From aee4b9216807fad7e2832b509d3de85ae2d5f69e Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 27 Dec 2024 17:03:43 +0000 Subject: [PATCH] Auto-Update: 2024-12-27T17:00:20.661560+00:00 --- CVE-2017/CVE-2017-125xx/CVE-2017-12588.json | 6 +- CVE-2017/CVE-2017-89xx/CVE-2017-8923.json | 6 +- CVE-2018/CVE-2018-121xx/CVE-2018-12121.json | 6 +- CVE-2018/CVE-2018-200xx/CVE-2018-20060.json | 6 +- CVE-2020/CVE-2020-247xx/CVE-2020-24723.json | 6 +- CVE-2020/CVE-2020-259xx/CVE-2020-25952.json | 6 +- CVE-2021/CVE-2021-462xx/CVE-2021-46200.json | 6 +- CVE-2023/CVE-2023-524xx/CVE-2023-52439.json | 6 +- CVE-2024/CVE-2024-04xx/CVE-2024-0438.json | 94 ++++- CVE-2024/CVE-2024-08xx/CVE-2024-0838.json | 84 +++- CVE-2024/CVE-2024-09xx/CVE-2024-0983.json | 54 ++- CVE-2024/CVE-2024-09xx/CVE-2024-0984.json | 54 ++- CVE-2024/CVE-2024-10xx/CVE-2024-1089.json | 54 ++- CVE-2024/CVE-2024-10xx/CVE-2024-1090.json | 54 ++- CVE-2024/CVE-2024-10xx/CVE-2024-1091.json | 54 ++- CVE-2024/CVE-2024-116xx/CVE-2024-11607.json | 33 +- CVE-2024/CVE-2024-128xx/CVE-2024-12856.json | 64 +++ CVE-2024/CVE-2024-129xx/CVE-2024-12908.json | 6 +- CVE-2024/CVE-2024-129xx/CVE-2024-12926.json | 8 +- CVE-2024/CVE-2024-129xx/CVE-2024-12927.json | 8 +- CVE-2024/CVE-2024-129xx/CVE-2024-12928.json | 8 +- CVE-2024/CVE-2024-129xx/CVE-2024-12929.json | 8 +- CVE-2024/CVE-2024-129xx/CVE-2024-12930.json | 8 +- CVE-2024/CVE-2024-129xx/CVE-2024-12943.json | 8 +- CVE-2024/CVE-2024-129xx/CVE-2024-12944.json | 8 +- CVE-2024/CVE-2024-129xx/CVE-2024-12949.json | 8 +- CVE-2024/CVE-2024-129xx/CVE-2024-12958.json | 8 +- CVE-2024/CVE-2024-129xx/CVE-2024-12982.json | 8 +- CVE-2024/CVE-2024-129xx/CVE-2024-12983.json | 8 +- CVE-2024/CVE-2024-129xx/CVE-2024-12984.json | 141 +++++++ CVE-2024/CVE-2024-129xx/CVE-2024-12985.json | 141 +++++++ CVE-2024/CVE-2024-129xx/CVE-2024-12986.json | 141 +++++++ CVE-2024/CVE-2024-129xx/CVE-2024-12987.json | 141 +++++++ CVE-2024/CVE-2024-214xx/CVE-2024-21436.json | 188 ++++++++- CVE-2024/CVE-2024-30xx/CVE-2024-3056.json | 10 +- CVE-2024/CVE-2024-388xx/CVE-2024-38816.json | 6 +- CVE-2024/CVE-2024-411xx/CVE-2024-41123.json | 8 +- CVE-2024/CVE-2024-471xx/CVE-2024-47153.json | 14 +- CVE-2024/CVE-2024-471xx/CVE-2024-47154.json | 14 +- CVE-2024/CVE-2024-471xx/CVE-2024-47155.json | 14 +- CVE-2024/CVE-2024-471xx/CVE-2024-47157.json | 14 +- CVE-2024/CVE-2024-489xx/CVE-2024-48949.json | 8 +- CVE-2024/CVE-2024-497xx/CVE-2024-49761.json | 10 +- CVE-2024/CVE-2024-565xx/CVE-2024-56507.json | 60 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56508.json | 60 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56509.json | 64 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56527.json | 18 +- CVE-2024/CVE-2024-565xx/CVE-2024-56550.json | 25 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56551.json | 29 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56552.json | 25 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56553.json | 25 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56554.json | 25 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56555.json | 25 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56556.json | 25 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56557.json | 33 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56558.json | 45 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56559.json | 25 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56560.json | 25 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56561.json | 25 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56562.json | 45 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56563.json | 25 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56564.json | 25 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56565.json | 29 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56566.json | 29 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56567.json | 45 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56568.json | 41 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56569.json | 45 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56570.json | 45 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56571.json | 41 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56572.json | 45 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56573.json | 29 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56574.json | 45 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56575.json | 37 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56576.json | 45 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56577.json | 29 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56578.json | 37 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56579.json | 33 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56580.json | 25 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56581.json | 45 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56582.json | 25 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56583.json | 29 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56584.json | 33 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56585.json | 33 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56586.json | 45 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56587.json | 45 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56588.json | 25 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56589.json | 41 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56590.json | 37 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56591.json | 25 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56592.json | 29 ++ CVE-2024/CVE-2024-565xx/CVE-2024-56593.json | 45 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56594.json | 45 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56595.json | 45 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56596.json | 45 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56597.json | 45 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56598.json | 45 +++ CVE-2024/CVE-2024-565xx/CVE-2024-56599.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56600.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56601.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56602.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56603.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56604.json | 33 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56605.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56606.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56607.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56608.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56609.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56610.json | 41 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56611.json | 29 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56612.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56613.json | 29 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56614.json | 37 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56615.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56616.json | 33 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56617.json | 29 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56618.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56619.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56620.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56621.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56622.json | 37 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56623.json | 41 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56624.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56625.json | 37 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56626.json | 33 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56627.json | 33 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56628.json | 33 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56629.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56630.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56631.json | 29 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56632.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56633.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56634.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56635.json | 29 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56636.json | 41 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56637.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56638.json | 29 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56639.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56640.json | 37 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56641.json | 29 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56642.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56643.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56644.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56645.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56646.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56647.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56648.json | 41 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56649.json | 29 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56650.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56651.json | 33 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56652.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56653.json | 29 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56654.json | 29 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56655.json | 29 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56656.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56657.json | 29 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56658.json | 33 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56659.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56660.json | 33 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56661.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56662.json | 41 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56663.json | 33 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56664.json | 29 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56665.json | 33 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56666.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56667.json | 29 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56668.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56669.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56670.json | 45 +++ CVE-2024/CVE-2024-566xx/CVE-2024-56671.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56672.json | 33 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56673.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56674.json | 25 ++ CVE-2024/CVE-2024-566xx/CVE-2024-56675.json | 33 ++ README.md | 94 +++-- _state.csv | 422 +++++++++++++------- 175 files changed, 6298 insertions(+), 291 deletions(-) create mode 100644 CVE-2024/CVE-2024-128xx/CVE-2024-12856.json create mode 100644 CVE-2024/CVE-2024-129xx/CVE-2024-12984.json create mode 100644 CVE-2024/CVE-2024-129xx/CVE-2024-12985.json create mode 100644 CVE-2024/CVE-2024-129xx/CVE-2024-12986.json create mode 100644 CVE-2024/CVE-2024-129xx/CVE-2024-12987.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56507.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56508.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56509.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56550.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56551.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56552.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56553.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56554.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56555.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56556.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56557.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56558.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56559.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56560.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56561.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56562.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56563.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56564.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56565.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56566.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56567.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56568.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56569.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56570.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56571.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56572.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56573.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56574.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56575.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56576.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56577.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56578.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56579.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56580.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56581.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56582.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56583.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56584.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56585.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56586.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56587.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56588.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56589.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56590.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56591.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56592.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56593.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56594.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56595.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56596.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56597.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56598.json create mode 100644 CVE-2024/CVE-2024-565xx/CVE-2024-56599.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56600.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56601.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56602.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56603.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56604.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56605.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56606.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56607.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56608.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56609.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56610.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56611.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56612.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56613.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56614.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56615.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56616.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56617.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56618.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56619.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56620.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56621.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56622.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56623.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56624.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56625.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56626.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56627.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56628.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56629.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56630.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56631.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56632.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56633.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56634.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56635.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56636.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56637.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56638.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56639.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56640.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56641.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56642.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56643.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56644.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56645.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56646.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56647.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56648.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56649.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56650.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56651.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56652.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56653.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56654.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56655.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56656.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56657.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56658.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56659.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56660.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56661.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56662.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56663.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56664.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56665.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56666.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56667.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56668.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56669.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56670.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56671.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56672.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56673.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56674.json create mode 100644 CVE-2024/CVE-2024-566xx/CVE-2024-56675.json diff --git a/CVE-2017/CVE-2017-125xx/CVE-2017-12588.json b/CVE-2017/CVE-2017-125xx/CVE-2017-12588.json index e5a0fa20b0b..7ce0e3cbea4 100644 --- a/CVE-2017/CVE-2017-125xx/CVE-2017-12588.json +++ b/CVE-2017/CVE-2017-125xx/CVE-2017-12588.json @@ -2,7 +2,7 @@ "id": "CVE-2017-12588", "sourceIdentifier": "cve@mitre.org", "published": "2017-08-06T14:29:00.227", - "lastModified": "2024-11-21T03:09:48.777", + "lastModified": "2024-12-27T16:15:21.503", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -140,6 +140,10 @@ "Patch", "Third Party Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241227-0009/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2017/CVE-2017-89xx/CVE-2017-8923.json b/CVE-2017/CVE-2017-89xx/CVE-2017-8923.json index c2c4ebc0e33..63bbdc46091 100644 --- a/CVE-2017/CVE-2017-89xx/CVE-2017-8923.json +++ b/CVE-2017/CVE-2017-89xx/CVE-2017-8923.json @@ -2,7 +2,7 @@ "id": "CVE-2017-8923", "sourceIdentifier": "cve@mitre.org", "published": "2017-05-12T20:29:00.500", - "lastModified": "2024-11-21T03:34:59.200", + "lastModified": "2024-12-27T16:15:22.243", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -135,6 +135,10 @@ "Issue Tracking", "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241227-0007/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2018/CVE-2018-121xx/CVE-2018-12121.json b/CVE-2018/CVE-2018-121xx/CVE-2018-12121.json index 38f330f0cfe..a6497ea6c8b 100644 --- a/CVE-2018/CVE-2018-121xx/CVE-2018-12121.json +++ b/CVE-2018/CVE-2018-121xx/CVE-2018-12121.json @@ -2,7 +2,7 @@ "id": "CVE-2018-12121", "sourceIdentifier": "cve-request@iojs.org", "published": "2018-11-28T17:29:00.337", - "lastModified": "2024-11-21T03:44:38.177", + "lastModified": "2024-12-27T16:15:22.400", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -294,6 +294,10 @@ "tags": [ "Third Party Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241227-0008/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2018/CVE-2018-200xx/CVE-2018-20060.json b/CVE-2018/CVE-2018-200xx/CVE-2018-20060.json index ac4bd419798..a57a4da5f1b 100644 --- a/CVE-2018/CVE-2018-200xx/CVE-2018-20060.json +++ b/CVE-2018/CVE-2018-200xx/CVE-2018-20060.json @@ -2,7 +2,7 @@ "id": "CVE-2018-20060", "sourceIdentifier": "cve@mitre.org", "published": "2018-12-11T17:29:00.380", - "lastModified": "2024-11-21T04:00:49.450", + "lastModified": "2024-12-27T16:15:22.593", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -236,6 +236,10 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWP36YW3KSVLXDBY3QJKDYEPCIMN3VQZ/", "source": "af854a3a-2127-422b-91ae-364da2661108" }, + { + "url": "https://security.netapp.com/advisory/ntap-20241227-0010/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, { "url": "https://usn.ubuntu.com/3990-1/", "source": "af854a3a-2127-422b-91ae-364da2661108" diff --git a/CVE-2020/CVE-2020-247xx/CVE-2020-24723.json b/CVE-2020/CVE-2020-247xx/CVE-2020-24723.json index 000046ca758..62bc9debdf5 100644 --- a/CVE-2020/CVE-2020-247xx/CVE-2020-24723.json +++ b/CVE-2020/CVE-2020-247xx/CVE-2020-24723.json @@ -2,7 +2,7 @@ "id": "CVE-2020-24723", "sourceIdentifier": "cve@mitre.org", "published": "2020-11-18T13:15:11.267", - "lastModified": "2024-11-21T05:15:58.427", + "lastModified": "2024-12-27T15:55:35.150", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -85,8 +85,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:user_registration_\\&_login_and_user_management_system_project:user_registration_\\&_login_and_user_management_system:2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "BCB13821-FAB1-40A7-8566-8581E68F30D1" + "criteria": "cpe:2.3:a:phpgurukul:user_registration_\\&_login_and_user_management_system:2.1:*:*:*:*:*:*:*", + "matchCriteriaId": "2C64BEC4-EB4F-4362-B98F-074DB2196D0B" } ] } diff --git a/CVE-2020/CVE-2020-259xx/CVE-2020-25952.json b/CVE-2020/CVE-2020-259xx/CVE-2020-25952.json index 970cc1d5f81..15e9db27797 100644 --- a/CVE-2020/CVE-2020-259xx/CVE-2020-25952.json +++ b/CVE-2020/CVE-2020-259xx/CVE-2020-25952.json @@ -2,7 +2,7 @@ "id": "CVE-2020-25952", "sourceIdentifier": "cve@mitre.org", "published": "2020-11-16T16:15:14.710", - "lastModified": "2024-11-21T05:19:00.827", + "lastModified": "2024-12-27T15:55:35.150", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -85,8 +85,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:user_registration_\\&_login_and_user_management_system_project:user_registration_\\&_login_and_user_management_system:2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "BCB13821-FAB1-40A7-8566-8581E68F30D1" + "criteria": "cpe:2.3:a:phpgurukul:user_registration_\\&_login_and_user_management_system:2.1:*:*:*:*:*:*:*", + "matchCriteriaId": "2C64BEC4-EB4F-4362-B98F-074DB2196D0B" } ] } diff --git a/CVE-2021/CVE-2021-462xx/CVE-2021-46200.json b/CVE-2021/CVE-2021-462xx/CVE-2021-46200.json index 0d55dbcc7aa..bb4ad03ebf5 100644 --- a/CVE-2021/CVE-2021-462xx/CVE-2021-46200.json +++ b/CVE-2021/CVE-2021-462xx/CVE-2021-46200.json @@ -2,7 +2,7 @@ "id": "CVE-2021-46200", "sourceIdentifier": "cve@mitre.org", "published": "2022-01-21T16:15:08.033", - "lastModified": "2024-11-21T06:33:45.340", + "lastModified": "2024-12-27T15:55:35.150", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -85,8 +85,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:simple_music_cloud_community_system_project:simple_music_cloud_community_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "790A83AE-A97F-442D-B243-660F2CBE8483" + "criteria": "cpe:2.3:a:oretnom23:simple_music_cloud_community_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "ABCDFD7A-76C7-4760-901F-F7CDE78D9863" } ] } diff --git a/CVE-2023/CVE-2023-524xx/CVE-2023-52439.json b/CVE-2023/CVE-2023-524xx/CVE-2023-52439.json index 0e52281a248..ba97a2625ee 100644 --- a/CVE-2023/CVE-2023-524xx/CVE-2023-52439.json +++ b/CVE-2023/CVE-2023-524xx/CVE-2023-52439.json @@ -2,7 +2,7 @@ "id": "CVE-2023-52439", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-20T21:15:08.213", - "lastModified": "2024-11-21T08:39:45.820", + "lastModified": "2024-12-27T16:15:23.080", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -257,6 +257,10 @@ { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241227-0006/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-04xx/CVE-2024-0438.json b/CVE-2024/CVE-2024-04xx/CVE-2024-0438.json index 455b667d90b..8d2fb03820d 100644 --- a/CVE-2024/CVE-2024-04xx/CVE-2024-0438.json +++ b/CVE-2024/CVE-2024-04xx/CVE-2024-0438.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0438", "sourceIdentifier": "security@wordfence.com", "published": "2024-02-29T01:43:11.853", - "lastModified": "2024-11-21T08:46:35.487", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-27T15:51:18.320", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,41 +36,115 @@ }, "exploitabilityScore": 3.1, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:leevio:happy_addons_for_elementor:*:*:*:*:free:wordpress:*:*", + "versionEndExcluding": "3.10.2", + "matchCriteriaId": "A91AEA55-8FE4-4995-9681-EA7831CCDF85" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/happy-elementor-addons/tags/3.10.1/assets/js/happy-addons.js#L991", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/happy-elementor-addons/tags/3.10.1/extensions/wrapper-link.php#L50", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3028056%40happy-elementor-addons%2Ftrunk&old=3016053%40happy-elementor-addons%2Ftrunk&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/267641fe-7490-4b8f-bb39-9531eefa2c30?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/happy-elementor-addons/tags/3.10.1/assets/js/happy-addons.js#L991", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/happy-elementor-addons/tags/3.10.1/extensions/wrapper-link.php#L50", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3028056%40happy-elementor-addons%2Ftrunk&old=3016053%40happy-elementor-addons%2Ftrunk&sfp_email=&sfph_mail=", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/267641fe-7490-4b8f-bb39-9531eefa2c30?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-08xx/CVE-2024-0838.json b/CVE-2024/CVE-2024-08xx/CVE-2024-0838.json index 9124d74119e..7c3dc226fdf 100644 --- a/CVE-2024/CVE-2024-08xx/CVE-2024-0838.json +++ b/CVE-2024/CVE-2024-08xx/CVE-2024-0838.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0838", "sourceIdentifier": "security@wordfence.com", "published": "2024-02-29T01:43:29.613", - "lastModified": "2024-11-21T08:47:29.030", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-27T15:57:28.327", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,33 +36,101 @@ }, "exploitabilityScore": 3.1, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:leevio:happy_addons_for_elementor:*:*:*:*:free:wordpress:*:*", + "versionEndIncluding": "3.10.2", + "matchCriteriaId": "ABCEB951-0856-4067-81A4-FBCE120577F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/happy-elementor-addons/tags/3.10.1/widgets/age-gate/widget.php#L2121", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3028056%40happy-elementor-addons%2Ftrunk&old=3016053%40happy-elementor-addons%2Ftrunk&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d55bab2a-5e2e-440e-b4fa-03853679ba22?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/happy-elementor-addons/tags/3.10.1/widgets/age-gate/widget.php#L2121", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3028056%40happy-elementor-addons%2Ftrunk&old=3016053%40happy-elementor-addons%2Ftrunk&sfp_email=&sfph_mail=", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d55bab2a-5e2e-440e-b4fa-03853679ba22?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-09xx/CVE-2024-0983.json b/CVE-2024/CVE-2024-09xx/CVE-2024-0983.json index 1e4f131e439..8257f4523a3 100644 --- a/CVE-2024/CVE-2024-09xx/CVE-2024-0983.json +++ b/CVE-2024/CVE-2024-09xx/CVE-2024-0983.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0983", "sourceIdentifier": "security@wordfence.com", "published": "2024-02-29T01:43:34.067", - "lastModified": "2024-11-21T08:47:57.023", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-27T16:05:07.067", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,22 +39,64 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:imagerecycle:imagerecycle_pdf_\\&_image_compression:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.1.14", + "matchCriteriaId": "68E98689-9AB9-4C4D-8201-6D992D9CFBD4" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/3031424/imagerecycle-pdf-image-compression", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/175dd04d-ce06-45a0-8cfe-14498e2f9198?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3031424/imagerecycle-pdf-image-compression", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/175dd04d-ce06-45a0-8cfe-14498e2f9198?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-09xx/CVE-2024-0984.json b/CVE-2024/CVE-2024-09xx/CVE-2024-0984.json index bcce4f1ed65..99fb9dedd7c 100644 --- a/CVE-2024/CVE-2024-09xx/CVE-2024-0984.json +++ b/CVE-2024/CVE-2024-09xx/CVE-2024-0984.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0984", "sourceIdentifier": "security@wordfence.com", "published": "2024-02-29T01:43:34.237", - "lastModified": "2024-11-21T08:47:57.147", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-27T16:08:43.113", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,22 +39,64 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:imagerecycle:imagerecycle_pdf_\\&_image_compression:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.1.14", + "matchCriteriaId": "68E98689-9AB9-4C4D-8201-6D992D9CFBD4" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/3031424/imagerecycle-pdf-image-compression", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cc9dd55d-3c37-4f24-81a1-fdc8ca284566?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3031424/imagerecycle-pdf-image-compression", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cc9dd55d-3c37-4f24-81a1-fdc8ca284566?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-10xx/CVE-2024-1089.json b/CVE-2024/CVE-2024-10xx/CVE-2024-1089.json index 6b74e2c5c87..cff5021dde5 100644 --- a/CVE-2024/CVE-2024-10xx/CVE-2024-1089.json +++ b/CVE-2024/CVE-2024-10xx/CVE-2024-1089.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1089", "sourceIdentifier": "security@wordfence.com", "published": "2024-02-29T01:43:39.383", - "lastModified": "2024-11-21T08:49:46.367", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-27T15:26:53.030", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,22 +39,64 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:imagerecycle:imagerecycle_pdf_\\&_image_compression:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.1.14", + "matchCriteriaId": "CD8DED9B-43A3-431E-9E3D-EC137E57A535" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/3031424/imagerecycle-pdf-image-compression", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8ff16906-2516-4b3c-8217-e3fb24924e27?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3031424/imagerecycle-pdf-image-compression", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8ff16906-2516-4b3c-8217-e3fb24924e27?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-10xx/CVE-2024-1090.json b/CVE-2024/CVE-2024-10xx/CVE-2024-1090.json index 8adc7f82076..2708d0fbbf1 100644 --- a/CVE-2024/CVE-2024-10xx/CVE-2024-1090.json +++ b/CVE-2024/CVE-2024-10xx/CVE-2024-1090.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1090", "sourceIdentifier": "security@wordfence.com", "published": "2024-02-29T01:43:39.530", - "lastModified": "2024-11-21T08:49:46.483", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-27T15:41:41.897", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,22 +39,64 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:imagerecycle:imagerecycle_pdf_\\&_image_compression:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.1.14", + "matchCriteriaId": "CD8DED9B-43A3-431E-9E3D-EC137E57A535" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/3031424/imagerecycle-pdf-image-compression", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f3fae909-5564-4e0a-9114-edd0e45865e5?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3031424/imagerecycle-pdf-image-compression", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f3fae909-5564-4e0a-9114-edd0e45865e5?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-10xx/CVE-2024-1091.json b/CVE-2024/CVE-2024-10xx/CVE-2024-1091.json index 70d92b22555..29f40e69559 100644 --- a/CVE-2024/CVE-2024-10xx/CVE-2024-1091.json +++ b/CVE-2024/CVE-2024-10xx/CVE-2024-1091.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1091", "sourceIdentifier": "security@wordfence.com", "published": "2024-02-29T01:43:39.690", - "lastModified": "2024-11-21T08:49:46.597", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-27T15:45:27.200", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,22 +39,64 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:imagerecycle:imagerecycle_pdf_\\&_image_compression:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.1.14", + "matchCriteriaId": "CD8DED9B-43A3-431E-9E3D-EC137E57A535" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/3031424/imagerecycle-pdf-image-compression", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3cb8b08c-a028-48bd-acad-c00313fe06b8?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3031424/imagerecycle-pdf-image-compression", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3cb8b08c-a028-48bd-acad-c00313fe06b8?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11607.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11607.json index d455013dc23..9e2f4c46ba6 100644 --- a/CVE-2024/CVE-2024-116xx/CVE-2024-11607.json +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11607.json @@ -2,16 +2,43 @@ "id": "CVE-2024-11607", "sourceIdentifier": "contact@wpscan.com", "published": "2024-12-21T06:15:20.813", - "lastModified": "2024-12-21T06:15:20.813", - "vulnStatus": "Received", + "lastModified": "2024-12-27T15:15:09.637", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The GTPayment Donations WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack." + }, + { + "lang": "es", + "value": "El complemento GTPayment Donations de WordPress hasta la versi\u00f3n 1.0.0 no tiene verificaci\u00f3n CSRF en algunos lugares y le falta desinfecci\u00f3n y escape, lo que podr\u00eda permitir a los atacantes hacer que el administrador que haya iniciado sesi\u00f3n agregue payloads XSS almacenado a trav\u00e9s de un ataque CSRF." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "references": [ { "url": "https://wpscan.com/vulnerability/132b5193-156b-40b8-b5c7-08646e1f6866/", diff --git a/CVE-2024/CVE-2024-128xx/CVE-2024-12856.json b/CVE-2024/CVE-2024-128xx/CVE-2024-12856.json new file mode 100644 index 00000000000..e3f9227e903 --- /dev/null +++ b/CVE-2024/CVE-2024-128xx/CVE-2024-12856.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-12856", + "sourceIdentifier": "disclosure@vulncheck.com", + "published": "2024-12-27T16:15:23.403", + "lastModified": "2024-12-27T16:15:23.403", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Four-Faith router models F3x24 and F3x36 are affected by an operating system (OS) command injection vulnerability. At least firmware version 2.0 allows authenticated and remote attackers to execute arbitrary OS commands over HTTP when modifying the system time via apply.cgi. Additionally, this firmware version has default credentials which, if not changed, would effectively change this vulnerability into an unauthenticated and remote OS command execution issue." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "disclosure@vulncheck.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "disclosure@vulncheck.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://ducklingstudio.blog.fc2.com/blog-entry-392.html", + "source": "disclosure@vulncheck.com" + }, + { + "url": "https://vulncheck.com/advisories/four-faith-time", + "source": "disclosure@vulncheck.com" + }, + { + "url": "https://vulncheck.com/blog/four-faith-cve-2024-12856", + "source": "disclosure@vulncheck.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12908.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12908.json index 86dbaf7bf1f..0e75931a3b5 100644 --- a/CVE-2024/CVE-2024-129xx/CVE-2024-12908.json +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12908.json @@ -2,7 +2,7 @@ "id": "CVE-2024-12908", "sourceIdentifier": "1443cd92-d354-46d2-9290-d812316ca43a", "published": "2024-12-26T16:15:06.050", - "lastModified": "2024-12-26T16:15:06.050", + "lastModified": "2024-12-27T15:15:10.240", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -59,6 +59,10 @@ { "url": "https://trust.delinea.com/", "source": "1443cd92-d354-46d2-9290-d812316ca43a" + }, + { + "url": "https://blog.amberwolf.com/blog/2024/december/cve-2024-12908-delinea-protocol-handler---remote-code-execution-via-update-process/", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12926.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12926.json index 6ed28fb85d4..770690ae023 100644 --- a/CVE-2024/CVE-2024-129xx/CVE-2024-12926.json +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12926.json @@ -2,7 +2,7 @@ "id": "CVE-2024-12926", "sourceIdentifier": "cna@vuldb.com", "published": "2024-12-25T20:15:22.147", - "lastModified": "2024-12-25T20:15:22.147", + "lastModified": "2024-12-27T15:15:10.360", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -107,7 +107,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -136,6 +136,10 @@ { "url": "https://vuldb.com/?submit.467933", "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/dawatermelon/CVE/blob/main/CodeZips%20Project%20Management%20System/README.md", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12927.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12927.json index 489ea505313..d0e03de56b8 100644 --- a/CVE-2024/CVE-2024-129xx/CVE-2024-12927.json +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12927.json @@ -2,7 +2,7 @@ "id": "CVE-2024-12927", "sourceIdentifier": "cna@vuldb.com", "published": "2024-12-25T23:15:17.430", - "lastModified": "2024-12-25T23:15:17.430", + "lastModified": "2024-12-27T15:15:10.513", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -107,7 +107,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -140,6 +140,10 @@ { "url": "https://vuldb.com/?submit.467992", "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/zzkk0173/CVE/issues/1", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12928.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12928.json index e15d551ecfe..48962e59273 100644 --- a/CVE-2024/CVE-2024-129xx/CVE-2024-12928.json +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12928.json @@ -2,7 +2,7 @@ "id": "CVE-2024-12928", "sourceIdentifier": "cna@vuldb.com", "published": "2024-12-26T00:15:21.740", - "lastModified": "2024-12-26T00:15:21.740", + "lastModified": "2024-12-27T15:15:10.650", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -107,7 +107,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -136,6 +136,10 @@ { "url": "https://vuldb.com/?submit.468108", "source": "cna@vuldb.com" + }, + { + "url": "https://code-projects.org/simple-admin-panel-in-php-with-source-code/", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12929.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12929.json index f9b87d9777a..bc31fa7724a 100644 --- a/CVE-2024/CVE-2024-129xx/CVE-2024-12929.json +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12929.json @@ -2,7 +2,7 @@ "id": "CVE-2024-12929", "sourceIdentifier": "cna@vuldb.com", "published": "2024-12-26T00:15:22.300", - "lastModified": "2024-12-26T00:15:22.300", + "lastModified": "2024-12-27T15:15:10.793", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -107,7 +107,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -136,6 +136,10 @@ { "url": "https://vuldb.com/?submit.468120", "source": "cna@vuldb.com" + }, + { + "url": "https://code-projects.org/student-management-system-using-php-source-code/", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12930.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12930.json index 0a47e2425db..979da4cedf2 100644 --- a/CVE-2024/CVE-2024-129xx/CVE-2024-12930.json +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12930.json @@ -2,7 +2,7 @@ "id": "CVE-2024-12930", "sourceIdentifier": "cna@vuldb.com", "published": "2024-12-26T02:15:23.210", - "lastModified": "2024-12-26T02:15:23.210", + "lastModified": "2024-12-27T15:15:10.947", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -107,7 +107,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -136,6 +136,10 @@ { "url": "https://vuldb.com/?submit.468121", "source": "cna@vuldb.com" + }, + { + "url": "https://code-projects.org/simple-admin-panel-in-php-with-source-code/", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12943.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12943.json index cf6322f2ca8..70abc94923b 100644 --- a/CVE-2024/CVE-2024-129xx/CVE-2024-12943.json +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12943.json @@ -2,7 +2,7 @@ "id": "CVE-2024-12943", "sourceIdentifier": "cna@vuldb.com", "published": "2024-12-26T09:15:06.747", - "lastModified": "2024-12-26T09:15:06.747", + "lastModified": "2024-12-27T15:15:11.083", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -107,7 +107,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -140,6 +140,10 @@ { "url": "https://vuldb.com/?submit.468375", "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/Wind-liberty/CVE/issues/1", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12944.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12944.json index cf88f7da42c..cddd6b890bd 100644 --- a/CVE-2024/CVE-2024-129xx/CVE-2024-12944.json +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12944.json @@ -2,7 +2,7 @@ "id": "CVE-2024-12944", "sourceIdentifier": "cna@vuldb.com", "published": "2024-12-26T09:15:07.030", - "lastModified": "2024-12-26T09:15:07.030", + "lastModified": "2024-12-27T15:15:11.230", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -107,7 +107,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -140,6 +140,10 @@ { "url": "https://vuldb.com/?submit.468376", "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/Wind-liberty/CVE/issues/2", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12949.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12949.json index 8f48fc00eb9..81a7e13c1b9 100644 --- a/CVE-2024/CVE-2024-129xx/CVE-2024-12949.json +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12949.json @@ -2,7 +2,7 @@ "id": "CVE-2024-12949", "sourceIdentifier": "cna@vuldb.com", "published": "2024-12-26T12:15:05.997", - "lastModified": "2024-12-26T12:15:05.997", + "lastModified": "2024-12-27T15:15:11.363", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -107,7 +107,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -136,6 +136,10 @@ { "url": "https://vuldb.com/?submit.468541", "source": "cna@vuldb.com" + }, + { + "url": "https://code-projects.org/travel-management-system-using-php-source-code/", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12958.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12958.json index f871a816203..559a6b84b63 100644 --- a/CVE-2024/CVE-2024-129xx/CVE-2024-12958.json +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12958.json @@ -2,7 +2,7 @@ "id": "CVE-2024-12958", "sourceIdentifier": "cna@vuldb.com", "published": "2024-12-26T16:15:25.667", - "lastModified": "2024-12-26T16:15:25.667", + "lastModified": "2024-12-27T15:15:11.510", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -107,7 +107,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -140,6 +140,10 @@ { "url": "https://vuldb.com/?submit.468799", "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/dawatermelon/CVE/blob/main/Portfolio%20Management%20System%20MCA%20Project/README6.md", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12982.