T21:15:18.730000
@ -261362,6 +261366,7 @@ CVE-2024-39278,0,0,08afeea0ff66f11774d46076ab58f2f6cb47799fe9878a2833101dc3a7d96
CVE-2024-3928,0,0,80eb80995ed734a4fd6c40cf49e2905ed9643c2a1a0d85ff1158531da5501ded,2024-11-21T09:30:43.180000 CVE-2024-3928,0,0,80eb80995ed734a4fd6c40cf49e2905ed9643c2a1a0d85ff1158531da5501ded,2024-11-21T09:30:43.180000
CVE-2024-39280,0,0,f05e1d4badbfdf759c138880666df50bcd7b3fa61dd9e1b86a1f69ac8f7d57fc,2025-01-14T16:15:30.337000 CVE-2024-39280,0,0,f05e1d4badbfdf759c138880666df50bcd7b3fa61dd9e1b86a1f69ac8f7d57fc,2025-01-14T16:15:30.337000
CVE-2024-39281,0,0,276b9ae8e8a9a0b79ee7952c2bd6307cb0cf6b8e0cfe907b0f872eb5eba37a27,2025-01-10T13:15:09.467000 CVE-2024-39281,0,0,276b9ae8e8a9a0b79ee7952c2bd6307cb0cf6b8e0cfe907b0f872eb5eba37a27,2025-01-10T13:15:09.467000
CVE-2024-39282,1,1,15ecb69c67e914a2f04fc0b690dbe0759fdeb4a603fba67f16e58e8058d89918,2025-01-15T13:15:09.740000
CVE-2024-39283,0,0,4522f3bbc438abcd81e221b08edda070f395b85d336b168a4b5ca1c5829a00dc,2024-09-12T19:15:46.390000 CVE-2024-39283,0,0,4522f3bbc438abcd81e221b08edda070f395b85d336b168a4b5ca1c5829a00dc,2024-09-12T19:15:46.390000
CVE-2024-39285,0,0,f0043fe58d02ea22fa80a21b1fba2440c49cfc1f78daf98e76e53f25d8a76df4,2024-11-15T14:00:09.720000 CVE-2024-39285,0,0,f0043fe58d02ea22fa80a21b1fba2440c49cfc1f78daf98e76e53f25d8a76df4,2024-11-15T14:00:09.720000
CVE-2024-39287,0,0,7582a54b2388a70164c9564ee1f85653aced547dff036f41aa22b6e50b81804d,2024-08-29T14:23:31.807000 CVE-2024-39287,0,0,7582a54b2388a70164c9564ee1f85653aced547dff036f41aa22b6e50b81804d,2024-08-29T14:23:31.807000
@ -265932,7 +265937,7 @@ CVE-2024-4559,0,0,316f8a45cbc485c0b7c68ddd0a289683e37ae30d11c4213255da39aeaffcb3
CVE-2024-45590,0,0,f7dec3dafcab560f567fb4b32aea36b1eb2e6f90a22ec7506f2c9dcae13a749b,2024-09-20T16:26:44.977000 CVE-2024-45590,0,0,f7dec3dafcab560f567fb4b32aea36b1eb2e6f90a22ec7506f2c9dcae13a749b,2024-09-20T16:26:44.977000
CVE-2024-45591,0,0,ed6223fe038fc327e9397c9e6f54ccd049b91f87fc1418bca01595cc5f093b42,2024-09-20T19:55:54.657000 CVE-2024-45591,0,0,ed6223fe038fc327e9397c9e6f54ccd049b91f87fc1418bca01595cc5f093b42,2024-09-20T19:55:54.657000
CVE-2024-45592,0,0,5783557505e17061000762f5b8ddca9529f03d90096f2a933bba8853c107da24,2024-09-20T19:57:05.323000 CVE-2024-45592,0,0,5783557505e17061000762f5b8ddca9529f03d90096f2a933bba8853c107da24,2024-09-20T19:57:05.323000
CVE-2024-45593,0,0,a2d54308cbf4c8369069fc7151d8e102e88bb4c19a4db2f67e75b0bd72ff548b,2024-09-20T19:57:55.573000 CVE-2024-45593,0,1,c0a1f50bf86c5f8aca4cc79b465060e1ce64223e49adedfd583e4aaad6d5a1a4,2025-01-15T14:29:23.370000
CVE-2024-45594,0,0,651cebc99a25a678ed80943347c1bd3bdd4d373d64b9fb0bdc90402f17bb72cb,2024-11-15T14:00:09.720000 CVE-2024-45594,0,0,651cebc99a25a678ed80943347c1bd3bdd4d373d64b9fb0bdc90402f17bb72cb,2024-11-15T14:00:09.720000
CVE-2024-45595,0,0,ed73f265e4cc26a14ea0ef98c1ed160999b148dbe2046a7b8a319cd1ad837073,2024-09-20T19:59:02.963000 CVE-2024-45595,0,0,ed73f265e4cc26a14ea0ef98c1ed160999b148dbe2046a7b8a319cd1ad837073,2024-09-20T19:59:02.963000
CVE-2024-45596,0,0,a620d8302107635d7f8871dcd65118f72878398568927fef8140037a0b256d98,2024-09-11T16:26:11.920000 CVE-2024-45596,0,0,a620d8302107635d7f8871dcd65118f72878398568927fef8140037a0b256d98,2024-09-11T16:26:11.920000
@ -270299,6 +270304,7 @@ CVE-2024-51940,0,0,eea7140ef8e6920e3e5dd47ba7cd4d003e663b87564e69e84f825f175f7f9