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12982.json index 4936279ab90..d2c58993d2e 100644 --- a/CVE-2024/CVE-2024-129xx/CVE-2024-12982.json +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12982.json @@ -2,7 +2,7 @@ "id": "CVE-2024-12982", "sourceIdentifier": "cna@vuldb.com", "published": "2024-12-27T06:15:23.680", - "lastModified": "2024-12-27T06:15:23.680", + "lastModified": "2024-12-27T16:15:23.540", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -107,7 +107,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -136,6 +136,10 @@ { "url": "https://vuldb.com/?submit.469202", "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.469202", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12983.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12983.json index 225599adc22..4dcd7b7f435 100644 --- a/CVE-2024/CVE-2024-129xx/CVE-2024-12983.json +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12983.json @@ -2,7 +2,7 @@ "id": "CVE-2024-12983", "sourceIdentifier": "cna@vuldb.com", "published": "2024-12-27T07:15:11.180", - "lastModified": "2024-12-27T07:15:11.180", + "lastModified": "2024-12-27T16:15:23.683", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -107,7 +107,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -140,6 +140,10 @@ { "url": "https://vuldb.com/?submit.469215", "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/Rocky-Bull/myCVE/blob/main/Hospital_Management_System_XSS.md", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12984.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12984.json new file mode 100644 index 00000000000..d8f5d55bc50 --- /dev/null +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12984.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-12984", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-12-27T15:15:11.957", + "lastModified": "2024-12-27T15:15:11.957", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as problematic has been found in Amcrest IP2M-841B, IP2M-841W, IPC-IP2M-841B, IPC-IP3M-943B, IPC-IP3M-943S, IPC-IP3M-HX2B and IPC-IPM-721S up to 20241211. This affects an unknown part of the file /web_caps/webCapsConfig of the component Web Interface. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", + "baseScore": 5.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + }, + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://netsecfish.notion.site/AMCREST-IP-Camera-Information-Disclosure-1596b683e67c8045ad10c16b3eed456f?pvs=4", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.289377", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.289377", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.461109", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12985.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12985.json new file mode 100644 index 00000000000..49713f3ba1b --- /dev/null +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12985.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-12985", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-12-27T15:15:12.183", + "lastModified": "2024-12-27T16:15:23.807", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical was found in Overtek OT-E801G OTE801G65.1.1.0. This vulnerability affects unknown code of the file /diag_ping.cmd?action=test&interface=ppp0.1&ipaddr=8.8.8.8%26%26cat%20/etc/passwd&ipversion=4&sessionKey=test. The manipulation leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + }, + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.289378", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.289378", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.462387", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.462387", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12986.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12986.json new file mode 100644 index 00000000000..e68e52136eb --- /dev/null +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12986.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-12986", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-12-27T16:15:23.927", + "lastModified": "2024-12-27T16:15:23.927", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, has been found in DrayTek Vigor2960 and Vigor300B 1.5.1.3/1.5.1.4. This issue affects some unknown processing of the file /cgi-bin/mainfunction.cgi/apmcfgupptim of the component Web Management Interface. The manipulation of the argument session leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.5.1.5 is able to address this issue. It is recommended to upgrade the affected component." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + }, + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://netsecfish.notion.site/Command-Injection-in-apmcfgupptim-endpoint-for-DrayTek-Gateway-Devices-1676b683e67c80b9ad8cc37b93273bf6?pvs=4", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.289379", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.289379", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.468794", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12987.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12987.json new file mode 100644 index 00000000000..b0043cafb1f --- /dev/null +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12987.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-12987", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-12-27T16:15:24.143", + "lastModified": "2024-12-27T16:15:24.143", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in DrayTek Vigor2960 and Vigor300B 1.5.1.4. Affected is an unknown function of the file /cgi-bin/mainfunction.cgi/apmcfgupload of the component Web Management Interface. The manipulation of the argument session leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.5.1.5 is able to address this issue. It is recommended to upgrade the affected component." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + }, + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://netsecfish.notion.site/Command-Injection-in-apmcfgupload-endpoint-for-DrayTek-Gateway-Devices-1676b683e67c8040b7f1f0ffe29ce18f?pvs=4", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.289380", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.289380", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.468795", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-214xx/CVE-2024-21436.json b/CVE-2024/CVE-2024-214xx/CVE-2024-21436.json index 0c07d02d500..5707bc333b1 100644 --- a/CVE-2024/CVE-2024-214xx/CVE-2024-21436.json +++ b/CVE-2024/CVE-2024-214xx/CVE-2024-21436.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21436", "sourceIdentifier": "secure@microsoft.com", "published": "2024-03-12T17:15:52.550", - "lastModified": "2024-11-21T08:54:21.563", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-27T16:25:32.740", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -49,16 +49,196 @@ "value": "CWE-284" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.10240.20526", + "matchCriteriaId": "FAE3130D-C88C-42C1-89EF-A8F86254E04D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.10240.20526", + "matchCriteriaId": "CFF4870F-71A6-4ED9-B398-0757DC9A9B77" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.14393.6796", + "matchCriteriaId": "EA2CA05A-8688-45D6-BC96-627DEB1962E4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.14393.6796", + "matchCriteriaId": "F7C03B8B-2E86-4FEB-9925-623CC805AD34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.17763.5576", + "matchCriteriaId": "54A84FB6-B0C7-437B-B95A-F2B4CF18F853" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.17763.5576", + "matchCriteriaId": "4C9B0826-AE47-44B1-988F-6B5CEFB45BD5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.17763.5576", + "matchCriteriaId": "E037C8AE-56A8-4507-A34B-371A7D49F28D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.19044.4170", + "matchCriteriaId": "8680C6F7-3E4F-4AE6-914E-D95E571AF70A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.19044.4170", + "matchCriteriaId": "26CD5681-7CC7-42C3-AF89-D6A2C2A5591B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.19044.4170", + "matchCriteriaId": "5C9FEFA3-5E9D-4E93-ACBE-B47783601CF5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.19045.4170", + "matchCriteriaId": "C86ACE06-BA02-49BA-B274-441E74F98FB2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.19045.4170", + "matchCriteriaId": "A4E3CAC2-4FF9-4A3C-B88C-070F5584157D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22000.2836", + "matchCriteriaId": "647D078D-30D7-445E-AEC6-23EF9DAA6743" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22000.2836", + "matchCriteriaId": "EA297849-30A4-485F-A0E6-085312791438" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22621.3296", + "matchCriteriaId": "18AE871D-E861-46E3-B00A-40B5F4296B36" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22621.3296", + "matchCriteriaId": "5526C246-95D3-49B5-B857-AE46B469681A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22631.3296", + "matchCriteriaId": "B7830F58-69E3-4373-A5C7-2B85A743E7FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22631.3296", + "matchCriteriaId": "20DF4699-31FA-404B-BDEA-FE418854F538" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6796", + "matchCriteriaId": "2545664A-E87B-40F7-9C19-53AEC8198B81" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5576", + "matchCriteriaId": "FFF3EE72-52DE-4CB2-8D42-74809CD7B292" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.2340", + "matchCriteriaId": "9EDA5547-D293-41D0-A10C-4A613E725231" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.25398.763", + "matchCriteriaId": "0AD05A2D-BA23-4B63-8B75-1395F74C36CB" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21436", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21436", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-30xx/CVE-2024-3056.json b/CVE-2024/CVE-2024-30xx/CVE-2024-3056.json index d350705234a..2622fc50e3b 100644 --- a/CVE-2024/CVE-2024-30xx/CVE-2024-3056.json +++ b/CVE-2024/CVE-2024-30xx/CVE-2024-3056.json @@ -2,7 +2,7 @@ "id": "CVE-2024-3056", "sourceIdentifier": "secalert@redhat.com", "published": "2024-08-02T21:16:30.950", - "lastModified": "2024-10-16T05:15:14.297", + "lastModified": "2024-12-27T16:15:24.437", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -19,7 +19,7 @@ "cvssMetricV31": [ { "source": "secalert@redhat.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:H", @@ -62,7 +62,7 @@ "weaknesses": [ { "source": "secalert@redhat.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -144,6 +144,10 @@ "tags": [ "Issue Tracking" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241227-0002/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-388xx/CVE-2024-38816.json b/CVE-2024/CVE-2024-388xx/CVE-2024-38816.json index 762ac3a091f..a7cd13fefc2 100644 --- a/CVE-2024/CVE-2024-388xx/CVE-2024-38816.json +++ b/CVE-2024/CVE-2024-388xx/CVE-2024-38816.json @@ -2,7 +2,7 @@ "id": "CVE-2024-38816", "sourceIdentifier": "security@vmware.com", "published": "2024-09-13T06:15:11.190", - "lastModified": "2024-09-13T14:06:04.777", + "lastModified": "2024-12-27T16:15:24.313", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -43,6 +43,10 @@ { "url": "https://spring.io/security/cve-2024-38816", "source": "security@vmware.com" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241227-0001/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-411xx/CVE-2024-41123.json b/CVE-2024/CVE-2024-411xx/CVE-2024-41123.json index 59ea6ddbaff..4435f7c48d5 100644 --- a/CVE-2024/CVE-2024-411xx/CVE-2024-41123.json +++ b/CVE-2024/CVE-2024-411xx/CVE-2024-41123.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41123", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-01T15:15:13.213", - "lastModified": "2024-10-10T12:56:29.837", - "vulnStatus": "Analyzed", + "lastModified": "2024-12-27T16:15:24.577", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -134,6 +134,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241227-0005/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47153.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47153.json index b5632977625..4322cc1535d 100644 --- a/CVE-2024/CVE-2024-471xx/CVE-2024-47153.json +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47153.json @@ -2,7 +2,7 @@ "id": "CVE-2024-47153", "sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4", "published": "2024-12-26T12:15:07.183", - "lastModified": "2024-12-26T12:15:07.183", + "lastModified": "2024-12-27T15:15:12.460", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -35,6 +35,18 @@ } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-203" + } + ] + } + ], "references": [ { "url": "https://www.honor.com/global/security/cve-2024-47153/", diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47154.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47154.json index 9d0ecee7734..c3c49970a85 100644 --- a/CVE-2024/CVE-2024-471xx/CVE-2024-47154.json +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47154.json @@ -2,7 +2,7 @@ "id": "CVE-2024-47154", "sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4", "published": "2024-12-26T12:15:07.303", - "lastModified": "2024-12-26T12:15:07.303", + "lastModified": "2024-12-27T15:15:12.587", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -35,6 +35,18 @@ } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-203" + } + ] + } + ], "references": [ { "url": "https://www.honor.com/global/security/cve-2024-47154/", diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47155.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47155.json index a5cf5f65f1d..4217970e51d 100644 --- a/CVE-2024/CVE-2024-471xx/CVE-2024-47155.json +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47155.json @@ -2,7 +2,7 @@ "id": "CVE-2024-47155", "sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4", "published": "2024-12-26T12:15:07.433", - "lastModified": "2024-12-26T12:15:07.433", + "lastModified": "2024-12-27T15:15:12.723", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -35,6 +35,18 @@ } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-203" + } + ] + } + ], "references": [ { "url": "https://www.honor.com/global/security/cve-2024-47155/", diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47157.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47157.json index 153bbf9dc84..2933d1c60a8 100644 --- a/CVE-2024/CVE-2024-471xx/CVE-2024-47157.json +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47157.json @@ -2,7 +2,7 @@ "id": "CVE-2024-47157", "sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4", "published": "2024-12-26T12:15:07.547", - "lastModified": "2024-12-26T12:15:07.547", + "lastModified": "2024-12-27T15:15:12.870", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -35,6 +35,18 @@ } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], "references": [ { "url": "https://www.honor.com/global/security/cve-2024-47157/", diff --git a/CVE-2024/CVE-2024-489xx/CVE-2024-48949.json b/CVE-2024/CVE-2024-489xx/CVE-2024-48949.json index d3fc031d028..7804d167681 100644 --- a/CVE-2024/CVE-2024-489xx/CVE-2024-48949.json +++ b/CVE-2024/CVE-2024-489xx/CVE-2024-48949.json @@ -2,8 +2,8 @@ "id": "CVE-2024-48949", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-10T01:15:11.127", - "lastModified": "2024-10-15T14:07:04.057", - "vulnStatus": "Analyzed", + "lastModified": "2024-12-27T16:15:24.730", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -83,6 +83,10 @@ "tags": [ "Patch" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241227-0003/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-497xx/CVE-2024-49761.json b/CVE-2024/CVE-2024-497xx/CVE-2024-49761.json index 6c6a04b65a2..4729e199c57 100644 --- a/CVE-2024/CVE-2024-497xx/CVE-2024-49761.json +++ b/CVE-2024/CVE-2024-497xx/CVE-2024-49761.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49761", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-28T15:15:05.157", - "lastModified": "2024-11-05T16:41:46.660", - "vulnStatus": "Analyzed", + "lastModified": "2024-12-27T16:15:24.890", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -86,7 +86,7 @@ "weaknesses": [ { "source": "security-advisories@github.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -134,6 +134,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241227-0004/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56507.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56507.json new file mode 100644 index 00000000000..5532d2fb4bb --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56507.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-56507", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-12-27T16:15:25.043", + "lastModified": "2024-12-27T16:15:25.043", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "LinkAce is a self-hosted archive to collect links of your favorite websites. Prior to 1.15.6, a reflected cross-site scripting (XSS) vulnerability exists in the LinkAce. This issue occurs in the \"URL\" field of the \"Edit Link\" module, where user input is not properly sanitized or encoded before being reflected in the HTML response. This allows attackers to inject and execute arbitrary JavaScript in the context of the victim\u2019s browser, leading to potential session hijacking, data theft, and unauthorized actions. This vulnerability is fixed in 1.15.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", + "baseScore": 4.6, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Kovah/LinkAce/commit/c7cd6a323a03ccd89c7f905f7d9f2afc265b7b67", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/Kovah/LinkAce/security/advisories/GHSA-cjcg-wj4p-pgc5", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56508.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56508.json new file mode 100644 index 00000000000..925b0372915 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56508.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-56508", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-12-27T16:15:25.187", + "lastModified": "2024-12-27T16:15:25.187", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "LinkAce is a self-hosted archive to collect links of your favorite websites. Prior to 1.15.6, a file upload vulnerability exists in the LinkAce. This issue occurs in the \"Import Bookmarks\" functionality, where malicious HTML files can be uploaded containing JavaScript payloads. These payloads execute when the uploaded links are accessed, leading to potential reflected or persistent XSS scenarios. This vulnerability is fixed in 1.15.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:N", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Kovah/LinkAce/commit/8cf3670d71a8629d33408da76f9d441a1aa933f6", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/Kovah/LinkAce/security/advisories/GHSA-2wvv-4576-8862", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56509.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56509.json new file mode 100644 index 00000000000..ad3cd94539e --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56509.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-56509", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-12-27T16:15:25.333", + "lastModified": "2024-12-27T16:15:25.333", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. Improper input validation in the application can allow attackers to perform local file read (LFR) or path traversal attacks. These vulnerabilities occur when user input is used to construct file paths without adequate sanitization or validation. For example, using file:../../../etc/passwd or file: ///etc/passwd can bypass weak validations and allow unauthorized access to sensitive files. Even though this has been addressed in previous patch, it is still insufficient. This vulnerability is fixed in 0.48.05." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", + "baseScore": 8.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + }, + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/dgtlmoon/changedetection.io/commit/f7e9846c9b40a229813d19cdb66bf60fbe5e6a2a", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-j5vv-6wjg-cfr8", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56527.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56527.json index 01349218972..87a8d82ec15 100644 --- a/CVE-2024/CVE-2024-565xx/CVE-2024-56527.json +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56527.json @@ -2,7 +2,7 @@ "id": "CVE-2024-56527", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-27T06:15:23.880", - "lastModified": "2024-12-27T06:15:23.880", + "lastModified": "2024-12-27T15:15:13.580", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -12,7 +12,23 @@ } ], "metrics": {}, + "weaknesses": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], "references": [ + { + "url": "https://andrea0.medium.com/analysis-of-cve-2024-56527-dbdab6962add", + "source": "cve@mitre.org" + }, { "url": "https://github.com/tecnickcom/TCPDF/commit/11778aaa2d9e30a9ae1c1ee97ff349344f0ad6e1", "source": "cve@mitre.org" diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56550.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56550.json new file mode 100644 index 00000000000..356583fdffc --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56550.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56550", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:13.737", + "lastModified": "2024-12-27T15:15:13.737", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/stacktrace: Use break instead of return statement\n\narch_stack_walk_user_common() contains a return statement instead of a\nbreak statement in case store_ip() fails while trying to store a callchain\nentry of a user space process.\nThis may lead to a missing pagefault_enable() call.\n\nIf this happens any subsequent page fault of the process won't be resolved\nby the page fault handler and this in turn will lead to the process being\nkilled.\n\nUse a break instead of a return statement to fix this." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/20c26357826457dc7c8145297e60ddc012e18914", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/588a9836a4ef7ec3bfcffda526dfa399637e6cfc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56551.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56551.json new file mode 100644 index 00000000000..ff83ade6bd2 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56551.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56551", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:13.850", + "lastModified": "2024-12-27T15:15:13.850", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix usage slab after free\n\n[ +0.000021] BUG: KASAN: slab-use-after-free in drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched]\n[ +0.000027] Read of size 8 at addr ffff8881b8605f88 by task amd_pci_unplug/2147\n\n[ +0.000023] CPU: 6 PID: 2147 Comm: amd_pci_unplug Not tainted 6.10.0+ #1\n[ +0.000016] Hardware name: ASUS System Product Name/ROG STRIX B550-F GAMING (WI-FI), BIOS 1401 12/03/2020\n[ +0.000016] Call Trace:\n[ +0.000008] \n[ +0.000009] dump_stack_lvl+0x76/0xa0\n[ +0.000017] print_report+0xce/0x5f0\n[ +0.000017] ? drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched]\n[ +0.000019] ? srso_return_thunk+0x5/0x5f\n[ +0.000015] ? kasan_complete_mode_report_info+0x72/0x200\n[ +0.000016] ? drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched]\n[ +0.000019] kasan_report+0xbe/0x110\n[ +0.000015] ? drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched]\n[ +0.000023] __asan_report_load8_noabort+0x14/0x30\n[ +0.000014] drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched]\n[ +0.000020] ? srso_return_thunk+0x5/0x5f\n[ +0.000013] ? __kasan_check_write+0x14/0x30\n[ +0.000016] ? __pfx_drm_sched_entity_flush+0x10/0x10 [gpu_sched]\n[ +0.000020] ? srso_return_thunk+0x5/0x5f\n[ +0.000013] ? __kasan_check_write+0x14/0x30\n[ +0.000013] ? srso_return_thunk+0x5/0x5f\n[ +0.000013] ? enable_work+0x124/0x220\n[ +0.000015] ? __pfx_enable_work+0x10/0x10\n[ +0.000013] ? srso_return_thunk+0x5/0x5f\n[ +0.000014] ? free_large_kmalloc+0x85/0xf0\n[ +0.000016] drm_sched_entity_destroy+0x18/0x30 [gpu_sched]\n[ +0.000020] amdgpu_vce_sw_fini+0x55/0x170 [amdgpu]\n[ +0.000735] ? __kasan_check_read+0x11/0x20\n[ +0.000016] vce_v4_0_sw_fini+0x80/0x110 [amdgpu]\n[ +0.000726] amdgpu_device_fini_sw+0x331/0xfc0 [amdgpu]\n[ +0.000679] ? mutex_unlock+0x80/0xe0\n[ +0.000017] ? __pfx_amdgpu_device_fini_sw+0x10/0x10 [amdgpu]\n[ +0.000662] ? srso_return_thunk+0x5/0x5f\n[ +0.000014] ? __kasan_check_write+0x14/0x30\n[ +0.000013] ? srso_return_thunk+0x5/0x5f\n[ +0.000013] ? mutex_unlock+0x80/0xe0\n[ +0.000016] amdgpu_driver_release_kms+0x16/0x80 [amdgpu]\n[ +0.000663] drm_minor_release+0xc9/0x140 [drm]\n[ +0.000081] drm_release+0x1fd/0x390 [drm]\n[ +0.000082] __fput+0x36c/0xad0\n[ +0.000018] __fput_sync+0x3c/0x50\n[ +0.000014] __x64_sys_close+0x7d/0xe0\n[ +0.000014] x64_sys_call+0x1bc6/0x2680\n[ +0.000014] do_syscall_64+0x70/0x130\n[ +0.000014] ? srso_return_thunk+0x5/0x5f\n[ +0.000014] ? irqentry_exit_to_user_mode+0x60/0x190\n[ +0.000015] ? srso_return_thunk+0x5/0x5f\n[ +0.000014] ? irqentry_exit+0x43/0x50\n[ +0.000012] ? srso_return_thunk+0x5/0x5f\n[ +0.000013] ? exc_page_fault+0x7c/0x110\n[ +0.000015] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ +0.000014] RIP: 0033:0x7ffff7b14f67\n[ +0.000013] Code: ff e8 0d 16 02 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 41 c3 48 83 ec 18 89 7c 24 0c e8 73 ba f7 ff\n[ +0.000026] RSP: 002b:00007fffffffe378 EFLAGS: 00000246 ORIG_RAX: 0000000000000003\n[ +0.000019] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ffff7b14f67\n[ +0.000014] RDX: 0000000000000000 RSI: 00007ffff7f6f47a RDI: 0000000000000003\n[ +0.000014] RBP: 00007fffffffe3a0 R08: 0000555555569890 R09: 0000000000000000\n[ +0.000014] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffffffe5c8\n[ +0.000013] R13: 00005555555552a9 R14: 0000555555557d48 R15: 00007ffff7ffd040\n[ +0.000020] \n\n[ +0.000016] Allocated by task 383 on cpu 7 at 26.880319s:\n[ +0.000014] kasan_save_stack+0x28/0x60\n[ +0.000008] kasan_save_track+0x18/0x70\n[ +0.000007] kasan_save_alloc_info+0x38/0x60\n[ +0.000007] __kasan_kmalloc+0xc1/0xd0\n[ +0.000007] kmalloc_trace_noprof+0x180/0x380\n[ +0.000007] drm_sched_init+0x411/0xec0 [gpu_sched]\n[ +0.000012] amdgpu_device_init+0x695f/0xa610 [amdgpu]\n[ +0.000658] amdgpu_driver_load_kms+0x1a/0x120 [amdgpu]\n[ +0.000662] amdgpu_pci_p\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/3990ef742c064e22189b954522930db04fc6b1a7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6383199ada42d30562b4249c393592a2a9c38165", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b61badd20b443eabe132314669bb51a263982e5c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56552.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56552.json new file mode 100644 index 00000000000..2c4fb73540a --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56552.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56552", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:13.970", + "lastModified": "2024-12-27T15:15:13.970", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/guc_submit: fix race around suspend_pending\n\nCurrently in some testcases we can trigger:\n\nxe 0000:03:00.0: [drm] Assertion `exec_queue_destroyed(q)` failed!\n....\nWARNING: CPU: 18 PID: 2640 at drivers/gpu/drm/xe/xe_guc_submit.c:1826 xe_guc_sched_done_handler+0xa54/0xef0 [xe]\nxe 0000:03:00.0: [drm] *ERROR* GT1: DEREGISTER_DONE: Unexpected engine state 0x00a1, guc_id=57\n\nLooking at a snippet of corresponding ftrace for this GuC id we can see:\n\n162.673311: xe_sched_msg_add: dev=0000:03:00.0, gt=1 guc_id=57, opcode=3\n162.673317: xe_sched_msg_recv: dev=0000:03:00.0, gt=1 guc_id=57, opcode=3\n162.673319: xe_exec_queue_scheduling_disable: dev=0000:03:00.0, 1:0x2, gt=1, width=1, guc_id=57, guc_state=0x29, flags=0x0\n162.674089: xe_exec_queue_kill: dev=0000:03:00.0, 1:0x2, gt=1, width=1, guc_id=57, guc_state=0x29, flags=0x0\n162.674108: xe_exec_queue_close: dev=0000:03:00.0, 1:0x2, gt=1, width=1, guc_id=57, guc_state=0xa9, flags=0x0\n162.674488: xe_exec_queue_scheduling_done: dev=0000:03:00.0, 1:0x2, gt=1, width=1, guc_id=57, guc_state=0xa9, flags=0x0\n162.678452: xe_exec_queue_deregister: dev=0000:03:00.0, 1:0x2, gt=1, width=1, guc_id=57, guc_state=0xa1, flags=0x0\n\nIt looks like we try to suspend the queue (opcode=3), setting\nsuspend_pending and triggering a disable_scheduling. The user then\ncloses the queue. However the close will also forcefully signal the\nsuspend fence after killing the queue, later when the G2H response for\ndisable_scheduling comes back we have now cleared suspend_pending when\nsignalling the suspend fence, so the disable_scheduling now incorrectly\ntries to also deregister the queue. This leads to warnings since the queue\nhas yet to even be marked for destruction. We also seem to trigger\nerrors later with trying to double unregister the same queue.\n\nTo fix this tweak the ordering when handling the response to ensure we\ndon't race with a disable_scheduling that didn't actually intend to\nperform an unregister. The destruction path should now also correctly\nwait for any pending_disable before marking as destroyed.\n\n(cherry picked from commit f161809b362f027b6d72bd998e47f8f0bad60a2e)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/5ddcb50b700221fa7d7be2adcb3d7d7afe8633dd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/87651f31ae4e6e6e7e6c7270b9b469405e747407", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56553.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56553.json new file mode 100644 index 00000000000..8741975e218 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56553.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56553", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:14.073", + "lastModified": "2024-12-27T15:15:14.073", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinder: fix memleak of proc->delivered_freeze\n\nIf a freeze notification is cleared with BC_CLEAR_FREEZE_NOTIFICATION\nbefore calling binder_freeze_notification_done(), then it is detached\nfrom its reference (e.g. ref->freeze) but the work remains queued in\nproc->delivered_freeze. This leads to a memory leak when the process\nexits as any pending entries in proc->delivered_freeze are not freed:\n\n unreferenced object 0xffff38e8cfa36180 (size 64):\n comm \"binder-util\", pid 655, jiffies 4294936641\n hex dump (first 32 bytes):\n b8 e9 9e c8 e8 38 ff ff b8 e9 9e c8 e8 38 ff ff .....8.......8..\n 0b 00 00 00 00 00 00 00 3c 1f 4b 00 00 00 00 00 ........<.K.....\n backtrace (crc 95983b32):\n [<000000000d0582cf>] kmemleak_alloc+0x34/0x40\n [<000000009c99a513>] __kmalloc_cache_noprof+0x208/0x280\n [<00000000313b1704>] binder_thread_write+0xdec/0x439c\n [<000000000cbd33bb>] binder_ioctl+0x1b68/0x22cc\n [<000000002bbedeeb>] __arm64_sys_ioctl+0x124/0x190\n [<00000000b439adee>] invoke_syscall+0x6c/0x254\n [<00000000173558fc>] el0_svc_common.constprop.0+0xac/0x230\n [<0000000084f72311>] do_el0_svc+0x40/0x58\n [<000000008b872457>] el0_svc+0x38/0x78\n [<00000000ee778653>] el0t_64_sync_handler+0x120/0x12c\n [<00000000a8ec61bf>] el0t_64_sync+0x190/0x194\n\nThis patch fixes the leak by ensuring that any pending entries in\nproc->delivered_freeze are freed during binder_deferred_release()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1db76ec2b4b206ff943e292a0b55e68ff3443598", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b8b77712142fb146fe18d2253bc8a798d522e427", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56554.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56554.json new file mode 100644 index 00000000000..bc68b1d4530 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56554.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56554", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:14.183", + "lastModified": "2024-12-27T15:15:14.183", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinder: fix freeze UAF in binder_release_work()\n\nWhen a binder reference is cleaned up, any freeze work queued in the\nassociated process should also be removed. Otherwise, the reference is\nfreed while its ref->freeze.work is still queued in proc->work leading\nto a use-after-free issue as shown by the following KASAN report:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in binder_release_work+0x398/0x3d0\n Read of size 8 at addr ffff31600ee91488 by task kworker/5:1/211\n\n CPU: 5 UID: 0 PID: 211 Comm: kworker/5:1 Not tainted 6.11.0-rc7-00382-gfc6c92196396 #22\n Hardware name: linux,dummy-virt (DT)\n Workqueue: events binder_deferred_func\n Call trace:\n binder_release_work+0x398/0x3d0\n binder_deferred_func+0xb60/0x109c\n process_one_work+0x51c/0xbd4\n worker_thread+0x608/0xee8\n\n Allocated by task 703:\n __kmalloc_cache_noprof+0x130/0x280\n binder_thread_write+0xdb4/0x42a0\n binder_ioctl+0x18f0/0x25ac\n __arm64_sys_ioctl+0x124/0x190\n invoke_syscall+0x6c/0x254\n\n Freed by task 211:\n kfree+0xc4/0x230\n binder_deferred_func+0xae8/0x109c\n process_one_work+0x51c/0xbd4\n worker_thread+0x608/0xee8\n ==================================================================\n\nThis commit fixes the issue by ensuring any queued freeze work is removed\nwhen cleaning up a binder reference." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/7e20434cbca814cb91a0a261ca0106815ef48e5f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fe39e0ea2d0ba7f508ff453c4c9a44a95ec0de29", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56555.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56555.json new file mode 100644 index 00000000000..60cdd559103 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56555.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56555", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:14.297", + "lastModified": "2024-12-27T15:15:14.297", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinder: fix OOB in binder_add_freeze_work()\n\nIn binder_add_freeze_work() we iterate over the proc->nodes with the\nproc->inner_lock held. However, this lock is temporarily dropped to\nacquire the node->lock first (lock nesting order). This can race with\nbinder_deferred_release() which removes the nodes from the proc->nodes\nrbtree and adds them into binder_dead_nodes list. This leads to a broken\niteration in binder_add_freeze_work() as rb_next() will use data from\nbinder_dead_nodes, triggering an out-of-bounds access:\n\n ==================================================================\n BUG: KASAN: global-out-of-bounds in rb_next+0xfc/0x124\n Read of size 8 at addr ffffcb84285f7170 by task freeze/660\n\n CPU: 8 UID: 0 PID: 660 Comm: freeze Not tainted 6.11.0-07343-ga727812a8d45 #18\n Hardware name: linux,dummy-virt (DT)\n Call trace:\n rb_next+0xfc/0x124\n binder_add_freeze_work+0x344/0x534\n binder_ioctl+0x1e70/0x25ac\n __arm64_sys_ioctl+0x124/0x190\n\n The buggy address belongs to the variable:\n binder_dead_nodes+0x10/0x40\n [...]\n ==================================================================\n\nThis is possible because proc->nodes (rbtree) and binder_dead_nodes\n(list) share entries in binder_node through a union:\n\n\tstruct binder_node {\n\t[...]\n\t\tunion {\n\t\t\tstruct rb_node rb_node;\n\t\t\tstruct hlist_node dead_node;\n\t\t};\n\nFix the race by checking that the proc is still alive. If not, simply\nbreak out of the iteration." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/011e69a1b23011c0db3af4b8293fdd4522cc97b0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6b1be1da1f8279cf091266e71b5153c5b02aaff6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56556.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56556.json new file mode 100644 index 00000000000..14451f2b737 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56556.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56556", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:14.410", + "lastModified": "2024-12-27T15:15:14.410", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinder: fix node UAF in binder_add_freeze_work()\n\nIn binder_add_freeze_work() we iterate over the proc->nodes with the\nproc->inner_lock held. However, this lock is temporarily dropped in\norder to acquire the node->lock first (lock nesting order). This can\nrace with binder_node_release() and trigger a use-after-free:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in _raw_spin_lock+0xe4/0x19c\n Write of size 4 at addr ffff53c04c29dd04 by task freeze/640\n\n CPU: 5 UID: 0 PID: 640 Comm: freeze Not tainted 6.11.0-07343-ga727812a8d45 #17\n Hardware name: linux,dummy-virt (DT)\n Call trace:\n _raw_spin_lock+0xe4/0x19c\n binder_add_freeze_work+0x148/0x478\n binder_ioctl+0x1e70/0x25ac\n __arm64_sys_ioctl+0x124/0x190\n\n Allocated by task 637:\n __kmalloc_cache_noprof+0x12c/0x27c\n binder_new_node+0x50/0x700\n binder_transaction+0x35ac/0x6f74\n binder_thread_write+0xfb8/0x42a0\n binder_ioctl+0x18f0/0x25ac\n __arm64_sys_ioctl+0x124/0x190\n\n Freed by task 637:\n kfree+0xf0/0x330\n binder_thread_read+0x1e88/0x3a68\n binder_ioctl+0x16d8/0x25ac\n __arm64_sys_ioctl+0x124/0x190\n ==================================================================\n\nFix the race by taking a temporary reference on the node before\nreleasing the proc->inner lock. This ensures the node remains alive\nwhile in use." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/38fbefeb2c140b581ed7de8117a5c90d6dd89c22", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dc8aea47b928cc153b591b3558829ce42f685074", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56557.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56557.json new file mode 100644 index 00000000000..4ec5d4a5b10 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56557.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-56557", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:14.520", + "lastModified": "2024-12-27T15:15:14.520", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer\n\nThe AD7923 was updated to support devices with 8 channels, but the size\nof tx_buf and ring_xfer was not increased accordingly, leading to a\npotential buffer overflow in ad7923_update_scan_mode()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/00663d3e000c31d0d49ef86a809f5c107c2d09cd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/218ecc35949129171ca39bcc0d407c8dc4cd0bbc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3a4187ec454e19903fd15f6e1825a4b84e59a4cd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e5cac32721997cb8bcb208a29f4598b3faf46338", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56558.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56558.json new file mode 100644 index 00000000000..24a9eb1422c --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56558.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56558", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:14.633", + "lastModified": "2024-12-27T15:15:14.633", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: make sure exp active before svc_export_show\n\nThe function `e_show` was called with protection from RCU. This only\nensures that `exp` will not be freed. Therefore, the reference count for\n`exp` can drop to zero, which will trigger a refcount use-after-free\nwarning when `exp_get` is called. To resolve this issue, use\n`cache_get_rcu` to ensure that `exp` remains active.\n\n------------[ cut here ]------------\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 3 PID: 819 at lib/refcount.c:25\nrefcount_warn_saturate+0xb1/0x120\nCPU: 3 UID: 0 PID: 819 Comm: cat Not tainted 6.12.0-rc3+ #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb1/0x120\n...\nCall Trace:\n \n e_show+0x20b/0x230 [nfsd]\n seq_read_iter+0x589/0x770\n seq_read+0x1e5/0x270\n vfs_read+0x125/0x530\n ksys_read+0xc1/0x160\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1cecfdbc6bfc89c516d286884c7f29267b95de2b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6cefcadd34e3c71c81ea64b899a0daa86314a51a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7365d1f8de63cffdbbaa2287ce0205438e1a922f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7d8f7816bebcd2e7400bb4d786eccb8f33c9f9ec", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7fd29d284b55c2274f7a748e6c5f25b4758b8da5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/be8f982c369c965faffa198b46060f8853e0f1f0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e2fa0d0e327279a8defb87b263cd0bf288fd9261", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56559.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56559.json new file mode 100644 index 00000000000..d59db7e6f10 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56559.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56559", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:14.760", + "lastModified": "2024-12-27T15:15:14.760", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/vmalloc: combine all TLB flush operations of KASAN shadow virtual address into one operation\n\nWhen compiling kernel source 'make -j $(nproc)' with the up-and-running\nKASAN-enabled kernel on a 256-core machine, the following soft lockup is\nshown:\n\nwatchdog: BUG: soft lockup - CPU#28 stuck for 22s! [kworker/28:1:1760]\nCPU: 28 PID: 1760 Comm: kworker/28:1 Kdump: loaded Not tainted 6.10.0-rc5 #95\nWorkqueue: events drain_vmap_area_work\nRIP: 0010:smp_call_function_many_cond+0x1d8/0xbb0\nCode: 38 c8 7c 08 84 c9 0f 85 49 08 00 00 8b 45 08 a8 01 74 2e 48 89 f1 49 89 f7 48 c1 e9 03 41 83 e7 07 4c 01 e9 41 83 c7 03 f3 90 <0f> b6 01 41 38 c7 7c 08 84 c0 0f 85 d4 06 00 00 8b 45 08 a8 01 75\nRSP: 0018:ffffc9000cb3fb60 EFLAGS: 00000202\nRAX: 0000000000000011 RBX: ffff8883bc4469c0 RCX: ffffed10776e9949\nRDX: 0000000000000002 RSI: ffff8883bb74ca48 RDI: ffffffff8434dc50\nRBP: ffff8883bb74ca40 R08: ffff888103585dc0 R09: ffff8884533a1800\nR10: 0000000000000004 R11: ffffffffffffffff R12: ffffed1077888d39\nR13: dffffc0000000000 R14: ffffed1077888d38 R15: 0000000000000003\nFS: 0000000000000000(0000) GS:ffff8883bc400000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005577b5c8d158 CR3: 0000000004850000 CR4: 0000000000350ef0\nCall Trace:\n \n ? watchdog_timer_fn+0x2cd/0x390\n ? __pfx_watchdog_timer_fn+0x10/0x10\n ? __hrtimer_run_queues+0x300/0x6d0\n ? sched_clock_cpu+0x69/0x4e0\n ? __pfx___hrtimer_run_queues+0x10/0x10\n ? srso_return_thunk+0x5/0x5f\n ? ktime_get_update_offsets_now+0x7f/0x2a0\n ? srso_return_thunk+0x5/0x5f\n ? srso_return_thunk+0x5/0x5f\n ? hrtimer_interrupt+0x2ca/0x760\n ? __sysvec_apic_timer_interrupt+0x8c/0x2b0\n ? sysvec_apic_timer_interrupt+0x6a/0x90\n \n \n ? asm_sysvec_apic_timer_interrupt+0x16/0x20\n ? smp_call_function_many_cond+0x1d8/0xbb0\n ? __pfx_do_kernel_range_flush+0x10/0x10\n on_each_cpu_cond_mask+0x20/0x40\n flush_tlb_kernel_range+0x19b/0x250\n ? srso_return_thunk+0x5/0x5f\n ? kasan_release_vmalloc+0xa7/0xc0\n purge_vmap_node+0x357/0x820\n ? __pfx_purge_vmap_node+0x10/0x10\n __purge_vmap_area_lazy+0x5b8/0xa10\n drain_vmap_area_work+0x21/0x30\n process_one_work+0x661/0x10b0\n worker_thread+0x844/0x10e0\n ? srso_return_thunk+0x5/0x5f\n ? __kthread_parkme+0x82/0x140\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x2a5/0x370\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x30/0x70\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \n\nDebugging Analysis:\n\n 1. The following ftrace log shows that the lockup CPU spends too much\n time iterating vmap_nodes and flushing TLB when purging vm_area\n structures. (Some info is trimmed).\n\n kworker: funcgraph_entry: | drain_vmap_area_work() {\n kworker: funcgraph_entry: | mutex_lock() {\n kworker: funcgraph_entry: 1.092 us | __cond_resched();\n kworker: funcgraph_exit: 3.306 us | }\n ... ...\n kworker: funcgraph_entry: | flush_tlb_kernel_range() {\n ... ...\n kworker: funcgraph_exit: # 7533.649 us | }\n ... ...\n kworker: funcgraph_entry: 2.344 us | mutex_unlock();\n kworker: funcgraph_exit: $ 23871554 us | }\n\n The drain_vmap_area_work() spends over 23 seconds.\n\n There are 2805 flush_tlb_kernel_range() calls in the ftrace log.\n * One is called in __purge_vmap_area_lazy().\n * Others are called by purge_vmap_node->kasan_release_vmalloc.\n purge_vmap_node() iteratively releases kasan vmalloc\n allocations and flushes TLB for each vmap_area.\n - [Rough calculation] Each flush_tlb_kernel_range() runs\n about 7.5ms.\n -- 2804 * 7.5ms = 21.03 seconds.\n -- That's why a soft lock is triggered.\n\n 2. Extending the soft lockup time can work around the issue (For example,\n # echo\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/9e9e085effe9b7e342138fde3cf8577d22509932", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f9a18889aad9b4c19c6c4550c67ad4f9ed2a354f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56560.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56560.json new file mode 100644 index 00000000000..45f2e40c303 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56560.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56560", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:14.873", + "lastModified": "2024-12-27T15:15:14.873", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nslab: Fix too strict alignment check in create_cache()\n\nOn m68k, where the minimum alignment of unsigned long is 2 bytes:\n\n Kernel panic - not syncing: __kmem_cache_create_args: Failed to create slab 'io_kiocb'. Error -22\n CPU: 0 UID: 0 PID: 1 Comm: swapper Not tainted 6.12.0-atari-03776-g7eaa1f99261a #1783\n Stack from 0102fe5c:\n\t 0102fe5c 00514a2b 00514a2b ffffff00 00000001 0051f5ed 00425e78 00514a2b\n\t 0041eb74 ffffffea 00000310 0051f5ed ffffffea ffffffea 00601f60 00000044\n\t 0102ff20 000e7a68 0051ab8e 004383b8 0051f5ed ffffffea 000000b8 00000007\n\t 01020c00 00000000 000e77f0 0041e5f0 005f67c0 0051f5ed 000000b6 0102fef4\n\t 00000310 0102fef4 00000000 00000016 005f676c 0060a34c 00000010 00000004\n\t 00000038 0000009a 01000000 000000b8 005f668e 0102e000 00001372 0102ff88\n Call Trace: [<00425e78>] dump_stack+0xc/0x10\n [<0041eb74>] panic+0xd8/0x26c\n [<000e7a68>] __kmem_cache_create_args+0x278/0x2e8\n [<000e77f0>] __kmem_cache_create_args+0x0/0x2e8\n [<0041e5f0>] memset+0x0/0x8c\n [<005f67c0>] io_uring_init+0x54/0xd2\n\nThe minimal alignment of an integral type may differ from its size,\nhence is not safe to assume that an arbitrary freeptr_t (which is\nbasically an unsigned long) is always aligned to 4 or 8 bytes.\n\nAs nothing seems to require the additional alignment, it is safe to fix\nthis by relaxing the check to the actual minimum alignment of freeptr_t." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/8b5aea5e5186733fa4e5aa4293b0a65a933f1a16", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9008fe8fad8255edfdbecea32d7eb0485d939d0d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56561.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56561.json new file mode 100644 index 00000000000..51e3ef78fea --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56561.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56561", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:14.983", + "lastModified": "2024-12-27T15:15:14.983", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: endpoint: Fix PCI domain ID release in pci_epc_destroy()\n\npci_epc_destroy() invokes pci_bus_release_domain_nr() to release the PCI\ndomain ID, but there are two issues:\n\n - 'epc->dev' is passed to pci_bus_release_domain_nr() which was already\n freed by device_unregister(), leading to a use-after-free issue.\n\n - Domain ID corresponds to the EPC device parent, so passing 'epc->dev'\n is also wrong.\n\nFix these issues by passing 'epc->dev.parent' to\npci_bus_release_domain_nr() and also do it before device_unregister().\n\n[mani: reworded subject and description]" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/4acc902ed3743edd4ac2d3846604a99d17104359", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c74a1df6c2a2df7dd45c3fc1a5edc29a075dcf22", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56562.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56562.json new file mode 100644 index 00000000000..5297bb07879 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56562.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56562", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:15.087", + "lastModified": "2024-12-27T15:15:15.087", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs()\n\nif (dev->boardinfo && dev->boardinfo->init_dyn_addr)\n ^^^ here check \"init_dyn_addr\"\n\ti3c_bus_set_addr_slot_status(&master->bus, dev->info.dyn_addr, ...)\n\t\t\t\t\t\t ^^^^\n\t\t\t\t\t\t\tfree \"dyn_addr\"\nFix copy/paste error \"dyn_addr\" by replacing it with \"init_dyn_addr\"." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/093ecc6d82ff1d2e0cbf6f2000438b6c698145cb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/0cb21f1ea3a2e19ee314a8fcf95461b5c453c59e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/0e8ab955c6d06f9d907761c07c02d1492f0a8ac1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3082990592f7c6d7510a9133afa46e31bbe26533", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/991e33a99fd3b5d432f0629565f532f563fe019a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c2f0ce241154b04f2fc150ff16ad82d9b8fdfa4a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ce30d11b39e8d637fed4704a5b43e9d556990475", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56563.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56563.json new file mode 100644 index 00000000000..a4bdd70539d --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56563.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56563", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:15.197", + "lastModified": "2024-12-27T15:15:15.197", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: fix cred leak in ceph_mds_check_access()\n\nget_current_cred() increments the reference counter, but the\nput_cred() call was missing." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/c5cf420303256dcd6ff175643e9e9558543c2047", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e3d1c9e2b811f13bdbbb962c2b17a6091c28522c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56564.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56564.json new file mode 100644 index 00000000000..c9f9b34431d --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56564.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56564", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:15.297", + "lastModified": "2024-12-27T15:15:15.297", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: pass cred pointer to ceph_mds_auth_match()\n\nThis eliminates a redundant get_current_cred() call, because\nceph_mds_check_access() has already obtained this pointer.\n\nAs a side effect, this also fixes a reference leak in\nceph_mds_auth_match(): by omitting the get_current_cred() call, no\nadditional cred reference is taken." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/23426309a4064b25a961e1c72961d8bfc7c8c990", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ffa6ba7bdb7f07f49c9e9150b0176df066520f62", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56565.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56565.json new file mode 100644 index 00000000000..0e7e690f551 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56565.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56565", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:15.400", + "lastModified": "2024-12-27T15:15:15.400", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to drop all discards after creating snapshot on lvm device\n\nPiergiorgio reported a bug in bugzilla as below:\n\n------------[ cut here ]------------\nWARNING: CPU: 2 PID: 969 at fs/f2fs/segment.c:1330\nRIP: 0010:__submit_discard_cmd+0x27d/0x400 [f2fs]\nCall Trace:\n __issue_discard_cmd+0x1ca/0x350 [f2fs]\n issue_discard_thread+0x191/0x480 [f2fs]\n kthread+0xcf/0x100\n ret_from_fork+0x31/0x50\n ret_from_fork_asm+0x1a/0x30\n\nw/ below testcase, it can reproduce this bug quickly:\n- pvcreate /dev/vdb\n- vgcreate myvg1 /dev/vdb\n- lvcreate -L 1024m -n mylv1 myvg1\n- mount /dev/myvg1/mylv1 /mnt/f2fs\n- dd if=/dev/zero of=/mnt/f2fs/file bs=1M count=20\n- sync\n- rm /mnt/f2fs/file\n- sync\n- lvcreate -L 1024m -s -n mylv1-snapshot /dev/myvg1/mylv1\n- umount /mnt/f2fs\n\nThe root cause is: it will update discard_max_bytes of mounted lvm\ndevice to zero after creating snapshot on this lvm device, then,\n__submit_discard_cmd() will pass parameter @nr_sects w/ zero value\nto __blkdev_issue_discard(), it returns a NULL bio pointer, result\nin panic.\n\nThis patch changes as below for fixing:\n1. Let's drop all remained discards in f2fs_unfreeze() if snapshot\nof lvm device is created.\n2. Checking discard_max_bytes before submitting discard during\n__submit_discard_cmd()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/15136c3861a3341db261ebdbb6ae4ae1765635e2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bc8aeb04fd80cb8cfae3058445c84410fd0beb5e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ed24ab98242f8d22b66fbe0452c97751b5ea4e22", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56566.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56566.json new file mode 100644 index 00000000000..24374e5ec6a --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56566.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56566", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:15.517", + "lastModified": "2024-12-27T15:15:15.517", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/slub: Avoid list corruption when removing a slab from the full list\n\nBoot with slub_debug=UFPZ.\n\nIf allocated object failed in alloc_consistency_checks, all objects of\nthe slab will be marked as used, and then the slab will be removed from\nthe partial list.\n\nWhen an object belonging to the slab got freed later, the remove_full()\nfunction is called. Because the slab is neither on the partial list nor\non the full list, it eventually lead to a list corruption (actually a\nlist poison being detected).\n\nSo we need to mark and isolate the slab page with metadata corruption,\ndo not put it back in circulation.\n\nBecause the debug caches avoid all the fastpaths, reusing the frozen bit\nto mark slab page with metadata corruption seems to be fine.\n\n[ 4277.385669] list_del corruption, ffffea00044b3e50->next is LIST_POISON1 (dead000000000100)\n[ 4277.387023] ------------[ cut here ]------------\n[ 4277.387880] kernel BUG at lib/list_debug.c:56!\n[ 4277.388680] invalid opcode: 0000 [#1] PREEMPT SMP PTI\n[ 4277.389562] CPU: 5 PID: 90 Comm: kworker/5:1 Kdump: loaded Tainted: G OE 6.6.1-1 #1\n[ 4277.392113] Workqueue: xfs-inodegc/vda1 xfs_inodegc_worker [xfs]\n[ 4277.393551] RIP: 0010:__list_del_entry_valid_or_report+0x7b/0xc0\n[ 4277.394518] Code: 48 91 82 e8 37 f9 9a ff 0f 0b 48 89 fe 48 c7 c7 28 49 91 82 e8 26 f9 9a ff 0f 0b 48 89 fe 48 c7 c7 58 49 91\n[ 4277.397292] RSP: 0018:ffffc90000333b38 EFLAGS: 00010082\n[ 4277.398202] RAX: 000000000000004e RBX: ffffea00044b3e50 RCX: 0000000000000000\n[ 4277.399340] RDX: 0000000000000002 RSI: ffffffff828f8715 RDI: 00000000ffffffff\n[ 4277.400545] RBP: ffffea00044b3e40 R08: 0000000000000000 R09: ffffc900003339f0\n[ 4277.401710] R10: 0000000000000003 R11: ffffffff82d44088 R12: ffff888112cf9910\n[ 4277.402887] R13: 0000000000000001 R14: 0000000000000001 R15: ffff8881000424c0\n[ 4277.404049] FS: 0000000000000000(0000) GS:ffff88842fd40000(0000) knlGS:0000000000000000\n[ 4277.405357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 4277.406389] CR2: 00007f2ad0b24000 CR3: 0000000102a3a006 CR4: 00000000007706e0\n[ 4277.407589] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 4277.408780] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 4277.410000] PKRU: 55555554\n[ 4277.410645] Call Trace:\n[ 4277.411234] \n[ 4277.411777] ? die+0x32/0x80\n[ 4277.412439] ? do_trap+0xd6/0x100\n[ 4277.413150] ? __list_del_entry_valid_or_report+0x7b/0xc0\n[ 4277.414158] ? do_error_trap+0x6a/0x90\n[ 4277.414948] ? __list_del_entry_valid_or_report+0x7b/0xc0\n[ 4277.415915] ? exc_invalid_op+0x4c/0x60\n[ 4277.416710] ? __list_del_entry_valid_or_report+0x7b/0xc0\n[ 4277.417675] ? asm_exc_invalid_op+0x16/0x20\n[ 4277.418482] ? __list_del_entry_valid_or_report+0x7b/0xc0\n[ 4277.419466] ? __list_del_entry_valid_or_report+0x7b/0xc0\n[ 4277.420410] free_to_partial_list+0x515/0x5e0\n[ 4277.421242] ? xfs_iext_remove+0x41a/0xa10 [xfs]\n[ 4277.422298] xfs_iext_remove+0x41a/0xa10 [xfs]\n[ 4277.423316] ? xfs_inodegc_worker+0xb4/0x1a0 [xfs]\n[ 4277.424383] xfs_bmap_del_extent_delay+0x4fe/0x7d0 [xfs]\n[ 4277.425490] __xfs_bunmapi+0x50d/0x840 [xfs]\n[ 4277.426445] xfs_itruncate_extents_flags+0x13a/0x490 [xfs]\n[ 4277.427553] xfs_inactive_truncate+0xa3/0x120 [xfs]\n[ 4277.428567] xfs_inactive+0x22d/0x290 [xfs]\n[ 4277.429500] xfs_inodegc_worker+0xb4/0x1a0 [xfs]\n[ 4277.430479] process_one_work+0x171/0x340\n[ 4277.431227] worker_thread+0x277/0x390\n[ 4277.431962] ? __pfx_worker_thread+0x10/0x10\n[ 4277.432752] kthread+0xf0/0x120\n[ 4277.433382] ? __pfx_kthread+0x10/0x10\n[ 4277.434134] ret_from_fork+0x2d/0x50\n[ 4277.434837] ? __pfx_kthread+0x10/0x10\n[ 4277.435566] ret_from_fork_asm+0x1b/0x30\n[ 4277.436280] " + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/33a213c04faff6c3a7fe77e947db81bc7270fe32", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/943c0f601cd28c1073b92b5f944c6c6c2643e709", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dbc16915279a548a204154368da23d402c141c81", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56567.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56567.json new file mode 100644 index 00000000000..51d4d4bb39f --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56567.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56567", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:15.630", + "lastModified": "2024-12-27T15:15:15.630", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nad7780: fix division by zero in ad7780_write_raw()\n\nIn the ad7780_write_raw() , val2 can be zero, which might lead to a\ndivision by zero error in DIV_ROUND_CLOSEST(). The ad7780_write_raw()\nis based on iio_info's write_raw. While val is explicitly declared that\ncan be zero (in read mode), val2 is not specified to be non-zero." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/022e13518ba6cc1b4fdd291f49e4f57b2d5718e0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/18fb33df1de83a014d7f784089f9b124facc157f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/68e79b848196a0b0ec006009cc69da1f835d1ae8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7e3a8ea3d1ada7f707de5d9d504774b4191eab66", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/afc1e3c00b3f5f0b4f1bc3e974fb9803cb938a90", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c174b53e95adf2eece2afc56cd9798374919f99a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f25a9f1df1f6738acf1fa05595fb6060a2c08ff1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56568.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56568.json new file mode 100644 index 00000000000..db34744f45c --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56568.json @@ -0,0 +1,41 @@ +{ + "id": "CVE-2024-56568", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:15.733", + "lastModified": "2024-12-27T15:15:15.733", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/arm-smmu: Defer probe of clients after smmu device bound\n\nNull pointer dereference occurs due to a race between smmu\ndriver probe and client driver probe, when of_dma_configure()\nfor client is called after the iommu_device_register() for smmu driver\nprobe has executed but before the driver_bound() for smmu driver\nhas been called.\n\nFollowing is how the race occurs:\n\nT1:Smmu device probe\t\tT2: Client device probe\n\nreally_probe()\narm_smmu_device_probe()\niommu_device_register()\n\t\t\t\t\treally_probe()\n\t\t\t\t\tplatform_dma_configure()\n\t\t\t\t\tof_dma_configure()\n\t\t\t\t\tof_dma_configure_id()\n\t\t\t\t\tof_iommu_configure()\n\t\t\t\t\tiommu_probe_device()\n\t\t\t\t\tiommu_init_device()\n\t\t\t\t\tarm_smmu_probe_device()\n\t\t\t\t\tarm_smmu_get_by_fwnode()\n\t\t\t\t\t\tdriver_find_device_by_fwnode()\n\t\t\t\t\t\tdriver_find_device()\n\t\t\t\t\t\tnext_device()\n\t\t\t\t\t\tklist_next()\n\t\t\t\t\t\t /* null ptr\n\t\t\t\t\t\t assigned to smmu */\n\t\t\t\t\t/* null ptr dereference\n\t\t\t\t\t while smmu->streamid_mask */\ndriver_bound()\n\tklist_add_tail()\n\nWhen this null smmu pointer is dereferenced later in\narm_smmu_probe_device, the device crashes.\n\nFix this by deferring the probe of the client device\nuntil the smmu device has bound to the arm smmu driver.\n\n[will: Add comment]" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/229e6ee43d2a160a1592b83aad620d6027084aad", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4a9485918a042e3114890dfbe19839a1897f8b2c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5018696b19bc6c021e934a8a59f4b1dd8c0ac9f8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c2527d07c7e9cda2c6165d5edccf74752baac1b0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dc02407ea952e20c544a078a6be2e6f008327973", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f8f794f387ad21c4696e5cd0626cb6f8a5f6aea5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56569.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56569.json new file mode 100644 index 00000000000..58c64801e89 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56569.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56569", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:15.840", + "lastModified": "2024-12-27T15:15:15.840", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Fix regression with module command in stack_trace_filter\n\nWhen executing the following command:\n\n # echo \"write*:mod:ext3\" > /sys/kernel/tracing/stack_trace_filter\n\nThe current mod command causes a null pointer dereference. While commit\n0f17976568b3f (\"ftrace: Fix regression with module command in stack_trace_filter\")\nhas addressed part of the issue, it left a corner case unhandled, which still\nresults in a kernel crash." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/19cacabdd5a8487ae566cbecb4d03bcb038a067e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/43ca32ce12888fb0eeb2d74dfc558dea60d3473e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/45af52e7d3b8560f21d139b3759735eead8b1653", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5dabb7af57bc72308a6e2e81a5dd756eef283803", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7ae27880de3482e063fcc1f72d9a298d0d391407", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/885109aa0c70639527dd6a65c82e63c9ac055e3d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8a92dc4df89c50bdb26667419ea70e0abbce456e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56570.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56570.json new file mode 100644 index 00000000000..62a65314c75 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56570.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56570", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:15.963", + "lastModified": "2024-12-27T15:15:15.963", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: Filter invalid inodes with missing lookup function\n\nAdd a check to the ovl_dentry_weird() function to prevent the\nprocessing of directory inodes that lack the lookup function.\nThis is important because such inodes can cause errors in overlayfs\nwhen passed to the lowerstack." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/065bf5dd21639f80e68450de16bda829784dbb8c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5f86e79c0b2287ffdabe6c1b305a36c4e0f40fe3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/72014e7745cc8250bb8f27bd78694dfd3f1b5773", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/749eac5a6687ec99116e0691d0d71225254654e3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c8b359dddb418c60df1a69beea01d1b3322bfe83", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f9248e2f73fb4afe08324485e98c815ac084d166", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ff43d008bbf9b27ada434d6455f039a5ef6cee53", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56571.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56571.json new file mode 100644 index 00000000000..842d82c7db9 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56571.json @@ -0,0 +1,41 @@ +{ + "id": "CVE-2024-56571", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:16.077", + "lastModified": "2024-12-27T15:15:16.077", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Require entities to have a non-zero unique ID\n\nPer UVC 1.1+ specification 3.7.2, units and terminals must have a non-zero\nunique ID.\n\n```\nEach Unit and Terminal within the video function is assigned a unique\nidentification number, the Unit ID (UID) or Terminal ID (TID), contained in\nthe bUnitID or bTerminalID field of the descriptor. The value 0x00 is\nreserved for undefined ID,\n```\n\nSo, deny allocating an entity with ID 0 or an ID that belongs to a unit\nthat is already added to the list of entities.\n\nThis also prevents some syzkaller reproducers from triggering warnings due\nto a chain of entities referring to themselves. In one particular case, an\nOutput Unit is connected to an Input Unit, both with the same ID of 1. But\nwhen looking up for the source ID of the Output Unit, that same entity is\nfound instead of the input entity, which leads to such warnings.\n\nIn another case, a backward chain was considered finished as the source ID\nwas 0. Later on, that entity was found, but its pads were not valid.\n\nHere is a sample stack trace for one of those cases.\n\n[ 20.650953] usb 1-1: new high-speed USB device number 2 using dummy_hcd\n[ 20.830206] usb 1-1: Using ep0 maxpacket: 8\n[ 20.833501] usb 1-1: config 0 descriptor??\n[ 21.038518] usb 1-1: string descriptor 0 read error: -71\n[ 21.038893] usb 1-1: Found UVC 0.00 device (2833:0201)\n[ 21.039299] uvcvideo 1-1:0.0: Entity type for entity Output 1 was not initialized!\n[ 21.041583] uvcvideo 1-1:0.0: Entity type for entity Input 1 was not initialized!\n[ 21.042218] ------------[ cut here ]------------\n[ 21.042536] WARNING: CPU: 0 PID: 9 at drivers/media/mc/mc-entity.c:1147 media_create_pad_link+0x2c4/0x2e0\n[ 21.043195] Modules linked in:\n[ 21.043535] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:1 Not tainted 6.11.0-rc7-00030-g3480e43aeccf #444\n[ 21.044101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n[ 21.044639] Workqueue: usb_hub_wq hub_event\n[ 21.045100] RIP: 0010:media_create_pad_link+0x2c4/0x2e0\n[ 21.045508] Code: fe e8 20 01 00 00 b8 f4 ff ff ff 48 83 c4 30 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 0f 0b eb e9 0f 0b eb 0a 0f 0b eb 06 <0f> 0b eb 02 0f 0b b8 ea ff ff ff eb d4 66 2e 0f 1f 84 00 00 00 00\n[ 21.046801] RSP: 0018:ffffc9000004b318 EFLAGS: 00010246\n[ 21.047227] RAX: ffff888004e5d458 RBX: 0000000000000000 RCX: ffffffff818fccf1\n[ 21.047719] RDX: 000000000000007b RSI: 0000000000000000 RDI: ffff888004313290\n[ 21.048241] RBP: ffff888004313290 R08: 0001ffffffffffff R09: 0000000000000000\n[ 21.048701] R10: 0000000000000013 R11: 0001888004313290 R12: 0000000000000003\n[ 21.049138] R13: ffff888004313080 R14: ffff888004313080 R15: 0000000000000000\n[ 21.049648] FS: 0000000000000000(0000) GS:ffff88803ec00000(0000) knlGS:0000000000000000\n[ 21.050271] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 21.050688] CR2: 0000592cc27635b0 CR3: 000000000431c000 CR4: 0000000000750ef0\n[ 21.051136] PKRU: 55555554\n[ 21.051331] Call Trace:\n[ 21.051480] \n[ 21.051611] ? __warn+0xc4/0x210\n[ 21.051861] ? media_create_pad_link+0x2c4/0x2e0\n[ 21.052252] ? report_bug+0x11b/0x1a0\n[ 21.052540] ? trace_hardirqs_on+0x31/0x40\n[ 21.052901] ? handle_bug+0x3d/0x70\n[ 21.053197] ? exc_invalid_op+0x1a/0x50\n[ 21.053511] ? asm_exc_invalid_op+0x1a/0x20\n[ 21.053924] ? media_create_pad_link+0x91/0x2e0\n[ 21.054364] ? media_create_pad_link+0x2c4/0x2e0\n[ 21.054834] ? media_create_pad_link+0x91/0x2e0\n[ 21.055131] ? _raw_spin_unlock+0x1e/0x40\n[ 21.055441] ? __v4l2_device_register_subdev+0x202/0x210\n[ 21.055837] uvc_mc_register_entities+0x358/0x400\n[ 21.056144] uvc_register_chains+0x1fd/0x290\n[ 21.056413] uvc_probe+0x380e/0x3dc0\n[ 21.056676] ? __lock_acquire+0x5aa/0x26e0\n[ 21.056946] ? find_held_lock+0x33/0xa0\n[ 21.057196] ? kernfs_activate+0x70/0x80\n[ 21.057533] ? usb_match_dy\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/19464d73225224dca31e2fd6e7d6418facf5facb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3dd075fe8ebbc6fcbf998f81a75b8c4b159a6195", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4f74bd307f078c0605b9f6f1edb8337dee35fa2e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/72ed66623953106d15825513c82533a03ba29ecd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b11813bc2f4eee92695075148c9ba996f54feeba", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bde4e7c1527151b596089b3f984818ab537eeb7f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56572.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56572.json new file mode 100644 index 00000000000..6575011db26 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56572.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56572", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:16.210", + "lastModified": "2024-12-27T15:15:16.210", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: platform: allegro-dvt: Fix possible memory leak in allocate_buffers_internal()\n\nThe buffer in the loop should be released under the exception path,\notherwise there may be a memory leak here.\n\nTo mitigate this, free the buffer when allegro_alloc_buffer fails." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0f514068fbc5d4d189c817adc7c4e32cffdc2e47", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/17e5613666209be4e5be1f1894f1a6014a8a0658", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/64f72a738864b506ab50b4a6cb3ce3c3e04b71af", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6712a28a4f923ffdf51cff267ad05a634ee1babc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/74a65313578b35e1239966adfa7ac2bdd60caf00", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/891b5790bee8fc6ddba17874dd87a646128d0b99", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cf642904be39ae0d441dbdfa8f485e0a46260be4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56573.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56573.json new file mode 100644 index 00000000000..20d14e46eeb --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56573.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56573", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:16.320", + "lastModified": "2024-12-27T15:15:16.320", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi/libstub: Free correct pointer on failure\n\ncmdline_ptr is an out parameter, which is not allocated by the function\nitself, and likely points into the caller's stack.\n\ncmdline refers to the pool allocation that should be freed when cleaning\nup after a failure, so pass this instead to free_pool()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/06d39d79cbd5a91a33707951ebf2512d0e759847", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d173aee5709bd0994d216d60589ec67f8b11376a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/eaafbcf0a5782ae412ca7de12ef83fc48ccea4cf", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56574.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56574.json new file mode 100644 index 00000000000..673f091c8c8 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56574.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56574", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:16.420", + "lastModified": "2024-12-27T15:15:16.420", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ts2020: fix null-ptr-deref in ts2020_probe()\n\nKASAN reported a null-ptr-deref issue when executing the following\ncommand:\n\n # echo ts2020 0x20 > /sys/bus/i2c/devices/i2c-0/new_device\n KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]\n CPU: 53 UID: 0 PID: 970 Comm: systemd-udevd Not tainted 6.12.0-rc2+ #24\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009)\n RIP: 0010:ts2020_probe+0xad/0xe10 [ts2020]\n RSP: 0018:ffffc9000abbf598 EFLAGS: 00010202\n RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffffc0714809\n RDX: 0000000000000002 RSI: ffff88811550be00 RDI: 0000000000000010\n RBP: ffff888109868800 R08: 0000000000000001 R09: fffff52001577eb6\n R10: 0000000000000000 R11: ffffc9000abbff50 R12: ffffffffc0714790\n R13: 1ffff92001577eb8 R14: ffffffffc07190d0 R15: 0000000000000001\n FS: 00007f95f13b98c0(0000) GS:ffff888149280000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000555d2634b000 CR3: 0000000152236000 CR4: 00000000000006f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \n ts2020_probe+0xad/0xe10 [ts2020]\n i2c_device_probe+0x421/0xb40\n really_probe+0x266/0x850\n ...\n\nThe cause of the problem is that when using sysfs to dynamically register\nan i2c device, there is no platform data, but the probe process of ts2020\nneeds to use platform data, resulting in a null pointer being accessed.\n\nSolve this problem by adding checks to platform data." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/4a058b34b52ed3feb1f3ff6fd26aefeeeed20cba", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5a53f97cd5977911850b695add057f9965c1a2d6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/901070571bc191d1d8d7a1379bc5ba9446200999", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a2ed3b780f34e4a6403064208bc2c99d1ed85026", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b6208d1567f929105011bcdfd738f59a6bdc1088", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ced1c04e82e3ecc246b921b9733f0df0866aa50d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dc03866b5f4aa2668946f8384a1e5286ae53bbaa", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56575.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56575.json new file mode 100644 index 00000000000..3f6f94e71be --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56575.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2024-56575", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:16.537", + "lastModified": "2024-12-27T15:15:16.537", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imx-jpeg: Ensure power suppliers be suspended before detach them\n\nThe power suppliers are always requested to suspend asynchronously,\ndev_pm_domain_detach() requires the caller to ensure proper\nsynchronization of this function with power management callbacks.\notherwise the detach may led to kernel panic, like below:\n\n[ 1457.107934] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000040\n[ 1457.116777] Mem abort info:\n[ 1457.119589] ESR = 0x0000000096000004\n[ 1457.123358] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 1457.128692] SET = 0, FnV = 0\n[ 1457.131764] EA = 0, S1PTW = 0\n[ 1457.134920] FSC = 0x04: level 0 translation fault\n[ 1457.139812] Data abort info:\n[ 1457.142707] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n[ 1457.148196] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 1457.153256] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 1457.158563] user pgtable: 4k pages, 48-bit VAs, pgdp=00000001138b6000\n[ 1457.165000] [0000000000000040] pgd=0000000000000000, p4d=0000000000000000\n[ 1457.171792] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n[ 1457.178045] Modules linked in: v4l2_jpeg wave6_vpu_ctrl(-) [last unloaded: mxc_jpeg_encdec]\n[ 1457.186383] CPU: 0 PID: 51938 Comm: kworker/0:3 Not tainted 6.6.36-gd23d64eea511 #66\n[ 1457.194112] Hardware name: NXP i.MX95 19X19 board (DT)\n[ 1457.199236] Workqueue: pm pm_runtime_work\n[ 1457.203247] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 1457.210188] pc : genpd_runtime_suspend+0x20/0x290\n[ 1457.214886] lr : __rpm_callback+0x48/0x1d8\n[ 1457.218968] sp : ffff80008250bc50\n[ 1457.222270] x29: ffff80008250bc50 x28: 0000000000000000 x27: 0000000000000000\n[ 1457.229394] x26: 0000000000000000 x25: 0000000000000008 x24: 00000000000f4240\n[ 1457.236518] x23: 0000000000000000 x22: ffff00008590f0e4 x21: 0000000000000008\n[ 1457.243642] x20: ffff80008099c434 x19: ffff00008590f000 x18: ffffffffffffffff\n[ 1457.250766] x17: 5300326563697665 x16: 645f676e696c6f6f x15: 63343a6d726f6674\n[ 1457.257890] x14: 0000000000000004 x13: 00000000000003a4 x12: 0000000000000002\n[ 1457.265014] x11: 0000000000000000 x10: 0000000000000a60 x9 : ffff80008250bbb0\n[ 1457.272138] x8 : ffff000092937200 x7 : ffff0003fdf6af80 x6 : 0000000000000000\n[ 1457.279262] x5 : 00000000410fd050 x4 : 0000000000200000 x3 : 0000000000000000\n[ 1457.286386] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff00008590f000\n[ 1457.293510] Call trace:\n[ 1457.295946] genpd_runtime_suspend+0x20/0x290\n[ 1457.300296] __rpm_callback+0x48/0x1d8\n[ 1457.304038] rpm_callback+0x6c/0x78\n[ 1457.307515] rpm_suspend+0x10c/0x570\n[ 1457.311077] pm_runtime_work+0xc4/0xc8\n[ 1457.314813] process_one_work+0x138/0x248\n[ 1457.318816] worker_thread+0x320/0x438\n[ 1457.322552] kthread+0x110/0x114\n[ 1457.325767] ret_from_fork+0x10/0x20" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/12914fd765ba4f9d6a9a50439e8dd2e9f91423f2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2f86d104539fab9181ea7b5721f40e7b92a8bf67", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b7a830bbc25da0f641e3ef2bac3b1766b2777a8b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f3c4e088ec01cae45931a18ddf7cae0f4d72e1c5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fd0af4cd35da0eb550ef682b71cda70a4e36f6b9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56576.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56576.json new file mode 100644 index 00000000000..055fa30a7a8 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56576.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56576", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:16.657", + "lastModified": "2024-12-27T15:15:16.657", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: i2c: tc358743: Fix crash in the probe error path when using polling\n\nIf an error occurs in the probe() function, we should remove the polling\ntimer that was alarmed earlier, otherwise the timer is called with\narguments that are already freed, which results in a crash.\n\n------------[ cut here ]------------\nWARNING: CPU: 3 PID: 0 at kernel/time/timer.c:1830 __run_timers+0x244/0x268\nModules linked in:\nCPU: 3 UID: 0 PID: 0 Comm: swapper/3 Not tainted 6.11.0 #226\nHardware name: Diasom DS-RK3568-SOM-EVB (DT)\npstate: 804000c9 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __run_timers+0x244/0x268\nlr : __run_timers+0x1d4/0x268\nsp : ffffff80eff2baf0\nx29: ffffff80eff2bb50 x28: 7fffffffffffffff x27: ffffff80eff2bb00\nx26: ffffffc080f669c0 x25: ffffff80efef6bf0 x24: ffffff80eff2bb00\nx23: 0000000000000000 x22: dead000000000122 x21: 0000000000000000\nx20: ffffff80efef6b80 x19: ffffff80041c8bf8 x18: ffffffffffffffff\nx17: ffffffc06f146000 x16: ffffff80eff27dc0 x15: 000000000000003e\nx14: 0000000000000000 x13: 00000000000054da x12: 0000000000000000\nx11: 00000000000639c0 x10: 000000000000000c x9 : 0000000000000009\nx8 : ffffff80eff2cb40 x7 : ffffff80eff2cb40 x6 : ffffff8002bee480\nx5 : ffffffc080cb2220 x4 : ffffffc080cb2150 x3 : 00000000000f4240\nx2 : 0000000000000102 x1 : ffffff80eff2bb00 x0 : ffffff80041c8bf0\nCall trace:\n\u00a0__run_timers+0x244/0x268\n\u00a0timer_expire_remote+0x50/0x68\n\u00a0tmigr_handle_remote+0x388/0x39c\n\u00a0run_timer_softirq+0x38/0x44\n\u00a0handle_softirqs+0x138/0x298\n\u00a0__do_softirq+0x14/0x20\n\u00a0____do_softirq+0x10/0x1c\n\u00a0call_on_irq_stack+0x24/0x4c\n\u00a0do_softirq_own_stack+0x1c/0x2c\n\u00a0irq_exit_rcu+0x9c/0xcc\n\u00a0el1_interrupt+0x48/0xc0\n\u00a0el1h_64_irq_handler+0x18/0x24\n\u00a0el1h_64_irq+0x7c/0x80\n\u00a0default_idle_call+0x34/0x68\n\u00a0do_idle+0x23c/0x294\n\u00a0cpu_startup_entry+0x38/0x3c\n\u00a0secondary_start_kernel+0x128/0x160\n\u00a0__secondary_switched+0xb8/0xbc\n---[ end trace 0000000000000000 ]---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/13193a97ddd5a6a5b11408ddbc1ae85588b1860c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1def915b1564f4375330bd113ea1d768a569cfd8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/34a3466a92f50c51d984f0ec2e96864886d460eb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5c9ab34c87af718bdbf9faa2b1a6ba41d15380ea", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/815d14147068347e88c258233eb951b41b2792a6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/869f38ae07f7df829da4951c3d1f7a2be09c2e9a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b59ab89bc83f7bff67f78c6caf484a84a6dd30f7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56577.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56577.json new file mode 100644 index 00000000000..02e24a16d00 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56577.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56577", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:16.767", + "lastModified": "2024-12-27T15:15:16.767", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mtk-jpeg: Fix null-ptr-deref during unload module\n\nThe workqueue should be destroyed in mtk_jpeg_core.c since commit\n09aea13ecf6f (\"media: mtk-jpeg: refactor some variables\"), otherwise\nthe below calltrace can be easily triggered.\n\n[ 677.862514] Unable to handle kernel paging request at virtual address dfff800000000023\n[ 677.863633] KASAN: null-ptr-deref in range [0x0000000000000118-0x000000000000011f]\n...\n[ 677.879654] CPU: 6 PID: 1071 Comm: modprobe Tainted: G O 6.8.12-mtk+gfa1a78e5d24b+ #17\n...\n[ 677.882838] pc : destroy_workqueue+0x3c/0x770\n[ 677.883413] lr : mtk_jpegdec_destroy_workqueue+0x70/0x88 [mtk_jpeg_dec_hw]\n[ 677.884314] sp : ffff80008ad974f0\n[ 677.884744] x29: ffff80008ad974f0 x28: ffff0000d7115580 x27: ffff0000dd691070\n[ 677.885669] x26: ffff0000dd691408 x25: ffff8000844af3e0 x24: ffff80008ad97690\n[ 677.886592] x23: ffff0000e051d400 x22: ffff0000dd691010 x21: dfff800000000000\n[ 677.887515] x20: 0000000000000000 x19: 0000000000000000 x18: ffff800085397ac0\n[ 677.888438] x17: 0000000000000000 x16: ffff8000801b87c8 x15: 1ffff000115b2e10\n[ 677.889361] x14: 00000000f1f1f1f1 x13: 0000000000000000 x12: ffff7000115b2e4d\n[ 677.890285] x11: 1ffff000115b2e4c x10: ffff7000115b2e4c x9 : ffff80000aa43e90\n[ 677.891208] x8 : 00008fffeea4d1b4 x7 : ffff80008ad97267 x6 : 0000000000000001\n[ 677.892131] x5 : ffff80008ad97260 x4 : ffff7000115b2e4d x3 : 0000000000000000\n[ 677.893054] x2 : 0000000000000023 x1 : dfff800000000000 x0 : 0000000000000118\n[ 677.893977] Call trace:\n[ 677.894297] destroy_workqueue+0x3c/0x770\n[ 677.894826] mtk_jpegdec_destroy_workqueue+0x70/0x88 [mtk_jpeg_dec_hw]\n[ 677.895677] devm_action_release+0x50/0x90\n[ 677.896211] release_nodes+0xe8/0x170\n[ 677.896688] devres_release_all+0xf8/0x178\n[ 677.897219] device_unbind_cleanup+0x24/0x170\n[ 677.897785] device_release_driver_internal+0x35c/0x480\n[ 677.898461] device_release_driver+0x20/0x38\n...\n[ 677.912665] ---[ end trace 0000000000000000 ]---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0ba08c21c6a92e6512e73644555120427c9a49d4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/17af2b39daf12870cac61ffc360e62bc35798afb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bc3889a39baf783c64c6d628bbb74d76ce164bb1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56578.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56578.json new file mode 100644 index 00000000000..9810e790dba --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56578.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2024-56578", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:16.873", + "lastModified": "2024-12-27T15:15:16.873", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imx-jpeg: Set video drvdata before register video device\n\nThe video drvdata should be set before the video device is registered,\notherwise video_drvdata() may return NULL in the open() file ops, and led\nto oops." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/5ade59d28eade49194eb09765afdeb0ba717c39a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/68efeff2f7fccdfedc55f92e92be32997127d16e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b88556e82dc18cb708744d062770853a2d5095b2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d2b7ecc26bd5406d5ba927be1748aa99c568696c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f68bb1210fbea252552d97242757f69a219e942b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56579.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56579.json new file mode 100644 index 00000000000..b14c988faa0 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56579.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-56579", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:16.983", + "lastModified": "2024-12-27T15:15:16.983", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: amphion: Set video drvdata before register video device\n\nThe video drvdata should be set before the video device is registered,\notherwise video_drvdata() may return NULL in the open() file ops, and led\nto oops." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/182b9edc02c4cbb6fe6b97105c23c7047a3340d2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8cbb1a7bd5973b57898b26eb804fe44af440bb63", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/988cc10ddbdee0369fe1f193d389da38ad760492", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cfe96c7c3382293179e291f66644d789e39e99f3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56580.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56580.json new file mode 100644 index 00000000000..95ffd52f752 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56580.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56580", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:17.093", + "lastModified": "2024-12-27T15:15:17.093", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: qcom: camss: fix error path on configuration of power domains\n\nThere is a chance to meet runtime issues during configuration of CAMSS\npower domains, because on the error path dev_pm_domain_detach() is\nunexpectedly called with NULL or error pointer.\n\nOne of the simplest ways to reproduce the problem is to probe CAMSS\ndriver before registration of CAMSS power domains, for instance if\na platform CAMCC driver is simply not built.\n\nWarning backtrace example:\n\n Unable to handle kernel NULL pointer dereference at virtual address 00000000000001a2\n\n \n\n pc : dev_pm_domain_detach+0x8/0x48\n lr : camss_probe+0x374/0x9c0\n\n \n\n Call trace:\n dev_pm_domain_detach+0x8/0x48\n platform_probe+0x70/0xf0\n really_probe+0xc4/0x2a8\n __driver_probe_device+0x80/0x140\n driver_probe_device+0x48/0x170\n __device_attach_driver+0xc0/0x148\n bus_for_each_drv+0x88/0xf0\n __device_attach+0xb0/0x1c0\n device_initial_probe+0x1c/0x30\n bus_probe_device+0xb4/0xc0\n deferred_probe_work_func+0x90/0xd0\n process_one_work+0x164/0x3e0\n worker_thread+0x310/0x420\n kthread+0x120/0x130\n ret_from_fork+0x10/0x20" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/4f45d65b781499d2a79eca12155532739c876aa2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c98586d8d01c9e860e7acc3807c2afeb1dc14e8a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56581.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56581.json new file mode 100644 index 00000000000..7c85feb6e1e --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56581.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56581", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:17.207", + "lastModified": "2024-12-27T15:15:17.207", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: ref-verify: fix use-after-free after invalid ref action\n\nAt btrfs_ref_tree_mod() after we successfully inserted the new ref entry\n(local variable 'ref') into the respective block entry's rbtree (local\nvariable 'be'), if we find an unexpected action of BTRFS_DROP_DELAYED_REF,\nwe error out and free the ref entry without removing it from the block\nentry's rbtree. Then in the error path of btrfs_ref_tree_mod() we call\nbtrfs_free_ref_cache(), which iterates over all block entries and then\ncalls free_block_entry() for each one, and there we will trigger a\nuse-after-free when we are called against the block entry to which we\nadded the freed ref entry to its rbtree, since the rbtree still points\nto the block entry, as we didn't remove it from the rbtree before freeing\nit in the error path at btrfs_ref_tree_mod(). Fix this by removing the\nnew ref entry from the rbtree before freeing it.