CVE-2024-5195,0,0,e5801157a03af57b0b477f12ddbbdfdf2400954236093425a1336efcab3d77e3,2024-11-21T09:47:10.100000 CVE-2024-5195,0,0,e5801157a03af57b0b477f12ddbbdfdf2400954236093425a1336efcab3d77e3,2024-11-21T09:47:10.100000
CVE-2024-5196,0,0,c1ed13355afe2ad57b4673ab6c37a350a1a3ee6e8c7dde25b17a93063a8f0698,2024-11-21T09:47:10.230000 CVE-2024-5196,0,0,c1ed13355afe2ad57b4673ab6c37a350a1a3ee6e8c7dde25b17a93063a8f0698,2024-11-21T09:47:10.230000
CVE-2024-5197,0,0,c395e7ddc635786cbca10e48f5338a794f356687d6b361f56c4276f3833a35e8,2024-11-21T09:47:10.363000 CVE-2024-5197,0,0,c395e7ddc635786cbca10e48f5338a794f356687d6b361f56c4276f3833a35e8,2024-11-21T09:47:10.363000
CVE-2024-5198,1,1,7ed013e39c6f3909131519c31e0e3c3faa39ad86bf4aee7bc8dd587c9bde81eb,2025-01-15T13:15:15.090000
CVE-2024-51987,0,0,de42f826ffc8f667098d9b9c812cdb24c061b4d91dd2f98cf12cb5febe98a72f,2024-11-08T19:01:03.880000 CVE-2024-51987,0,0,de42f826ffc8f667098d9b9c812cdb24c061b4d91dd2f98cf12cb5febe98a72f,2024-11-08T19:01:03.880000
CVE-2024-51988,0,0,a45b9470dfa3fc9b3b82cb1bacb88f01f17e4e8292b3ec9c884e93e16e6b15ff,2024-11-08T19:01:25.633000 CVE-2024-51988,0,0,a45b9470dfa3fc9b3b82cb1bacb88f01f17e4e8292b3ec9c884e93e16e6b15ff,2024-11-08T19:01:25.633000
CVE-2024-51989,0,0,a62aa77319eb44e1ae15c0a171eaaf0800894194bc1d4e92f5debdb86b23946b,2024-11-08T19:01:03.880000 CVE-2024-51989,0,0,a62aa77319eb44e1ae15c0a171eaaf0800894194bc1d4e92f5debdb86b23946b,2024-11-08T19:01:03.880000
@ -271292,6 +271298,7 @@ CVE-2024-53676,0,0,9e5335d7636e62fb7cc2e79040736f3f5e3856b52ef7bfb0006141b3e5724
CVE-2024-53677,0,0,0343757ac9b8af9a79c282863db1b88cd9095ebb57012e3687a2e517e71e0a02,2025-01-03T12:15:26.673000 CVE-2024-53677,0,0,0343757ac9b8af9a79c282863db1b88cd9095ebb57012e3687a2e517e71e0a02,2025-01-03T12:15:26.673000
CVE-2024-5368,0,0,0267b73ce86fd5c42a4c0cf503f4bdead8427924f402a3554f435c1bc916f416,2024-11-21T09:47:30.877000 CVE-2024-5368,0,0,0267b73ce86fd5c42a4c0cf503f4bdead8427924f402a3554f435c1bc916f416,2024-11-21T09:47:30.877000
CVE-2024-53680,0,0,8f6a0e7e0ab328aba846c45a5169e8953dc6dbfca85d9cca37f56439e3715008,2025-01-11T13:15:25.710000 CVE-2024-53680,0,0,8f6a0e7e0ab328aba846c45a5169e8953dc6dbfca85d9cca37f56439e3715008,2025-01-11T13:15:25.710000
CVE-2024-53681,1,1,b5981a5f23a050c58621754137465bbe9a27a78bd67559fa015494e5b655da4f,2025-01-15T13:15:10.963000
CVE-2024-53682,0,0,8fff7fe6ed56d7be9465617e7f5434428ac8e26e2cf3262f7b6c754f477833c1,2025-01-11T13:15:25.860000 CVE-2024-53682,0,0,8fff7fe6ed56d7be9465617e7f5434428ac8e26e2cf3262f7b6c754f477833c1,2025-01-11T13:15:25.860000
CVE-2024-53685,0,0,68992113a27d5e9eac07bc18b4ba67474d35de3ffa32c10bc10229e9401bd594,2025-01-11T13:15:25.997000 CVE-2024-53685,0,0,68992113a27d5e9eac07bc18b4ba67474d35de3ffa32c10bc10229e9401bd594,2025-01-11T13:15:25.997000
CVE-2024-53687,0,0,db69b3a3aa7d0b6527150d997ca94f951ff7fdd68c92c6f81dd6f27f46185a16,2025-01-11T13:15:26.120000 CVE-2024-53687,0,0,db69b3a3aa7d0b6527150d997ca94f951ff7fdd68c92c6f81dd6f27f46185a16,2025-01-11T13:15:26.120000
@ -271564,6 +271571,7 @@ CVE-2024-5402,0,0,369141076231aa822f3b7e1a9c4a08753a10cb13fa106f6575157419573799
CVE-2024-54021,0,0,eb34467909589e9ed378241f26b68d9b57aaa270e202ff278b5bef31a7fb90c0,2025-01-14T14:15:34.287000 CVE-2024-54021,0,0,eb34467909589e9ed378241f26b68d9b57aaa270e202ff278b5bef31a7fb90c0,2025-01-14T14:15:34.287000