\n\nSyzbot report this with the following stack traces:\n\n BTRFS error (device loop0 state EA): Ref action 2, root 5, ref_root 0, parent 8564736, owner 0, offset 0, num_refs 18446744073709551615\n __btrfs_mod_ref+0x7dd/0xac0 fs/btrfs/extent-tree.c:2523\n update_ref_for_cow+0x9cd/0x11f0 fs/btrfs/ctree.c:512\n btrfs_force_cow_block+0x9f6/0x1da0 fs/btrfs/ctree.c:594\n btrfs_cow_block+0x35e/0xa40 fs/btrfs/ctree.c:754\n btrfs_search_slot+0xbdd/0x30d0 fs/btrfs/ctree.c:2116\n btrfs_insert_empty_items+0x9c/0x1a0 fs/btrfs/ctree.c:4314\n btrfs_insert_empty_item fs/btrfs/ctree.h:669 [inline]\n btrfs_insert_orphan_item+0x1f1/0x320 fs/btrfs/orphan.c:23\n btrfs_orphan_add+0x6d/0x1a0 fs/btrfs/inode.c:3482\n btrfs_unlink+0x267/0x350 fs/btrfs/inode.c:4293\n vfs_unlink+0x365/0x650 fs/namei.c:4469\n do_unlinkat+0x4ae/0x830 fs/namei.c:4533\n __do_sys_unlinkat fs/namei.c:4576 [inline]\n __se_sys_unlinkat fs/namei.c:4569 [inline]\n __x64_sys_unlinkat+0xcc/0xf0 fs/namei.c:4569\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n BTRFS error (device loop0 state EA): Ref action 1, root 5, ref_root 5, parent 0, owner 260, offset 0, num_refs 1\n __btrfs_mod_ref+0x76b/0xac0 fs/btrfs/extent-tree.c:2521\n update_ref_for_cow+0x96a/0x11f0\n btrfs_force_cow_block+0x9f6/0x1da0 fs/btrfs/ctree.c:594\n btrfs_cow_block+0x35e/0xa40 fs/btrfs/ctree.c:754\n btrfs_search_slot+0xbdd/0x30d0 fs/btrfs/ctree.c:2116\n btrfs_lookup_inode+0xdc/0x480 fs/btrfs/inode-item.c:411\n __btrfs_update_delayed_inode+0x1e7/0xb90 fs/btrfs/delayed-inode.c:1030\n btrfs_update_delayed_inode fs/btrfs/delayed-inode.c:1114 [inline]\n __btrfs_commit_inode_delayed_items+0x2318/0x24a0 fs/btrfs/delayed-inode.c:1137\n __btrfs_run_delayed_items+0x213/0x490 fs/btrfs/delayed-inode.c:1171\n btrfs_commit_transaction+0x8a8/0x3740 fs/btrfs/transaction.c:2313\n prepare_to_relocate+0x3c4/0x4c0 fs/btrfs/relocation.c:3586\n relocate_block_group+0x16c/0xd40 fs/btrfs/relocation.c:3611\n btrfs_relocate_block_group+0x77d/0xd90 fs/btrfs/relocation.c:4081\n btrfs_relocate_chunk+0x12c/0x3b0 fs/btrfs/volumes.c:3377\n __btrfs_balance+0x1b0f/0x26b0 fs/btrfs/volumes.c:4161\n btrfs_balance+0xbdc/0x10c0 fs/btrfs/volumes.c:4538\n BTRFS error (device loop0 state EA): Ref action 2, root 5, ref_root 0, parent 8564736, owner 0, offset 0, num_refs 18446744073709551615\n __btrfs_mod_ref+0x7dd/0xac0 fs/btrfs/extent-tree.c:2523\n update_ref_for_cow+0x9cd/0x11f0 fs/btrfs/ctree.c:512\n btrfs_force_cow_block+0x9f6/0x1da0 fs/btrfs/ctree.c:594\n btrfs_cow_block+0x35e/0xa40 fs/btrfs/ctree.c:754\n btrfs_search_slot+0xbdd/0x30d0 fs/btrfs/ctree.c:2116\n btrfs_lookup_inode+0xdc/0x480 fs/btrfs/inode-item.c:411\n __btrfs_update_delayed_inode+0x1e7/0xb90 fs/btrfs/delayed-inode.c:1030\n btrfs_update_delayed_i\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/4275ac2741941c9c7c2293619fdbacb9f70ba85b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6370db28af9a8ae3bbdfe97f8a48f8f995e144cf", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6fd018aa168e472ce35be32296d109db6adb87ea", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7c4e39f9d2af4abaf82ca0e315d1fd340456620f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a6f9e7a0bf1185c9070c0de03bb85eafb9abd650", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d2b85ce0561fde894e28fa01bd5d32820d585006", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dfb9fe7de61f34cc241ab3900bdde93341096e0e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56582.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56582.json new file mode 100644 index 00000000000..d525a79ede6 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56582.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56582", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:17.333", + "lastModified": "2024-12-27T15:15:17.333", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free in btrfs_encoded_read_endio()\n\nShinichiro reported the following use-after free that sometimes is\nhappening in our CI system when running fstests' btrfs/284 on a TCMU\nrunner device:\n\n BUG: KASAN: slab-use-after-free in lock_release+0x708/0x780\n Read of size 8 at addr ffff888106a83f18 by task kworker/u80:6/219\n\n CPU: 8 UID: 0 PID: 219 Comm: kworker/u80:6 Not tainted 6.12.0-rc6-kts+ #15\n Hardware name: Supermicro Super Server/X11SPi-TF, BIOS 3.3 02/21/2020\n Workqueue: btrfs-endio btrfs_end_bio_work [btrfs]\n Call Trace:\n \n dump_stack_lvl+0x6e/0xa0\n ? lock_release+0x708/0x780\n print_report+0x174/0x505\n ? lock_release+0x708/0x780\n ? __virt_addr_valid+0x224/0x410\n ? lock_release+0x708/0x780\n kasan_report+0xda/0x1b0\n ? lock_release+0x708/0x780\n ? __wake_up+0x44/0x60\n lock_release+0x708/0x780\n ? __pfx_lock_release+0x10/0x10\n ? __pfx_do_raw_spin_lock+0x10/0x10\n ? lock_is_held_type+0x9a/0x110\n _raw_spin_unlock_irqrestore+0x1f/0x60\n __wake_up+0x44/0x60\n btrfs_encoded_read_endio+0x14b/0x190 [btrfs]\n btrfs_check_read_bio+0x8d9/0x1360 [btrfs]\n ? lock_release+0x1b0/0x780\n ? trace_lock_acquire+0x12f/0x1a0\n ? __pfx_btrfs_check_read_bio+0x10/0x10 [btrfs]\n ? process_one_work+0x7e3/0x1460\n ? lock_acquire+0x31/0xc0\n ? process_one_work+0x7e3/0x1460\n process_one_work+0x85c/0x1460\n ? __pfx_process_one_work+0x10/0x10\n ? assign_work+0x16c/0x240\n worker_thread+0x5e6/0xfc0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x2c3/0x3a0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x70\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \n\n Allocated by task 3661:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n btrfs_encoded_read_regular_fill_pages+0x16c/0x6d0 [btrfs]\n send_extent_data+0xf0f/0x24a0 [btrfs]\n process_extent+0x48a/0x1830 [btrfs]\n changed_cb+0x178b/0x2ea0 [btrfs]\n btrfs_ioctl_send+0x3bf9/0x5c20 [btrfs]\n _btrfs_ioctl_send+0x117/0x330 [btrfs]\n btrfs_ioctl+0x184a/0x60a0 [btrfs]\n __x64_sys_ioctl+0x12e/0x1a0\n do_syscall_64+0x95/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n Freed by task 3661:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x70\n __kasan_slab_free+0x4f/0x70\n kfree+0x143/0x490\n btrfs_encoded_read_regular_fill_pages+0x531/0x6d0 [btrfs]\n send_extent_data+0xf0f/0x24a0 [btrfs]\n process_extent+0x48a/0x1830 [btrfs]\n changed_cb+0x178b/0x2ea0 [btrfs]\n btrfs_ioctl_send+0x3bf9/0x5c20 [btrfs]\n _btrfs_ioctl_send+0x117/0x330 [btrfs]\n btrfs_ioctl+0x184a/0x60a0 [btrfs]\n __x64_sys_ioctl+0x12e/0x1a0\n do_syscall_64+0x95/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n The buggy address belongs to the object at ffff888106a83f00\n which belongs to the cache kmalloc-rnd-07-96 of size 96\n The buggy address is located 24 bytes inside of\n freed 96-byte region [ffff888106a83f00, ffff888106a83f60)\n\n The buggy address belongs to the physical page:\n page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888106a83800 pfn:0x106a83\n flags: 0x17ffffc0000000(node=0|zone=2|lastcpupid=0x1fffff)\n page_type: f5(slab)\n raw: 0017ffffc0000000 ffff888100053680 ffffea0004917200 0000000000000004\n raw: ffff888106a83800 0000000080200019 00000001f5000000 0000000000000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n ffff888106a83e00: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc\n ffff888106a83e80: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc\n >ffff888106a83f00: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc\n ^\n ffff888106a83f80: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc\n ffff888106a84000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ==================================================================\n\nFurther analyzing the trace and \n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/05b36b04d74a517d6675bf2f90829ff1ac7e28dc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f8a5129e4a9fc3f6aa3f137513253b51b31b94d4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56583.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56583.json new file mode 100644 index 00000000000..93304e03937 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56583.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56583", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:17.453", + "lastModified": "2024-12-27T15:15:17.453", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/deadline: Fix warning in migrate_enable for boosted tasks\n\nWhen running the following command:\n\nwhile true; do\n stress-ng --cyclic 30 --timeout 30s --minimize --quiet\ndone\n\na warning is eventually triggered:\n\nWARNING: CPU: 43 PID: 2848 at kernel/sched/deadline.c:794\nsetup_new_dl_entity+0x13e/0x180\n...\nCall Trace:\n \n ? show_trace_log_lvl+0x1c4/0x2df\n ? enqueue_dl_entity+0x631/0x6e0\n ? setup_new_dl_entity+0x13e/0x180\n ? __warn+0x7e/0xd0\n ? report_bug+0x11a/0x1a0\n ? handle_bug+0x3c/0x70\n ? exc_invalid_op+0x14/0x70\n ? asm_exc_invalid_op+0x16/0x20\n enqueue_dl_entity+0x631/0x6e0\n enqueue_task_dl+0x7d/0x120\n __do_set_cpus_allowed+0xe3/0x280\n __set_cpus_allowed_ptr_locked+0x140/0x1d0\n __set_cpus_allowed_ptr+0x54/0xa0\n migrate_enable+0x7e/0x150\n rt_spin_unlock+0x1c/0x90\n group_send_sig_info+0xf7/0x1a0\n ? kill_pid_info+0x1f/0x1d0\n kill_pid_info+0x78/0x1d0\n kill_proc_info+0x5b/0x110\n __x64_sys_kill+0x93/0xc0\n do_syscall_64+0x5c/0xf0\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n RIP: 0033:0x7f0dab31f92b\n\nThis warning occurs because set_cpus_allowed dequeues and enqueues tasks\nwith the ENQUEUE_RESTORE flag set. If the task is boosted, the warning\nis triggered. A boosted task already had its parameters set by\nrt_mutex_setprio, and a new call to setup_new_dl_entity is unnecessary,\nhence the WARN_ON call.\n\nCheck if we are requeueing a boosted task and avoid calling\nsetup_new_dl_entity if that's the case." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0664e2c311b9fa43b33e3e81429cd0c2d7f9c638", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b600d30402854415aa57548a6b53dc6478f65517", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e41074904d9ed3fe582d6e544c77b40c22043c82", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56584.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56584.json new file mode 100644 index 00000000000..4cf39e980be --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56584.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-56584", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:17.567", + "lastModified": "2024-12-27T15:15:17.567", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/tctx: work around xa_store() allocation error issue\n\nsyzbot triggered the following WARN_ON:\n\nWARNING: CPU: 0 PID: 16 at io_uring/tctx.c:51 __io_uring_free+0xfa/0x140 io_uring/tctx.c:51\n\nwhich is the\n\nWARN_ON_ONCE(!xa_empty(&tctx->xa));\n\nsanity check in __io_uring_free() when a io_uring_task is going through\nits final put. The syzbot test case includes injecting memory allocation\nfailures, and it very much looks like xa_store() can fail one of its\nmemory allocations and end up with ->head being non-NULL even though no\nentries exist in the xarray.\n\nUntil this issue gets sorted out, work around it by attempting to\niterate entries in our xarray, and WARN_ON_ONCE() if one is found." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/42882b583095dcf747da6e3af1daeff40e27033e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7eb75ce7527129d7f1fee6951566af409a37a1c4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/94ad56f61b873ffeebcc620d451eacfbdf9d40f0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d5b2ddf1f90c7248eff9630b95895c8950f2f36d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56585.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56585.json new file mode 100644 index 00000000000..0c315a9f3f9 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56585.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-56585", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:17.677", + "lastModified": "2024-12-27T15:15:17.677", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Fix sleeping in atomic context for PREEMPT_RT\n\nCommit bab1c299f3945ffe79 (\"LoongArch: Fix sleeping in atomic context in\nsetup_tlb_handler()\") changes the gfp flag from GFP_KERNEL to GFP_ATOMIC\nfor alloc_pages_node(). However, for PREEMPT_RT kernels we can still get\na \"sleeping in atomic context\" error:\n\n[ 0.372259] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 0.372266] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 0, name: swapper/1\n[ 0.372268] preempt_count: 1, expected: 0\n[ 0.372270] RCU nest depth: 1, expected: 1\n[ 0.372272] 3 locks held by swapper/1/0:\n[ 0.372274] #0: 900000000c9f5e60 (&pcp->lock){+.+.}-{3:3}, at: get_page_from_freelist+0x524/0x1c60\n[ 0.372294] #1: 90000000087013b8 (rcu_read_lock){....}-{1:3}, at: rt_spin_trylock+0x50/0x140\n[ 0.372305] #2: 900000047fffd388 (&zone->lock){+.+.}-{3:3}, at: __rmqueue_pcplist+0x30c/0xea0\n[ 0.372314] irq event stamp: 0\n[ 0.372316] hardirqs last enabled at (0): [<0000000000000000>] 0x0\n[ 0.372322] hardirqs last disabled at (0): [<9000000005947320>] copy_process+0x9c0/0x26e0\n[ 0.372329] softirqs last enabled at (0): [<9000000005947320>] copy_process+0x9c0/0x26e0\n[ 0.372335] softirqs last disabled at (0): [<0000000000000000>] 0x0\n[ 0.372341] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.12.0-rc7+ #1891\n[ 0.372346] Hardware name: Loongson Loongson-3A5000-7A1000-1w-CRB/Loongson-LS3A5000-7A1000-1w-CRB, BIOS vUDK2018-LoongArch-V2.0.0-prebeta9 10/21/2022\n[ 0.372349] Stack : 0000000000000089 9000000005a0db9c 90000000071519c8 9000000100388000\n[ 0.372486] 900000010038b890 0000000000000000 900000010038b898 9000000007e53788\n[ 0.372492] 900000000815bcc8 900000000815bcc0 900000010038b700 0000000000000001\n[ 0.372498] 0000000000000001 4b031894b9d6b725 00000000055ec000 9000000100338fc0\n[ 0.372503] 00000000000000c4 0000000000000001 000000000000002d 0000000000000003\n[ 0.372509] 0000000000000030 0000000000000003 00000000055ec000 0000000000000003\n[ 0.372515] 900000000806d000 9000000007e53788 00000000000000b0 0000000000000004\n[ 0.372521] 0000000000000000 0000000000000000 900000000c9f5f10 0000000000000000\n[ 0.372526] 90000000076f12d8 9000000007e53788 9000000005924778 0000000000000000\n[ 0.372532] 00000000000000b0 0000000000000004 0000000000000000 0000000000070000\n[ 0.372537] ...\n[ 0.372540] Call Trace:\n[ 0.372542] [<9000000005924778>] show_stack+0x38/0x180\n[ 0.372548] [<90000000071519c4>] dump_stack_lvl+0x94/0xe4\n[ 0.372555] [<900000000599b880>] __might_resched+0x1a0/0x260\n[ 0.372561] [<90000000071675cc>] rt_spin_lock+0x4c/0x140\n[ 0.372565] [<9000000005cbb768>] __rmqueue_pcplist+0x308/0xea0\n[ 0.372570] [<9000000005cbed84>] get_page_from_freelist+0x564/0x1c60\n[ 0.372575] [<9000000005cc0d98>] __alloc_pages_noprof+0x218/0x1820\n[ 0.372580] [<900000000593b36c>] tlb_init+0x1ac/0x298\n[ 0.372585] [<9000000005924b74>] per_cpu_trap_init+0x114/0x140\n[ 0.372589] [<9000000005921964>] cpu_probe+0x4e4/0xa60\n[ 0.372592] [<9000000005934874>] start_secondary+0x34/0xc0\n[ 0.372599] [<900000000715615c>] smpboot_entry+0x64/0x6c\n\nThis is because in PREEMPT_RT kernels normal spinlocks are replaced by\nrt spinlocks and rt_spin_lock() will cause sleeping. Fix it by disabling\nNUMA optimization completely for PREEMPT_RT kernels." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/08715b741f9b2a925d6485491e4907f3b29bac70", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6575e0867bd478a5d7ef1783ca1e73160807d238", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/88fd2b70120d52c1010257d36776876941375490", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c5f89458a2ea0800866b9fc690d3fa8367dc8f8d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56586.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56586.json new file mode 100644 index 00000000000..41f31f1bb31 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56586.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56586", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:17.800", + "lastModified": "2024-12-27T15:15:17.800", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix f2fs_bug_on when uninstalling filesystem call f2fs_evict_inode.\n\ncreating a large files during checkpoint disable until it runs out of\nspace and then delete it, then remount to enable checkpoint again, and\nthen unmount the filesystem triggers the f2fs_bug_on as below:\n\n------------[ cut here ]------------\nkernel BUG at fs/f2fs/inode.c:896!\nCPU: 2 UID: 0 PID: 1286 Comm: umount Not tainted 6.11.0-rc7-dirty #360\nOops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nRIP: 0010:f2fs_evict_inode+0x58c/0x610\nCall Trace:\n __die_body+0x15/0x60\n die+0x33/0x50\n do_trap+0x10a/0x120\n f2fs_evict_inode+0x58c/0x610\n do_error_trap+0x60/0x80\n f2fs_evict_inode+0x58c/0x610\n exc_invalid_op+0x53/0x60\n f2fs_evict_inode+0x58c/0x610\n asm_exc_invalid_op+0x16/0x20\n f2fs_evict_inode+0x58c/0x610\n evict+0x101/0x260\n dispose_list+0x30/0x50\n evict_inodes+0x140/0x190\n generic_shutdown_super+0x2f/0x150\n kill_block_super+0x11/0x40\n kill_f2fs_super+0x7d/0x140\n deactivate_locked_super+0x2a/0x70\n cleanup_mnt+0xb3/0x140\n task_work_run+0x61/0x90\n\nThe root cause is: creating large files during disable checkpoint\nperiod results in not enough free segments, so when writing back root\ninode will failed in f2fs_enable_checkpoint. When umount the file\nsystem after enabling checkpoint, the root inode is dirty in\nf2fs_evict_inode function, which triggers BUG_ON. The steps to\nreproduce are as follows:\n\ndd if=/dev/zero of=f2fs.img bs=1M count=55\nmount f2fs.img f2fs_dir -o checkpoint=disable:10%\ndd if=/dev/zero of=big bs=1M count=50\nsync\nrm big\nmount -o remount,checkpoint=enable f2fs_dir\numount f2fs_dir\n\nLet's redirty inode when there is not free segments during checkpoint\nis disable." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/9669b28f81e0ec6305af7773846fbe2cef1e7d61", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9e28513fd2858911dcf47b84160a8824587536b6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a365de2fbfbe1e6740bfb75ab5c3245cf7bbe4d7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ac8aaf78bd039fa1be0acaa8e84a56499f79d721", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d5c367ef8287fb4d235c46a2f8c8d68715f3a0ca", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dff561e4060d28edc9a2960d4a87f3c945a96aa3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ef517d2d21c3d8e2ad35b2bb728bd1c90a31e617", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56587.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56587.json new file mode 100644 index 00000000000..c51db4b2f26 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56587.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56587", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:17.917", + "lastModified": "2024-12-27T15:15:17.917", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nleds: class: Protect brightness_show() with led_cdev->led_access mutex\n\nThere is NULL pointer issue observed if from Process A where hid device\nbeing added which results in adding a led_cdev addition and later a\nanother call to access of led_cdev attribute from Process B can result\nin NULL pointer issue.\n\nUse mutex led_cdev->led_access to protect access to led->cdev and its\nattribute inside brightness_show() and max_brightness_show() and also\nupdate the comment for mutex that it should be used to protect the led\nclass device fields.\n\n\tProcess A \t\t\t\tProcess B\n\n kthread+0x114\n worker_thread+0x244\n process_scheduled_works+0x248\n uhid_device_add_worker+0x24\n hid_add_device+0x120\n device_add+0x268\n bus_probe_device+0x94\n device_initial_probe+0x14\n __device_attach+0xfc\n bus_for_each_drv+0x10c\n __device_attach_driver+0x14c\n driver_probe_device+0x3c\n __driver_probe_device+0xa0\n really_probe+0x190\n hid_device_probe+0x130\n ps_probe+0x990\n ps_led_register+0x94\n devm_led_classdev_register_ext+0x58\n led_classdev_register_ext+0x1f8\n device_create_with_groups+0x48\n device_create_groups_vargs+0xc8\n device_add+0x244\n kobject_uevent+0x14\n kobject_uevent_env[jt]+0x224\n mutex_unlock[jt]+0xc4\n __mutex_unlock_slowpath+0xd4\n wake_up_q+0x70\n try_to_wake_up[jt]+0x48c\n preempt_schedule_common+0x28\n __schedule+0x628\n __switch_to+0x174\n\t\t\t\t\t\tel0t_64_sync+0x1a8/0x1ac\n\t\t\t\t\t\tel0t_64_sync_handler+0x68/0xbc\n\t\t\t\t\t\tel0_svc+0x38/0x68\n\t\t\t\t\t\tdo_el0_svc+0x1c/0x28\n\t\t\t\t\t\tel0_svc_common+0x80/0xe0\n\t\t\t\t\t\tinvoke_syscall+0x58/0x114\n\t\t\t\t\t\t__arm64_sys_read+0x1c/0x2c\n\t\t\t\t\t\tksys_read+0x78/0xe8\n\t\t\t\t\t\tvfs_read+0x1e0/0x2c8\n\t\t\t\t\t\tkernfs_fop_read_iter+0x68/0x1b4\n\t\t\t\t\t\tseq_read_iter+0x158/0x4ec\n\t\t\t\t\t\tkernfs_seq_show+0x44/0x54\n\t\t\t\t\t\tsysfs_kf_seq_show+0xb4/0x130\n\t\t\t\t\t\tdev_attr_show+0x38/0x74\n\t\t\t\t\t\tbrightness_show+0x20/0x4c\n\t\t\t\t\t\tdualshock4_led_get_brightness+0xc/0x74\n\n[ 3313.874295][ T4013] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000060\n[ 3313.874301][ T4013] Mem abort info:\n[ 3313.874303][ T4013] ESR = 0x0000000096000006\n[ 3313.874305][ T4013] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 3313.874307][ T4013] SET = 0, FnV = 0\n[ 3313.874309][ T4013] EA = 0, S1PTW = 0\n[ 3313.874311][ T4013] FSC = 0x06: level 2 translation fault\n[ 3313.874313][ T4013] Data abort info:\n[ 3313.874314][ T4013] ISV = 0, ISS = 0x00000006, ISS2 = 0x00000000\n[ 3313.874316][ T4013] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 3313.874318][ T4013] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 3313.874320][ T4013] user pgtable: 4k pages, 39-bit VAs, pgdp=00000008f2b0a000\n..\n\n[ 3313.874332][ T4013] Dumping ftrace buffer:\n[ 3313.874334][ T4013] (ftrace buffer empty)\n..\n..\n[ dd3313.874639][ T4013] CPU: 6 PID: 4013 Comm: InputReader\n[ 3313.874648][ T4013] pc : dualshock4_led_get_brightness+0xc/0x74\n[ 3313.874653][ T4013] lr : led_update_brightness+0x38/0x60\n[ 3313.874656][ T4013] sp : ffffffc0b910bbd0\n..\n..\n[ 3313.874685][ T4013] Call trace:\n[ 3313.874687][ T4013] dualshock4_led_get_brightness+0xc/0x74\n[ 3313.874690][ T4013] brightness_show+0x20/0x4c\n[ 3313.874692][ T4013] dev_attr_show+0x38/0x74\n[ 3313.874696][ T4013] sysfs_kf_seq_show+0xb4/0x130\n[ 3313.874700][ T4013] kernfs_seq_show+0x44/0x54\n[ 3313.874703][ T4013] seq_read_iter+0x158/0x4ec\n[ 3313.874705][ T4013] kernfs_fop_read_iter+0x68/0x1b4\n[ 3313.874708][ T4013] vfs_read+0x1e0/0x2c8\n[ 3313.874711][ T4013] ksys_read+0x78/0xe8\n[ 3313.874714][ T4013] __arm64_sys_read+0x1c/0x2c\n[ 3313.874718][ T4013] invoke_syscall+0x58/0x114\n[ 3313.874721][ T4013] el0_svc_common+0x80/0xe0\n[ 3313.874724][ T4013] do_el0_svc+0x1c/0x28\n[ 3313.874727][ T4013] el0_svc+0x38/0x68\n[ 3313.874730][ T4013] el0t_64_sync_handler+0x68/0xbc\n[ 3313.874732][ T4013] el0t_64_sync+0x1a8/0x1ac" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/4ca7cd938725a4050dcd62ae9472e931d603118d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/50d9f68e4adf86901cbab1bd5b91f710aa9141b9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/84b42d5b5fcd767c9b7f30b0b32065ed949fe804", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b8283d52ed15c02bb2eb9b1b8644dcc34f8e98f1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bb4a6236a430cfc3713f470f3a969f39d6d4ca25", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ddcfc5708da9972ac23a9121b3d819b0a53d6f21", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f6d6fb563e4be245a17bc4261a4b294e8bf8a31e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56588.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56588.json new file mode 100644 index 00000000000..a944feca0e4 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56588.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56588", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:18.040", + "lastModified": "2024-12-27T15:15:18.040", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Create all dump files during debugfs initialization\n\nFor the current debugfs of hisi_sas, after user triggers dump, the\ndriver allocate memory space to save the register information and create\ndebugfs files to display the saved information. In this process, the\ndebugfs files created after each dump.\n\nTherefore, when the dump is triggered while the driver is unbind, the\nfollowing hang occurs:\n\n[67840.853907] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000a0\n[67840.862947] Mem abort info:\n[67840.865855] ESR = 0x0000000096000004\n[67840.869713] EC = 0x25: DABT (current EL), IL = 32 bits\n[67840.875125] SET = 0, FnV = 0\n[67840.878291] EA = 0, S1PTW = 0\n[67840.881545] FSC = 0x04: level 0 translation fault\n[67840.886528] Data abort info:\n[67840.889524] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n[67840.895117] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[67840.900284] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[67840.905709] user pgtable: 4k pages, 48-bit VAs, pgdp=0000002803a1f000\n[67840.912263] [00000000000000a0] pgd=0000000000000000, p4d=0000000000000000\n[67840.919177] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n[67840.996435] pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[67841.003628] pc : down_write+0x30/0x98\n[67841.007546] lr : start_creating.part.0+0x60/0x198\n[67841.012495] sp : ffff8000b979ba20\n[67841.016046] x29: ffff8000b979ba20 x28: 0000000000000010 x27: 0000000000024b40\n[67841.023412] x26: 0000000000000012 x25: ffff20202b355ae8 x24: ffff20202b35a8c8\n[67841.030779] x23: ffffa36877928208 x22: ffffa368b4972240 x21: ffff8000b979bb18\n[67841.038147] x20: ffff00281dc1e3c0 x19: fffffffffffffffe x18: 0000000000000020\n[67841.045515] x17: 0000000000000000 x16: ffffa368b128a530 x15: ffffffffffffffff\n[67841.052888] x14: ffff8000b979bc18 x13: ffffffffffffffff x12: ffff8000b979bb18\n[67841.060263] x11: 0000000000000000 x10: 0000000000000000 x9 : ffffa368b1289b18\n[67841.067640] x8 : 0000000000000012 x7 : 0000000000000000 x6 : 00000000000003a9\n[67841.075014] x5 : 0000000000000000 x4 : ffff002818c5cb00 x3 : 0000000000000001\n[67841.082388] x2 : 0000000000000000 x1 : ffff002818c5cb00 x0 : 00000000000000a0\n[67841.089759] Call trace:\n[67841.092456] down_write+0x30/0x98\n[67841.096017] start_creating.part.0+0x60/0x198\n[67841.100613] debugfs_create_dir+0x48/0x1f8\n[67841.104950] debugfs_create_files_v3_hw+0x88/0x348 [hisi_sas_v3_hw]\n[67841.111447] debugfs_snapshot_regs_v3_hw+0x708/0x798 [hisi_sas_v3_hw]\n[67841.118111] debugfs_trigger_dump_v3_hw_write+0x9c/0x120 [hisi_sas_v3_hw]\n[67841.125115] full_proxy_write+0x68/0xc8\n[67841.129175] vfs_write+0xd8/0x3f0\n[67841.132708] ksys_write+0x70/0x108\n[67841.136317] __arm64_sys_write+0x24/0x38\n[67841.140440] invoke_syscall+0x50/0x128\n[67841.144385] el0_svc_common.constprop.0+0xc8/0xf0\n[67841.149273] do_el0_svc+0x24/0x38\n[67841.152773] el0_svc+0x38/0xd8\n[67841.156009] el0t_64_sync_handler+0xc0/0xc8\n[67841.160361] el0t_64_sync+0x1a4/0x1a8\n[67841.164189] Code: b9000882 d2800002 d2800023 f9800011 (c85ffc05)\n[67841.170443] ---[ end trace 0000000000000000 ]---\n\nTo fix this issue, create all directories and files during debugfs\ninitialization. In this way, the driver only needs to allocate memory\nspace to save information each time the user triggers dumping." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/6c55f99123075e5429850b41b06f7dfffcb708eb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9f564f15f88490b484e02442dc4c4b11640ea172", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56589.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56589.json new file mode 100644 index 00000000000..d033bd22545 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56589.json @@ -0,0 +1,41 @@ +{ + "id": "CVE-2024-56589", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:18.150", + "lastModified": "2024-12-27T15:15:18.150", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Add cond_resched() for no forced preemption model\n\nFor no forced preemption model kernel, in the scenario where the\nexpander is connected to 12 high performance SAS SSDs, the following\ncall trace may occur:\n\n[ 214.409199][ C240] watchdog: BUG: soft lockup - CPU#240 stuck for 22s! [irq/149-hisi_sa:3211]\n[ 214.568533][ C240] pstate: 60400009 (nZCv daif +PAN -UAO -TCO BTYPE=--)\n[ 214.575224][ C240] pc : fput_many+0x8c/0xdc\n[ 214.579480][ C240] lr : fput+0x1c/0xf0\n[ 214.583302][ C240] sp : ffff80002de2b900\n[ 214.587298][ C240] x29: ffff80002de2b900 x28: ffff1082aa412000\n[ 214.593291][ C240] x27: ffff3062a0348c08 x26: ffff80003a9f6000\n[ 214.599284][ C240] x25: ffff1062bbac5c40 x24: 0000000000001000\n[ 214.605277][ C240] x23: 000000000000000a x22: 0000000000000001\n[ 214.611270][ C240] x21: 0000000000001000 x20: 0000000000000000\n[ 214.617262][ C240] x19: ffff3062a41ae580 x18: 0000000000010000\n[ 214.623255][ C240] x17: 0000000000000001 x16: ffffdb3a6efe5fc0\n[ 214.629248][ C240] x15: ffffffffffffffff x14: 0000000003ffffff\n[ 214.635241][ C240] x13: 000000000000ffff x12: 000000000000029c\n[ 214.641234][ C240] x11: 0000000000000006 x10: ffff80003a9f7fd0\n[ 214.647226][ C240] x9 : ffffdb3a6f0482fc x8 : 0000000000000001\n[ 214.653219][ C240] x7 : 0000000000000002 x6 : 0000000000000080\n[ 214.659212][ C240] x5 : ffff55480ee9b000 x4 : fffffde7f94c6554\n[ 214.665205][ C240] x3 : 0000000000000002 x2 : 0000000000000020\n[ 214.671198][ C240] x1 : 0000000000000021 x0 : ffff3062a41ae5b8\n[ 214.677191][ C240] Call trace:\n[ 214.680320][ C240] fput_many+0x8c/0xdc\n[ 214.684230][ C240] fput+0x1c/0xf0\n[ 214.687707][ C240] aio_complete_rw+0xd8/0x1fc\n[ 214.692225][ C240] blkdev_bio_end_io+0x98/0x140\n[ 214.696917][ C240] bio_endio+0x160/0x1bc\n[ 214.701001][ C240] blk_update_request+0x1c8/0x3bc\n[ 214.705867][ C240] scsi_end_request+0x3c/0x1f0\n[ 214.710471][ C240] scsi_io_completion+0x7c/0x1a0\n[ 214.715249][ C240] scsi_finish_command+0x104/0x140\n[ 214.720200][ C240] scsi_softirq_done+0x90/0x180\n[ 214.724892][ C240] blk_mq_complete_request+0x5c/0x70\n[ 214.730016][ C240] scsi_mq_done+0x48/0xac\n[ 214.734194][ C240] sas_scsi_task_done+0xbc/0x16c [libsas]\n[ 214.739758][ C240] slot_complete_v3_hw+0x260/0x760 [hisi_sas_v3_hw]\n[ 214.746185][ C240] cq_thread_v3_hw+0xbc/0x190 [hisi_sas_v3_hw]\n[ 214.752179][ C240] irq_thread_fn+0x34/0xa4\n[ 214.756435][ C240] irq_thread+0xc4/0x130\n[ 214.760520][ C240] kthread+0x108/0x13c\n[ 214.764430][ C240] ret_from_fork+0x10/0x18\n\nThis is because in the hisi_sas driver, both the hardware interrupt\nhandler and the interrupt thread are executed on the same CPU. In the\nperformance test scenario, function irq_wait_for_interrupt() will always\nreturn 0 if lots of interrupts occurs and the CPU will be continuously\nconsumed. As a result, the CPU cannot run the watchdog thread. When the\nwatchdog time exceeds the specified time, call trace occurs.\n\nTo fix it, add cond_resched() to execute the watchdog thread." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2174bbc235f79fce88ea71fd08cf836568fcad5f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2233c4a0b948211743659b24c13d6bd059fa75fc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2991a023896b79e6753813ed88fbc98979713c73", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3dd2c5cb2c698a02a4ed2ea0acb7c9909374a8bf", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/50ddf4b0e1a4cb5e9ca0aac3d0a73202b903c87f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/601f8001373fc3fbad498f9be427254908b7fcce", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56590.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56590.json new file mode 100644 index 00000000000..adb21c420a8 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56590.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2024-56590", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:18.263", + "lastModified": "2024-12-27T15:15:18.263", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_core: Fix not checking skb length on hci_acldata_packet\n\nThis fixes not checking if skb really contains an ACL header otherwise\nthe code may attempt to access some uninitilized/invalid memory past the\nvalid skb->data." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/219960a48771b35a3857a491b955c31d6c33d581", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3fe288a8214e7dd784d1f9b7c9e448244d316b47", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/559b1c7ac2e212a23b3833d3baf3bd957771d02e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5e50d12cc6e95e1fde08f5db6992b616f714b0fb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/93a6160dc198ffe5786da8bd8588cfd17f53b29a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56591.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56591.json new file mode 100644 index 00000000000..144e3266441 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56591.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56591", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:18.383", + "lastModified": "2024-12-27T15:15:18.383", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_conn: Use disable_delayed_work_sync\n\nThis makes use of disable_delayed_work_sync instead\ncancel_delayed_work_sync as it not only cancel the ongoing work but also\ndisables new submit which is disarable since the object holding the work\nis about to be freed." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2b0f2fc9ed62e73c95df1fa8ed2ba3dac54699df", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c55a4c5a04bae40dcdc1e1c19d8eb79a06fb3397", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56592.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56592.json new file mode 100644 index 00000000000..eecd191f8a9 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56592.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56592", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:18.500", + "lastModified": "2024-12-27T15:15:18.500", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Call free_htab_elem() after htab_unlock_bucket()\n\nFor htab of maps, when the map is removed from the htab, it may hold the\nlast reference of the map. bpf_map_fd_put_ptr() will invoke\nbpf_map_free_id() to free the id of the removed map element. However,\nbpf_map_fd_put_ptr() is invoked while holding a bucket lock\n(raw_spin_lock_t), and bpf_map_free_id() attempts to acquire map_idr_lock\n(spinlock_t), triggering the following lockdep warning:\n\n =============================\n [ BUG: Invalid wait context ]\n 6.11.0-rc4+ #49 Not tainted\n -----------------------------\n test_maps/4881 is trying to lock:\n ffffffff84884578 (map_idr_lock){+...}-{3:3}, at: bpf_map_free_id.part.0+0x21/0x70\n other info that might help us debug this:\n context-{5:5}\n 2 locks held by test_maps/4881:\n #0: ffffffff846caf60 (rcu_read_lock){....}-{1:3}, at: bpf_fd_htab_map_update_elem+0xf9/0x270\n #1: ffff888149ced148 (&htab->lockdep_key#2){....}-{2:2}, at: htab_map_update_elem+0x178/0xa80\n stack backtrace:\n CPU: 0 UID: 0 PID: 4881 Comm: test_maps Not tainted 6.11.0-rc4+ #49\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), ...\n Call Trace:\n \n dump_stack_lvl+0x6e/0xb0\n dump_stack+0x10/0x20\n __lock_acquire+0x73e/0x36c0\n lock_acquire+0x182/0x450\n _raw_spin_lock_irqsave+0x43/0x70\n bpf_map_free_id.part.0+0x21/0x70\n bpf_map_put+0xcf/0x110\n bpf_map_fd_put_ptr+0x9a/0xb0\n free_htab_elem+0x69/0xe0\n htab_map_update_elem+0x50f/0xa80\n bpf_fd_htab_map_update_elem+0x131/0x270\n htab_map_update_elem+0x50f/0xa80\n bpf_fd_htab_map_update_elem+0x131/0x270\n bpf_map_update_value+0x266/0x380\n __sys_bpf+0x21bb/0x36b0\n __x64_sys_bpf+0x45/0x60\n x64_sys_call+0x1b2a/0x20d0\n do_syscall_64+0x5d/0x100\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nOne way to fix the lockdep warning is using raw_spinlock_t for\nmap_idr_lock as well. However, bpf_map_alloc_id() invokes\nidr_alloc_cyclic() after acquiring map_idr_lock, it will trigger a\nsimilar lockdep warning because the slab's lock (s->cpu_slab->lock) is\nstill a spinlock.\n\nInstead of changing map_idr_lock's type, fix the issue by invoking\nhtab_put_fd_value() after htab_unlock_bucket(). However, only deferring\nthe invocation of htab_put_fd_value() is not enough, because the old map\npointers in htab of maps can not be saved during batched deletion.\nTherefore, also defer the invocation of free_htab_elem(), so these\nto-be-freed elements could be linked together similar to lru map.\n\nThere are four callers for ->map_fd_put_ptr:\n\n(1) alloc_htab_elem() (through htab_put_fd_value())\nIt invokes ->map_fd_put_ptr() under a raw_spinlock_t. The invocation of\nhtab_put_fd_value() can not simply move after htab_unlock_bucket(),\nbecause the old element has already been stashed in htab->extra_elems.\nIt may be reused immediately after htab_unlock_bucket() and the\ninvocation of htab_put_fd_value() after htab_unlock_bucket() may release\nthe newly-added element incorrectly. Therefore, saving the map pointer\nof the old element for htab of maps before unlocking the bucket and\nreleasing the map_ptr after unlock. Beside the map pointer in the old\nelement, should do the same thing for the special fields in the old\nelement as well.\n\n(2) free_htab_elem() (through htab_put_fd_value())\nIts caller includes __htab_map_lookup_and_delete_elem(),\nhtab_map_delete_elem() and __htab_map_lookup_and_delete_batch().\n\nFor htab_map_delete_elem(), simply invoke free_htab_elem() after\nhtab_unlock_bucket(). For __htab_map_lookup_and_delete_batch(), just\nlike lru map, linking the to-be-freed element into node_to_free list\nand invoking free_htab_elem() for these element after unlock. It is safe\nto reuse batch_flink as the link for node_to_free, because these\nelements have been removed from the hash llist.\n\nBecause htab of maps doesn't support lookup_and_delete operation,\n__htab_map_lookup_and_delete_elem() doesn't have the problem, so kept\nit as\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/10e8a2dec9ff1b81de8e892b0850924038adbc6d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a50b4aa3007e63a590d501341f304676ebc74b3b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b9e9ed90b10c82a4e9d4d70a2890f06bfcdd3b78", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56593.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56593.json new file mode 100644 index 00000000000..04c1241a7f9 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56593.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56593", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:18.613", + "lastModified": "2024-12-27T15:15:18.613", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw()\n\nThis patch fixes a NULL pointer dereference bug in brcmfmac that occurs\nwhen a high 'sd_sgentry_align' value applies (e.g. 512) and a lot of queued SKBs\nare sent from the pkt queue.\n\nThe problem is the number of entries in the pre-allocated sgtable, it is\nnents = max(rxglom_size, txglom_size) + max(rxglom_size, txglom_size) >> 4 + 1.\nGiven the default [rt]xglom_size=32 it's actually 35 which is too small.\nWorst case, the pkt queue can end up with 64 SKBs. This occurs when a new SKB\nis added for each original SKB if tailroom isn't enough to hold tail_pad.\nAt least one sg entry is needed for each SKB. So, eventually the \"skb_queue_walk loop\"\nin brcmf_sdiod_sglist_rw may run out of sg entries. This makes sg_next return\nNULL and this causes the oops.\n\nThe patch sets nents to max(rxglom_size, txglom_size) * 2 to be able handle\nthe worst-case.\nBtw. this requires only 64-35=29 * 16 (or 20 if CONFIG_NEED_SG_DMA_LENGTH) = 464\nadditional bytes of memory." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/07c020c6d14d29e5a3ea4e4576b8ecf956a80834", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/342f87d263462c2670b77ea9a32074cab2ac6fa1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/34941321b516bd7c6103bd01287d71a1804d19d3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/67a25ea28f8ec1da8894f2f115d01d3becf67dc7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7522d7d745d13fbeff3350fe6aa56c8dae263571", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/857282b819cbaa0675aaab1e7542e2c0579f52d7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dfb3f9d3f602602de208da7bdcc0f6d5ee74af68", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56594.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56594.json new file mode 100644 index 00000000000..93c99958b21 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56594.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56594", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:18.727", + "lastModified": "2024-12-27T15:15:18.727", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: set the right AMDGPU sg segment limitation\n\nThe driver needs to set the correct max_segment_size;\notherwise debug_dma_map_sg() will complain about the\nover-mapping of the AMDGPU sg length as following:\n\nWARNING: CPU: 6 PID: 1964 at kernel/dma/debug.c:1178 debug_dma_map_sg+0x2dc/0x370\n[ 364.049444] Modules linked in: veth amdgpu(OE) amdxcp drm_exec gpu_sched drm_buddy drm_ttm_helper ttm(OE) drm_suballoc_helper drm_display_helper drm_kms_helper i2c_algo_bit rpcsec_gss_krb5 auth_rpcgss nfsv4 nfs lockd grace netfs xt_conntrack xt_MASQUERADE nf_conntrack_netlink xfrm_user xfrm_algo iptable_nat xt_addrtype iptable_filter br_netfilter nvme_fabrics overlay nfnetlink_cttimeout nfnetlink openvswitch nsh nf_conncount nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c bridge stp llc amd_atl intel_rapl_msr intel_rapl_common sunrpc sch_fq_codel snd_hda_codec_realtek snd_hda_codec_generic snd_hda_scodec_component snd_hda_codec_hdmi snd_hda_intel snd_intel_dspcfg edac_mce_amd binfmt_misc snd_hda_codec snd_pci_acp6x snd_hda_core snd_acp_config snd_hwdep snd_soc_acpi kvm_amd snd_pcm kvm snd_seq_midi snd_seq_midi_event crct10dif_pclmul ghash_clmulni_intel sha512_ssse3 snd_rawmidi sha256_ssse3 sha1_ssse3 aesni_intel snd_seq nls_iso8859_1 crypto_simd snd_seq_device cryptd snd_timer rapl input_leds snd\n[ 364.049532] ipmi_devintf wmi_bmof ccp serio_raw k10temp sp5100_tco soundcore ipmi_msghandler cm32181 industrialio mac_hid msr parport_pc ppdev lp parport drm efi_pstore ip_tables x_tables pci_stub crc32_pclmul nvme ahci libahci i2c_piix4 r8169 nvme_core i2c_designware_pci realtek i2c_ccgx_ucsi video wmi hid_generic cdc_ether usbnet usbhid hid r8152 mii\n[ 364.049576] CPU: 6 PID: 1964 Comm: rocminfo Tainted: G OE 6.10.0-custom #492\n[ 364.049579] Hardware name: AMD Majolica-RN/Majolica-RN, BIOS RMJ1009A 06/13/2021\n[ 364.049582] RIP: 0010:debug_dma_map_sg+0x2dc/0x370\n[ 364.049585] Code: 89 4d b8 e8 36 b1 86 00 8b 4d b8 48 8b 55 b0 44 8b 45 a8 4c 8b 4d a0 48 89 c6 48 c7 c7 00 4b 74 bc 4c 89 4d b8 e8 b4 73 f3 ff <0f> 0b 4c 8b 4d b8 8b 15 c8 2c b8 01 85 d2 0f 85 ee fd ff ff 8b 05\n[ 364.049588] RSP: 0018:ffff9ca600b57ac0 EFLAGS: 00010286\n[ 364.049590] RAX: 0000000000000000 RBX: ffff88b7c132b0c8 RCX: 0000000000000027\n[ 364.049592] RDX: ffff88bb0f521688 RSI: 0000000000000001 RDI: ffff88bb0f521680\n[ 364.049594] RBP: ffff9ca600b57b20 R08: 000000000000006f R09: ffff9ca600b57930\n[ 364.049596] R10: ffff9ca600b57928 R11: ffffffffbcb46328 R12: 0000000000000000\n[ 364.049597] R13: 0000000000000001 R14: ffff88b7c19c0700 R15: ffff88b7c9059800\n[ 364.049599] FS: 00007fb2d3516e80(0000) GS:ffff88bb0f500000(0000) knlGS:0000000000000000\n[ 364.049601] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 364.049603] CR2: 000055610bd03598 CR3: 00000001049f6000 CR4: 0000000000350ef0\n[ 364.049605] Call Trace:\n[ 364.049607] \n[ 364.049609] ? show_regs+0x6d/0x80\n[ 364.049614] ? __warn+0x8c/0x140\n[ 364.049618] ? debug_dma_map_sg+0x2dc/0x370\n[ 364.049621] ? report_bug+0x193/0x1a0\n[ 364.049627] ? handle_bug+0x46/0x80\n[ 364.049631] ? exc_invalid_op+0x1d/0x80\n[ 364.049635] ? asm_exc_invalid_op+0x1f/0x30\n[ 364.049642] ? debug_dma_map_sg+0x2dc/0x370\n[ 364.049647] __dma_map_sg_attrs+0x90/0xe0\n[ 364.049651] dma_map_sgtable+0x25/0x40\n[ 364.049654] amdgpu_bo_move+0x59a/0x850 [amdgpu]\n[ 364.049935] ? srso_return_thunk+0x5/0x5f\n[ 364.049939] ? amdgpu_ttm_tt_populate+0x5d/0xc0 [amdgpu]\n[ 364.050095] ttm_bo_handle_move_mem+0xc3/0x180 [ttm]\n[ 364.050103] ttm_bo_validate+0xc1/0x160 [ttm]\n[ 364.050108] ? amdgpu_ttm_tt_get_user_pages+0xe5/0x1b0 [amdgpu]\n[ 364.050263] amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0xa12/0xc90 [amdgpu]\n[ 364.050473] kfd_ioctl_alloc_memory_of_gpu+0x16b/0x3b0 [amdgpu]\n[ 364.050680] kfd_ioctl+0x3c2/0x530 [amdgpu]\n[ 364.050866] ? __pfx_kfd_ioctl_alloc_memory_of_gpu+0x10/0x10 [amdgpu]\n[ 364.05105\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/13c3a54f48a612a117dfd82a9dd91732261e869d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/76581147b05c2adb6b47bbc697521725f10224e4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/76649ccf97e2cd72b62e34ed2fba6e0f89497eab", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b5807a08954fdf914ef80b49aaa6cda965ecc95c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b9e52a96ec92245bf15dabba1d3d862d7a03efb8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e2e97435783979124ba92d6870415c57ecfef6a5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ff0346a74627a5f607a33a3852586f8c7f678329", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56595.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56595.json new file mode 100644 index 00000000000..dd6640720ac --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56595.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56595", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:18.843", + "lastModified": "2024-12-27T15:15:18.843", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add a check to prevent array-index-out-of-bounds in dbAdjTree\n\nWhen the value of lp is 0 at the beginning of the for loop, it will\nbecome negative in the next assignment and we should bail out." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/368a533152220b0a6f1142327d96c6b6361f3002", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3b5d21b56c3774bc84eab0a93aaac22a4475e2c4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/491487eeddccc4bb49f2e59d8c8f35bec89c15ca", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8a4311bbde702362fe7412045d06ab6767235dac", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a174706ba4dad895c40b1d2277bade16dfacdcd9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a3d408870bc19b794646871bc4c3a5daa66f91c5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b15000bcbecf27e0f7c0f149a409e5b865e28ca2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56596.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56596.json new file mode 100644 index 00000000000..2c2ead5fe0b --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56596.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56596", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:18.963", + "lastModified": "2024-12-27T15:15:18.963", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds in jfs_readdir\n\nThe stbl might contain some invalid values. Added a check to\nreturn error code in that case." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/839f102efb168f02dfdd46717b7c6dddb26b015e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8ff7579554571d92e3deab168f5a7d7b146ed368", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/97e693593162eef6851d232f0c8148169ed46a5c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9efe72eefd4c4a7ce63b3e4d667d766d2b360cb4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b62f41aeec9d250144c53875b507c1d45ae8c8fc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e7d376f94f72b020f84e77278b150ec1cc27502c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ff9fc48fab0e1ea0d423c23c99b91bba178f0b05", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56597.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56597.json new file mode 100644 index 00000000000..dd15fc34c2a --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56597.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56597", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:19.080", + "lastModified": "2024-12-27T15:15:19.080", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix shift-out-of-bounds in dbSplit\n\nWhen dmt_budmin is less than zero, it causes errors\nin the later stages. Added a check to return an error beforehand\nin dbAllocCtl itself." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/51a203470f502a64a3da8dcea51c4748e8267a6c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/52756a57e978e2706543a254f88f266cc6702f36", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6676034aa753aa448beb30dbd75630927ba7cd96", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a5f5e4698f8abbb25fe4959814093fb5bfa1aa9d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bbb24ce7f06ef9b7c05beb9340787cbe9fd3d08e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c56245baf3fd1f79145dd7408e3ead034b74255c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/df7c76636952670b31bd6c12b3aed3c502122273", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56598.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56598.json new file mode 100644 index 00000000000..412c3709e94 --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56598.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56598", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:19.200", + "lastModified": "2024-12-27T15:15:19.200", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: array-index-out-of-bounds fix in dtReadFirst\n\nThe value of stbl can be sometimes out of bounds due\nto a bad filesystem. Added a check with appopriate return\nof error code in that case." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/22dcbf7661c6ffc3247978c254dc40b833a0d429", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/25f1e673ef61d6bf9a6022e27936785896d74948", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2eea5fda5556ef03defebf07b0a12fcd2c5210f4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/823d573f5450ca6be80b36f54d1902ac7cd23fb9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8c97a4d5463a1c972ef576ac499ea9b05f956097", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ca84a2c9be482836b86d780244f0357e5a778c46", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fd993b2180b4c373af8b99aa28d4dcda5c2a8f10", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56599.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56599.json new file mode 100644 index 00000000000..134320545ad --- /dev/null +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56599.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56599", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:19.307", + "lastModified": "2024-12-27T15:15:19.307", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath10k: avoid NULL pointer error during sdio remove\n\nWhen running 'rmmod ath10k', ath10k_sdio_remove() will free sdio\nworkqueue by destroy_workqueue(). But if CONFIG_INIT_ON_FREE_DEFAULT_ON\nis set to yes, kernel panic will happen:\nCall trace:\n destroy_workqueue+0x1c/0x258\n ath10k_sdio_remove+0x84/0x94\n sdio_bus_remove+0x50/0x16c\n device_release_driver_internal+0x188/0x25c\n device_driver_detach+0x20/0x2c\n\nThis is because during 'rmmod ath10k', ath10k_sdio_remove() will call\nath10k_core_destroy() before destroy_workqueue(). wiphy_dev_release()\nwill finally be called in ath10k_core_destroy(). This function will free\nstruct cfg80211_registered_device *rdev and all its members, including\nwiphy, dev and the pointer of sdio workqueue. Then the pointer of sdio\nworkqueue will be set to NULL due to CONFIG_INIT_ON_FREE_DEFAULT_ON.\n\nAfter device release, destroy_workqueue() will use NULL pointer then the\nkernel panic happen.\n\nCall trace:\nath10k_sdio_remove\n ->ath10k_core_unregister\n \u2026\u2026\n ->ath10k_core_stop\n ->ath10k_hif_stop\n ->ath10k_sdio_irq_disable\n ->ath10k_hif_power_down\n ->del_timer_sync(&ar_sdio->sleep_timer)\n ->ath10k_core_destroy\n ->ath10k_mac_destroy\n ->ieee80211_free_hw\n ->wiphy_free\n \u2026\u2026\n ->wiphy_dev_release\n ->destroy_workqueue\n\nNeed to call destroy_workqueue() before ath10k_core_destroy(), free\nthe work queue buffer first and then free pointer of work queue by\nath10k_core_destroy(). This order matches the error path order in\nath10k_sdio_probe().\n\nNo work will be queued on sdio workqueue between it is destroyed and\nath10k_core_destroy() is called. Based on the call_stack above, the\nreason is:\nOnly ath10k_sdio_sleep_timer_handler(), ath10k_sdio_hif_tx_sg() and\nath10k_sdio_irq_disable() will queue work on sdio workqueue.\nSleep timer will be deleted before ath10k_core_destroy() in\nath10k_hif_power_down().\nath10k_sdio_irq_disable() only be called in ath10k_hif_stop().\nath10k_core_unregister() will call ath10k_hif_power_down() to stop hif\nbus, so ath10k_sdio_hif_tx_sg() won't be called anymore.\n\nTested-on: QCA6174 hw3.2 SDIO WLAN.RMH.4.4.1-00189" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/543c0924d446b21f35701ca084d7feca09511220", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/95c38953cb1ecf40399a676a1f85dfe2b5780a9a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56600.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56600.json new file mode 100644 index 00000000000..c186414d1e4 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56600.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56600", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:19.410", + "lastModified": "2024-12-27T15:15:19.410", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: inet6: do not leave a dangling sk pointer in inet6_create()\n\nsock_init_data() attaches the allocated sk pointer to the provided sock\nobject. If inet6_create() fails later, the sk object is released, but the\nsock object retains the dangling sk pointer, which may cause use-after-free\nlater.\n\nClear the sock sk pointer on error." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/276a473c956fb55a6f3affa9ff232e10fffa7b43", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/35360255ca30776dee34d9fa764cffa24d0a5f65", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/706b07b7b37f886423846cb38919132090bc40da", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/79e16a0d339532ea832d85798eb036fc4f9e0cea", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9df99c395d0f55fb444ef39f4d6f194ca437d884", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f2709d1271cfdf55c670ab5c5982139ab627ddc7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f44fceb71d72d29fb00e0ac84cdf9c081b03cd06", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56601.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56601.json new file mode 100644 index 00000000000..761c2ac5218 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56601.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56601", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:19.527", + "lastModified": "2024-12-27T15:15:19.527", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: inet: do not leave a dangling sk pointer in inet_create()\n\nsock_init_data() attaches the allocated sk object to the provided sock\nobject. If inet_create() fails later, the sk object is freed, but the\nsock object retains the dangling pointer, which may create use-after-free\nlater.\n\nClear the sk pointer in the sock object on error." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/25447c6aaa7235f155292b0c58a067347e8ae891", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2bc34d8c8898ae9fddf4612501aabb22d76c2b2c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3e8258070b0f2aba66b3ef18883de229674fb288", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/691d6d816f93b2a1008c14178399061466e674ef", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9365fa510c6f82e3aa550a09d0c5c6b44dbc78ff", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b4513cfd3a10c03c660d5d3d26c2e322efbfdd9b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f8a3f255f7509a209292871715cda03779640c8d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56602.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56602.json new file mode 100644 index 00000000000..62a7a93d36c --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56602.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56602", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:19.650", + "lastModified": "2024-12-27T15:15:19.650", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: do not leave a dangling sk pointer in ieee802154_create()\n\nsock_init_data() attaches the allocated sk object to the provided sock\nobject. If ieee802154_create() fails later, the allocated sk object is\nfreed, but the dangling pointer remains in the provided sock object, which\nmay allow use-after-free.\n\nClear the sk pointer in the sock object on error." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/03caa9bfb9fde97fb53d33decd7364514e6825cb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/14959fd7538b3be6d7617d9e60e404d6a8d4fd1f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1d5fe782c0ff068d80933f9cfd0fd39d5434bbc9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2b46994a6e76c8cc5556772932b9b60d03a55cd8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b4982fbf13042e3bb33e04eddfea8b1506b5ea65", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b4fcd63f6ef79c73cafae8cf4a114def5fc3d80d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e8bd6c5f5dc2234b4ea714380aedeea12a781754", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56603.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56603.json new file mode 100644 index 00000000000..23c18f6c3d7 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56603.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56603", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:19.770", + "lastModified": "2024-12-27T15:15:19.770", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: af_can: do not leave a dangling sk pointer in can_create()\n\nOn error can_create() frees the allocated sk object, but sock_init_data()\nhas already attached it to the provided sock object. This will leave a\ndangling sk pointer in the sock object and may cause use-after-free later." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1fe625f12d090d69f3f084990c7e4c1ff94bfe5f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5947c9ac08f0771ea8ed64186b0d52e9029cb6c0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/811a7ca7320c062e15d0f5b171fe6ad8592d1434", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/884ae8bcee749be43a071d6ed2d89058dbd2425c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8df832e6b945e1ba61467d7f1c9305e314ae92fe", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ce39b5576785bb3e66591145aad03d66bc3e778d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/db207d19adbac96058685f6257720906ad41d215", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56604.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56604.json new file mode 100644 index 00000000000..105017813ed --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56604.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-56604", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:19.887", + "lastModified": "2024-12-27T15:15:19.887", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc()\n\nbt_sock_alloc() attaches allocated sk object to the provided sock object.\nIf rfcomm_dlc_alloc() fails, we release the sk object, but leave the\ndangling pointer in the sock object, which may cause use-after-free.\n\nFix this by swapping calls to bt_sock_alloc() and rfcomm_dlc_alloc()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/32df687e129ef0f9afcbcc914f7c32deb28fd481", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3945c799f12b8d1f49a3b48369ca494d981ac465", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6021ccc2471b7b95e29b7cfc7938e042bf56e281", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ac3eaac4cf142a15fe67be747a682b1416efeb6e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56605.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56605.json new file mode 100644 index 00000000000..d8eee180342 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56605.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56605", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:19.980", + "lastModified": "2024-12-27T15:15:19.980", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()\n\nbt_sock_alloc() allocates the sk object and attaches it to the provided\nsock object. On error l2cap_sock_alloc() frees the sk object, but the\ndangling pointer is still attached to the sock object, which may create\nuse-after-free in other code." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/61686abc2f3c2c67822aa23ce6f160467ec83d35", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7c4f78cdb8e7501e9f92d291a7d956591bf73be9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8ad09ddc63ace3950ac43db6fbfe25b40f589dd6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a8677028dd5123e5e525b8195483994d87123de4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bb2f2342a6ddf7c04f9aefbbfe86104cd138e629", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/daa13175a6dea312a76099066cb4cbd4fc959a84", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f6ad641646b67f29c7578dcd6c25813c7dcbf51e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56606.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56606.json new file mode 100644 index 00000000000..62902069f45 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56606.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56606", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:20.087", + "lastModified": "2024-12-27T15:15:20.087", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_packet: avoid erroring out after sock_init_data() in packet_create()\n\nAfter sock_init_data() the allocated sk object is attached to the provided\nsock object. On error, packet_create() frees the sk object leaving the\ndangling pointer in the sock object on return. Some other code may try\nto use this pointer and cause use-after-free." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/132e615bb1d7cdec2d3cfbdec2efa630e923fd21", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/157f08db94123e2ba56877dd0ac88908b13a5dd0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1dc1e1db927056cb323296e2294a855cd003dfe7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/46f2a11cb82b657fd15bab1c47821b635e03838b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/71b22837a5e55ac27d6a14b9cdf2326587405c4f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a6cf750b737374454a4e03a5ed449a3eb0c96414", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fd09880b16d33aa5a7420578e01cd79148fa9829", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56607.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56607.json new file mode 100644 index 00000000000..16b1c0ecb1c --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56607.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56607", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:20.180", + "lastModified": "2024-12-27T15:15:20.180", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask()\n\nWhen I try to manually set bitrates:\n\niw wlan0 set bitrates legacy-2.4 1\n\nI get sleeping from invalid context error, see below. Fix that by switching to\nuse recently introduced ieee80211_iterate_stations_mtx().\n\nDo note that WCN6855 firmware is still crashing, I'm not sure if that firmware\neven supports bitrate WMI commands and should we consider disabling\nath12k_mac_op_set_bitrate_mask() for WCN6855? But that's for another patch.\n\nBUG: sleeping function called from invalid context at drivers/net/wireless/ath/ath12k/wmi.c:420\nin_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 2236, name: iw\npreempt_count: 0, expected: 0\nRCU nest depth: 1, expected: 0\n3 locks held by iw/2236:\n #0: ffffffffabc6f1d8 (cb_lock){++++}-{3:3}, at: genl_rcv+0x14/0x40\n #1: ffff888138410810 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: nl80211_pre_doit+0x54d/0x800 [cfg80211]\n #2: ffffffffab2cfaa0 (rcu_read_lock){....}-{1:2}, at: ieee80211_iterate_stations_atomic+0x2f/0x200 [mac80211]\nCPU: 3 UID: 0 PID: 2236 Comm: iw Not tainted 6.11.0-rc7-wt-ath+ #1772\nHardware name: Intel(R) Client Systems NUC8i7HVK/NUC8i7HVB, BIOS HNKBLi70.86A.0067.2021.0528.1339 05/28/2021\nCall Trace:\n \n dump_stack_lvl+0xa4/0xe0\n dump_stack+0x10/0x20\n __might_resched+0x363/0x5a0\n ? __alloc_skb+0x165/0x340\n __might_sleep+0xad/0x160\n ath12k_wmi_cmd_send+0xb1/0x3d0 [ath12k]\n ? ath12k_wmi_init_wcn7850+0xa40/0xa40 [ath12k]\n ? __netdev_alloc_skb+0x45/0x7b0\n ? __asan_memset+0x39/0x40\n ? ath12k_wmi_alloc_skb+0xf0/0x150 [ath12k]\n ? reacquire_held_locks+0x4d0/0x4d0\n ath12k_wmi_set_peer_param+0x340/0x5b0 [ath12k]\n ath12k_mac_disable_peer_fixed_rate+0xa3/0x110 [ath12k]\n ? ath12k_mac_vdev_stop+0x4f0/0x4f0 [ath12k]\n ieee80211_iterate_stations_atomic+0xd4/0x200 [mac80211]\n ath12k_mac_op_set_bitrate_mask+0x5d2/0x1080 [ath12k]\n ? ath12k_mac_vif_chan+0x320/0x320 [ath12k]\n drv_set_bitrate_mask+0x267/0x470 [mac80211]\n ieee80211_set_bitrate_mask+0x4cc/0x8a0 [mac80211]\n ? __this_cpu_preempt_check+0x13/0x20\n nl80211_set_tx_bitrate_mask+0x2bc/0x530 [cfg80211]\n ? nl80211_parse_tx_bitrate_mask+0x2320/0x2320 [cfg80211]\n ? trace_contention_end+0xef/0x140\n ? rtnl_unlock+0x9/0x10\n ? nl80211_pre_doit+0x557/0x800 [cfg80211]\n genl_family_rcv_msg_doit+0x1f0/0x2e0\n ? genl_family_rcv_msg_attrs_parse.isra.0+0x250/0x250\n ? ns_capable+0x57/0xd0\n genl_family_rcv_msg+0x34c/0x600\n ? genl_family_rcv_msg_dumpit+0x310/0x310\n ? __lock_acquire+0xc62/0x1de0\n ? he_set_mcs_mask.isra.0+0x8d0/0x8d0 [cfg80211]\n ? nl80211_parse_tx_bitrate_mask+0x2320/0x2320 [cfg80211]\n ? cfg80211_external_auth_request+0x690/0x690 [cfg80211]\n genl_rcv_msg+0xa0/0x130\n netlink_rcv_skb+0x14c/0x400\n ? genl_family_rcv_msg+0x600/0x600\n ? netlink_ack+0xd70/0xd70\n ? rwsem_optimistic_spin+0x4f0/0x4f0\n ? genl_rcv+0x14/0x40\n ? down_read_killable+0x580/0x580\n ? netlink_deliver_tap+0x13e/0x350\n ? __this_cpu_preempt_check+0x13/0x20\n genl_rcv+0x23/0x40\n netlink_unicast+0x45e/0x790\n ? netlink_attachskb+0x7f0/0x7f0\n netlink_sendmsg+0x7eb/0xdb0\n ? netlink_unicast+0x790/0x790\n ? __this_cpu_preempt_check+0x13/0x20\n ? selinux_socket_sendmsg+0x31/0x40\n ? netlink_unicast+0x790/0x790\n __sock_sendmsg+0xc9/0x160\n ____sys_sendmsg+0x620/0x990\n ? kernel_sendmsg+0x30/0x30\n ? __copy_msghdr+0x410/0x410\n ? __kasan_check_read+0x11/0x20\n ? mark_lock+0xe6/0x1470\n ___sys_sendmsg+0xe9/0x170\n ? copy_msghdr_from_user+0x120/0x120\n ? __lock_acquire+0xc62/0x1de0\n ? do_fault_around+0x2c6/0x4e0\n ? do_user_addr_fault+0x8c1/0xde0\n ? reacquire_held_locks+0x220/0x4d0\n ? do_user_addr_fault+0x8c1/0xde0\n ? __kasan_check_read+0x11/0x20\n ? __fdget+0x4e/0x1d0\n ? sockfd_lookup_light+0x1a/0x170\n __sys_sendmsg+0xd2/0x180\n ? __sys_sendmsg_sock+0x20/0x20\n ? reacquire_held_locks+0x4d0/0x4d0\n ? debug_smp_processor_id+0x17/0x20\n __x64_sys_sendmsg+0x72/0xb0\n ? lockdep_hardirqs_on+0x7d/0x100\n x64_sys_call+0x894/0x9f0\n do_syscall_64+0x64/0x130\n entry_SYSCALL_64_after_\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2093f062b26805789b73f2af214691475d9baa29", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8fac3266c68a8e647240b8ac8d0b82f1821edf85", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56608.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56608.json new file mode 100644 index 00000000000..660ae8b5ae6 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56608.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56608", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:20.283", + "lastModified": "2024-12-27T15:15:20.283", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create'\n\nAn issue was identified in the dcn21_link_encoder_create function where\nan out-of-bounds access could occur when the hpd_source index was used\nto reference the link_enc_hpd_regs array. This array has a fixed size\nand the index was not being checked against the array's bounds before\naccessing it.\n\nThis fix adds a conditional check to ensure that the hpd_source index is\nwithin the valid range of the link_enc_hpd_regs array. If the index is\nout of bounds, the function now returns NULL to prevent undefined\nbehavior.\n\nReferences:\n\n[ 65.920507] ------------[ cut here ]------------\n[ 65.920510] UBSAN: array-index-out-of-bounds in drivers/gpu/drm/amd/amdgpu/../display/dc/resource/dcn21/dcn21_resource.c:1312:29\n[ 65.920519] index 7 is out of range for type 'dcn10_link_enc_hpd_registers [5]'\n[ 65.920523] CPU: 3 PID: 1178 Comm: modprobe Tainted: G OE 6.8.0-cleanershaderfeatureresetasdntipmi200nv2132 #13\n[ 65.920525] Hardware name: AMD Majolica-RN/Majolica-RN, BIOS WMJ0429N_Weekly_20_04_2 04/29/2020\n[ 65.920527] Call Trace:\n[ 65.920529] \n[ 65.920532] dump_stack_lvl+0x48/0x70\n[ 65.920541] dump_stack+0x10/0x20\n[ 65.920543] __ubsan_handle_out_of_bounds+0xa2/0xe0\n[ 65.920549] dcn21_link_encoder_create+0xd9/0x140 [amdgpu]\n[ 65.921009] link_create+0x6d3/0xed0 [amdgpu]\n[ 65.921355] create_links+0x18a/0x4e0 [amdgpu]\n[ 65.921679] dc_create+0x360/0x720 [amdgpu]\n[ 65.921999] ? dmi_matches+0xa0/0x220\n[ 65.922004] amdgpu_dm_init+0x2b6/0x2c90 [amdgpu]\n[ 65.922342] ? console_unlock+0x77/0x120\n[ 65.922348] ? dev_printk_emit+0x86/0xb0\n[ 65.922354] dm_hw_init+0x15/0x40 [amdgpu]\n[ 65.922686] amdgpu_device_init+0x26a8/0x33a0 [amdgpu]\n[ 65.922921] amdgpu_driver_load_kms+0x1b/0xa0 [amdgpu]\n[ 65.923087] amdgpu_pci_probe+0x1b7/0x630 [amdgpu]\n[ 65.923087] local_pci_probe+0x4b/0xb0\n[ 65.923087] pci_device_probe+0xc8/0x280\n[ 65.923087] really_probe+0x187/0x300\n[ 65.923087] __driver_probe_device+0x85/0x130\n[ 65.923087] driver_probe_device+0x24/0x110\n[ 65.923087] __driver_attach+0xac/0x1d0\n[ 65.923087] ? __pfx___driver_attach+0x10/0x10\n[ 65.923087] bus_for_each_dev+0x7d/0xd0\n[ 65.923087] driver_attach+0x1e/0x30\n[ 65.923087] bus_add_driver+0xf2/0x200\n[ 65.923087] driver_register+0x64/0x130\n[ 65.923087] ? __pfx_amdgpu_init+0x10/0x10 [amdgpu]\n[ 65.923087] __pci_register_driver+0x61/0x70\n[ 65.923087] amdgpu_init+0x7d/0xff0 [amdgpu]\n[ 65.923087] do_one_initcall+0x49/0x310\n[ 65.923087] ? kmalloc_trace+0x136/0x360\n[ 65.923087] do_init_module+0x6a/0x270\n[ 65.923087] load_module+0x1fce/0x23a0\n[ 65.923087] init_module_from_file+0x9c/0xe0\n[ 65.923087] ? init_module_from_file+0x9c/0xe0\n[ 65.923087] idempotent_init_module+0x179/0x230\n[ 65.923087] __x64_sys_finit_module+0x5d/0xa0\n[ 65.923087] do_syscall_64+0x76/0x120\n[ 65.923087] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n[ 65.923087] RIP: 0033:0x7f2d80f1e88d\n[ 65.923087] Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 73 b5 0f 00 f7 d8 64 89 01 48\n[ 65.923087] RSP: 002b:00007ffc7bc1aa78 EFLAGS: 00000246 ORIG_RAX: 0000000000000139\n[ 65.923087] RAX: ffffffffffffffda RBX: 0000564c9c1db130 RCX: 00007f2d80f1e88d\n[ 65.923087] RDX: 0000000000000000 RSI: 0000564c9c1e5480 RDI: 000000000000000f\n[ 65.923087] RBP: 0000000000040000 R08: 0000000000000000 R09: 0000000000000002\n[ 65.923087] R10: 000000000000000f R11: 0000000000000246 R12: 0000564c9c1e5480\n[ 65.923087] R13: 0000564c9c1db260 R14: 0000000000000000 R15: 0000564c9c1e54b0\n[ 65.923087] \n[ 65.923927] ---[ end trace ]---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/63de35a8fcfca59ae8750d469a7eb220c7557baf", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f01ddd589e162979421e6914b1c74018633f01e0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56609.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56609.json new file mode 100644 index 00000000000..349591d5fae --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56609.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56609", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:20.387", + "lastModified": "2024-12-27T15:15:20.387", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb\n\nWhen removing kernel modules by:\n rmmod rtw88_8723cs rtw88_8703b rtw88_8723x rtw88_sdio rtw88_core\n\nDriver uses skb_queue_purge() to purge TX skb, but not report tx status\ncausing \"Have pending ack frames!\" warning. Use ieee80211_purge_tx_queue()\nto correct this.\n\nSince ieee80211_purge_tx_queue() doesn't take locks, to prevent racing\nbetween TX work and purge TX queue, flush and destroy TX work in advance.\n\n wlan0: deauthenticating from aa:f5:fd:60:4c:a8 by local\n choice (Reason: 3=DEAUTH_LEAVING)\n ------------[ cut here ]------------\n Have pending ack frames!\n WARNING: CPU: 3 PID: 9232 at net/mac80211/main.c:1691\n ieee80211_free_ack_frame+0x5c/0x90 [mac80211]\n CPU: 3 PID: 9232 Comm: rmmod Tainted: G C\n 6.10.1-200.fc40.aarch64 #1\n Hardware name: pine64 Pine64 PinePhone Braveheart\n (1.1)/Pine64 PinePhone Braveheart (1.1), BIOS 2024.01 01/01/2024\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : ieee80211_free_ack_frame+0x5c/0x90 [mac80211]\n lr : ieee80211_free_ack_frame+0x5c/0x90 [mac80211]\n sp : ffff80008c1b37b0\n x29: ffff80008c1b37b0 x28: ffff000003be8000 x27: 0000000000000000\n x26: 0000000000000000 x25: ffff000003dc14b8 x24: ffff80008c1b37d0\n x23: ffff000000ff9f80 x22: 0000000000000000 x21: 000000007fffffff\n x20: ffff80007c7e93d8 x19: ffff00006e66f400 x18: 0000000000000000\n x17: ffff7ffffd2b3000 x16: ffff800083fc0000 x15: 0000000000000000\n x14: 0000000000000000 x13: 2173656d61726620 x12: 6b636120676e6964\n x11: 0000000000000000 x10: 000000000000005d x9 : ffff8000802af2b0\n x8 : ffff80008c1b3430 x7 : 0000000000000001 x6 : 0000000000000001\n x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff000003be8000\n Call trace:\n ieee80211_free_ack_frame+0x5c/0x90 [mac80211]\n idr_for_each+0x74/0x110\n ieee80211_free_hw+0x44/0xe8 [mac80211]\n rtw_sdio_remove+0x9c/0xc0 [rtw88_sdio]\n sdio_bus_remove+0x44/0x180\n device_remove+0x54/0x90\n device_release_driver_internal+0x1d4/0x238\n driver_detach+0x54/0xc0\n bus_remove_driver+0x78/0x108\n driver_unregister+0x38/0x78\n sdio_unregister_driver+0x2c/0x40\n rtw_8723cs_driver_exit+0x18/0x1000 [rtw88_8723cs]\n __do_sys_delete_module.isra.0+0x190/0x338\n __arm64_sys_delete_module+0x1c/0x30\n invoke_syscall+0x74/0x100\n el0_svc_common.constprop.0+0x48/0xf0\n do_el0_svc+0x24/0x38\n el0_svc+0x3c/0x158\n el0t_64_sync_handler+0x120/0x138\n el0t_64_sync+0x194/0x198\n ---[ end trace 0000000000000000 ]---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/3e5e4a801aaf4283390cc34959c6c48f910ca5ea", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9bca6528f20325d30c22236b23116f161d418f6d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56610.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56610.json new file mode 100644 index 00000000000..4877299e52f --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56610.json @@ -0,0 +1,41 @@ +{ + "id": "CVE-2024-56610", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:20.490", + "lastModified": "2024-12-27T15:15:20.490", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkcsan: Turn report_filterlist_lock into a raw_spinlock\n\nRan Xiaokai reports that with a KCSAN-enabled PREEMPT_RT kernel, we can see\nsplats like:\n\n| BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n| in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 0, name: swapper/1\n| preempt_count: 10002, expected: 0\n| RCU nest depth: 0, expected: 0\n| no locks held by swapper/1/0.\n| irq event stamp: 156674\n| hardirqs last enabled at (156673): [] do_idle+0x1f9/0x240\n| hardirqs last disabled at (156674): [] sysvec_apic_timer_interrupt+0x14/0xc0\n| softirqs last enabled at (0): [] copy_process+0xfc7/0x4b60\n| softirqs last disabled at (0): [<0000000000000000>] 0x0\n| Preemption disabled at:\n| [] paint_ptr+0x2a/0x90\n| CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.11.0+ #3\n| Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.0-0-ga698c8995f-prebuilt.qemu.org 04/01/2014\n| Call Trace:\n| \n| dump_stack_lvl+0x7e/0xc0\n| dump_stack+0x1d/0x30\n| __might_resched+0x1a2/0x270\n| rt_spin_lock+0x68/0x170\n| kcsan_skip_report_debugfs+0x43/0xe0\n| print_report+0xb5/0x590\n| kcsan_report_known_origin+0x1b1/0x1d0\n| kcsan_setup_watchpoint+0x348/0x650\n| __tsan_unaligned_write1+0x16d/0x1d0\n| hrtimer_interrupt+0x3d6/0x430\n| __sysvec_apic_timer_interrupt+0xe8/0x3a0\n| sysvec_apic_timer_interrupt+0x97/0xc0\n| \n\nOn a detected data race, KCSAN's reporting logic checks if it should\nfilter the report. That list is protected by the report_filterlist_lock\n*non-raw* spinlock which may sleep on RT kernels.\n\nSince KCSAN may report data races in any context, convert it to a\nraw_spinlock.\n\nThis requires being careful about when to allocate memory for the filter\nlist itself which can be done via KCSAN's debugfs interface. Concurrent\nmodification of the filter list via debugfs should be rare: the chosen\nstrategy is to optimistically pre-allocate memory before the critical\nsection and discard if unused." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0ab4951c1473c7d1ceaf1232eb927109cd1c4859", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/59458fa4ddb47e7891c61b4a928d13d5f5b00aa0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/889a0d3a35fdedba1c5dcb6410c95c32421680ec", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dca4e74a918586913d251c0b359e8cc96a3883ea", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ea6588abcc15d68fdeae777ffe3dd74c02eab407", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f4f2ef66d288ea796ddb8ecbdc2df074ab2d5f4d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56611.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56611.json new file mode 100644 index 00000000000..1892e3ba733 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56611.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56611", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:20.587", + "lastModified": "2024-12-27T15:15:20.587", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM\n\nWe currently assume that there is at least one VMA in a MM, which isn't\ntrue.\n\nSo we might end up having find_vma() return NULL, to then de-reference\nNULL. So properly handle find_vma() returning NULL.\n\nThis fixes the report:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 1 UID: 0 PID: 6021 Comm: syz-executor284 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024\nRIP: 0010:migrate_to_node mm/mempolicy.c:1090 [inline]\nRIP: 0010:do_migrate_pages+0x403/0x6f0 mm/mempolicy.c:1194\nCode: ...\nRSP: 0018:ffffc9000375fd08 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffffc9000375fd78 RCX: 0000000000000000\nRDX: ffff88807e171300 RSI: dffffc0000000000 RDI: ffff88803390c044\nRBP: ffff88807e171428 R08: 0000000000000014 R09: fffffbfff2039ef1\nR10: ffffffff901cf78f R11: 0000000000000000 R12: 0000000000000003\nR13: ffffc9000375fe90 R14: ffffc9000375fe98 R15: ffffc9000375fdf8\nFS: 00005555919e1380(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005555919e1ca8 CR3: 000000007f12a000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n kernel_migrate_pages+0x5b2/0x750 mm/mempolicy.c:1709\n __do_sys_migrate_pages mm/mempolicy.c:1727 [inline]\n __se_sys_migrate_pages mm/mempolicy.c:1723 [inline]\n __x64_sys_migrate_pages+0x96/0x100 mm/mempolicy.c:1723\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n[akpm@linux-foundation.org: add unlikely()]" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/091c1dd2d4df6edd1beebe0e5863d4034ade9572", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/42d9fe2adf8613f9eea1f0c2619c9e2611eae0ea", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a13b2b9b0b0b04612c7d81e3b3dfb485c5f7abc3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56612.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56612.json new file mode 100644 index 00000000000..33f4ca00f95 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56612.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56612", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:20.687", + "lastModified": "2024-12-27T15:15:20.687", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/gup: handle NULL pages in unpin_user_pages()\n\nThe recent addition of \"pofs\" (pages or folios) handling to gup has a\nflaw: it assumes that unpin_user_pages() handles NULL pages in the pages**\narray. That's not the case, as I discovered when I ran on a new\nconfiguration on my test machine.\n\nFix this by skipping NULL pages in unpin_user_pages(), just like\nunpin_folios() already does.\n\nDetails: when booting on x86 with \"numa=fake=2 movablecore=4G\" on Linux\n6.12, and running this:\n\n tools/testing/selftests/mm/gup_longterm\n\n...I get the following crash:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nRIP: 0010:sanity_check_pinned_pages+0x3a/0x2d0\n...\nCall Trace:\n \n ? __die_body+0x66/0xb0\n ? page_fault_oops+0x30c/0x3b0\n ? do_user_addr_fault+0x6c3/0x720\n ? irqentry_enter+0x34/0x60\n ? exc_page_fault+0x68/0x100\n ? asm_exc_page_fault+0x22/0x30\n ? sanity_check_pinned_pages+0x3a/0x2d0\n unpin_user_pages+0x24/0xe0\n check_and_migrate_movable_pages_or_folios+0x455/0x4b0\n __gup_longterm_locked+0x3bf/0x820\n ? mmap_read_lock_killable+0x12/0x50\n ? __pfx_mmap_read_lock_killable+0x10/0x10\n pin_user_pages+0x66/0xa0\n gup_test_ioctl+0x358/0xb20\n __se_sys_ioctl+0x6b/0xc0\n do_syscall_64+0x7b/0x150\n entry_SYSCALL_64_after_hwframe+0x76/0x7e" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/69d319450d1c651f3b05cd820ff285fdd810c032", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a1268be280d8e484ab3606d7476edd0f14bb9961", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56613.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56613.json new file mode 100644 index 00000000000..172f21b4e7d --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56613.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56613", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:20.793", + "lastModified": "2024-12-27T15:15:20.793", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: fix memory leak due to the overwritten vma->numab_state\n\n[Problem Description]\nWhen running the hackbench program of LTP, the following memory leak is\nreported by kmemleak.\n\n # /opt/ltp/testcases/bin/hackbench 20 thread 1000\n Running with 20*40 (== 800) tasks.\n\n # dmesg | grep kmemleak\n ...\n kmemleak: 480 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\n kmemleak: 665 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\n\n # cat /sys/kernel/debug/kmemleak\n unreferenced object 0xffff888cd8ca2c40 (size 64):\n comm \"hackbench\", pid 17142, jiffies 4299780315\n hex dump (first 32 bytes):\n ac 74 49 00 01 00 00 00 4c 84 49 00 01 00 00 00 .tI.....L.I.....\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc bff18fd4):\n [] __kmalloc_cache_noprof+0x2f9/0x3f0\n [] task_numa_work+0x725/0xa00\n [] task_work_run+0x58/0x90\n [] syscall_exit_to_user_mode+0x1c8/0x1e0\n [] do_syscall_64+0x85/0x150\n [] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n ...\n\nThis issue can be consistently reproduced on three different servers:\n * a 448-core server\n * a 256-core server\n * a 192-core server\n\n[Root Cause]\nSince multiple threads are created by the hackbench program (along with\nthe command argument 'thread'), a shared vma might be accessed by two or\nmore cores simultaneously. When two or more cores observe that\nvma->numab_state is NULL at the same time, vma->numab_state will be\noverwritten.\n\nAlthough current code ensures that only one thread scans the VMAs in a\nsingle 'numa_scan_period', there might be a chance for another thread\nto enter in the next 'numa_scan_period' while we have not gotten till\nnumab_state allocation [1].\n\nNote that the command `/opt/ltp/testcases/bin/hackbench 50 process 1000`\ncannot the reproduce the issue. It is verified with 200+ test runs.\n\n[Solution]\nUse the cmpxchg atomic operation to ensure that only one thread executes\nthe vma->numab_state assignment.\n\n[1] https://lore.kernel.org/lkml/1794be3c-358c-4cdc-a43d-a1f841d91ef7@amd.com/" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/5f1b64e9a9b7ee9cfd32c6b2fab796e29bfed075", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8f149bcc4d91ac92b32ff4949b291e6ed883dc42", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a71ddd5b87cda687efa28e049e85e923689bcef9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56614.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56614.json new file mode 100644 index 00000000000..d468da30dcf --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56614.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2024-56614", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:20.897", + "lastModified": "2024-12-27T15:15:20.897", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: fix OOB map writes when deleting elements\n\nJordy says:\n\n\"\nIn the xsk_map_delete_elem function an unsigned integer\n(map->max_entries) is compared with a user-controlled signed integer\n(k). Due to implicit type conversion, a large unsigned value for\nmap->max_entries can bypass the intended bounds check:\n\n\tif (k >= map->max_entries)\n\t\treturn -EINVAL;\n\nThis allows k to hold a negative value (between -2147483648 and -2),\nwhich is then used as an array index in m->xsk_map[k], which results\nin an out-of-bounds access.\n\n\tspin_lock_bh(&m->lock);\n\tmap_entry = &m->xsk_map[k]; // Out-of-bounds map_entry\n\told_xs = unrcu_pointer(xchg(map_entry, NULL)); // Oob write\n\tif (old_xs)\n\t\txsk_map_sock_delete(old_xs, map_entry);\n\tspin_unlock_bh(&m->lock);\n\nThe xchg operation can then be used to cause an out-of-bounds write.\nMoreover, the invalid map_entry passed to xsk_map_sock_delete can lead\nto further memory corruption.\n\"\n\nIt indeed results in following splat:\n\n[76612.897343] BUG: unable to handle page fault for address: ffffc8fc2e461108\n[76612.904330] #PF: supervisor write access in kernel mode\n[76612.909639] #PF: error_code(0x0002) - not-present page\n[76612.914855] PGD 0 P4D 0\n[76612.917431] Oops: Oops: 0002 [#1] PREEMPT SMP\n[76612.921859] CPU: 11 UID: 0 PID: 10318 Comm: a.out Not tainted 6.12.0-rc1+ #470\n[76612.929189] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0008.031920191559 03/19/2019\n[76612.939781] RIP: 0010:xsk_map_delete_elem+0x2d/0x60\n[76612.944738] Code: 00 00 41 54 55 53 48 63 2e 3b 6f 24 73 38 4c 8d a7 f8 00 00 00 48 89 fb 4c 89 e7 e8 2d bf 05 00 48 8d b4 eb 00 01 00 00 31 ff <48> 87 3e 48 85 ff 74 05 e8 16 ff ff ff 4c 89 e7 e8 3e bc 05 00 31\n[76612.963774] RSP: 0018:ffffc9002e407df8 EFLAGS: 00010246\n[76612.969079] RAX: 0000000000000000 RBX: ffffc9002e461000 RCX: 0000000000000000\n[76612.976323] RDX: 0000000000000001 RSI: ffffc8fc2e461108 RDI: 0000000000000000\n[76612.983569] RBP: ffffffff80000001 R08: 0000000000000000 R09: 0000000000000007\n[76612.990812] R10: ffffc9002e407e18 R11: ffff888108a38858 R12: ffffc9002e4610f8\n[76612.998060] R13: ffff888108a38858 R14: 00007ffd1ae0ac78 R15: ffffc9002e4610c0\n[76613.005303] FS: 00007f80b6f59740(0000) GS:ffff8897e0ec0000(0000) knlGS:0000000000000000\n[76613.013517] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[76613.019349] CR2: ffffc8fc2e461108 CR3: 000000011e3ef001 CR4: 00000000007726f0\n[76613.026595] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[76613.033841] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[76613.041086] PKRU: 55555554\n[76613.043842] Call Trace:\n[76613.046331] \n[76613.048468] ? __die+0x20/0x60\n[76613.051581] ? page_fault_oops+0x15a/0x450\n[76613.055747] ? search_extable+0x22/0x30\n[76613.059649] ? search_bpf_extables+0x5f/0x80\n[76613.063988] ? exc_page_fault+0xa9/0x140\n[76613.067975] ? asm_exc_page_fault+0x22/0x30\n[76613.072229] ? xsk_map_delete_elem+0x2d/0x60\n[76613.076573] ? xsk_map_delete_elem+0x23/0x60\n[76613.080914] __sys_bpf+0x19b7/0x23c0\n[76613.084555] __x64_sys_bpf+0x1a/0x20\n[76613.088194] do_syscall_64+0x37/0xb0\n[76613.091832] entry_SYSCALL_64_after_hwframe+0x4b/0x53\n[76613.096962] RIP: 0033:0x7f80b6d1e88d\n[76613.100592] Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 73 b5 0f 00 f7 d8 64 89 01 48\n[76613.119631] RSP: 002b:00007ffd1ae0ac68 EFLAGS: 00000206 ORIG_RAX: 0000000000000141\n[76613.131330] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f80b6d1e88d\n[76613.142632] RDX: 0000000000000098 RSI: 00007ffd1ae0ad20 RDI: 0000000000000003\n[76613.153967] RBP: 00007ffd1ae0adc0 R08: 0000000000000000 R09: 0000000000000000\n[76613.166030] R10: 00007f80b6f77040 R11: 0000000000000206 R12: 00007ffd1ae0aed8\n[76613.177130] R13: 000055ddf42ce1e9 R14: 000055ddf42d0d98 R15: 00\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/32cd3db7de97c0c7a018756ce66244342fd583f0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4d03f705e9d7aabebc6bfa5810f8aab6d176cbb7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d486b5741d987d3e0e6be4ac22cafdf94e6d1a47", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ed08c93d5a9801cc8f224a046411fd603c538d07", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f8abd03f83d5fe81e76eb93e2c4373eb9f75fd8a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56615.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56615.json new file mode 100644 index 00000000000..f12ebc0d9b4 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56615.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56615", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:21.013", + "lastModified": "2024-12-27T15:15:21.013", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: fix OOB devmap writes when deleting elements\n\nJordy reported issue against XSKMAP which also applies to DEVMAP - the\nindex used for accessing map entry, due to being a signed integer,\ncauses the OOB writes. Fix is simple as changing the type from int to\nu32, however, when compared to XSKMAP case, one more thing needs to be\naddressed.\n\nWhen map is released from system via dev_map_free(), we iterate through\nall of the entries and an iterator variable is also an int, which\nimplies OOB accesses. Again, change it to be u32.