CVE-2024-5403,0,0,f4e58d907f2a672c85e38960e3074ec1cb3261646ec2ccae3d1a32d0c95159be,2024-11-21T09:47:35.097000 CVE-2024-5403,0,0,f4e58d907f2a672c85e38960e3074ec1cb3261646ec2ccae3d1a32d0c95159be,2024-11-21T09:47:35.097000
CVE-2024-54030,0,0,07c84f217a6fa368622d2a223843d19c0c7e728e80537c7c260b676bb124b4cd,2025-01-07T08:15:25.760000 CVE-2024-54030,0,0,07c84f217a6fa368622d2a223843d19c0c7e728e80537c7c260b676bb124b4cd,2025-01-07T08:15:25.760000
CVE-2024-54031,1,1,7ffae447ca5aefabce8d84ab05bcf6663d65ecc3f38c69751ed968974e15b4e3,2025-01-15T13:15:11.203000
CVE-2024-54032,0,0,3dce8f304369c3e51420db6e22f0a7c2632068fc350cf9328bc86b8638ddb2b2,2025-01-14T22:15:27.703000 CVE-2024-54032,0,0,3dce8f304369c3e51420db6e22f0a7c2632068fc350cf9328bc86b8638ddb2b2,2025-01-14T22:15:27.703000
CVE-2024-54034,0,0,042459b6e653fa84b97266bd2a24330442616e881806d8fbec7021debae7f6e8,2025-01-14T22:15:27.833000 CVE-2024-54034,0,0,042459b6e653fa84b97266bd2a24330442616e881806d8fbec7021debae7f6e8,2025-01-14T22:15:27.833000
CVE-2024-54036,0,0,ee2076b0ba8621e01c23da2f388f25829414c8afb2e37cc1d395afe91a30debf,2025-01-14T22:15:27.953000 CVE-2024-54036,0,0,ee2076b0ba8621e01c23da2f388f25829414c8afb2e37cc1d395afe91a30debf,2025-01-14T22:15:27.953000
@ -273183,10 +273191,13 @@ CVE-2024-5779,0,0,2a86c05c31e595b12ded5db682c98a0bf6f259741199a426f00c627efee46f
CVE-2024-57791,0,0,83661499662923b8e594bd3c5dc0a8d681b527e42b69f986563d1222446c0028,2025-01-11T13:15:29.253000 CVE-2024-57791,0,0,83661499662923b8e594bd3c5dc0a8d681b527e42b69f986563d1222446c0028,2025-01-11T13:15:29.253000
CVE-2024-57792,0,0,6e269b164ed4b92d7ee67a16ce4bb2b798116be1f2f74c49e5fe7106cf774365,2025-01-11T13:15:29.420000 CVE-2024-57792,0,0,6e269b164ed4b92d7ee67a16ce4bb2b798116be1f2f74c49e5fe7106cf774365,2025-01-11T13:15:29.420000
CVE-2024-57793,0,0,ddff963b18d692955008250e9218f73e3d5ef63f700adbda8c83ad04b140649d,2025-01-11T13:15:29.593000 CVE-2024-57793,0,0,ddff963b18d692955008250e9218f73e3d5ef63f700adbda8c83ad04b140649d,2025-01-11T13:15:29.593000
CVE-2024-57795,1,1,c2a5063c8f1801ea9df88f89cc652569c28f5949d414c2d9e0f838251918046f,2025-01-15T13:15:11.563000
CVE-2024-57798,0,0,c0ed58e8d48adaf3dc7d7b1d21c34c9a829d25d23c734c3cd4da62041dc5e18f,2025-01-11T13:15:29.743000 CVE-2024-57798,0,0,c0ed58e8d48adaf3dc7d7b1d21c34c9a829d25d23c734c3cd4da62041dc5e18f,2025-01-11T13:15:29.743000
CVE-2024-57799,0,0,806bc1a2725b73c5cb209c3231145868e8823776f6ca2780abd38b713e26a618,2025-01-11T13:15:29.910000 CVE-2024-57799,0,0,806bc1a2725b73c5cb209c3231145868e8823776f6ca2780abd38b713e26a618,2025-01-11T13:15:29.910000
CVE-2024-5780,0,0,8f257920278f73ebde8da2f9da9c11fb9d019685aae47ae6d2026dc053194989,2024-06-12T08:15:51.300000 CVE-2024-5780,0,0,8f257920278f73ebde8da2f9da9c11fb9d019685aae47ae6d2026dc053194989,2024-06-12T08:15:51.300000
CVE-2024-57800,0,0,c5c42b2c1b3842383a35b5f8d69b8ba4f954a1a479092b7d8b0ba19a17185b1c,2025-01-11T13:15:30.073000 CVE-2024-57800,0,0,c5c42b2c1b3842383a35b5f8d69b8ba4f954a1a479092b7d8b0ba19a17185b1c,2025-01-11T13:15:30.073000
CVE-2024-57801,1,1,b678c653b3040716f0728d34f9877080bb6c97565222e300a13b3753b95364f6,2025-01-15T13:15:11.713000
CVE-2024-57802,1,1,60e12d524b3841786218547e3064394971f60c328ca3e8a023f3f8608fd7d0cc,2025-01-15T13:15:11.853000
CVE-2024-57804,0,0,03a655c7bbcb3c9fd29c388335cd9c43ce0dad312096483bb7f62c252b182ba1,2025-01-11T13:15:30.233000 CVE-2024-57804,0,0,03a655c7bbcb3c9fd29c388335cd9c43ce0dad312096483bb7f62c252b182ba1,2025-01-11T13:15:30.233000