\n\nExample splat below:\n\n[ 160.724676] BUG: unable to handle page fault for address: ffffc8fc2c001000\n[ 160.731662] #PF: supervisor read access in kernel mode\n[ 160.736876] #PF: error_code(0x0000) - not-present page\n[ 160.742095] PGD 0 P4D 0\n[ 160.744678] Oops: Oops: 0000 [#1] PREEMPT SMP\n[ 160.749106] CPU: 1 UID: 0 PID: 520 Comm: kworker/u145:12 Not tainted 6.12.0-rc1+ #487\n[ 160.757050] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0008.031920191559 03/19/2019\n[ 160.767642] Workqueue: events_unbound bpf_map_free_deferred\n[ 160.773308] RIP: 0010:dev_map_free+0x77/0x170\n[ 160.777735] Code: 00 e8 fd 91 ed ff e8 b8 73 ed ff 41 83 7d 18 19 74 6e 41 8b 45 24 49 8b bd f8 00 00 00 31 db 85 c0 74 48 48 63 c3 48 8d 04 c7 <48> 8b 28 48 85 ed 74 30 48 8b 7d 18 48 85 ff 74 05 e8 b3 52 fa ff\n[ 160.796777] RSP: 0018:ffffc9000ee1fe38 EFLAGS: 00010202\n[ 160.802086] RAX: ffffc8fc2c001000 RBX: 0000000080000000 RCX: 0000000000000024\n[ 160.809331] RDX: 0000000000000000 RSI: 0000000000000024 RDI: ffffc9002c001000\n[ 160.816576] RBP: 0000000000000000 R08: 0000000000000023 R09: 0000000000000001\n[ 160.823823] R10: 0000000000000001 R11: 00000000000ee6b2 R12: dead000000000122\n[ 160.831066] R13: ffff88810c928e00 R14: ffff8881002df405 R15: 0000000000000000\n[ 160.838310] FS: 0000000000000000(0000) GS:ffff8897e0c40000(0000) knlGS:0000000000000000\n[ 160.846528] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 160.852357] CR2: ffffc8fc2c001000 CR3: 0000000005c32006 CR4: 00000000007726f0\n[ 160.859604] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 160.866847] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 160.874092] PKRU: 55555554\n[ 160.876847] Call Trace:\n[ 160.879338] \n[ 160.881477] ? __die+0x20/0x60\n[ 160.884586] ? page_fault_oops+0x15a/0x450\n[ 160.888746] ? search_extable+0x22/0x30\n[ 160.892647] ? search_bpf_extables+0x5f/0x80\n[ 160.896988] ? exc_page_fault+0xa9/0x140\n[ 160.900973] ? asm_exc_page_fault+0x22/0x30\n[ 160.905232] ? dev_map_free+0x77/0x170\n[ 160.909043] ? dev_map_free+0x58/0x170\n[ 160.912857] bpf_map_free_deferred+0x51/0x90\n[ 160.917196] process_one_work+0x142/0x370\n[ 160.921272] worker_thread+0x29e/0x3b0\n[ 160.925082] ? rescuer_thread+0x4b0/0x4b0\n[ 160.929157] kthread+0xd4/0x110\n[ 160.932355] ? kthread_park+0x80/0x80\n[ 160.936079] ret_from_fork+0x2d/0x50\n[ 160.943396] ? kthread_park+0x80/0x80\n[ 160.950803] ret_from_fork_asm+0x11/0x20\n[ 160.958482] " + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0f170e91d3063ca60baec4bd9f544faf3bfe29eb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/178e31df1fb3d9e0890eb471da16709cbc82edee", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/70f3de869865f9c3da0508a5ea29f6f4c1889057", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8e858930695d3ebec423e85384c95427258c294f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/98c03d05936d846073df8f550e9e8bf0dde1d77f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ab244dd7cf4c291f82faacdc50b45cc0f55b674d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ad34306ac6836e5dd096b7d0ad4aa20cb7c8d9e5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56616.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56616.json new file mode 100644 index 00000000000..95e3f10e1bd --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56616.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-56616", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:21.120", + "lastModified": "2024-12-27T15:15:21.120", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/dp_mst: Fix MST sideband message body length check\n\nFix the MST sideband message body length check, which must be at least 1\nbyte accounting for the message body CRC (aka message data CRC) at the\nend of the message.\n\nThis fixes a case where an MST branch device returns a header with a\ncorrect header CRC (indicating a correctly received body length), with\nthe body length being incorrectly set to 0. This will later lead to a\nmemory corruption in drm_dp_sideband_append_payload() and the following\nerrors in dmesg:\n\n UBSAN: array-index-out-of-bounds in drivers/gpu/drm/display/drm_dp_mst_topology.c:786:25\n index -1 is out of range for type 'u8 [48]'\n Call Trace:\n drm_dp_sideband_append_payload+0x33d/0x350 [drm_display_helper]\n drm_dp_get_one_sb_msg+0x3ce/0x5f0 [drm_display_helper]\n drm_dp_mst_hpd_irq_handle_event+0xc8/0x1580 [drm_display_helper]\n\n memcpy: detected field-spanning write (size 18446744073709551615) of single field \"&msg->msg[msg->curlen]\" at drivers/gpu/drm/display/drm_dp_mst_topology.c:791 (size 256)\n Call Trace:\n drm_dp_sideband_append_payload+0x324/0x350 [drm_display_helper]\n drm_dp_get_one_sb_msg+0x3ce/0x5f0 [drm_display_helper]\n drm_dp_mst_hpd_irq_handle_event+0xc8/0x1580 [drm_display_helper]" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1fc1f32c4a3421b9d803f18ec3ef49db2fb5d5ef", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/780fa184d4dc38ad6c4fded345ab8f9be7a63e96", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bd2fccac61b40eaf08d9546acc9fef958bfe4763", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c58947a8d4a500902597ee1dbadf0518d7ff8801", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56617.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56617.json new file mode 100644 index 00000000000..6bfc4c5f798 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56617.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56617", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:21.227", + "lastModified": "2024-12-27T15:15:21.227", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU\n\nCommit\n\n 5944ce092b97 (\"arch_topology: Build cacheinfo from primary CPU\")\n\nadds functionality that architectures can use to optionally allocate and\nbuild cacheinfo early during boot. Commit\n\n 6539cffa9495 (\"cacheinfo: Add arch specific early level initializer\")\n\nlets secondary CPUs correct (and reallocate memory) cacheinfo data if\nneeded.\n\nIf the early build functionality is not used and cacheinfo does not need\ncorrection, memory for cacheinfo is never allocated. x86 does not use\nthe early build functionality. Consequently, during the cacheinfo CPU\nhotplug callback, last_level_cache_is_valid() attempts to dereference\na NULL pointer:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000100\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEPMT SMP NOPTI\n CPU: 0 PID 19 Comm: cpuhp/0 Not tainted 6.4.0-rc2 #1\n RIP: 0010: last_level_cache_is_valid+0x95/0xe0a\n\nAllocate memory for cacheinfo during the cacheinfo CPU hotplug callback\nif not done earlier.\n\nMoreover, before determining the validity of the last-level cache info,\nensure that it has been allocated. Simply checking for non-zero\ncache_leaves() is not sufficient, as some architectures (e.g., Intel\nprocessors) have non-zero cache_leaves() before allocation.\n\nDereferencing NULL cacheinfo can occur in update_per_cpu_data_slice_size().\nThis function iterates over all online CPUs. However, a CPU may have come\nonline recently, but its cacheinfo may not have been allocated yet.\n\nWhile here, remove an unnecessary indentation in allocate_cache_info().\n\n [ bp: Massage. ]" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/23b5908b11b77ff8d7b8f7b8f11cbab2e1f4bfc2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/95e197354e0de07e9a20819bdae6562e4dda0f20", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b3fce429a1e030b50c1c91351d69b8667eef627b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56618.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56618.json new file mode 100644 index 00000000000..be479e1e3e1 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56618.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56618", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:21.337", + "lastModified": "2024-12-27T15:15:21.337", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: imx: gpcv2: Adjust delay after power up handshake\n\nThe udelay(5) is not enough, sometimes below kernel panic\nstill be triggered:\n\n[ 4.012973] Kernel panic - not syncing: Asynchronous SError Interrupt\n[ 4.012976] CPU: 2 UID: 0 PID: 186 Comm: (udev-worker) Not tainted 6.12.0-rc2-0.0.0-devel-00004-g8b1b79e88956 #1\n[ 4.012982] Hardware name: Toradex Verdin iMX8M Plus WB on Dahlia Board (DT)\n[ 4.012985] Call trace:\n[...]\n[ 4.013029] arm64_serror_panic+0x64/0x70\n[ 4.013034] do_serror+0x3c/0x70\n[ 4.013039] el1h_64_error_handler+0x30/0x54\n[ 4.013046] el1h_64_error+0x64/0x68\n[ 4.013050] clk_imx8mp_audiomix_runtime_resume+0x38/0x48\n[ 4.013059] __genpd_runtime_resume+0x30/0x80\n[ 4.013066] genpd_runtime_resume+0x114/0x29c\n[ 4.013073] __rpm_callback+0x48/0x1e0\n[ 4.013079] rpm_callback+0x68/0x80\n[ 4.013084] rpm_resume+0x3bc/0x6a0\n[ 4.013089] __pm_runtime_resume+0x50/0x9c\n[ 4.013095] pm_runtime_get_suppliers+0x60/0x8c\n[ 4.013101] __driver_probe_device+0x4c/0x14c\n[ 4.013108] driver_probe_device+0x3c/0x120\n[ 4.013114] __driver_attach+0xc4/0x200\n[ 4.013119] bus_for_each_dev+0x7c/0xe0\n[ 4.013125] driver_attach+0x24/0x30\n[ 4.013130] bus_add_driver+0x110/0x240\n[ 4.013135] driver_register+0x68/0x124\n[ 4.013142] __platform_driver_register+0x24/0x30\n[ 4.013149] sdma_driver_init+0x20/0x1000 [imx_sdma]\n[ 4.013163] do_one_initcall+0x60/0x1e0\n[ 4.013168] do_init_module+0x5c/0x21c\n[ 4.013175] load_module+0x1a98/0x205c\n[ 4.013181] init_module_from_file+0x88/0xd4\n[ 4.013187] __arm64_sys_finit_module+0x258/0x350\n[ 4.013194] invoke_syscall.constprop.0+0x50/0xe0\n[ 4.013202] do_el0_svc+0xa8/0xe0\n[ 4.013208] el0_svc+0x3c/0x140\n[ 4.013215] el0t_64_sync_handler+0x120/0x12c\n[ 4.013222] el0t_64_sync+0x190/0x194\n[ 4.013228] SMP: stopping secondary CPUs\n\nThe correct way is to wait handshake, but it needs BUS clock of\nBLK-CTL be enabled, which is in separate driver. So delay is the\nonly option here. The udelay(10) is a data got by experiment." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2379fb937de5333991c567eefd7d11b98977d059", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a63907c8c712414643b597debcd09d16b6827b23", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56619.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56619.json new file mode 100644 index 00000000000..a325ece9e72 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56619.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56619", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:21.437", + "lastModified": "2024-12-27T15:15:21.437", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential out-of-bounds memory access in nilfs_find_entry()\n\nSyzbot reported that when searching for records in a directory where the\ninode's i_size is corrupted and has a large value, memory access outside\nthe folio/page range may occur, or a use-after-free bug may be detected if\nKASAN is enabled.\n\nThis is because nilfs_last_byte(), which is called by nilfs_find_entry()\nand others to calculate the number of valid bytes of directory data in a\npage from i_size and the page index, loses the upper 32 bits of the 64-bit\nsize information due to an inappropriate type of local variable to which\nthe i_size value is assigned.\n\nThis caused a large byte offset value due to underflow in the end address\ncalculation in the calling nilfs_find_entry(), resulting in memory access\nthat exceeds the folio/page size.\n\nFix this issue by changing the type of the local variable causing the bit\nloss from \"unsigned int\" to \"u64\". The return value of nilfs_last_byte()\nis also of type \"unsigned int\", but it is truncated so as not to exceed\nPAGE_SIZE and no bit loss occurs, so no change is required." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/09d6d05579fd46e61abf6e457bb100ff11f3a9d3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/31f7b57a77d4c82a34ddcb6ff35b5aa577ef153e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/48eb6e7404948032bbe811c5affbe39f6b316951", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5af8366625182f01f6d8465c9a3210574673af57", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/985ebec4ab0a28bb5910c3b1481a40fbf7f9e61d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c3afea07477baccdbdec4483f8d5e59d42a3f67f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e3732102a9d638d8627d14fdf7b208462f0520e0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56620.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56620.json new file mode 100644 index 00000000000..db02d23265e --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56620.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56620", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:21.540", + "lastModified": "2024-12-27T15:15:21.540", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: qcom: Only free platform MSIs when ESI is enabled\n\nOtherwise, it will result in a NULL pointer dereference as below:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000008\nCall trace:\n mutex_lock+0xc/0x54\n platform_device_msi_free_irqs_all+0x14/0x20\n ufs_qcom_remove+0x34/0x48 [ufs_qcom]\n platform_remove+0x28/0x44\n device_remove+0x4c/0x80\n device_release_driver_internal+0xd8/0x178\n driver_detach+0x50/0x9c\n bus_remove_driver+0x6c/0xbc\n driver_unregister+0x30/0x60\n platform_driver_unregister+0x14/0x20\n ufs_qcom_pltform_exit+0x18/0xb94 [ufs_qcom]\n __arm64_sys_delete_module+0x180/0x260\n invoke_syscall+0x44/0x100\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x34/0xdc\n el0t_64_sync_handler+0xc0/0xc4\n el0t_64_sync+0x190/0x194" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/64506b3d23a337e98a74b18dcb10c8619365f2bd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f99cb5f6344ef93777fd3add7979ebf291a852df", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56621.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56621.json new file mode 100644 index 00000000000..16fa7bcc8f1 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56621.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56621", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:21.637", + "lastModified": "2024-12-27T15:15:21.637", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Cancel RTC work during ufshcd_remove()\n\nCurrently, RTC work is only cancelled during __ufshcd_wl_suspend(). When\nufshcd is removed in ufshcd_remove(), RTC work is not cancelled. Due to\nthis, any further trigger of the RTC work after ufshcd_remove() would\nresult in a NULL pointer dereference as below:\n\nUnable to handle kernel NULL pointer dereference at virtual address 00000000000002a4\nWorkqueue: events ufshcd_rtc_work\nCall trace:\n _raw_spin_lock_irqsave+0x34/0x8c\n pm_runtime_get_if_active+0x24/0xb4\n ufshcd_rtc_work+0x124/0x19c\n process_scheduled_works+0x18c/0x2d8\n worker_thread+0x144/0x280\n kthread+0x11c/0x128\n ret_from_fork+0x10/0x20\n\nSince RTC work accesses the ufshcd internal structures, it should be cancelled\nwhen ufshcd is removed. So do that in ufshcd_remove(), as per the order in\nufshcd_init()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1695c4361d35b7bdadd7b34f99c9c07741e181e5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2e7a3bb0331efb292e0fb022c36bc592137f0520", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56622.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56622.json new file mode 100644 index 00000000000..38c86abb6f7 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56622.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2024-56622", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:21.730", + "lastModified": "2024-12-27T15:15:21.730", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: sysfs: Prevent div by zero\n\nPrevent a division by 0 when monitoring is not enabled." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0069928727c2e95ca26c738fbe6e4b241aeaaf08", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7b21233e5f72d10f08310689f993c1dbdfde9f2c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/87bf3ea841a5d77beae6bb85af36b2b3848407ee", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9c191055c7abea4912fdb83cb9b261732b25a0c8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/eb48e9fc0028bed94a40a9352d065909f19e333c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56623.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56623.json new file mode 100644 index 00000000000..3d688354cbc --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56623.json @@ -0,0 +1,41 @@ +{ + "id": "CVE-2024-56623", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:21.823", + "lastModified": "2024-12-27T15:15:21.823", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix use after free on unload\n\nSystem crash is observed with stack trace warning of use after\nfree. There are 2 signals to tell dpc_thread to terminate (UNLOADING\nflag and kthread_stop).\n\nOn setting the UNLOADING flag when dpc_thread happens to run at the time\nand sees the flag, this causes dpc_thread to exit and clean up\nitself. When kthread_stop is called for final cleanup, this causes use\nafter free.\n\nRemove UNLOADING signal to terminate dpc_thread. Use the kthread_stop\nas the main signal to exit dpc_thread.\n\n[596663.812935] kernel BUG at mm/slub.c:294!\n[596663.812950] invalid opcode: 0000 [#1] SMP PTI\n[596663.812957] CPU: 13 PID: 1475935 Comm: rmmod Kdump: loaded Tainted: G IOE --------- - - 4.18.0-240.el8.x86_64 #1\n[596663.812960] Hardware name: HP ProLiant DL380p Gen8, BIOS P70 08/20/2012\n[596663.812974] RIP: 0010:__slab_free+0x17d/0x360\n\n...\n[596663.813008] Call Trace:\n[596663.813022] ? __dentry_kill+0x121/0x170\n[596663.813030] ? _cond_resched+0x15/0x30\n[596663.813034] ? _cond_resched+0x15/0x30\n[596663.813039] ? wait_for_completion+0x35/0x190\n[596663.813048] ? try_to_wake_up+0x63/0x540\n[596663.813055] free_task+0x5a/0x60\n[596663.813061] kthread_stop+0xf3/0x100\n[596663.813103] qla2x00_remove_one+0x284/0x440 [qla2xxx]" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/07c903db0a2ff84b68efa1a74a4de353ea591eb0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/12f04fc8580eafb0510f805749553eb6213f323e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/15369e774f27ec790f207de87c0b541e3f90b22d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6abf16d3c915b2feb68c1c8b25fcb71b13f98478", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b3e6f25176f248762a24d25ab8cf8c5e90874f80", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ca36d9d53745d5ec8946ef85006d4da605ea7c54", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56624.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56624.json new file mode 100644 index 00000000000..5fb51ef9e8a --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56624.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56624", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:21.933", + "lastModified": "2024-12-27T15:15:21.933", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd: Fix out_fput in iommufd_fault_alloc()\n\nAs fput() calls the file->f_op->release op, where fault obj and ictx are\ngetting released, there is no need to release these two after fput() one\nmore time, which would result in imbalanced refcounts:\n refcount_t: decrement hit 0; leaking memory.\n WARNING: CPU: 48 PID: 2369 at lib/refcount.c:31 refcount_warn_saturate+0x60/0x230\n Call trace:\n refcount_warn_saturate+0x60/0x230 (P)\n refcount_warn_saturate+0x60/0x230 (L)\n iommufd_fault_fops_release+0x9c/0xe0 [iommufd]\n ...\n VFS: Close: file count is 0 (f_op=iommufd_fops [iommufd])\n WARNING: CPU: 48 PID: 2369 at fs/open.c:1507 filp_flush+0x3c/0xf0\n Call trace:\n filp_flush+0x3c/0xf0 (P)\n filp_flush+0x3c/0xf0 (L)\n __arm64_sys_close+0x34/0x98\n ...\n imbalanced put on file reference count\n WARNING: CPU: 48 PID: 2369 at fs/file.c:74 __file_ref_put+0x100/0x138\n Call trace:\n __file_ref_put+0x100/0x138 (P)\n __file_ref_put+0x100/0x138 (L)\n __fput_sync+0x4c/0xd0\n\nDrop those two lines to fix the warnings above." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2b3f30c8edbf9a122ce01f13f0f41fbca5f1d41d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/af7f4780514f850322b2959032ecaa96e4b26472", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56625.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56625.json new file mode 100644 index 00000000000..023a1767503 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56625.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2024-56625", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:22.033", + "lastModified": "2024-12-27T15:15:22.033", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: dev: can_set_termination(): allow sleeping GPIOs\n\nIn commit 6e86a1543c37 (\"can: dev: provide optional GPIO based\ntermination support\") GPIO based termination support was added.\n\nFor no particular reason that patch uses gpiod_set_value() to set the\nGPIO. This leads to the following warning, if the systems uses a\nsleeping GPIO, i.e. behind an I2C port expander:\n\n| WARNING: CPU: 0 PID: 379 at /drivers/gpio/gpiolib.c:3496 gpiod_set_value+0x50/0x6c\n| CPU: 0 UID: 0 PID: 379 Comm: ip Not tainted 6.11.0-20241016-1 #1 823affae360cc91126e4d316d7a614a8bf86236c\n\nReplace gpiod_set_value() by gpiod_set_value_cansleep() to allow the\nuse of sleeping GPIOs." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1ac442f25c19953d2f33b92549628b0aeac83db6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3b0c5bb437d31a9864f633b85cbc42d2f6c51c96", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/46637a608fb1ee871a0ad8bf70d917d5d95ac251", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ee1dfbdd8b4b6de85e96ae2059dc9c1bdb6b49b5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/faa0a1975a6fbce30616775216606eb8d6388ea1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56626.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56626.json new file mode 100644 index 00000000000..2dc0570c2aa --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56626.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-56626", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:22.140", + "lastModified": "2024-12-27T15:15:22.140", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix Out-of-Bounds Write in ksmbd_vfs_stream_write\n\nAn offset from client could be a negative value, It could allows\nto write data outside the bounds of the allocated buffer.\nNote that this issue is coming when setting\n'vfs objects = streams_xattr parameter' in ksmbd.conf." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/164d3597d26d9acff5d5b8bc3208bdcca942dd6a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/313dab082289e460391c82d855430ec8a28ddf81", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8cd7490fc0f268883e86e840cda5311257af69ca", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c5797f195c67132d061d29c57a7c6d30530686f0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56627.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56627.json new file mode 100644 index 00000000000..13979b2c012 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56627.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-56627", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:22.250", + "lastModified": "2024-12-27T15:15:22.250", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix Out-of-Bounds Read in ksmbd_vfs_stream_read\n\nAn offset from client could be a negative value, It could lead\nto an out-of-bounds read from the stream_buf.\nNote that this issue is coming when setting\n'vfs objects = streams_xattr parameter' in ksmbd.conf." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/27de4295522e9a33e4a3fc72f7b8193df9eebe41", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/81eed631935f2c52cdaf6691c6d48e0b06e8ad73", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/de4d790dcf53be41736239d7ee63849a16ff5d10", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fc342cf86e2dc4d2edb0fc2ff5e28b6c7845adb9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56628.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56628.json new file mode 100644 index 00000000000..5b9a23d33f1 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56628.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-56628", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:22.357", + "lastModified": "2024-12-27T15:15:22.357", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Add architecture specific huge_pte_clear()\n\nWhen executing mm selftests run_vmtests.sh, there is such an error:\n\n BUG: Bad page state in process uffd-unit-tests pfn:00000\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x0\n flags: 0xffff0000002000(reserved|node=0|zone=0|lastcpupid=0xffff)\n raw: 00ffff0000002000 ffffbf0000000008 ffffbf0000000008 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\n page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set\n Modules linked in: snd_seq_dummy snd_seq snd_seq_device rfkill vfat fat\n virtio_balloon efi_pstore virtio_net pstore net_failover failover fuse\n nfnetlink virtio_scsi virtio_gpu virtio_dma_buf dm_multipath efivarfs\n CPU: 2 UID: 0 PID: 1913 Comm: uffd-unit-tests Not tainted 6.12.0 #184\n Hardware name: QEMU QEMU Virtual Machine, BIOS unknown 2/2/2022\n Stack : 900000047c8ac000 0000000000000000 9000000000223a7c 900000047c8ac000\n 900000047c8af690 900000047c8af698 0000000000000000 900000047c8af7d8\n 900000047c8af7d0 900000047c8af7d0 900000047c8af5b0 0000000000000001\n 0000000000000001 900000047c8af698 10b3c7d53da40d26 0000010000000000\n 0000000000000022 0000000fffffffff fffffffffe000000 ffff800000000000\n 000000000000002f 0000800000000000 000000017a6d4000 90000000028f8940\n 0000000000000000 0000000000000000 90000000025aa5e0 9000000002905000\n 0000000000000000 90000000028f8940 ffff800000000000 0000000000000000\n 0000000000000000 0000000000000000 9000000000223a94 000000012001839c\n 00000000000000b0 0000000000000004 0000000000000000 0000000000071c1d\n ...\n Call Trace:\n [<9000000000223a94>] show_stack+0x5c/0x180\n [<9000000001c3fd64>] dump_stack_lvl+0x6c/0xa0\n [<900000000056aa08>] bad_page+0x1a0/0x1f0\n [<9000000000574978>] free_unref_folios+0xbf0/0xd20\n [<90000000004e65cc>] folios_put_refs+0x1a4/0x2b8\n [<9000000000599a0c>] free_pages_and_swap_cache+0x164/0x260\n [<9000000000547698>] tlb_batch_pages_flush+0xa8/0x1c0\n [<9000000000547f30>] tlb_finish_mmu+0xa8/0x218\n [<9000000000543cb8>] exit_mmap+0x1a0/0x360\n [<9000000000247658>] __mmput+0x78/0x200\n [<900000000025583c>] do_exit+0x43c/0xde8\n [<9000000000256490>] do_group_exit+0x68/0x110\n [<9000000000256554>] sys_exit_group+0x1c/0x20\n [<9000000001c413b4>] do_syscall+0x94/0x130\n [<90000000002216d8>] handle_syscall+0xb8/0x158\n Disabling lock debugging due to kernel taint\n BUG: non-zero pgtables_bytes on freeing mm: -16384\n\nOn LoongArch system, invalid huge pte entry should be invalid_pte_table\nor a single _PAGE_HUGE bit rather than a zero value. And it should be\nthe same with invalid pmd entry, since pmd_none() is called by function\nfree_pgd_range() and pmd_none() return 0 by huge_pte_clear(). So single\n_PAGE_HUGE bit is also treated as a valid pte table and free_pte_range()\nwill be called in free_pmd_range().\n\n free_pmd_range()\n pmd = pmd_offset(pud, addr);\n do {\n next = pmd_addr_end(addr, end);\n if (pmd_none_or_clear_bad(pmd))\n continue;\n free_pte_range(tlb, pmd, addr);\n } while (pmd++, addr = next, addr != end);\n\nHere invalid_pte_table is used for both invalid huge pte entry and\npmd entry." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/7cd1f5f77925ae905a57296932f0f9ef0dc364f8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7dfbf011a57b9e1a40f5ce8080a53c497e105c6c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9b602190cf2d8ac957be0011e418ed6c3b49b9a3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dba3c45e333a3a2a01395b5f5e5f88f8baba74e4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56629.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56629.json new file mode 100644 index 00000000000..c3d28816ff2 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56629.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56629", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:22.463", + "lastModified": "2024-12-27T15:15:22.463", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: wacom: fix when get product name maybe null pointer\n\nDue to incorrect dev->product reporting by certain devices, null\npointer dereferences occur when dev->product is empty, leading to\npotential system crashes.\n\nThis issue was found on EXCELSIOR DL37-D05 device with\nLoongson-LS3A6000-7A2000-DL37 motherboard.\n\nKernel logs:\n[ 56.470885] usb 4-3: new full-speed USB device number 4 using ohci-pci\n[ 56.671638] usb 4-3: string descriptor 0 read error: -22\n[ 56.671644] usb 4-3: New USB device found, idVendor=056a, idProduct=0374, bcdDevice= 1.07\n[ 56.671647] usb 4-3: New USB device strings: Mfr=1, Product=2, SerialNumber=3\n[ 56.678839] hid-generic 0003:056A:0374.0004: hiddev0,hidraw3: USB HID v1.10 Device [HID 056a:0374] on usb-0000:00:05.0-3/input0\n[ 56.697719] CPU 2 Unable to handle kernel paging request at virtual address 0000000000000000, era == 90000000066e35c8, ra == ffff800004f98a80\n[ 56.697732] Oops[#1]:\n[ 56.697734] CPU: 2 PID: 2742 Comm: (udev-worker) Tainted: G OE 6.6.0-loong64-desktop #25.00.2000.015\n[ 56.697737] Hardware name: Inspur CE520L2/C09901N000000000, BIOS 2.09.00 10/11/2024\n[ 56.697739] pc 90000000066e35c8 ra ffff800004f98a80 tp 9000000125478000 sp 900000012547b8a0\n[ 56.697741] a0 0000000000000000 a1 ffff800004818b28 a2 0000000000000000 a3 0000000000000000\n[ 56.697743] a4 900000012547b8f0 a5 0000000000000000 a6 0000000000000000 a7 0000000000000000\n[ 56.697745] t0 ffff800004818b2d t1 0000000000000000 t2 0000000000000003 t3 0000000000000005\n[ 56.697747] t4 0000000000000000 t5 0000000000000000 t6 0000000000000000 t7 0000000000000000\n[ 56.697748] t8 0000000000000000 u0 0000000000000000 s9 0000000000000000 s0 900000011aa48028\n[ 56.697750] s1 0000000000000000 s2 0000000000000000 s3 ffff800004818e80 s4 ffff800004810000\n[ 56.697751] s5 90000001000b98d0 s6 ffff800004811f88 s7 ffff800005470440 s8 0000000000000000\n[ 56.697753] ra: ffff800004f98a80 wacom_update_name+0xe0/0x300 [wacom]\n[ 56.697802] ERA: 90000000066e35c8 strstr+0x28/0x120\n[ 56.697806] CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE)\n[ 56.697816] PRMD: 0000000c (PPLV0 +PIE +PWE)\n[ 56.697821] EUEN: 00000000 (-FPE -SXE -ASXE -BTE)\n[ 56.697827] ECFG: 00071c1d (LIE=0,2-4,10-12 VS=7)\n[ 56.697831] ESTAT: 00010000 [PIL] (IS= ECode=1 EsubCode=0)\n[ 56.697835] BADV: 0000000000000000\n[ 56.697836] PRID: 0014d000 (Loongson-64bit, Loongson-3A6000)\n[ 56.697838] Modules linked in: wacom(+) bnep bluetooth rfkill qrtr nls_iso8859_1 nls_cp437 snd_hda_codec_conexant snd_hda_codec_generic ledtrig_audio snd_hda_codec_hdmi snd_hda_intel snd_intel_dspcfg snd_hda_codec snd_hda_core snd_hwdep snd_pcm snd_timer snd soundcore input_leds mousedev led_class joydev deepin_netmonitor(OE) fuse nfnetlink dmi_sysfs ip_tables x_tables overlay amdgpu amdxcp drm_exec gpu_sched drm_buddy radeon drm_suballoc_helper i2c_algo_bit drm_ttm_helper r8169 ttm drm_display_helper spi_loongson_pci xhci_pci cec xhci_pci_renesas spi_loongson_core hid_generic realtek gpio_loongson_64bit\n[ 56.697887] Process (udev-worker) (pid: 2742, threadinfo=00000000aee0d8b4, task=00000000a9eff1f3)\n[ 56.697890] Stack : 0000000000000000 ffff800004817e00 0000000000000000 0000251c00000000\n[ 56.697896] 0000000000000000 00000011fffffffd 0000000000000000 0000000000000000\n[ 56.697901] 0000000000000000 1b67a968695184b9 0000000000000000 90000001000b98d0\n[ 56.697906] 90000001000bb8d0 900000011aa48028 0000000000000000 ffff800004f9d74c\n[ 56.697911] 90000001000ba000 ffff800004f9ce58 0000000000000000 ffff800005470440\n[ 56.697916] ffff800004811f88 90000001000b98d0 9000000100da2aa8 90000001000bb8d0\n[ 56.697921] 0000000000000000 90000001000ba000 900000011aa48028 ffff800004f9d74c\n[ 56.697926] ffff8000054704e8 90000001000bb8b8 90000001000ba000 0000000000000000\n[ 56.697931] 90000001000bb8d0 \n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2cd323c55bd3f356bf23ae1b4c20100abcdc29d6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2ed3e3a3ac06af8a6391c3d6a7791b7967d7d43a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5912a921289edb34d40aeab32ea6d52d41e75fed", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/59548215b76be98cf3422eea9a67d6ea578aca3d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a7f0509556fa2f9789639dbcee9eed46e471ccef", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d031eef3cc2e3bf524509e38fb898e5335c85c96", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e689bc6697a7fcebd4a945ab0b1e1112c76024d8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56630.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56630.json new file mode 100644 index 00000000000..fc303299d73 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56630.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56630", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:22.577", + "lastModified": "2024-12-27T15:15:22.577", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: free inode when ocfs2_get_init_inode() fails\n\nsyzbot is reporting busy inodes after unmount, for commit 9c89fe0af826\n(\"ocfs2: Handle error from dquot_initialize()\") forgot to call iput() when\nnew_inode() succeeded and dquot_initialize() failed." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/03db61c43c8e2729896fda6b9a95c7fb5c875c20", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/67c2c6d0564ca05348ba4f8f6eaf7a0713f56c15", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/911fcc95b530615b484e8920741fc5e4bc4e684a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/965b5dd1894f4525f38c1b5f99b0106a07dbb5db", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9c19ea59965ebb482e227532f7bbb01792fb028c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a84d507d3290aca249b44ae992af9e10590cc5f6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c5327720a4655303ffa3f632d86ee205dd783f32", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56631.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56631.json new file mode 100644 index 00000000000..7c0ba263342 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56631.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56631", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:22.690", + "lastModified": "2024-12-27T15:15:22.690", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: sg: Fix slab-use-after-free read in sg_release()\n\nFix a use-after-free bug in sg_release(), detected by syzbot with KASAN:\n\nBUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30\nkernel/locking/lockdep.c:5838\n__mutex_unlock_slowpath+0xe2/0x750 kernel/locking/mutex.c:912\nsg_release+0x1f4/0x2e0 drivers/scsi/sg.c:407\n\nIn sg_release(), the function kref_put(&sfp->f_ref, sg_remove_sfp) is\ncalled before releasing the open_rel_lock mutex. The kref_put() call may\ndecrement the reference count of sfp to zero, triggering its cleanup\nthrough sg_remove_sfp(). This cleanup includes scheduling deferred work\nvia sg_remove_sfp_usercontext(), which ultimately frees sfp.\n\nAfter kref_put(), sg_release() continues to unlock open_rel_lock and may\nreference sfp or sdp. If sfp has already been freed, this results in a\nslab-use-after-free error.\n\nMove the kref_put(&sfp->f_ref, sg_remove_sfp) call after unlocking the\nopen_rel_lock mutex. This ensures:\n\n - No references to sfp or sdp occur after the reference count is\n decremented.\n\n - Cleanup functions such as sg_remove_sfp() and\n sg_remove_sfp_usercontext() can safely execute without impacting the\n mutex handling in sg_release().\n\nThe fix has been tested and validated by syzbot. This patch closes the\nbug reported at the following syzkaller link and ensures proper\nsequencing of resource cleanup and mutex operations, eliminating the\nrisk of use-after-free errors in sg_release()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1f5e2f1ca5875728fcf62bc1a054707444ab4960", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/59b30afa578637169e2819536bb66459fdddc39d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f10593ad9bc36921f623361c9e3dd96bd52d85ee", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56632.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56632.json new file mode 100644 index 00000000000..36c572966c2 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56632.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56632", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:22.803", + "lastModified": "2024-12-27T15:15:22.803", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: fix the memleak while create new ctrl failed\n\nNow while we create new ctrl failed, we have not free the\ntagset occupied by admin_q, here try to fix it." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/ceff9ac13a2478afddce85414d404e6aff6425f6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fec55c29e54d3ca6fe9d7d7d9266098b4514fd34", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56633.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56633.json new file mode 100644 index 00000000000..cb1136cdb0d --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56633.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56633", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:22.933", + "lastModified": "2024-12-27T15:15:22.933", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg\n\nThe current sk memory accounting logic in __SK_REDIRECT is pre-uncharging\ntosend bytes, which is either msg->sg.size or a smaller value apply_bytes.\n\nPotential problems with this strategy are as follows:\n\n- If the actual sent bytes are smaller than tosend, we need to charge some\n bytes back, as in line 487, which is okay but seems not clean.\n\n- When tosend is set to apply_bytes, as in line 417, and (ret < 0), we may\n miss uncharging (msg->sg.size - apply_bytes) bytes.\n\n[...]\n415 tosend = msg->sg.size;\n416 if (psock->apply_bytes && psock->apply_bytes < tosend)\n417 tosend = psock->apply_bytes;\n[...]\n443 sk_msg_return(sk, msg, tosend);\n444 release_sock(sk);\n446 origsize = msg->sg.size;\n447 ret = tcp_bpf_sendmsg_redir(sk_redir, redir_ingress,\n448 msg, tosend, flags);\n449 sent = origsize - msg->sg.size;\n[...]\n454 lock_sock(sk);\n455 if (unlikely(ret < 0)) {\n456 int free = sk_msg_free_nocharge(sk, msg);\n458 if (!cork)\n459 *copied -= free;\n460 }\n[...]\n487 if (eval == __SK_REDIRECT)\n488 sk_mem_charge(sk, tosend - sent);\n[...]\n\nWhen running the selftest test_txmsg_redir_wait_sndmem with txmsg_apply,\nthe following warning will be reported:\n\n------------[ cut here ]------------\nWARNING: CPU: 6 PID: 57 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x190/0x1a0\nModules linked in:\nCPU: 6 UID: 0 PID: 57 Comm: kworker/6:0 Not tainted 6.12.0-rc1.bm.1-amd64+ #43\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\nWorkqueue: events sk_psock_destroy\nRIP: 0010:inet_sock_destruct+0x190/0x1a0\nRSP: 0018:ffffad0a8021fe08 EFLAGS: 00010206\nRAX: 0000000000000011 RBX: ffff9aab4475b900 RCX: ffff9aab481a0800\nRDX: 0000000000000303 RSI: 0000000000000011 RDI: ffff9aab4475b900\nRBP: ffff9aab4475b990 R08: 0000000000000000 R09: ffff9aab40050ec0\nR10: 0000000000000000 R11: ffff9aae6fdb1d01 R12: ffff9aab49c60400\nR13: ffff9aab49c60598 R14: ffff9aab49c60598 R15: dead000000000100\nFS: 0000000000000000(0000) GS:ffff9aae6fd80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffec7e47bd8 CR3: 00000001a1a1c004 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n\n? __warn+0x89/0x130\n? inet_sock_destruct+0x190/0x1a0\n? report_bug+0xfc/0x1e0\n? handle_bug+0x5c/0xa0\n? exc_invalid_op+0x17/0x70\n? asm_exc_invalid_op+0x1a/0x20\n? inet_sock_destruct+0x190/0x1a0\n__sk_destruct+0x25/0x220\nsk_psock_destroy+0x2b2/0x310\nprocess_scheduled_works+0xa3/0x3e0\nworker_thread+0x117/0x240\n? __pfx_worker_thread+0x10/0x10\nkthread+0xcf/0x100\n? __pfx_kthread+0x10/0x10\nret_from_fork+0x31/0x40\n? __pfx_kthread+0x10/0x10\nret_from_fork_asm+0x1a/0x30\n\n---[ end trace 0000000000000000 ]---\n\nIn __SK_REDIRECT, a more concise way is delaying the uncharging after sent\nbytes are finalized, and uncharge this value. When (ret < 0), we shall\ninvoke sk_msg_free.\n\nSame thing happens in case __SK_DROP, when tosend is set to apply_bytes,\nwe may miss uncharging (msg->sg.size - apply_bytes) bytes. The same\nwarning will be reported in selftest.\n\n[...]\n468 case __SK_DROP:\n469 default:\n470 sk_msg_free_partial(sk, msg, tosend);\n471 sk_msg_apply_bytes(psock, tosend);\n472 *copied -= (tosend + delta);\n473 return -EACCES;\n[...]\n\nSo instead of sk_msg_free_partial we can do sk_msg_free here." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0d6cd1151e26fc7c2d5daa85e8984aaa685a1a12", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/206d56f41a1509cadd06e2178c26cb830e45057d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/456f08d24afa51b5eb816c42e4ca1c44a247bd42", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5c9e3bb43a354a2245caebbbbb4a5b8c034fdd56", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/905d82e6e77d16ec3e089c92b7b59a14899dfc1a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ca70b8baf2bd125b2a4d96e76db79375c07d7ff2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dbedc7e142df5ea238a46fdd7462c1c42cd36a10", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56634.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56634.json new file mode 100644 index 00000000000..d57112ab244 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56634.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56634", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:23.073", + "lastModified": "2024-12-27T15:15:23.073", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: grgpio: Add NULL check in grgpio_probe\n\ndevm_kasprintf() can return a NULL pointer on failure,but this\nreturned value in grgpio_probe is not checked.\nAdd NULL check in grgpio_probe, to handle kernel NULL\npointer dereference error." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/050b23d081da0f29474de043e9538c1f7a351b3b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/09adf8792b61c09ae543972a1ece1884ef773848", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4733f68e59bb7b9e3d395699abb18366954b9ba7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/53ff0caa6ad57372d426b4f48fc0f66df43a731f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8d2ca6ac3711a4f4015d26b7cc84f325ac608edb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ad4dfa7ea7f5f7e9a3c78627cfc749bc7005ca7a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/db2fc255fcf41f536ac8666409849e11659af88d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56635.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56635.json new file mode 100644 index 00000000000..abb2cb11092 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56635.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56635", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:23.207", + "lastModified": "2024-12-27T15:15:23.207", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid potential UAF in default_operstate()\n\nsyzbot reported an UAF in default_operstate() [1]\n\nIssue is a race between device and netns dismantles.\n\nAfter calling __rtnl_unlock() from netdev_run_todo(),\nwe can not assume the netns of each device is still alive.\n\nMake sure the device is not in NETREG_UNREGISTERED state,\nand add an ASSERT_RTNL() before the call to\n__dev_get_by_index().\n\nWe might move this ASSERT_RTNL() in __dev_get_by_index()\nin the future.\n\n[1]\n\nBUG: KASAN: slab-use-after-free in __dev_get_by_index+0x5d/0x110 net/core/dev.c:852\nRead of size 8 at addr ffff888043eba1b0 by task syz.0.0/5339\n\nCPU: 0 UID: 0 PID: 5339 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n __dev_get_by_index+0x5d/0x110 net/core/dev.c:852\n default_operstate net/core/link_watch.c:51 [inline]\n rfc2863_policy+0x224/0x300 net/core/link_watch.c:67\n linkwatch_do_dev+0x3e/0x170 net/core/link_watch.c:170\n netdev_run_todo+0x461/0x1000 net/core/dev.c:10894\n rtnl_unlock net/core/rtnetlink.c:152 [inline]\n rtnl_net_unlock include/linux/rtnetlink.h:133 [inline]\n rtnl_dellink+0x760/0x8d0 net/core/rtnetlink.c:3520\n rtnetlink_rcv_msg+0x791/0xcf0 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2541\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f2a3cb80809\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f2a3d9cd058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f2a3cd45fa0 RCX: 00007f2a3cb80809\nRDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008\nRBP: 00007f2a3cbf393e R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007f2a3cd45fa0 R15: 00007ffd03bc65c8\n \n\nAllocated by task 5339:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4314\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kmalloc_array_noprof include/linux/slab.h:945 [inline]\n netdev_create_hash net/core/dev.c:11870 [inline]\n netdev_init+0x10c/0x250 net/core/dev.c:11890\n ops_init+0x31e/0x590 net/core/net_namespace.c:138\n setup_net+0x287/0x9e0 net/core/net_namespace.c:362\n copy_net_ns+0x33f/0x570 net/core/net_namespace.c:500\n create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110\n unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228\n ksys_unshare+0x57d/0xa70 kernel/fork.c:3314\n __do_sys_unshare kernel/fork.c:3385 [inline]\n __se_sys_unshare kernel/fork.c:3383 [inline]\n __x64_sys_unshare+0x38/0x40 kernel/fork.c:3383\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x8\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/316183d58319f191e16503bc2dffa156c4442df2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3265aab0736f78bb218200b06b1abb525c316269", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/750e51603395e755537da08f745864c93e3ce741", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56636.