CVE-2024-57805,0,0,c0fa1218e16605062717599d97c87173c53c7e6ec913d615ebb3e2b0e18c8587,2025-01-11T13:15:30.420000 CVE-2024-57805,0,0,c0fa1218e16605062717599d97c87173c53c7e6ec913d615ebb3e2b0e18c8587,2025-01-11T13:15:30.420000
CVE-2024-57806,0,0,019cc1f303b977f37ee697aea77eacdcb7c64dccefa2a11f2e9b2f2ac1ba30eb,2025-01-11T13:15:30.597000 CVE-2024-57806,0,0,019cc1f303b977f37ee697aea77eacdcb7c64dccefa2a11f2e9b2f2ac1ba30eb,2025-01-11T13:15:30.597000
@ -273201,10 +273212,13 @@ CVE-2024-5783,0,0,457a67b18c53addb8fb271e75294a5e3a7e25c57923089dcfbdfc7dbab590f
CVE-2024-57838,0,0,f85a499de384339de4a4a71cb75bd53b174dba57e86a4be11bb2c2c6c084d3f9,2025-01-11T14:15:25.940000 CVE-2024-57838,0,0,f85a499de384339de4a4a71cb75bd53b174dba57e86a4be11bb2c2c6c084d3f9,2025-01-11T14:15:25.940000
CVE-2024-57839,0,0,032b45ae1cffa722bef05fa028292895e4d90fa90482cbc8605d00863c104848,2025-01-11T15:15:07.050000 CVE-2024-57839,0,0,032b45ae1cffa722bef05fa028292895e4d90fa90482cbc8605d00863c104848,2025-01-11T15:15:07.050000
CVE-2024-5784,0,0,79d7c651de1735758dc5225e9f9f2125237472cf1705bb9d1ed95eddc5ac5820,2024-09-03T14:48:19.570000 CVE-2024-5784,0,0,79d7c651de1735758dc5225e9f9f2125237472cf1705bb9d1ed95eddc5ac5820,2024-09-03T14:48:19.570000
CVE-2024-57841,1,1,f5c34dac1e1dd2dd6106cdbc49fda3356663d43b0d48289bdf743514fc12dffd,2025-01-15T13:15:12.130000
CVE-2024-57843,0,0,dd4f60110148da4865130a4b67434c05bf37cdb05112f1c822d44a309c31d9ef,2025-01-11T15:15:07.170000 CVE-2024-57843,0,0,dd4f60110148da4865130a4b67434c05bf37cdb05112f1c822d44a309c31d9ef,2025-01-11T15:15:07.170000
CVE-2024-57844,1,1,3393632a32e62500243729da86efd9a66607ad4f08c4081b932e3ee432c7988a,2025-01-15T13:15:12.277000
CVE-2024-57849,0,0,54260cfa359dcc8ee204cfec623e823ad41d4caa81589401b2671c7591230d31,2025-01-11T15:15:07.290000 CVE-2024-57849,0,0,54260cfa359dcc8ee204cfec623e823ad41d4caa81589401b2671c7591230d31,2025-01-11T15:15:07.290000
CVE-2024-5785,0,0,0e9b551c455c61638ce3e7d2f5874ca2c1cf14d589c0a4025501beedb178de88,2024-11-21T09:48:19.780000 CVE-2024-5785,0,0,0e9b551c455c61638ce3e7d2f5874ca2c1cf14d589c0a4025501beedb178de88,2024-11-21T09:48:19.780000
CVE-2024-57850,0,0,9a81fc0a298973cadd8035bd9ef5a52d4350cca966d13539c02d81dbf66143be,2025-01-11T15:15:07.423000 CVE-2024-57850,0,0,9a81fc0a298973cadd8035bd9ef5a52d4350cca966d13539c02d81dbf66143be,2025-01-11T15:15:07.423000
CVE-2024-57857,1,1,87a69076e18c898d29feb4f9ba18aaf14bdd5b721cb93d3f817a29d27d67e0d8,2025-01-15T13:15:12.403000
CVE-2024-5786,0,0,8f234ab6daf42312db402cec6a9780e6a0a03ed9070824749daf6f62affc4884,2024-11-21T09:48:19.897000 CVE-2024-5786,0,0,8f234ab6daf42312db402cec6a9780e6a0a03ed9070824749daf6f62affc4884,2024-11-21T09:48:19.897000
CVE-2024-5787,0,0,1d58b2484cfc2497ce3be8bc315153e4937b24852bc87d95aee088e2aedc7438,2024-11-21T09:48:20.010000 CVE-2024-5787,0,0,1d58b2484cfc2497ce3be8bc315153e4937b24852bc87d95aee088e2aedc7438,2024-11-21T09:48:20.010000
CVE-2024-57872,0,0,eb74c3e83416c6f9d2d05799bff7f272badc720745295a18772702d9456c9170,2025-01-11T15:15:07.560000 CVE-2024-57872,0,0,eb74c3e83416c6f9d2d05799bff7f272badc720745295a18772702d9456c9170,2025-01-11T15:15:07.560000
@ -273217,8 +273231,30 @@ CVE-2024-57879,0,0,feb067f3861c707c292881016bf990e111102c27bae99249c671b639a4c02
CVE-2024-5788,0,0,26eba16faf8bba170e4c4924cd3861a76450b8d63d3d592b315f9dc173dd2a7c,2024-11-21T09:48:20.137000 CVE-2024-5788,0,0,26eba16faf8bba170e4c4924cd3861a76450b8d63d3d592b315f9dc173dd2a7c,2024-11-21T09:48:20.137000
CVE-2024-57880,0,0,f940af194262151ac7da7d4cb3e1ddf4b34bcf4a3d024e7fca35a39078d977cf,2025-01-11T15:15:08.440000 CVE-2024-57880,0,0,f940af194262151ac7da7d4cb3e1ddf4b34bcf4a3d024e7fca35a39078d977cf,2025-01-11T15:15:08.440000
CVE-2024-57881,0,0,b8bec70ff711b577966b6caa009bd593813ec4cd360ee66163b5df240bb10d63,2025-01-11T16:15:24.307000 CVE-2024-57881,0,0,b8bec70ff711b577966b6caa009bd593813ec4cd360ee66163b5df240bb10d63,2025-01-11T16:15:24.307000
CVE-2024-57882,1,1,418a40aa76f79445d7b2a146f6ad30da79438bc996c185e0e91d4d5dc424cf5c,2025-01-15T13:15:12.510000
CVE-2024-57883,1,1,3c736ea91c8242cb5145115f1d11b61e7fbe5f7a6203b23c80176a525b4c82ac,2025-01-15T13:15:12.637000
CVE-2024-57884,1,1,ed30abf4c955d47564886e0a04d265af02e2566356eff3e6b149390a84ed401b,2025-01-15T13:15:12.757000
CVE-2024-57885,1,1,da5857e507478371a776524c704c34085bcf0c9f5c034547a16023af34e46bf1,2025-01-15T13:15:12.893000
CVE-2024-57886,1,1,f33367783cde44f2e0c90f893fcaa2acb06cea90c3a0536e22b58574ce19915f,2025-01-15T13:15:13.010000
CVE-2024-57887,1,1,751486a5de42de85aada675621e19967434948bfe638055296bfec2ef494d863,2025-01-15T13:15:13.130000
CVE-2024-57888,1,1,e559fa6437a7658eeff41451b223fbfcc6792922b4ad99d0365e8d5169c1e789,2025-01-15T13:15:13.240000
CVE-2024-57889,1,1,15d44ed71ab71981ea405ee4be59d85c049ef4957ac2abc206027af36716a0a7,2025-01-15T13:15:13.347000
CVE-2024-5789,0,0,9dcfcd4111ea0e9e739e91d8fd580d0fefd90ab28ec12c3acba80730fef979ee,2024-09-26T20:28:29.237000 CVE-2024-5789,0,0,9dcfcd4111ea0e9e739e91d8fd580d0fefd90ab28ec12c3acba80730fef979ee,2024-09-26T20:28:29.237000
CVE-2024-57890,1,1,d48ac845dc4eb12f2fd64e155751d6bdc4768f6b327d509bc895935c85a7fbb9,2025-01-15T13:15:13.473000
CVE-2024-57891,1,1,3a7cf95d61ece0556c7fefab305dfa727ade915bcc007c8feb463efc25d664af,2025-01-15T13:15:13.590000
CVE-2024-57892,1,1,a885abc090ad2167c916682e198991c172c0bd8974fec5295c029f1822ca434b,2025-01-15T13:15:13.710000
CVE-2024-57893,1,1,213ebdc4dc4da83bbcd896ca0a5d11ad9a0b511e977490ab0fbcd3fcad00ddbe,2025-01-15T13:15:13.820000
CVE-2024-57894,1,1,99459d594a10b47424471c043eb4fcb2e78ab563c019ed8612a0a5fc2b4ffced,2025-01-15T13:15:13.943000
CVE-2024-57895,1,1,bdb5b18f8f06196f9d86e600b04031c10719f69f9cb915b50cfa4ce7f063a232,2025-01-15T13:15:14.060000
CVE-2024-57896,1,1,695ca207bcb2f8cfbed8c9150e0e7c88f48224ebdbf373bb36e241a5d135c000,2025-01-15T13:15:14.200000
CVE-2024-57897,1,1,475435fb23d8286f67b400d4d3445af9a689698330ce91d4c50b4cbd38867a76,2025-01-15T13:15:14.317000
CVE-2024-57898,1,1,c6988f8b05cf505a8470a40cc2f70621905b8b9b8154915feba097ba4157c337,2025-01-15T13:15:14.427000
CVE-2024-57899,1,1,7f78384f7f87a86acc880c5fa2294ec23b1d695974ed080d5ea5b69c382d3df7,2025-01-15T13:15:14.540000
CVE-2024-5790,0,0,eec668ee9d3641cb0f3de89f3c2f9fc313b8158d0b4258bc8dbb969f253eecba,2024-11-21T09:48:20.323000 CVE-2024-5790,0,0,eec668ee9d3641cb0f3de89f3c2f9fc313b8158d0b4258bc8dbb969f253eecba,2024-11-21T09:48:20.323000
CVE-2024-57900,1,1,00e355ac7753d6d985d2125c6590e43a63a456274bf73a0ee21391a5b88b3ef6,2025-01-15T13:15:14.633000
CVE-2024-57901,1,1,920b4cd8c8333c12b08bb3d2e3d3b87d2596f07dcc906bf029f48240dd205c12,2025-01-15T13:15:14.747000
CVE-2024-57902,1,1,461456f7e370ab89659e9519ac4955a1e988f8f3f8ca8b1a1f98c9d959893a01,2025-01-15T13:15:14.867000