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56636.json new file mode 100644 index 00000000000..f4eef135afd --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56636.json @@ -0,0 +1,41 @@ +{ + "id": "CVE-2024-56636", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:23.320", + "lastModified": "2024-12-27T15:15:23.320", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: do not assume mac header is set in geneve_xmit_skb()\n\nWe should not assume mac header is set in output path.\n\nUse skb_eth_hdr() instead of eth_hdr() to fix the issue.\n\nsysbot reported the following :\n\n WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 skb_mac_header include/linux/skbuff.h:3052 [inline]\n WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 eth_hdr include/linux/if_ether.h:24 [inline]\n WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 geneve_xmit_skb drivers/net/geneve.c:898 [inline]\n WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 geneve_xmit+0x4c38/0x5730 drivers/net/geneve.c:1039\nModules linked in:\nCPU: 0 UID: 0 PID: 11635 Comm: syz.4.1423 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:skb_mac_header include/linux/skbuff.h:3052 [inline]\n RIP: 0010:eth_hdr include/linux/if_ether.h:24 [inline]\n RIP: 0010:geneve_xmit_skb drivers/net/geneve.c:898 [inline]\n RIP: 0010:geneve_xmit+0x4c38/0x5730 drivers/net/geneve.c:1039\nCode: 21 c6 02 e9 35 d4 ff ff e8 a5 48 4c fb 90 0f 0b 90 e9 fd f5 ff ff e8 97 48 4c fb 90 0f 0b 90 e9 d8 f5 ff ff e8 89 48 4c fb 90 <0f> 0b 90 e9 41 e4 ff ff e8 7b 48 4c fb 90 0f 0b 90 e9 cd e7 ff ff\nRSP: 0018:ffffc90003b2f870 EFLAGS: 00010283\nRAX: 000000000000037a RBX: 000000000000ffff RCX: ffffc9000dc3d000\nRDX: 0000000000080000 RSI: ffffffff86428417 RDI: 0000000000000003\nRBP: ffffc90003b2f9f0 R08: 0000000000000003 R09: 000000000000ffff\nR10: 000000000000ffff R11: 0000000000000002 R12: ffff88806603c000\nR13: 0000000000000000 R14: ffff8880685b2780 R15: 0000000000000e23\nFS: 00007fdc2deed6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000001b30a1dff8 CR3: 0000000056b8c000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n __dev_direct_xmit+0x58a/0x720 net/core/dev.c:4490\n dev_direct_xmit include/linux/netdevice.h:3181 [inline]\n packet_xmit+0x1e4/0x360 net/packet/af_packet.c:285\n packet_snd net/packet/af_packet.c:3146 [inline]\n packet_sendmsg+0x2700/0x5660 net/packet/af_packet.c:3178\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg net/socket.c:726 [inline]\n __sys_sendto+0x488/0x4f0 net/socket.c:2197\n __do_sys_sendto net/socket.c:2204 [inline]\n __se_sys_sendto net/socket.c:2200 [inline]\n __x64_sys_sendto+0xe0/0x1c0 net/socket.c:2200\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/177b72ed7c77b11e46dd4336d73a87a77a5603af", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2ee7bdc7cb40abfe658a71fbd10c7db2f4fc4f9a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8588c99c7d47448fcae39e3227d6e2bb97aad86d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/97ce3a4ec55eac6b5e2949ffb04028d604afda3b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b65958284401016b983078c68f70b047537f4aba", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d9fa09ca004befe9cf826d6820439cb6f93cecd7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56637.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56637.json new file mode 100644 index 00000000000..06d5ba3957c --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56637.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56637", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:23.430", + "lastModified": "2024-12-27T15:15:23.430", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: Hold module reference while requesting a module\n\nUser space may unload ip_set.ko while it is itself requesting a set type\nbackend module, leading to a kernel crash. The race condition may be\nprovoked by inserting an mdelay() right after the nfnl_unlock() call." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0e67805e805c1f3edd6f43adbe08ea14b552694b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/456f010bfaefde84d3390c755eedb1b0a5857c3c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5bae60a933ba5d16eed55c6b279be51bcbbc79b0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6099b5d3e37145484fac4b8b4070c3f1abfb3519", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/90bf312a6b6b3d6012137f6776a4052ee85e0340", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ba5e070f36682d07ca7ad2a953e6c9d96be19dca", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e5e2d3024753fdaca818b822e3827614bacbdccf", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56638.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56638.json new file mode 100644 index 00000000000..9a24fef2838 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56638.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56638", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:23.527", + "lastModified": "2024-12-27T15:15:23.527", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: incorrect percpu area handling under softirq\n\nSoftirq can interrupt ongoing packet from process context that is\nwalking over the percpu area that contains inner header offsets.\n\nDisable bh and perform three checks before restoring the percpu inner\nheader offsets to validate that the percpu area is valid for this\nskbuff:\n\n1) If the NFT_PKTINFO_INNER_FULL flag is set on, then this skbuff\n has already been parsed before for inner header fetching to\n register.\n\n2) Validate that the percpu area refers to this skbuff using the\n skbuff pointer as a cookie. If there is a cookie mismatch, then\n this skbuff needs to be parsed again.\n\n3) Finally, validate if the percpu area refers to this tunnel type.\n\nOnly after these three checks the percpu area is restored to a on-stack\ncopy and bh is enabled again.\n\nAfter inner header fetching, the on-stack copy is stored back to the\npercpu area." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/53c7314208c865086d78b4e88da53bc33da0b603", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7b1d83da254be3bf054965c8f3b1ad976f460ae5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/da5cc778e7bf78fe525bc90ec2043f41415c31d9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56639.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56639.json new file mode 100644 index 00000000000..1ee60c38f69 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56639.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56639", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:23.633", + "lastModified": "2024-12-27T15:15:23.633", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hsr: must allocate more bytes for RedBox support\n\nBlamed commit forgot to change hsr_init_skb() to allocate\nlarger skb for RedBox case.\n\nIndeed, send_hsr_supervision_frame() will add\ntwo additional components (struct hsr_sup_tlv\nand struct hsr_sup_payload)\n\nsyzbot reported the following crash:\nskbuff: skb_over_panic: text:ffffffff8afd4b0a len:34 put:6 head:ffff88802ad29e00 data:ffff88802ad29f22 tail:0x144 end:0x140 dev:gretap0\n------------[ cut here ]------------\n kernel BUG at net/core/skbuff.c:206 !\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 2 UID: 0 PID: 7611 Comm: syz-executor Not tainted 6.12.0-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:skb_panic+0x157/0x1d0 net/core/skbuff.c:206\nCode: b6 04 01 84 c0 74 04 3c 03 7e 21 8b 4b 70 41 56 45 89 e8 48 c7 c7 a0 7d 9b 8c 41 57 56 48 89 ee 52 4c 89 e2 e8 9a 76 79 f8 90 <0f> 0b 4c 89 4c 24 10 48 89 54 24 08 48 89 34 24 e8 94 76 fb f8 4c\nRSP: 0018:ffffc90000858ab8 EFLAGS: 00010282\nRAX: 0000000000000087 RBX: ffff8880598c08c0 RCX: ffffffff816d3e69\nRDX: 0000000000000000 RSI: ffffffff816de786 RDI: 0000000000000005\nRBP: ffffffff8c9b91c0 R08: 0000000000000005 R09: 0000000000000000\nR10: 0000000000000302 R11: ffffffff961cc1d0 R12: ffffffff8afd4b0a\nR13: 0000000000000006 R14: ffff88804b938130 R15: 0000000000000140\nFS: 000055558a3d6500(0000) GS:ffff88806a800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f1295974ff8 CR3: 000000002ab6e000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n skb_over_panic net/core/skbuff.c:211 [inline]\n skb_put+0x174/0x1b0 net/core/skbuff.c:2617\n send_hsr_supervision_frame+0x6fa/0x9e0 net/hsr/hsr_device.c:342\n hsr_proxy_announce+0x1a3/0x4a0 net/hsr/hsr_device.c:436\n call_timer_fn+0x1a0/0x610 kernel/time/timer.c:1794\n expire_timers kernel/time/timer.c:1845 [inline]\n __run_timers+0x6e8/0x930 kernel/time/timer.c:2419\n __run_timer_base kernel/time/timer.c:2430 [inline]\n __run_timer_base kernel/time/timer.c:2423 [inline]\n run_timer_base+0x111/0x190 kernel/time/timer.c:2439\n run_timer_softirq+0x1a/0x40 kernel/time/timer.c:2449\n handle_softirqs+0x213/0x8f0 kernel/softirq.c:554\n __do_softirq kernel/softirq.c:588 [inline]\n invoke_softirq kernel/softirq.c:428 [inline]\n __irq_exit_rcu kernel/softirq.c:637 [inline]\n irq_exit_rcu+0xbb/0x120 kernel/softirq.c:649\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049\n " + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/688842f47ee9fb392d1c3a1ced1d21d505b14968", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/af8edaeddbc52e53207d859c912b017fd9a77629", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56640.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56640.json new file mode 100644 index 00000000000..dca9efaab45 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56640.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2024-56640", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:23.730", + "lastModified": "2024-12-27T15:15:23.730", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix LGR and link use-after-free issue\n\nWe encountered a LGR/link use-after-free issue, which manifested as\nthe LGR/link refcnt reaching 0 early and entering the clear process,\nmaking resource access unsafe.\n\n refcount_t: addition on 0; use-after-free.\n WARNING: CPU: 14 PID: 107447 at lib/refcount.c:25 refcount_warn_saturate+0x9c/0x140\n Workqueue: events smc_lgr_terminate_work [smc]\n Call trace:\n refcount_warn_saturate+0x9c/0x140\n __smc_lgr_terminate.part.45+0x2a8/0x370 [smc]\n smc_lgr_terminate_work+0x28/0x30 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nor\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 6 PID: 93140 at lib/refcount.c:28 refcount_warn_saturate+0xf0/0x140\n Workqueue: smc_hs_wq smc_listen_work [smc]\n Call trace:\n refcount_warn_saturate+0xf0/0x140\n smcr_link_put+0x1cc/0x1d8 [smc]\n smc_conn_free+0x110/0x1b0 [smc]\n smc_conn_abort+0x50/0x60 [smc]\n smc_listen_find_device+0x75c/0x790 [smc]\n smc_listen_work+0x368/0x8a0 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nIt is caused by repeated release of LGR/link refcnt. One suspect is that\nsmc_conn_free() is called repeatedly because some smc_conn_free() from\nserver listening path are not protected by sock lock.\n\ne.g.\n\nCalls under socklock | smc_listen_work\n-------------------------------------------------------\nlock_sock(sk) | smc_conn_abort\nsmc_conn_free | \\- smc_conn_free\n\\- smcr_link_put | \\- smcr_link_put (duplicated)\nrelease_sock(sk)\n\nSo here add sock lock protection in smc_listen_work() path, making it\nexclusive with other connection operations." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0cf598548a6c36d90681d53c6b77d52363f2f295", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2c7f14ed9c19ec0f149479d1c2842ec1f9bf76d7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/673d606683ac70bc074ca6676b938bff18635226", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6f0ae06a234a78ae137064f2c89135ac078a00eb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f502a88fdd415647a1f2dc45fac71b9c522a052b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56641.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56641.json new file mode 100644 index 00000000000..0ac56403ea6 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56641.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56641", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:23.830", + "lastModified": "2024-12-27T15:15:23.830", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: initialize close_work early to avoid warning\n\nWe encountered a warning that close_work was canceled before\ninitialization.\n\n WARNING: CPU: 7 PID: 111103 at kernel/workqueue.c:3047 __flush_work+0x19e/0x1b0\n Workqueue: events smc_lgr_terminate_work [smc]\n RIP: 0010:__flush_work+0x19e/0x1b0\n Call Trace:\n ? __wake_up_common+0x7a/0x190\n ? work_busy+0x80/0x80\n __cancel_work_timer+0xe3/0x160\n smc_close_cancel_work+0x1a/0x70 [smc]\n smc_close_active_abort+0x207/0x360 [smc]\n __smc_lgr_terminate.part.38+0xc8/0x180 [smc]\n process_one_work+0x19e/0x340\n worker_thread+0x30/0x370\n ? process_one_work+0x340/0x340\n kthread+0x117/0x130\n ? __kthread_cancel_work+0x50/0x50\n ret_from_fork+0x22/0x30\n\nThis is because when smc_close_cancel_work is triggered, e.g. the RDMA\ndriver is rmmod and the LGR is terminated, the conn->close_work is\nflushed before initialization, resulting in WARN_ON(!work->func).\n\n__smc_lgr_terminate | smc_connect_{rdma|ism}\n-------------------------------------------------------------\n | smc_conn_create\n\t\t\t\t| \\- smc_lgr_register_conn\nfor conn in lgr->conns_all |\n\\- smc_conn_kill |\n \\- smc_close_active_abort |\n \\- smc_close_cancel_work |\n \\- cancel_work_sync |\n \\- __flush_work |\n\t (close_work) |\n\t | smc_close_init\n\t | \\- INIT_WORK(&close_work)\n\nSo fix this by initializing close_work before establishing the\nconnection." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0541db8ee32c09463a72d0987382b3a3336b0043", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6638e52dcfafaf1b9cbc34544f0c832db0069ea1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f0c37002210aaede10dae849d1a78efc2243add2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56642.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56642.json new file mode 100644 index 00000000000..c58328dd593 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56642.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56642", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:23.930", + "lastModified": "2024-12-27T15:15:23.930", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Fix use-after-free of kernel socket in cleanup_bearer().\n\nsyzkaller reported a use-after-free of UDP kernel socket\nin cleanup_bearer() without repro. [0][1]\n\nWhen bearer_disable() calls tipc_udp_disable(), cleanup\nof the UDP kernel socket is deferred by work calling\ncleanup_bearer().\n\ntipc_net_stop() waits for such works to finish by checking\ntipc_net(net)->wq_count. However, the work decrements the\ncount too early before releasing the kernel socket,\nunblocking cleanup_net() and resulting in use-after-free.\n\nLet's move the decrement after releasing the socket in\ncleanup_bearer().\n\n[0]:\nref_tracker: net notrefcnt@000000009b3d1faf has 1/1 users at\n sk_alloc+0x438/0x608\n inet_create+0x4c8/0xcb0\n __sock_create+0x350/0x6b8\n sock_create_kern+0x58/0x78\n udp_sock_create4+0x68/0x398\n udp_sock_create+0x88/0xc8\n tipc_udp_enable+0x5e8/0x848\n __tipc_nl_bearer_enable+0x84c/0xed8\n tipc_nl_bearer_enable+0x38/0x60\n genl_family_rcv_msg_doit+0x170/0x248\n genl_rcv_msg+0x400/0x5b0\n netlink_rcv_skb+0x1dc/0x398\n genl_rcv+0x44/0x68\n netlink_unicast+0x678/0x8b0\n netlink_sendmsg+0x5e4/0x898\n ____sys_sendmsg+0x500/0x830\n\n[1]:\nBUG: KMSAN: use-after-free in udp_hashslot include/net/udp.h:85 [inline]\nBUG: KMSAN: use-after-free in udp_lib_unhash+0x3b8/0x930 net/ipv4/udp.c:1979\n udp_hashslot include/net/udp.h:85 [inline]\n udp_lib_unhash+0x3b8/0x930 net/ipv4/udp.c:1979\n sk_common_release+0xaf/0x3f0 net/core/sock.c:3820\n inet_release+0x1e0/0x260 net/ipv4/af_inet.c:437\n inet6_release+0x6f/0xd0 net/ipv6/af_inet6.c:489\n __sock_release net/socket.c:658 [inline]\n sock_release+0xa0/0x210 net/socket.c:686\n cleanup_bearer+0x42d/0x4c0 net/tipc/udp_media.c:819\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xcaf/0x1c90 kernel/workqueue.c:3310\n worker_thread+0xf6c/0x1510 kernel/workqueue.c:3391\n kthread+0x531/0x6b0 kernel/kthread.c:389\n ret_from_fork+0x60/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:244\n\nUninit was created at:\n slab_free_hook mm/slub.c:2269 [inline]\n slab_free mm/slub.c:4580 [inline]\n kmem_cache_free+0x207/0xc40 mm/slub.c:4682\n net_free net/core/net_namespace.c:454 [inline]\n cleanup_net+0x16f2/0x19d0 net/core/net_namespace.c:647\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xcaf/0x1c90 kernel/workqueue.c:3310\n worker_thread+0xf6c/0x1510 kernel/workqueue.c:3391\n kthread+0x531/0x6b0 kernel/kthread.c:389\n ret_from_fork+0x60/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:244\n\nCPU: 0 UID: 0 PID: 54 Comm: kworker/0:2 Not tainted 6.12.0-rc1-00131-gf66ebf37d69c #7 91723d6f74857f70725e1583cba3cf4adc716cfa\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nWorkqueue: events cleanup_bearer" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/4e69457f9dfae67435f3ccf29008768eae860415", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/650ee9a22d7a2de8999fac2d45983597a0c22359", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6a2fa13312e51a621f652d522d7e2df7066330b6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d00d4470bf8c4282617a3a10e76b20a9c7e4cffa", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d2a4894f238551eae178904e7f45af87577074fd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d62d5180c036eeac09f80660edc7a602b369125f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e48b211c4c59062cb6dd6c2c37c51a7cc235a464", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56643.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56643.json new file mode 100644 index 00000000000..bff66a2e866 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56643.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56643", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:24.040", + "lastModified": "2024-12-27T15:15:24.040", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndccp: Fix memory leak in dccp_feat_change_recv\n\nIf dccp_feat_push_confirm() fails after new value for SP feature was accepted\nwithout reconciliation ('entry == NULL' branch), memory allocated for that value\nwith dccp_feat_clone_sp_val() is never freed.\n\nHere is the kmemleak stack for this:\n\nunreferenced object 0xffff88801d4ab488 (size 8):\n comm \"syz-executor310\", pid 1127, jiffies 4295085598 (age 41.666s)\n hex dump (first 8 bytes):\n 01 b4 4a 1d 80 88 ff ff ..J.....\n backtrace:\n [<00000000db7cabfe>] kmemdup+0x23/0x50 mm/util.c:128\n [<0000000019b38405>] kmemdup include/linux/string.h:465 [inline]\n [<0000000019b38405>] dccp_feat_clone_sp_val net/dccp/feat.c:371 [inline]\n [<0000000019b38405>] dccp_feat_clone_sp_val net/dccp/feat.c:367 [inline]\n [<0000000019b38405>] dccp_feat_change_recv net/dccp/feat.c:1145 [inline]\n [<0000000019b38405>] dccp_feat_parse_options+0x1196/0x2180 net/dccp/feat.c:1416\n [<00000000b1f6d94a>] dccp_parse_options+0xa2a/0x1260 net/dccp/options.c:125\n [<0000000030d7b621>] dccp_rcv_state_process+0x197/0x13d0 net/dccp/input.c:650\n [<000000001f74c72e>] dccp_v4_do_rcv+0xf9/0x1a0 net/dccp/ipv4.c:688\n [<00000000a6c24128>] sk_backlog_rcv include/net/sock.h:1041 [inline]\n [<00000000a6c24128>] __release_sock+0x139/0x3b0 net/core/sock.c:2570\n [<00000000cf1f3a53>] release_sock+0x54/0x1b0 net/core/sock.c:3111\n [<000000008422fa23>] inet_wait_for_connect net/ipv4/af_inet.c:603 [inline]\n [<000000008422fa23>] __inet_stream_connect+0x5d0/0xf70 net/ipv4/af_inet.c:696\n [<0000000015b6f64d>] inet_stream_connect+0x53/0xa0 net/ipv4/af_inet.c:735\n [<0000000010122488>] __sys_connect_file+0x15c/0x1a0 net/socket.c:1865\n [<00000000b4b70023>] __sys_connect+0x165/0x1a0 net/socket.c:1882\n [<00000000f4cb3815>] __do_sys_connect net/socket.c:1892 [inline]\n [<00000000f4cb3815>] __se_sys_connect net/socket.c:1889 [inline]\n [<00000000f4cb3815>] __x64_sys_connect+0x6e/0xb0 net/socket.c:1889\n [<00000000e7b1e839>] do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46\n [<0000000055e91434>] entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nClean up the allocated memory in case of dccp_feat_push_confirm() failure\nand bail out with an error reset code.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/22be4727a8f898442066bcac34f8a1ad0bc72e14", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/623be080ab3c13d71570bd32f7202a8efa8e2252", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6ff67909ee2ffad911e3122616df41dee23ff4f6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9ee68b0f23706a77f53c832457b9384178b76421", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bc3d4423def1a9412a0ae454cb4477089ab79276", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c99507fff94b926fc92279c92d80f229c91cb85d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d3ec686a369fae5034303061f003cd3f94ddfd23", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56644.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56644.json new file mode 100644 index 00000000000..dbe0b6b22b8 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56644.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56644", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:24.163", + "lastModified": "2024-12-27T15:15:24.163", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: release expired exception dst cached in socket\n\nDst objects get leaked in ip6_negative_advice() when this function is\nexecuted for an expired IPv6 route located in the exception table. There\nare several conditions that must be fulfilled for the leak to occur:\n* an ICMPv6 packet indicating a change of the MTU for the path is received,\n resulting in an exception dst being created\n* a TCP connection that uses the exception dst for routing packets must\n start timing out so that TCP begins retransmissions\n* after the exception dst expires, the FIB6 garbage collector must not run\n before TCP executes ip6_negative_advice() for the expired exception dst\n\nWhen TCP executes ip6_negative_advice() for an exception dst that has\nexpired and if no other socket holds a reference to the exception dst, the\nrefcount of the exception dst is 2, which corresponds to the increment\nmade by dst_init() and the increment made by the TCP socket for which the\nconnection is timing out. The refcount made by the socket is never\nreleased. The refcount of the dst is decremented in sk_dst_reset() but\nthat decrement is counteracted by a dst_hold() intentionally placed just\nbefore the sk_dst_reset() in ip6_negative_advice(). After\nip6_negative_advice() has finished, there is no other object tied to the\ndst. The socket lost its reference stored in sk_dst_cache and the dst is\nno longer in the exception table. The exception dst becomes a leaked\nobject.\n\nAs a result of this dst leak, an unbalanced refcount is reported for the\nloopback device of a net namespace being destroyed under kernels that do\nnot contain e5f80fcf869a (\"ipv6: give an IPv6 dev to blackhole_netdev\"):\nunregister_netdevice: waiting for lo to become free. Usage count = 2\n\nFix the dst leak by removing the dst_hold() in ip6_negative_advice(). The\npatch that introduced the dst_hold() in ip6_negative_advice() was\n92f1655aa2b22 (\"net: fix __dst_negative_advice() race\"). But 92f1655aa2b22\nmerely refactored the code with regards to the dst refcount so the issue\nwas present even before 92f1655aa2b22. The bug was introduced in\n54c1a859efd9f (\"ipv6: Don't drop cache route entry unless timer actually\nexpired.\") where the expired cached route is deleted and the sk_dst_cache\nmember of the socket is set to NULL by calling dst_negative_advice() but\nthe refcount belonging to the socket is left unbalanced.\n\nThe IPv4 version - ipv4_negative_advice() - is not affected by this bug.\nWhen the TCP connection times out ipv4_negative_advice() merely resets the\nsk_dst_cache of the socket while decrementing the refcount of the\nexception dst." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0b8903e6c881f72c6849d4952de742c656eb5ab9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3301ab7d5aeb0fe270f73a3d4810c9d1b6a9f045", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/535add1e9f274502209cb997801208bbe1ae6c6f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8b591bd522b71c42a82898290e35d32b482047e4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a95808252e8acc0123bacd2dff8b9af10bc145b7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b90d061345bb8cd51fece561a800bae1c95448a6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f43d12fd0fa8ee5b9caf8a3927e10d06431764d2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56645.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56645.json new file mode 100644 index 00000000000..d159d6c071c --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56645.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56645", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:24.260", + "lastModified": "2024-12-27T15:15:24.260", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: j1939: j1939_session_new(): fix skb reference counting\n\nSince j1939_session_skb_queue() does an extra skb_get() for each new\nskb, do the same for the initial one in j1939_session_new() to avoid\nrefcount underflow.\n\n[mkl: clean up commit message]" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/224e606a8d8e8c7db94036272c47a37455667313", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4199dd78a59896e091d3a7a05a77451aa7fd724d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/426d94815e12b6bdb9a75af294fbbafb9301601d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/68fceb143b635cdc59fed3896d5910aff38f345e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a8c695005bfe6569acd73d777ca298ddddd66105", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b3282c2bebeeb82ceec492ee4972f51ee7a4a132", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f117cba69cbbd496babb3defcdf440df4fd6fe14", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56646.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56646.json new file mode 100644 index 00000000000..7d14bd38eaa --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56646.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56646", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:24.367", + "lastModified": "2024-12-27T15:15:24.367", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: avoid possible NULL deref in modify_prefix_route()\n\nsyzbot found a NULL deref [1] in modify_prefix_route(), caused by one\nfib6_info without a fib6_table pointer set.\n\nThis can happen for net->ipv6.fib6_null_entry\n\n[1]\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]\nCPU: 1 UID: 0 PID: 5837 Comm: syz-executor888 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:__lock_acquire+0xe4/0x3c40 kernel/locking/lockdep.c:5089\nCode: 08 84 d2 0f 85 15 14 00 00 44 8b 0d ca 98 f5 0e 45 85 c9 0f 84 b4 0e 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 0f 85 96 2c 00 00 49 8b 04 24 48 3d a0 07 7f 93 0f 84\nRSP: 0018:ffffc900035d7268 EFLAGS: 00010006\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: 0000000000000006 RSI: 1ffff920006bae5f RDI: 0000000000000030\nRBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001\nR10: ffffffff90608e17 R11: 0000000000000001 R12: 0000000000000030\nR13: ffff888036334880 R14: 0000000000000000 R15: 0000000000000000\nFS: 0000555579e90380(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffc59cc4278 CR3: 0000000072b54000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5849\n __raw_spin_lock_bh include/linux/spinlock_api_smp.h:126 [inline]\n _raw_spin_lock_bh+0x33/0x40 kernel/locking/spinlock.c:178\n spin_lock_bh include/linux/spinlock.h:356 [inline]\n modify_prefix_route+0x30b/0x8b0 net/ipv6/addrconf.c:4831\n inet6_addr_modify net/ipv6/addrconf.c:4923 [inline]\n inet6_rtm_newaddr+0x12c7/0x1ab0 net/ipv6/addrconf.c:5055\n rtnetlink_rcv_msg+0x3c7/0xea0 net/core/rtnetlink.c:6920\n netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2541\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg net/socket.c:726 [inline]\n ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2583\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2637\n __sys_sendmsg+0x16e/0x220 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fd1dcef8b79\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffc59cc4378 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd1dcef8b79\nRDX: 0000000000040040 RSI: 0000000020000140 RDI: 0000000000000004\nRBP: 00000000000113fd R08: 0000000000000006 R09: 0000000000000006\nR10: 0000000000000006 R11: 0000000000000246 R12: 00007ffc59cc438c\nR13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001\n " + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/01f95357e47219a9c4b29e177b717edbfab721b4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a747e02430dfb3657141f99aa6b09331283fa493", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56647.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56647.json new file mode 100644 index 00000000000..8b73e216739 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56647.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56647", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:24.467", + "lastModified": "2024-12-27T15:15:24.467", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Fix icmp host relookup triggering ip_rt_bug\n\narp link failure may trigger ip_rt_bug while xfrm enabled, call trace is:\n\nWARNING: CPU: 0 PID: 0 at net/ipv4/route.c:1241 ip_rt_bug+0x14/0x20\nModules linked in:\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.0-rc6-00077-g2e1b3cc9d7f7\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996),\nBIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:ip_rt_bug+0x14/0x20\nCall Trace:\n \n ip_send_skb+0x14/0x40\n __icmp_send+0x42d/0x6a0\n ipv4_link_failure+0xe2/0x1d0\n arp_error_report+0x3c/0x50\n neigh_invalidate+0x8d/0x100\n neigh_timer_handler+0x2e1/0x330\n call_timer_fn+0x21/0x120\n __run_timer_base.part.0+0x1c9/0x270\n run_timer_softirq+0x4c/0x80\n handle_softirqs+0xac/0x280\n irq_exit_rcu+0x62/0x80\n sysvec_apic_timer_interrupt+0x77/0x90\n\nThe script below reproduces this scenario:\nip xfrm policy add src 0.0.0.0/0 dst 0.0.0.0/0 \\\n\tdir out priority 0 ptype main flag localok icmp\nip l a veth1 type veth\nip a a 192.168.141.111/24 dev veth0\nip l s veth0 up\nping 192.168.141.155 -c 1\n\nicmp_route_lookup() create input routes for locally generated packets\nwhile xfrm relookup ICMP traffic.Then it will set input route\n(dst->out = ip_rt_bug) to skb for DESTUNREACH.\n\nFor ICMP err triggered by locally generated packets, dst->dev of output\nroute is loopback. Generally, xfrm relookup verification is not required\non loopback interfaces (net.ipv4.conf.lo.disable_xfrm = 1).\n\nSkip icmp relookup for locally generated packets to fix it." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/9545011e7b2a8fc0cbd6e387a09f12cd41d7d82f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c44daa7e3c73229f7ac74985acb8c7fb909c4e0a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56648.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56648.json new file mode 100644 index 00000000000..932ed44879c --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56648.json @@ -0,0 +1,41 @@ +{ + "id": "CVE-2024-56648", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:24.570", + "lastModified": "2024-12-27T15:15:24.570", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hsr: avoid potential out-of-bound access in fill_frame_info()\n\nsyzbot is able to feed a packet with 14 bytes, pretending\nit is a vlan one.\n\nSince fill_frame_info() is relying on skb->mac_len already,\nextend the check to cover this case.\n\nBUG: KMSAN: uninit-value in fill_frame_info net/hsr/hsr_forward.c:709 [inline]\n BUG: KMSAN: uninit-value in hsr_forward_skb+0x9ee/0x3b10 net/hsr/hsr_forward.c:724\n fill_frame_info net/hsr/hsr_forward.c:709 [inline]\n hsr_forward_skb+0x9ee/0x3b10 net/hsr/hsr_forward.c:724\n hsr_dev_xmit+0x2f0/0x350 net/hsr/hsr_device.c:235\n __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n xmit_one net/core/dev.c:3590 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606\n __dev_queue_xmit+0x366a/0x57d0 net/core/dev.c:4434\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3146 [inline]\n packet_sendmsg+0x91ae/0xa6f0 net/packet/af_packet.c:3178\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:726\n __sys_sendto+0x594/0x750 net/socket.c:2197\n __do_sys_sendto net/socket.c:2204 [inline]\n __se_sys_sendto net/socket.c:2200 [inline]\n __x64_sys_sendto+0x125/0x1d0 net/socket.c:2200\n x64_sys_call+0x346a/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:45\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4091 [inline]\n slab_alloc_node mm/slub.c:4134 [inline]\n kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4186\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587\n __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678\n alloc_skb include/linux/skbuff.h:1323 [inline]\n alloc_skb_with_frags+0xc8/0xd00 net/core/skbuff.c:6612\n sock_alloc_send_pskb+0xa81/0xbf0 net/core/sock.c:2881\n packet_alloc_skb net/packet/af_packet.c:2995 [inline]\n packet_snd net/packet/af_packet.c:3089 [inline]\n packet_sendmsg+0x74c6/0xa6f0 net/packet/af_packet.c:3178\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:726\n __sys_sendto+0x594/0x750 net/socket.c:2197\n __do_sys_sendto net/socket.c:2204 [inline]\n __se_sys_sendto net/socket.c:2200 [inline]\n __x64_sys_sendto+0x125/0x1d0 net/socket.c:2200\n x64_sys_call+0x346a/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:45\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/3c215663b3e27a3b08cefcaea623ff54c70c8035", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6bb5c8ebc99f0671dbd3c9408ebaf935c3951186", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7ea527fbd7b94d0bee64a0a7e98279bcc654b322", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/aa632691c722a123e47ccd05a3afdd5f87a36061", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b9653d19e556c6afd035602927a93d100a0d7644", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c6e778901d0055356c4fb223058364cae731494a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56649.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56649.json new file mode 100644 index 00000000000..b855ac77c4e --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56649.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56649", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:24.680", + "lastModified": "2024-12-27T15:15:24.680", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: enetc: Do not configure preemptible TCs if SIs do not support\n\nBoth ENETC PF and VF drivers share enetc_setup_tc_mqprio() to configure\nMQPRIO. And enetc_setup_tc_mqprio() calls enetc_change_preemptible_tcs()\nto configure preemptible TCs. However, only PF is able to configure\npreemptible TCs. Because only PF has related registers, while VF does not\nhave these registers. So for VF, its hw->port pointer is NULL. Therefore,\nVF will access an invalid pointer when accessing a non-existent register,\nwhich will cause a crash issue. The simplified log is as follows.\n\nroot@ls1028ardb:~# tc qdisc add dev eno0vf0 parent root handle 100: \\\nmqprio num_tc 4 map 0 0 1 1 2 2 3 3 queues 1@0 1@1 1@2 1@3 hw 1\n[ 187.290775] Unable to handle kernel paging request at virtual address 0000000000001f00\n[ 187.424831] pc : enetc_mm_commit_preemptible_tcs+0x1c4/0x400\n[ 187.430518] lr : enetc_mm_commit_preemptible_tcs+0x30c/0x400\n[ 187.511140] Call trace:\n[ 187.513588] enetc_mm_commit_preemptible_tcs+0x1c4/0x400\n[ 187.518918] enetc_setup_tc_mqprio+0x180/0x214\n[ 187.523374] enetc_vf_setup_tc+0x1c/0x30\n[ 187.527306] mqprio_enable_offload+0x144/0x178\n[ 187.531766] mqprio_init+0x3ec/0x668\n[ 187.535351] qdisc_create+0x15c/0x488\n[ 187.539023] tc_modify_qdisc+0x398/0x73c\n[ 187.542958] rtnetlink_rcv_msg+0x128/0x378\n[ 187.547064] netlink_rcv_skb+0x60/0x130\n[ 187.550910] rtnetlink_rcv+0x18/0x24\n[ 187.554492] netlink_unicast+0x300/0x36c\n[ 187.558425] netlink_sendmsg+0x1a8/0x420\n[ 187.606759] ---[ end trace 0000000000000000 ]---\n\nIn addition, some PFs also do not support configuring preemptible TCs,\nsuch as eno1 and eno3 on LS1028A. It won't crash like it does for VFs,\nbut we should prevent these PFs from accessing these unimplemented\nregisters." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/66127f0d1ecf00604aeab71132bde398fd9ec7c9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b2420b8c81ec674552d00c55d46245e5c184b260", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b718b68a9964181e24d15138a09ce95785a19002", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56650.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56650.json new file mode 100644 index 00000000000..eadbc4f86d2 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56650.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56650", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:24.783", + "lastModified": "2024-12-27T15:15:24.783", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: x_tables: fix LED ID check in led_tg_check()\n\nSyzbot has reported the following BUG detected by KASAN:\n\nBUG: KASAN: slab-out-of-bounds in strlen+0x58/0x70\nRead of size 1 at addr ffff8881022da0c8 by task repro/5879\n...\nCall Trace:\n \n dump_stack_lvl+0x241/0x360\n ? __pfx_dump_stack_lvl+0x10/0x10\n ? __pfx__printk+0x10/0x10\n ? _printk+0xd5/0x120\n ? __virt_addr_valid+0x183/0x530\n ? __virt_addr_valid+0x183/0x530\n print_report+0x169/0x550\n ? __virt_addr_valid+0x183/0x530\n ? __virt_addr_valid+0x183/0x530\n ? __virt_addr_valid+0x45f/0x530\n ? __phys_addr+0xba/0x170\n ? strlen+0x58/0x70\n kasan_report+0x143/0x180\n ? strlen+0x58/0x70\n strlen+0x58/0x70\n kstrdup+0x20/0x80\n led_tg_check+0x18b/0x3c0\n xt_check_target+0x3bb/0xa40\n ? __pfx_xt_check_target+0x10/0x10\n ? stack_depot_save_flags+0x6e4/0x830\n ? nft_target_init+0x174/0xc30\n nft_target_init+0x82d/0xc30\n ? __pfx_nft_target_init+0x10/0x10\n ? nf_tables_newrule+0x1609/0x2980\n ? nf_tables_newrule+0x1609/0x2980\n ? rcu_is_watching+0x15/0xb0\n ? nf_tables_newrule+0x1609/0x2980\n ? nf_tables_newrule+0x1609/0x2980\n ? __kmalloc_noprof+0x21a/0x400\n nf_tables_newrule+0x1860/0x2980\n ? __pfx_nf_tables_newrule+0x10/0x10\n ? __nla_parse+0x40/0x60\n nfnetlink_rcv+0x14e5/0x2ab0\n ? __pfx_validate_chain+0x10/0x10\n ? __pfx_nfnetlink_rcv+0x10/0x10\n ? __lock_acquire+0x1384/0x2050\n ? netlink_deliver_tap+0x2e/0x1b0\n ? __pfx_lock_release+0x10/0x10\n ? netlink_deliver_tap+0x2e/0x1b0\n netlink_unicast+0x7f8/0x990\n ? __pfx_netlink_unicast+0x10/0x10\n ? __virt_addr_valid+0x183/0x530\n ? __check_object_size+0x48e/0x900\n netlink_sendmsg+0x8e4/0xcb0\n ? __pfx_netlink_sendmsg+0x10/0x10\n ? aa_sock_msg_perm+0x91/0x160\n ? __pfx_netlink_sendmsg+0x10/0x10\n __sock_sendmsg+0x223/0x270\n ____sys_sendmsg+0x52a/0x7e0\n ? __pfx_____sys_sendmsg+0x10/0x10\n __sys_sendmsg+0x292/0x380\n ? __pfx___sys_sendmsg+0x10/0x10\n ? lockdep_hardirqs_on_prepare+0x43d/0x780\n ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10\n ? exc_page_fault+0x590/0x8c0\n ? do_syscall_64+0xb6/0x230\n do_syscall_64+0xf3/0x230\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n...\n \n\nSince an invalid (without '\\0' byte at all) byte sequence may be passed\nfrom userspace, add an extra check to ensure that such a sequence is\nrejected as possible ID and so never passed to 'kstrdup()' and further." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/04317f4eb2aad312ad85c1a17ad81fe75f1f9bc7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/147a42bb02de8735cb08476be6d0917987d022c2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/36a9d94dac28beef6b8abba46ba8874320d3e800", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a9bcc0b70d9baf3ff005874489a0dc9d023b54c3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ab9916321c95f5280b72b4c5055e269f98627efe", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ad28612ebae1fcc1104bd432e99e99d87f6bfe09", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c40c96d98e536fc1daaa125c2332b988615e30a4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56651.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56651.json new file mode 100644 index 00000000000..d1ece923a57 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56651.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-56651", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:24.917", + "lastModified": "2024-12-27T15:15:24.917", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: hi311x: hi3110_can_ist(): fix potential use-after-free\n\nThe commit a22bd630cfff (\"can: hi311x: do not report txerr and rxerr\nduring bus-off\") removed the reporting of rxerr and txerr even in case\nof correct operation (i. e. not bus-off).\n\nThe error count information added to the CAN frame after netif_rx() is\na potential use after free, since there is no guarantee that the skb\nis in the same state. It might be freed or reused.\n\nFix the issue by postponing the netif_rx() call in case of txerr and\nrxerr reporting." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1128022009444faf49359bd406cd665b177cb643", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4ad77eb8f2e07bcfa0e28887d3c7dbb732d92cc1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9ad86d377ef4a19c75a9c639964879a5b25a433b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bc30b2fe8c54694f8ae08a5b8a5d174d16d93075", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56652.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56652.json new file mode 100644 index 00000000000..adb585f630e --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56652.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56652", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:25.027", + "lastModified": "2024-12-27T15:15:25.027", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/reg_sr: Remove register pool\n\nThat pool implementation doesn't really work: if the krealloc happens to\nmove the memory and return another address, the entries in the xarray\nbecome invalid, leading to use-after-free later:\n\n\tBUG: KASAN: slab-use-after-free in xe_reg_sr_apply_mmio+0x570/0x760 [xe]\n\tRead of size 4 at addr ffff8881244b2590 by task modprobe/2753\n\n\tAllocated by task 2753:\n\t kasan_save_stack+0x39/0x70\n\t kasan_save_track+0x14/0x40\n\t kasan_save_alloc_info+0x37/0x60\n\t __kasan_kmalloc+0xc3/0xd0\n\t __kmalloc_node_track_caller_noprof+0x200/0x6d0\n\t krealloc_noprof+0x229/0x380\n\nSimplify the code to fix the bug. A better pooling strategy may be added\nback later if needed.\n\n(cherry picked from commit e5283bd4dfecbd3335f43b62a68e24dae23f59e4)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/b0193a31a0ca5a0f9e60bb4a86537d46b98111b8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d7b028656c29b22fcde1c6ee1df5b28fbba987b5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56653.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56653.json new file mode 100644 index 00000000000..588e86eff54 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56653.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56653", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:25.133", + "lastModified": "2024-12-27T15:15:25.133", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btmtk: avoid UAF in btmtk_process_coredump\n\nhci_devcd_append may lead to the release of the skb, so it cannot be\naccessed once it is called.