CVE-2024-57903,1,1,450700a31606e273b19ca446c3a647aa4094cc105c3141e1153d6976871190a1,2025-01-15T13:15:14.973000
CVE-2024-5791,0,0,c186795f1b9cb5c37849e995a8b3a0b74da1832637d3182b3a656dc9e7491fd6,2024-11-21T09:48:20.453000 CVE-2024-5791,0,0,c186795f1b9cb5c37849e995a8b3a0b74da1832637d3182b3a656dc9e7491fd6,2024-11-21T09:48:20.453000
CVE-2024-5792,0,0,50e11f463088247110774be144fbfaca02cb5ac823192aaf13a748fe05bdb47b,2024-11-21T09:48:20.570000 CVE-2024-5792,0,0,50e11f463088247110774be144fbfaca02cb5ac823192aaf13a748fe05bdb47b,2024-11-21T09:48:20.570000
CVE-2024-5793,0,0,0b18df4d2dde9f10f63097b806cad3cc9d51ae7c2ac550a36fec1a23c0e391bb,2024-11-21T09:48:20.673000 CVE-2024-5793,0,0,0b18df4d2dde9f10f63097b806cad3cc9d51ae7c2ac550a36fec1a23c0e391bb,2024-11-21T09:48:20.673000
@ -276841,7 +276877,7 @@ CVE-2025-0173,0,0,c1f252ca4cbbf65084a89ab024bca7f0b17a90985239dec13e360a268ca336
CVE-2025-0174,0,0,a58f6ba631c2a0feb58527b8303d7d4a31c3e3872c8ddd8918aacd475478a78f,2025-01-03T02:15:07.480000 CVE-2025-0174,0,0,a58f6ba631c2a0feb58527b8303d7d4a31c3e3872c8ddd8918aacd475478a78f,2025-01-03T02:15:07.480000
CVE-2025-0175,0,0,d9a687479ae4dd84b5b46d302a16ec57021ad84e1ebe3621ace137eeaefcef9b,2025-01-03T02:15:07.680000 CVE-2025-0175,0,0,d9a687479ae4dd84b5b46d302a16ec57021ad84e1ebe3621ace137eeaefcef9b,2025-01-03T02:15:07.680000
CVE-2025-0176,0,0,25b97cf7942e2d65b84cd3d69b2f6ce4b0c39c12b63a98b8f04cd8b606eafaef,2025-01-03T15:15:11.360000 CVE-2025-0176,0,0,25b97cf7942e2d65b84cd3d69b2f6ce4b0c39c12b63a98b8f04cd8b606eafaef,2025-01-03T15:15:11.360000
CVE-2025-0193,1,1,22e4a67415b5b78f87b1fe2ec603407e11cb7817ac3940a91a886cb7e4d121d7,2025-01-15T11:15:09.280000 CVE-2025-0193,0,0,22e4a67415b5b78f87b1fe2ec603407e11cb7817ac3940a91a886cb7e4d121d7,2025-01-15T11:15:09.280000
CVE-2025-0194,0,0,ea5b846283dddc32441a679fd768e96aa19b3c1d104aaa33d0e1c65fbeb54de6,2025-01-09T07:15:27.667000 CVE-2025-0194,0,0,ea5b846283dddc32441a679fd768e96aa19b3c1d104aaa33d0e1c65fbeb54de6,2025-01-09T07:15:27.667000
CVE-2025-0195,0,0,4a31363a70a4527ce2e7dcee4bd65277485625f8cdc86358a3b4c344e22b0b11,2025-01-03T18:15:17.317000 CVE-2025-0195,0,0,4a31363a70a4527ce2e7dcee4bd65277485625f8cdc86358a3b4c344e22b0b11,2025-01-03T18:15:17.317000
CVE-2025-0196,0,0,458f6c452cca173c50823549ec3211c7f71e44d78eccfc5dd05b05e882d53952,2025-01-03T19:15:12.793000 CVE-2025-0196,0,0,458f6c452cca173c50823549ec3211c7f71e44d78eccfc5dd05b05e882d53952,2025-01-03T19:15:12.793000
@ -276943,19 +276979,19 @@ CVE-2025-0408,0,0,a96acf9e81a811691f8b520b286233eef15e7059c8d8320ce584a1b7a8c2ed
CVE-2025-0409,0,0,5b16b7910d2f3bb912034acec9ddfb80ff7cbc22bd69b75269b1a49c27f02634,2025-01-13T18:15:21.430000 CVE-2025-0409,0,0,5b16b7910d2f3bb912034acec9ddfb80ff7cbc22bd69b75269b1a49c27f02634,2025-01-13T18:15:21.430000
CVE-2025-0410,0,0,5453cf245c45b2e030c2d84dab023e8fd21c521b8dd76be3a4a1bd41b630f4d8,2025-01-13T18:15:21.730000 CVE-2025-0410,0,0,5453cf245c45b2e030c2d84dab023e8fd21c521b8dd76be3a4a1bd41b630f4d8,2025-01-13T18:15:21.730000
CVE-2025-0412,0,0,bfbf47e0956b1bfccce4c3a829b70c8095a189edb5636c3ef3ebd81177784d3c,2025-01-13T04:15:06.477000 CVE-2025-0412,0,0,bfbf47e0956b1bfccce4c3a829b70c8095a189edb5636c3ef3ebd81177784d3c,2025-01-13T04:15:06.477000
CVE-2025-0434,1,1,d9d7965d88cab725755ce19f4f775fe9ee7e3d9dc223ebe4d2b75e6569df5a3b,2025-01-15T11:15:09.470000 CVE-2025-0434,0,0,d9d7965d88cab725755ce19f4f775fe9ee7e3d9dc223ebe4d2b75e6569df5a3b,2025-01-15T11:15:09.470000
CVE-2025-0435,1,1,2f7b408e9cda296eb7bb2d4f6677ff1063dbaedb0b072055c93a7659d467b188,2025-01-15T11:15:09.580000 CVE-2025-0435,0,0,2f7b408e9cda296eb7bb2d4f6677ff1063dbaedb0b072055c93a7659d467b188,2025-01-15T11:15:09.580000
CVE-2025-0436,1,1,67f99189938d043b76f3387466909dcffd081c5bcdb09d312dc11d48c712e7d0,2025-01-15T11:15:09.673000 CVE-2025-0436,0,0,67f99189938d043b76f3387466909dcffd081c5bcdb09d312dc11d48c712e7d0,2025-01-15T11:15:09.673000
CVE-2025-0437,1,1,1aa75256f3944026d8c9f72ae2520a3068740eb27db83d8528ea831a4aae1559,2025-01-15T11:15:09.800000 CVE-2025-0437,0,0,1aa75256f3944026d8c9f72ae2520a3068740eb27db83d8528ea831a4aae1559,2025-01-15T11:15:09.800000
CVE-2025-0438,1,1,bfa104a5f12bc50d585ef807c2010d9451be732c1c17b8963fc151beb30cd916,2025-01-15T11:15:09.930000 CVE-2025-0438,0,0,bfa104a5f12bc50d585ef807c2010d9451be732c1c17b8963fc151beb30cd916,2025-01-15T11:15:09.930000
CVE-2025-0439,1,1,06907437bc7c52050451ae28dd2e72f1be75766aef955dc8499cae1f521a2b93,2025-01-15T11:15:10.060000 CVE-2025-0439,0,0,06907437bc7c52050451ae28dd2e72f1be75766aef955dc8499cae1f521a2b93,2025-01-15T11:15:10.060000
CVE-2025-0440,1,1,672c74faff87ca313e8569dad9055dd5e76620e0c7c5473a219815568028b141,2025-01-15T11:15:10.187000 CVE-2025-0440,0,0,672c74faff87ca313e8569dad9055dd5e76620e0c7c5473a219815568028b141,2025-01-15T11:15:10.187000
CVE-2025-0441,1,1,45cf2a50d6ff20c945607bcbd7972b6f00d1c8d0cb0b0aef9f76cb44f7faf30c,2025-01-15T11:15:10.287000 CVE-2025-0441,0,0,45cf2a50d6ff20c945607bcbd7972b6f00d1c8d0cb0b0aef9f76cb44f7faf30c,2025-01-15T11:15:10.287000
CVE-2025-0442,1,1,471e5cec76af1c2d85e9fab65ca9665dfdcf0cfd7a749812bb0fbf56decbca89,2025-01-15T11:15:10.383000 CVE-2025-0442,0,0,471e5cec76af1c2d85e9fab65ca9665dfdcf0cfd7a749812bb0fbf56decbca89,2025-01-15T11:15:10.383000
CVE-2025-0443,1,1,b6575f0aeb8aab404958b76d9c1d1950c9e18abef12e722794bfd5504442e145,2025-01-15T11:15:10.483000 CVE-2025-0443,0,0,b6575f0aeb8aab404958b76d9c1d1950c9e18abef12e722794bfd5504442e145,2025-01-15T11:15:10.483000
CVE-2025-0446,1,1,22ac3a46cae416bf2983932e34ed2405eefd4562cdc907fe9272fb9309ae554f,2025-01-15T11:15:10.580000 CVE-2025-0446,0,0,22ac3a46cae416bf2983932e34ed2405eefd4562cdc907fe9272fb9309ae554f,2025-01-15T11:15:10.580000
CVE-2025-0447,1,1,7dd12d1fdbf1bd610d0e4cad6b11140f4e59c42e068195fae7e03ffe5bb1220d,2025-01-15T11:15:10.673000 CVE-2025-0447,0,0,7dd12d1fdbf1bd610d0e4cad6b11140f4e59c42e068195fae7e03ffe5bb1220d,2025-01-15T11:15:10.673000
CVE-2025-0448,1,1,4fd1f1da1f93ae6ab7e4e09981ae56b33c03181a904f829c8fc916633e5f23f9,2025-01-15T11:15:10.763000 CVE-2025-0448,0,0,4fd1f1da1f93ae6ab7e4e09981ae56b33c03181a904f829c8fc916633e5f23f9,2025-01-15T11:15:10.763000
CVE-2025-0458,0,0,45329d1650f63d093b7e8acb76f7370c8c0262fb6197b3161a1f0db17a2920b7,2025-01-14T16:15:34.397000 CVE-2025-0458,0,0,45329d1650f63d093b7e8acb76f7370c8c0262fb6197b3161a1f0db17a2920b7,2025-01-14T16:15:34.397000
CVE-2025-0459,0,0,7f66205a9ceec34ce8406cb81bab600a3721d11d4c8a05bee0623fea9fbc9cf7,2025-01-14T16:15:34.617000 CVE-2025-0459,0,0,7f66205a9ceec34ce8406cb81bab600a3721d11d4c8a05bee0623fea9fbc9cf7,2025-01-14T16:15:34.617000
CVE-2025-0460,0,0,4ed76bb5f64af8fe8c4011df0eca20c45ae0fdebb5a3f0252615a76ad2d1b042,2025-01-14T16:15:34.800000 CVE-2025-0460,0,0,4ed76bb5f64af8fe8c4011df0eca20c45ae0fdebb5a3f0252615a76ad2d1b042,2025-01-14T16:15:34.800000
@ -277175,6 +277211,8 @@ CVE-2025-21622,0,0,f9b304c8cae09855d048ff95696b50613640a9fdc9c30a5aadd5c3b3ce64c
CVE-2025-21623,0,0,11a3a4b165ac7ea35d006622a2c31920fdd49ec8509c7c0bc152edfb3b703f1b,2025-01-07T17:15:32.313000 CVE-2025-21623,0,0,11a3a4b165ac7ea35d006622a2c31920fdd49ec8509c7c0bc152edfb3b703f1b,2025-01-07T17:15:32.313000
CVE-2025-21624,0,0,67d81661ccc165bcb7a2d55cd4301b8865debac4b78d0af97080ff58ad5f038c,2025-01-07T17:15:32.417000 CVE-2025-21624,0,0,67d81661ccc165bcb7a2d55cd4301b8865debac4b78d0af97080ff58ad5f038c,2025-01-07T17:15:32.417000
CVE-2025-21628,0,0,0075ad45f4e081e6b1d4b87e45ccf38954b3b032c76d5db5fcb797ed5fc6213f,2025-01-09T18:15:30.070000 CVE-2025-21628,0,0,0075ad45f4e081e6b1d4b87e45ccf38954b3b032c76d5db5fcb797ed5fc6213f,2025-01-09T18:15:30.070000
CVE-2025-21629,1,1,0a55b872d6685ac8b474198c6b676d3355054a0573b455caf5ce0d0ece6d4823,2025-01-15T13:15:15.220000
CVE-2025-21630,1,1,9103fc0b7a8df8ecab854c50942abccdea1f371e0f825e1f802a2e1f3509d808,2025-01-15T13:15:15.330000
CVE-2025-22130,0,0,a71c51c8237898c4394724aa5ef423b90094196082b564075e1f1cf6c2992343,2025-01-08T16:15:38.543000 CVE-2025-22130,0,0,a71c51c8237898c4394724aa5ef423b90094196082b564075e1f1cf6c2992343,2025-01-08T16:15:38.543000
CVE-2025-22132,0,0,92f694afc6ce174171da36824da367c743ab8d73a418a3347309264d0570fa9a,2025-01-07T22:15:31.590000 CVE-2025-22132,0,0,92f694afc6ce174171da36824da367c743ab8d73a418a3347309264d0570fa9a,2025-01-07T22:15:31.590000
CVE-2025-22133,0,0,32df1a7a06703aea1606771b300b1836f84903a2a4b183527a9471791c589465,2025-01-08T15:15:21.727000 CVE-2025-22133,0,0,32df1a7a06703aea1606771b300b1836f84903a2a4b183527a9471791c589465,2025-01-08T15:15:21.727000
@ -277406,7 +277444,7 @@ CVE-2025-22983,0,0,818f0a40d17098ac93c0b9b96dbd9489c7b8bd9e521ddba6a0116d1bc14ba
CVE-2025-22984,0,0,1a545998f559ee7e76b6e0da26fd2ee7d20b16b478982f1cd328aa26a28e86f8,2025-01-14T16:15:35.710000 CVE-2025-22984,0,0,1a545998f559ee7e76b6e0da26fd2ee7d20b16b478982f1cd328aa26a28e86f8,2025-01-14T16:15:35.710000
CVE-2025-22996,0,0,8fbde9f85e2db1862d1b88945e7fe9cd80408a8631ea85e47df7d19e711f0b31,2025-01-15T00:15:45.053000 CVE-2025-22996,0,0,8fbde9f85e2db1862d1b88945e7fe9cd80408a8631ea85e47df7d19e711f0b31,2025-01-15T00:15:45.053000
CVE-2025-22997,0,0,6eedfc7acf928822cfe0f3b225b24734a62e604efd1194c9c27450477de2e4bd,2025-01-15T00:15:45.167000 CVE-2025-22997,0,0,6eedfc7acf928822cfe0f3b225b24734a62e604efd1194c9c27450477de2e4bd,2025-01-15T00:15:45.167000
CVE-2025-23013,0,0,e4c3b2c1c5cf16475d932b9459985c9a24772026bd2727e7454683ed69e04599,2025-01-15T04:15:20.037000 CVE-2025-23013,0,1,7df6caa5ab00402317e81eea1db9411abb5d8f4c5cb2b357e57ab202b7a96aa0,2025-01-15T13:15:15.440000
CVE-2025-23016,0,0,31a93833611c1f04fca5216d55a04a7c92375e0aedfa95a405475196dac4f70b,2025-01-10T12:15:25.480000 CVE-2025-23016,0,0,31a93833611c1f04fca5216d55a04a7c92375e0aedfa95a405475196dac4f70b,2025-01-10T12:15:25.480000
CVE-2025-23018,0,0,04057ebd16387f0035876264d984029a54f25d41dceb84c91b788d3f78ef776b,2025-01-14T20:15:32.440000 CVE-2025-23018,0,0,04057ebd16387f0035876264d984029a54f25d41dceb84c91b788d3f78ef776b,2025-01-14T20:15:32.440000
CVE-2025-23019,0,0,2441b4edcc7db27f67ae614720ac0c1927e9c7e1651443ff935f830ebd7e09ee,2025-01-14T20:15:32.577000 CVE-2025-23019,0,0,2441b4edcc7db27f67ae614720ac0c1927e9c7e1651443ff935f830ebd7e09ee,2025-01-14T20:15:32.577000

Can't render this file because it is too large.