\n\n==================================================================\nBUG: KASAN: slab-use-after-free in btmtk_process_coredump+0x2a7/0x2d0 [btmtk]\nRead of size 4 at addr ffff888033cfabb0 by task kworker/0:3/82\n\nCPU: 0 PID: 82 Comm: kworker/0:3 Tainted: G U 6.6.40-lockdep-03464-g1d8b4eb3060e #1 b0b3c1cc0c842735643fb411799d97921d1f688c\nHardware name: Google Yaviks_Ufs/Yaviks_Ufs, BIOS Google_Yaviks_Ufs.15217.552.0 05/07/2024\nWorkqueue: events btusb_rx_work [btusb]\nCall Trace:\n \n dump_stack_lvl+0xfd/0x150\n print_report+0x131/0x780\n kasan_report+0x177/0x1c0\n btmtk_process_coredump+0x2a7/0x2d0 [btmtk 03edd567dd71a65958807c95a65db31d433e1d01]\n btusb_recv_acl_mtk+0x11c/0x1a0 [btusb 675430d1e87c4f24d0c1f80efe600757a0f32bec]\n btusb_rx_work+0x9e/0xe0 [btusb 675430d1e87c4f24d0c1f80efe600757a0f32bec]\n worker_thread+0xe44/0x2cc0\n kthread+0x2ff/0x3a0\n ret_from_fork+0x51/0x80\n ret_from_fork_asm+0x1b/0x30\n \n\nAllocated by task 82:\n stack_trace_save+0xdc/0x190\n kasan_set_track+0x4e/0x80\n __kasan_slab_alloc+0x4e/0x60\n kmem_cache_alloc+0x19f/0x360\n skb_clone+0x132/0xf70\n btusb_recv_acl_mtk+0x104/0x1a0 [btusb]\n btusb_rx_work+0x9e/0xe0 [btusb]\n worker_thread+0xe44/0x2cc0\n kthread+0x2ff/0x3a0\n ret_from_fork+0x51/0x80\n ret_from_fork_asm+0x1b/0x30\n\nFreed by task 1733:\n stack_trace_save+0xdc/0x190\n kasan_set_track+0x4e/0x80\n kasan_save_free_info+0x28/0xb0\n ____kasan_slab_free+0xfd/0x170\n kmem_cache_free+0x183/0x3f0\n hci_devcd_rx+0x91a/0x2060 [bluetooth]\n worker_thread+0xe44/0x2cc0\n kthread+0x2ff/0x3a0\n ret_from_fork+0x51/0x80\n ret_from_fork_asm+0x1b/0x30\n\nThe buggy address belongs to the object at ffff888033cfab40\n which belongs to the cache skbuff_head_cache of size 232\nThe buggy address is located 112 bytes inside of\n freed 232-byte region [ffff888033cfab40, ffff888033cfac28)\n\nThe buggy address belongs to the physical page:\npage:00000000a174ba93 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x33cfa\nhead:00000000a174ba93 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0\nanon flags: 0x4000000000000840(slab|head|zone=1)\npage_type: 0xffffffff()\nraw: 4000000000000840 ffff888100848a00 0000000000000000 0000000000000001\nraw: 0000000000000000 0000000080190019 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888033cfaa80: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc\n ffff888033cfab00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb\n>ffff888033cfab80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888033cfac00: fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc\n ffff888033cfac80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n==================================================================\n\nCheck if we need to call hci_devcd_complete before calling\nhci_devcd_append. That requires that we check data->cd_info.cnt >=\nMTK_COREDUMP_NUM instead of data->cd_info.cnt > MTK_COREDUMP_NUM, as we\nincrement data->cd_info.cnt only once the call to hci_devcd_append\nsucceeds." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/b548f5e9456c568155499d9ebac675c0d7a296e8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d20ff1d3cb40479789368f502eedb0a00e4161fc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ecdcaea0e4057171ea4c3783e1cc1c900ad99125", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56654.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56654.json new file mode 100644 index 00000000000..b44008ee8f1 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56654.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56654", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:25.237", + "lastModified": "2024-12-27T15:15:25.237", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: Fix using rcu_read_(un)lock while iterating\n\nThe usage of rcu_read_(un)lock while inside list_for_each_entry_rcu is\nnot safe since for the most part entries fetched this way shall be\ntreated as rcu_dereference:\n\n\tNote that the value returned by rcu_dereference() is valid\n\tonly within the enclosing RCU read-side critical section [1]_.\n\tFor example, the following is **not** legal::\n\n\t\trcu_read_lock();\n\t\tp = rcu_dereference(head.next);\n\t\trcu_read_unlock();\n\t\tx = p->address;\t/* BUG!!! */\n\t\trcu_read_lock();\n\t\ty = p->data;\t/* BUG!!! */\n\t\trcu_read_unlock();" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0108132d7d76d884e443d18b4f067cdf2811911b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/581dd2dc168fe0ed2a7a5534a724f0d3751c93ae", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f9ecc90b5d501b3a5a62d0685d5104f934bb0104", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56655.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56655.json new file mode 100644 index 00000000000..6733c476ceb --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56655.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56655", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:25.343", + "lastModified": "2024-12-27T15:15:25.343", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: do not defer rule destruction via call_rcu\n\nnf_tables_chain_destroy can sleep, it can't be used from call_rcu\ncallbacks.\n\nMoreover, nf_tables_rule_release() is only safe for error unwinding,\nwhile transaction mutex is held and the to-be-desroyed rule was not\nexposed to either dataplane or dumps, as it deactives+frees without\nthe required synchronize_rcu() in-between.\n\nnft_rule_expr_deactivate() callbacks will change ->use counters\nof other chains/sets, see e.g. nft_lookup .deactivate callback, these\nmust be serialized via transaction mutex.\n\nAlso add a few lockdep asserts to make this more explicit.\n\nCalling synchronize_rcu() isn't ideal, but fixing this without is hard\nand way more intrusive. As-is, we can get:\n\nWARNING: .. net/netfilter/nf_tables_api.c:5515 nft_set_destroy+0x..\nWorkqueue: events nf_tables_trans_destroy_work\nRIP: 0010:nft_set_destroy+0x3fe/0x5c0\nCall Trace:\n \n nf_tables_trans_destroy_work+0x6b7/0xad0\n process_one_work+0x64a/0xce0\n worker_thread+0x613/0x10d0\n\nIn case the synchronize_rcu becomes an issue, we can explore alternatives.\n\nOne way would be to allocate nft_trans_rule objects + one nft_trans_chain\nobject, deactivate the rules + the chain and then defer the freeing to the\nnft destroy workqueue. We'd still need to keep the synchronize_rcu path as\na fallback to handle -ENOMEM corner cases though." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/27f0574253f6c24c8ee4e3f0a685b75ed3a256ed", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7cf0bd232b565d9852cb25fd094f77254773e048", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b04df3da1b5c6f6dc7cdccc37941740c078c4043", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56656.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56656.json new file mode 100644 index 00000000000..e87ffcaf90f --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56656.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56656", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:25.447", + "lastModified": "2024-12-27T15:15:25.447", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips\n\nThe 5760X (P7) chip's HW GRO/LRO interface is very similar to that of\nthe previous generation (5750X or P5). However, the aggregation ID\nfields in the completion structures on P7 have been redefined from\n16 bits to 12 bits. The freed up 4 bits are redefined for part of the\nmetadata such as the VLAN ID. The aggregation ID mask was not modified\nwhen adding support for P7 chips. Including the extra 4 bits for the\naggregation ID can potentially cause the driver to store or fetch the\npacket header of GRO/LRO packets in the wrong TPA buffer. It may hit\nthe BUG() condition in __skb_pull() because the SKB contains no valid\npacket header:\n\nkernel BUG at include/linux/skbuff.h:2766!\nOops: invalid opcode: 0000 1 PREEMPT SMP NOPTI\nCPU: 4 UID: 0 PID: 0 Comm: swapper/4 Kdump: loaded Tainted: G OE 6.12.0-rc2+ #7\nTainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\nHardware name: Dell Inc. PowerEdge R760/0VRV9X, BIOS 1.0.1 12/27/2022\nRIP: 0010:eth_type_trans+0xda/0x140\nCode: 80 00 00 00 eb c1 8b 47 70 2b 47 74 48 8b 97 d0 00 00 00 83 f8 01 7e 1b 48 85 d2 74 06 66 83 3a ff 74 09 b8 00 04 00 00 eb a5 <0f> 0b b8 00 01 00 00 eb 9c 48 85 ff 74 eb 31 f6 b9 02 00 00 00 48\nRSP: 0018:ff615003803fcc28 EFLAGS: 00010283\nRAX: 00000000000022d2 RBX: 0000000000000003 RCX: ff2e8c25da334040\nRDX: 0000000000000040 RSI: ff2e8c25c1ce8000 RDI: ff2e8c25869f9000\nRBP: ff2e8c258c31c000 R08: ff2e8c25da334000 R09: 0000000000000001\nR10: ff2e8c25da3342c0 R11: ff2e8c25c1ce89c0 R12: ff2e8c258e0990b0\nR13: ff2e8c25bb120000 R14: ff2e8c25c1ce89c0 R15: ff2e8c25869f9000\nFS: 0000000000000000(0000) GS:ff2e8c34be300000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000055f05317e4c8 CR3: 000000108bac6006 CR4: 0000000000773ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \n ? die+0x33/0x90\n ? do_trap+0xd9/0x100\n ? eth_type_trans+0xda/0x140\n ? do_error_trap+0x65/0x80\n ? eth_type_trans+0xda/0x140\n ? exc_invalid_op+0x4e/0x70\n ? eth_type_trans+0xda/0x140\n ? asm_exc_invalid_op+0x16/0x20\n ? eth_type_trans+0xda/0x140\n bnxt_tpa_end+0x10b/0x6b0 [bnxt_en]\n ? bnxt_tpa_start+0x195/0x320 [bnxt_en]\n bnxt_rx_pkt+0x902/0xd90 [bnxt_en]\n ? __bnxt_tx_int.constprop.0+0x89/0x300 [bnxt_en]\n ? kmem_cache_free+0x343/0x440\n ? __bnxt_tx_int.constprop.0+0x24f/0x300 [bnxt_en]\n __bnxt_poll_work+0x193/0x370 [bnxt_en]\n bnxt_poll_p5+0x9a/0x300 [bnxt_en]\n ? try_to_wake_up+0x209/0x670\n __napi_poll+0x29/0x1b0\n\nFix it by redefining the aggregation ID mask for P5_PLUS chips to be\n12 bits. This will work because the maximum aggregation ID is less\nthan 4096 on all P5_PLUS chips." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/24c6843b7393ebc80962b59d7ae71af91bf0dcc1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fe9274027697c69c1430dc7ee568f82b331ef972", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56657.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56657.json new file mode 100644 index 00000000000..6a42a99473b --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56657.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56657", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:25.543", + "lastModified": "2024-12-27T15:15:25.543", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: control: Avoid WARN() for symlink errors\n\nUsing WARN() for showing the error of symlink creations don't give\nmore information than telling that something goes wrong, since the\nusual code path is a lregister callback from each control element\ncreation. More badly, the use of WARN() rather confuses fuzzer as if\nit were serious issues.\n\nThis patch downgrades the warning messages to use the normal dev_err()\ninstead of WARN(). For making it clearer, add the function name to\nthe prefix, too." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/36c0764474b637bbee498806485bed524cad486b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b2e538a9827dd04ab5273bf4be8eb2edb84357b0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d5a1ca7b59804d6779644001a878ed925a4688ca", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56658.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56658.json new file mode 100644 index 00000000000..347e3d386e0 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56658.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-56658", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:25.643", + "lastModified": "2024-12-27T15:15:25.643", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: defer final 'struct net' free in netns dismantle\n\nIlya reported a slab-use-after-free in dst_destroy [1]\n\nIssue is in xfrm6_net_init() and xfrm4_net_init() :\n\nThey copy xfrm[46]_dst_ops_template into net->xfrm.xfrm[46]_dst_ops.\n\nBut net structure might be freed before all the dst callbacks are\ncalled. So when dst_destroy() calls later :\n\nif (dst->ops->destroy)\n dst->ops->destroy(dst);\n\ndst->ops points to the old net->xfrm.xfrm[46]_dst_ops, which has been freed.\n\nSee a relevant issue fixed in :\n\nac888d58869b (\"net: do not delay dst_entries_add() in dst_release()\")\n\nA fix is to queue the 'struct net' to be freed after one\nanother cleanup_net() round (and existing rcu_barrier())\n\n[1]\n\nBUG: KASAN: slab-use-after-free in dst_destroy (net/core/dst.c:112)\nRead of size 8 at addr ffff8882137ccab0 by task swapper/37/0\nDec 03 05:46:18 kernel:\nCPU: 37 UID: 0 PID: 0 Comm: swapper/37 Kdump: loaded Not tainted 6.12.0 #67\nHardware name: Red Hat KVM/RHEL, BIOS 1.16.1-1.el9 04/01/2014\nCall Trace:\n \ndump_stack_lvl (lib/dump_stack.c:124)\nprint_address_description.constprop.0 (mm/kasan/report.c:378)\n? dst_destroy (net/core/dst.c:112)\nprint_report (mm/kasan/report.c:489)\n? dst_destroy (net/core/dst.c:112)\n? kasan_addr_to_slab (mm/kasan/common.c:37)\nkasan_report (mm/kasan/report.c:603)\n? dst_destroy (net/core/dst.c:112)\n? rcu_do_batch (kernel/rcu/tree.c:2567)\ndst_destroy (net/core/dst.c:112)\nrcu_do_batch (kernel/rcu/tree.c:2567)\n? __pfx_rcu_do_batch (kernel/rcu/tree.c:2491)\n? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4339 kernel/locking/lockdep.c:4406)\nrcu_core (kernel/rcu/tree.c:2825)\nhandle_softirqs (kernel/softirq.c:554)\n__irq_exit_rcu (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637)\nirq_exit_rcu (kernel/softirq.c:651)\nsysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1049 arch/x86/kernel/apic/apic.c:1049)\n \n \nasm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702)\nRIP: 0010:default_idle (./arch/x86/include/asm/irqflags.h:37 ./arch/x86/include/asm/irqflags.h:92 arch/x86/kernel/process.c:743)\nCode: 00 4d 29 c8 4c 01 c7 4c 29 c2 e9 6e ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 90 0f 00 2d c7 c9 27 00 fb f4 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90\nRSP: 0018:ffff888100d2fe00 EFLAGS: 00000246\nRAX: 00000000001870ed RBX: 1ffff110201a5fc2 RCX: ffffffffb61a3e46\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffb3d4d123\nRBP: 0000000000000000 R08: 0000000000000001 R09: ffffed11c7e1835d\nR10: ffff888e3f0c1aeb R11: 0000000000000000 R12: 0000000000000000\nR13: ffff888100d20000 R14: dffffc0000000000 R15: 0000000000000000\n? ct_kernel_exit.constprop.0 (kernel/context_tracking.c:148)\n? cpuidle_idle_call (kernel/sched/idle.c:186)\ndefault_idle_call (./include/linux/cpuidle.h:143 kernel/sched/idle.c:118)\ncpuidle_idle_call (kernel/sched/idle.c:186)\n? __pfx_cpuidle_idle_call (kernel/sched/idle.c:168)\n? lock_release (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5848)\n? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4347 kernel/locking/lockdep.c:4406)\n? tsc_verify_tsc_adjust (arch/x86/kernel/tsc_sync.c:59)\ndo_idle (kernel/sched/idle.c:326)\ncpu_startup_entry (kernel/sched/idle.c:423 (discriminator 1))\nstart_secondary (arch/x86/kernel/smpboot.c:202 arch/x86/kernel/smpboot.c:282)\n? __pfx_start_secondary (arch/x86/kernel/smpboot.c:232)\n? soft_restart_cpu (arch/x86/kernel/head_64.S:452)\ncommon_startup_64 (arch/x86/kernel/head_64.S:414)\n \nDec 03 05:46:18 kernel:\nAllocated by task 12184:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (./arch/x86/include/asm/current.h:49 mm/kasan/common.c:60 mm/kasan/common.c:69)\n__kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345)\nkmem_cache_alloc_noprof (mm/slub.c:4085 mm/slub.c:4134 mm/slub.c:4141)\ncopy_net_ns (net/core/net_namespace.c:421 net/core/net_namespace.c:480)\ncreate_new_namespaces\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0f6ede9fbc747e2553612271bce108f7517e7a45", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3267b254dc0a04dfa362a2be24573cfa6d2d78f5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6610c7f8a8d47fd1123eed55ba8c11c2444d8842", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b7a79e51297f7b82adb687086f5cb2da446f1e40", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56659.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56659.json new file mode 100644 index 00000000000..4ca69e2621c --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56659.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56659", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:25.747", + "lastModified": "2024-12-27T15:15:25.747", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: lapb: increase LAPB_HEADER_LEN\n\nIt is unclear if net/lapb code is supposed to be ready for 8021q.\n\nWe can at least avoid crashes like the following :\n\nskbuff: skb_under_panic: text:ffffffff8aabe1f6 len:24 put:20 head:ffff88802824a400 data:ffff88802824a3fe tail:0x16 end:0x140 dev:nr0.2\n------------[ cut here ]------------\n kernel BUG at net/core/skbuff.c:206 !\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 1 UID: 0 PID: 5508 Comm: dhcpcd Not tainted 6.12.0-rc7-syzkaller-00144-g66418447d27b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024\n RIP: 0010:skb_panic net/core/skbuff.c:206 [inline]\n RIP: 0010:skb_under_panic+0x14b/0x150 net/core/skbuff.c:216\nCode: 0d 8d 48 c7 c6 2e 9e 29 8e 48 8b 54 24 08 8b 0c 24 44 8b 44 24 04 4d 89 e9 50 41 54 41 57 41 56 e8 1a 6f 37 02 48 83 c4 20 90 <0f> 0b 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3\nRSP: 0018:ffffc90002ddf638 EFLAGS: 00010282\nRAX: 0000000000000086 RBX: dffffc0000000000 RCX: 7a24750e538ff600\nRDX: 0000000000000000 RSI: 0000000000000201 RDI: 0000000000000000\nRBP: ffff888034a86650 R08: ffffffff8174b13c R09: 1ffff920005bbe60\nR10: dffffc0000000000 R11: fffff520005bbe61 R12: 0000000000000140\nR13: ffff88802824a400 R14: ffff88802824a3fe R15: 0000000000000016\nFS: 00007f2a5990d740(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000110c2631fd CR3: 0000000029504000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n skb_push+0xe5/0x100 net/core/skbuff.c:2636\n nr_header+0x36/0x320 net/netrom/nr_dev.c:69\n dev_hard_header include/linux/netdevice.h:3148 [inline]\n vlan_dev_hard_header+0x359/0x480 net/8021q/vlan_dev.c:83\n dev_hard_header include/linux/netdevice.h:3148 [inline]\n lapbeth_data_transmit+0x1f6/0x2a0 drivers/net/wan/lapbether.c:257\n lapb_data_transmit+0x91/0xb0 net/lapb/lapb_iface.c:447\n lapb_transmit_buffer+0x168/0x1f0 net/lapb/lapb_out.c:149\n lapb_establish_data_link+0x84/0xd0\n lapb_device_event+0x4e0/0x670\n notifier_call_chain+0x19f/0x3e0 kernel/notifier.c:93\n __dev_notify_flags+0x207/0x400\n dev_change_flags+0xf0/0x1a0 net/core/dev.c:8922\n devinet_ioctl+0xa4e/0x1aa0 net/ipv4/devinet.c:1188\n inet_ioctl+0x3d7/0x4f0 net/ipv4/af_inet.c:1003\n sock_do_ioctl+0x158/0x460 net/socket.c:1227\n sock_ioctl+0x626/0x8e0 net/socket.c:1346\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/03e661b5e7aa1124f24054df9ab2ee5cb2178973", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2b351355bbd50ae25d096785b6eb31998d2bf765", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3aa2ef7ffd0451e8f81c249d2a2a68283c6bc700", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/76d856f03d0290cf5392364ecdf74c15ee16b8fd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a6d75ecee2bf828ac6a1b52724aba0a977e4eaf4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c21c7c1c00bcc60cf752ec491bdfd47693f4d3c7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f0949199651bc87c5ed2c12a7323f441f1af6fe9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56660.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56660.json new file mode 100644 index 00000000000..959d564b2d8 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56660.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-56660", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:25.857", + "lastModified": "2024-12-27T15:15:25.857", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: DR, prevent potential error pointer dereference\n\nThe dr_domain_add_vport_cap() function generally returns NULL on error\nbut sometimes we want it to return ERR_PTR(-EBUSY) so the caller can\nretry. The problem here is that \"ret\" can be either -EBUSY or -ENOMEM\nand if it's and -ENOMEM then the error pointer is propogated back and\neventually dereferenced in dr_ste_v0_build_src_gvmi_qpn_tag()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/11776cff0b563c8b8a4fa76cab620bfb633a8cb8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/325cf73a1b449fea3158ab99d03a7a717aad1618", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/61f720e801443d4e2a3c0261eda4ad8431458dca", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a59c61a1869ceefc65ef02886f91e8cd0062211f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56661.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56661.json new file mode 100644 index 00000000000..e5514ef0f77 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56661.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56661", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:25.960", + "lastModified": "2024-12-27T15:15:25.960", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix NULL deref in cleanup_bearer()\n\nsyzbot found [1] that after blamed commit, ub->ubsock->sk\nwas NULL when attempting the atomic_dec() :\n\natomic_dec(&tipc_net(sock_net(ub->ubsock->sk))->wq_count);\n\nFix this by caching the tipc_net pointer.\n\n[1]\n\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]\nCPU: 0 UID: 0 PID: 5896 Comm: kworker/0:3 Not tainted 6.13.0-rc1-next-20241203-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: events cleanup_bearer\n RIP: 0010:read_pnet include/net/net_namespace.h:387 [inline]\n RIP: 0010:sock_net include/net/sock.h:655 [inline]\n RIP: 0010:cleanup_bearer+0x1f7/0x280 net/tipc/udp_media.c:820\nCode: 18 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 3c f7 99 f6 48 8b 1b 48 83 c3 30 e8 f0 e4 60 00 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 1a f7 99 f6 49 83 c7 e8 48 8b 1b\nRSP: 0018:ffffc9000410fb70 EFLAGS: 00010206\nRAX: 0000000000000006 RBX: 0000000000000030 RCX: ffff88802fe45a00\nRDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffc9000410f900\nRBP: ffff88807e1f0908 R08: ffffc9000410f907 R09: 1ffff92000821f20\nR10: dffffc0000000000 R11: fffff52000821f21 R12: ffff888031d19980\nR13: dffffc0000000000 R14: dffffc0000000000 R15: ffff88807e1f0918\nFS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000556ca050b000 CR3: 0000000031c0c000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/07b569eda6fe6a1e83be5a587abee12d1303f95e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/754ec823ee53422361da7958a8c8bf3275426912", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/89ecda492d0a37fd00aaffc4151f1f44c26d93ac", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a771f349c95d3397636861a0a6462d4a7a7ecb25", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a852c82eda4991e21610837aaa160965be71f5cc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b04d86fff66b15c07505d226431f808c15b1703c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d1d4dfb189a115734bff81c411bc58d9e348db7d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56662.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56662.json new file mode 100644 index 00000000000..fcdf429a195 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56662.json @@ -0,0 +1,41 @@ +{ + "id": "CVE-2024-56662", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:26.073", + "lastModified": "2024-12-27T15:15:26.073", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nacpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl\n\nFix an issue detected by syzbot with KASAN:\n\nBUG: KASAN: vmalloc-out-of-bounds in cmd_to_func drivers/acpi/nfit/\ncore.c:416 [inline]\nBUG: KASAN: vmalloc-out-of-bounds in acpi_nfit_ctl+0x20e8/0x24a0\ndrivers/acpi/nfit/core.c:459\n\nThe issue occurs in cmd_to_func when the call_pkg->nd_reserved2\narray is accessed without verifying that call_pkg points to a buffer\nthat is appropriately sized as a struct nd_cmd_pkg. This can lead\nto out-of-bounds access and undefined behavior if the buffer does not\nhave sufficient space.\n\nTo address this, a check was added in acpi_nfit_ctl() to ensure that\nbuf is not NULL and that buf_len is less than sizeof(*call_pkg)\nbefore accessing it. This ensures safe access to the members of\ncall_pkg, including the nd_reserved2 array." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/143f723e9eb4f0302ffb7adfdc7ef77eab3f68e0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/212846fafb753a48e869e2a342fc1e24048da771", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/265e98f72bac6c41a4492d3e30a8e5fd22fe0779", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/616aa5f3c86e0479bcbb81e41c08c43ff32af637", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bbdb3307f609ec4dc9558770f464ede01fe52aed", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e08dc2dc3c3f7938df0e4476fe3e6fdec5583c1d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56663.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56663.json new file mode 100644 index 00000000000..52416a0a1cf --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56663.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-56663", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:26.187", + "lastModified": "2024-12-27T15:15:26.187", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one\n\nSince the netlink attribute range validation provides inclusive\nchecking, the *max* of attribute NL80211_ATTR_MLO_LINK_ID should be\nIEEE80211_MLD_MAX_NUM_LINKS - 1 otherwise causing an off-by-one.\n\nOne crash stack for demonstration:\n==================================================================\nBUG: KASAN: wild-memory-access in ieee80211_tx_control_port+0x3b6/0xca0 net/mac80211/tx.c:5939\nRead of size 6 at addr 001102080000000c by task fuzzer.386/9508\n\nCPU: 1 PID: 9508 Comm: syz.1.386 Not tainted 6.1.70 #2\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x177/0x231 lib/dump_stack.c:106\n print_report+0xe0/0x750 mm/kasan/report.c:398\n kasan_report+0x139/0x170 mm/kasan/report.c:495\n kasan_check_range+0x287/0x290 mm/kasan/generic.c:189\n memcpy+0x25/0x60 mm/kasan/shadow.c:65\n ieee80211_tx_control_port+0x3b6/0xca0 net/mac80211/tx.c:5939\n rdev_tx_control_port net/wireless/rdev-ops.h:761 [inline]\n nl80211_tx_control_port+0x7b3/0xc40 net/wireless/nl80211.c:15453\n genl_family_rcv_msg_doit+0x22e/0x320 net/netlink/genetlink.c:756\n genl_family_rcv_msg net/netlink/genetlink.c:833 [inline]\n genl_rcv_msg+0x539/0x740 net/netlink/genetlink.c:850\n netlink_rcv_skb+0x1de/0x420 net/netlink/af_netlink.c:2508\n genl_rcv+0x24/0x40 net/netlink/genetlink.c:861\n netlink_unicast_kernel net/netlink/af_netlink.c:1326 [inline]\n netlink_unicast+0x74b/0x8c0 net/netlink/af_netlink.c:1352\n netlink_sendmsg+0x882/0xb90 net/netlink/af_netlink.c:1874\n sock_sendmsg_nosec net/socket.c:716 [inline]\n __sock_sendmsg net/socket.c:728 [inline]\n ____sys_sendmsg+0x5cc/0x8f0 net/socket.c:2499\n ___sys_sendmsg+0x21c/0x290 net/socket.c:2553\n __sys_sendmsg net/socket.c:2582 [inline]\n __do_sys_sendmsg net/socket.c:2591 [inline]\n __se_sys_sendmsg+0x19e/0x270 net/socket.c:2589\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x45/0x90 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nUpdate the policy to ensure correct validation." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/29e640ae641b9f5ffc666049426d2b16c98d9963", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2e3dbf938656986cce73ac4083500d0bcfbffe24", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f3412522f78826fef1dfae40ef378a863df2591c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f850d1d9f1106f528dfc5807565f2d1fa9a397d3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56664.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56664.json new file mode 100644 index 00000000000..19562ce0b1c --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56664.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56664", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:26.297", + "lastModified": "2024-12-27T15:15:26.297", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Fix race between element replace and close()\n\nElement replace (with a socket different from the one stored) may race\nwith socket's close() link popping & unlinking. __sock_map_delete()\nunconditionally unrefs the (wrong) element:\n\n// set map[0] = s0\nmap_update_elem(map, 0, s0)\n\n// drop fd of s0\nclose(s0)\n sock_map_close()\n lock_sock(sk) (s0!)\n sock_map_remove_links(sk)\n link = sk_psock_link_pop()\n sock_map_unlink(sk, link)\n sock_map_delete_from_link\n // replace map[0] with s1\n map_update_elem(map, 0, s1)\n sock_map_update_elem\n (s1!) lock_sock(sk)\n sock_map_update_common\n psock = sk_psock(sk)\n spin_lock(&stab->lock)\n osk = stab->sks[idx]\n sock_map_add_link(..., &stab->sks[idx])\n sock_map_unref(osk, &stab->sks[idx])\n psock = sk_psock(osk)\n sk_psock_put(sk, psock)\n if (refcount_dec_and_test(&psock))\n sk_psock_drop(sk, psock)\n spin_unlock(&stab->lock)\n unlock_sock(sk)\n __sock_map_delete\n spin_lock(&stab->lock)\n sk = *psk // s1 replaced s0; sk == s1\n if (!sk_test || sk_test == sk) // sk_test (s0) != sk (s1); no branch\n sk = xchg(psk, NULL)\n if (sk)\n sock_map_unref(sk, psk) // unref s1; sks[idx] will dangle\n psock = sk_psock(sk)\n sk_psock_put(sk, psock)\n if (refcount_dec_and_test())\n sk_psock_drop(sk, psock)\n spin_unlock(&stab->lock)\n release_sock(sk)\n\nThen close(map) enqueues bpf_map_free_deferred, which finally calls\nsock_map_free(). This results in some refcount_t warnings along with\na KASAN splat [1].\n\nFix __sock_map_delete(), do not allow sock_map_unref() on elements that\nmay have been replaced.\n\n[1]:\nBUG: KASAN: slab-use-after-free in sock_map_free+0x10e/0x330\nWrite of size 4 at addr ffff88811f5b9100 by task kworker/u64:12/1063\n\nCPU: 14 UID: 0 PID: 1063 Comm: kworker/u64:12 Not tainted 6.12.0+ #125\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\nWorkqueue: events_unbound bpf_map_free_deferred\nCall Trace:\n \n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n kasan_check_range+0x10f/0x1e0\n sock_map_free+0x10e/0x330\n bpf_map_free_deferred+0x173/0x320\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x29e/0x360\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n \n\nAllocated by task 1202:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n unix_create1+0x88/0x8a0\n unix_create+0xc5/0x180\n __sock_create+0x241/0x650\n __sys_socketpair+0x1ce/0x420\n __x64_sys_socketpair+0x92/0x100\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 46:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n sk_psock_destroy+0x73e/0xa50\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x29e/0x360\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n\nThe bu\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/b015f19fedd2e12283a8450dd0aefce49ec57015", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bf2318e288f636a882eea39f7e1015623629f168", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ed1fc5d76b81a4d681211333c026202cad4d5649", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56665.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56665.json new file mode 100644 index 00000000000..260ecd681a3 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56665.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-56665", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:26.400", + "lastModified": "2024-12-27T15:15:26.400", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog\n\nSyzbot reported [1] crash that happens for following tracing scenario:\n\n - create tracepoint perf event with attr.inherit=1, attach it to the\n process and set bpf program to it\n - attached process forks -> chid creates inherited event\n\n the new child event shares the parent's bpf program and tp_event\n (hence prog_array) which is global for tracepoint\n\n - exit both process and its child -> release both events\n - first perf_event_detach_bpf_prog call will release tp_event->prog_array\n and second perf_event_detach_bpf_prog will crash, because\n tp_event->prog_array is NULL\n\nThe fix makes sure the perf_event_detach_bpf_prog checks prog_array\nis valid before it tries to remove the bpf program from it.\n\n[1] https://lore.kernel.org/bpf/Z1MR6dCIKajNS6nU@krava/T/#m91dbf0688221ec7a7fc95e896a7ef9ff93b0b8ad" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/842e5af282453983586e2eae3c8eaf252de5f22f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/978c4486cca5c7b9253d3ab98a88c8e769cb9bbd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c2b6b47662d5f2dfce92e5ffbdcac8229f321d9d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dfb15ddf3b65e0df2129f9756d1b4fa78055cdb3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56666.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56666.json new file mode 100644 index 00000000000..f73083c12e9 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56666.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56666", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:26.503", + "lastModified": "2024-12-27T15:15:26.503", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Dereference null return value\n\nIn the function pqm_uninit there is a call-assignment of \"pdd =\nkfd_get_process_device_data\" which could be null, and this value was\nlater dereferenced without checking." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/768442d918932c4da09003f1fd6be1750b93a4ba", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a592bb19abdc2072875c87da606461bfd7821b08", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56667.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56667.json new file mode 100644 index 00000000000..73ffda9cc22 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56667.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-56667", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:26.600", + "lastModified": "2024-12-27T15:15:26.600", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915: Fix NULL pointer dereference in capture_engine\n\nWhen the intel_context structure contains NULL,\nit raises a NULL pointer dereference error in drm_info().\n\n(cherry picked from commit 754302a5bc1bd8fd3b7d85c168b0a1af6d4bba4d)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/da0b986256ae9a78b0215214ff44f271bfe237c1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e07f9c92bd127f8835ac669d83b5e7ff59bbb40f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e6ebe4f14a267bc431d0eebab4f335c0ebd45977", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56668.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56668.json new file mode 100644 index 00000000000..f9eec4fd163 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56668.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56668", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:26.693", + "lastModified": "2024-12-27T15:15:26.693", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix qi_batch NULL pointer with nested parent domain\n\nThe qi_batch is allocated when assigning cache tag for a domain. While\nfor nested parent domain, it is missed. Hence, when trying to map pages\nto the nested parent, NULL dereference occurred. Also, there is potential\nmemleak since there is no lock around domain->qi_batch allocation.\n\nTo solve it, add a helper for qi_batch allocation, and call it in both\nthe __cache_tag_assign_domain() and __cache_tag_assign_parent_domain().\n\n BUG: kernel NULL pointer dereference, address: 0000000000000200\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 8104795067 P4D 0\n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 223 UID: 0 PID: 4357 Comm: qemu-system-x86 Not tainted 6.13.0-rc1-00028-g4b50c3c3b998-dirty #2632\n Call Trace:\n ? __die+0x24/0x70\n ? page_fault_oops+0x80/0x150\n ? do_user_addr_fault+0x63/0x7b0\n ? exc_page_fault+0x7c/0x220\n ? asm_exc_page_fault+0x26/0x30\n ? cache_tag_flush_range_np+0x13c/0x260\n intel_iommu_iotlb_sync_map+0x1a/0x30\n iommu_map+0x61/0xf0\n batch_to_domain+0x188/0x250\n iopt_area_fill_domains+0x125/0x320\n ? rcu_is_watching+0x11/0x50\n iopt_map_pages+0x63/0x100\n iopt_map_common.isra.0+0xa7/0x190\n iopt_map_user_pages+0x6a/0x80\n iommufd_ioas_map+0xcd/0x1d0\n iommufd_fops_ioctl+0x118/0x1c0\n __x64_sys_ioctl+0x93/0xc0\n do_syscall_64+0x71/0x140\n entry_SYSCALL_64_after_hwframe+0x76/0x7e" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/74536f91962d5f6af0a42414773ce61e653c10ee", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ffd774c34774fd4cc0e9cf2976595623a6c3a077", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56669.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56669.json new file mode 100644 index 00000000000..7f0d192add5 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56669.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56669", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:26.797", + "lastModified": "2024-12-27T15:15:26.797", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Remove cache tags before disabling ATS\n\nThe current implementation removes cache tags after disabling ATS,\nleading to potential memory leaks and kernel crashes. Specifically,\nCACHE_TAG_DEVTLB type cache tags may still remain in the list even\nafter the domain is freed, causing a use-after-free condition.\n\nThis issue really shows up when multiple VFs from different PFs\npassed through to a single user-space process via vfio-pci. In such\ncases, the kernel may crash with kernel messages like:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000014\n PGD 19036a067 P4D 1940a3067 PUD 136c9b067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 74 UID: 0 PID: 3183 Comm: testCli Not tainted 6.11.9 #2\n RIP: 0010:cache_tag_flush_range+0x9b/0x250\n Call Trace:\n \n ? __die+0x1f/0x60\n ? page_fault_oops+0x163/0x590\n ? exc_page_fault+0x72/0x190\n ? asm_exc_page_fault+0x22/0x30\n ? cache_tag_flush_range+0x9b/0x250\n ? cache_tag_flush_range+0x5d/0x250\n intel_iommu_tlb_sync+0x29/0x40\n intel_iommu_unmap_pages+0xfe/0x160\n __iommu_unmap+0xd8/0x1a0\n vfio_unmap_unpin+0x182/0x340 [vfio_iommu_type1]\n vfio_remove_dma+0x2a/0xb0 [vfio_iommu_type1]\n vfio_iommu_type1_ioctl+0xafa/0x18e0 [vfio_iommu_type1]\n\nMove cache_tag_unassign_domain() before iommu_disable_pci_caps() to fix\nit." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1f2557e08a617a4b5e92a48a1a9a6f86621def18", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9a0a72d3ed919ebe6491f527630998be053151d8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56670.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56670.json new file mode 100644 index 00000000000..946bbfd19cc --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56670.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-56670", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:26.890", + "lastModified": "2024-12-27T15:15:26.890", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer\n\nConsidering that in some extreme cases,\nwhen u_serial driver is accessed by multiple threads,\nThread A is executing the open operation and calling the gs_open,\nThread B is executing the disconnect operation and calling the\ngserial_disconnect function,The port->port_usb pointer will be set to NULL.\n\nE.g.\n Thread A Thread B\n gs_open() gadget_unbind_driver()\n gs_start_io() composite_disconnect()\n gs_start_rx() gserial_disconnect()\n ... ...\n spin_unlock(&port->port_lock)\n status = usb_ep_queue() spin_lock(&port->port_lock)\n spin_lock(&port->port_lock) port->port_usb = NULL\n gs_free_requests(port->port_usb->in) spin_unlock(&port->port_lock)\n Crash\n\nThis causes thread A to access a null pointer (port->port_usb is null)\nwhen calling the gs_free_requests function, causing a crash.\n\nIf port_usb is NULL, the release request will be skipped as it\nwill be done by gserial_disconnect.\n\nSo add a null pointer check to gs_start_io before attempting\nto access the value of the pointer port->port_usb.\n\nCall trace:\n gs_start_io+0x164/0x25c\n gs_open+0x108/0x13c\n tty_open+0x314/0x638\n chrdev_open+0x1b8/0x258\n do_dentry_open+0x2c4/0x700\n vfs_open+0x2c/0x3c\n path_openat+0xa64/0xc60\n do_filp_open+0xb8/0x164\n do_sys_openat2+0x84/0xf0\n __arm64_sys_openat+0x70/0x9c\n invoke_syscall+0x58/0x114\n el0_svc_common+0x80/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x38/0x68" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1247e1df086aa6c17ab53cd1bedce70dd7132765", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/28b3c03a6790de1f6f2683919ad657840f0f0f58", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4cfbca86f6a8b801f3254e0e3c8f2b1d2d64be2b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4efdfdc32d8d6307f968cd99f1db64468471bab1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8ca07a3d18f39b1669927ef536e485787e856df6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c83213b6649d22656b3a4e92544ceeea8a2c6c07", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dd6b0ca6025f64ccb465a6a3460c5b0307ed9c44", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56671.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56671.json new file mode 100644 index 00000000000..c6a6e9bf045 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56671.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56671", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:26.993", + "lastModified": "2024-12-27T15:15:26.993", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: graniterapids: Fix vGPIO driver crash\n\nMove setting irq_chip.name from probe() function to the initialization\nof \"irq_chip\" struct in order to fix vGPIO driver crash during bootup.\n\nCrash was caused by unauthorized modification of irq_chip.name field\nwhere irq_chip struct was initialized as const.\n\nThis behavior is a consequence of suboptimal implementation of\ngpio_irq_chip_set_chip(), which should be changed to avoid\ncasting away const qualifier.\n\nCrash log:\nBUG: unable to handle page fault for address: ffffffffc0ba81c0\n/#PF: supervisor write access in kernel mode\n/#PF: error_code(0x0003) - permissions violation\nCPU: 33 UID: 0 PID: 1075 Comm: systemd-udevd Not tainted 6.12.0-rc6-00077-g2e1b3cc9d7f7 #1\nHardware name: Intel Corporation Kaseyville RP/Kaseyville RP, BIOS KVLDCRB1.PGS.0026.D73.2410081258 10/08/2024\nRIP: 0010:gnr_gpio_probe+0x171/0x220 [gpio_graniterapids]" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/e631cab10c6b287a33c35953e6dbda1f7f89bc1f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/eb9640fd1ce666610b77f5997596e9570a36378f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56672.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56672.json new file mode 100644 index 00000000000..092d69311a0 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56672.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-56672", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:27.107", + "lastModified": "2024-12-27T15:15:27.107", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: Fix UAF in blkcg_unpin_online()\n\nblkcg_unpin_online() walks up the blkcg hierarchy putting the online pin. To\nwalk up, it uses blkcg_parent(blkcg) but it was calling that after\nblkcg_destroy_blkgs(blkcg) which could free the blkcg, leading to the\nfollowing UAF:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in blkcg_unpin_online+0x15a/0x270\n Read of size 8 at addr ffff8881057678c0 by task kworker/9:1/117\n\n CPU: 9 UID: 0 PID: 117 Comm: kworker/9:1 Not tainted 6.13.0-rc1-work-00182-gb8f52214c61a-dirty #48\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS unknown 02/02/2022\n Workqueue: cgwb_release cgwb_release_workfn\n Call Trace:\n \n dump_stack_lvl+0x27/0x80\n print_report+0x151/0x710\n kasan_report+0xc0/0x100\n blkcg_unpin_online+0x15a/0x270\n cgwb_release_workfn+0x194/0x480\n process_scheduled_works+0x71b/0xe20\n worker_thread+0x82a/0xbd0\n kthread+0x242/0x2c0\n ret_from_fork+0x33/0x70\n ret_from_fork_asm+0x1a/0x30\n \n ...\n Freed by task 1944:\n kasan_save_track+0x2b/0x70\n kasan_save_free_info+0x3c/0x50\n __kasan_slab_free+0x33/0x50\n kfree+0x10c/0x330\n css_free_rwork_fn+0xe6/0xb30\n process_scheduled_works+0x71b/0xe20\n worker_thread+0x82a/0xbd0\n kthread+0x242/0x2c0\n ret_from_fork+0x33/0x70\n ret_from_fork_asm+0x1a/0x30\n\nNote that the UAF is not easy to trigger as the free path is indirected\nbehind a couple RCU grace periods and a work item execution. I could only\ntrigger it with artifical msleep() injected in blkcg_unpin_online().\n\nFix it by reading the parent pointer before destroying the blkcg's blkg's." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/29d1e06560f0f6179062ac638b4064deb637d1ad", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5baa28569c924d9a90d036c2aaab79f791fedaf8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/64afc6fe24c9896c0153e5a199bcea241ecb0d5c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/86e6ca55b83c575ab0f2e105cf08f98e58d3d7af", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56673.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56673.json new file mode 100644 index 00000000000..dfa9ec554cd --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56673.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56673", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:27.210", + "lastModified": "2024-12-27T15:15:27.210", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: mm: Do not call pmd dtor on vmemmap page table teardown\n\nThe vmemmap's, which is used for RV64 with SPARSEMEM_VMEMMAP, page\ntables are populated using pmd (page middle directory) hugetables.\nHowever, the pmd allocation is not using the generic mechanism used by\nthe VMA code (e.g. pmd_alloc()), or the RISC-V specific\ncreate_pgd_mapping()/alloc_pmd_late(). Instead, the vmemmap page table\ncode allocates a page, and calls vmemmap_set_pmd(). This results in\nthat the pmd ctor is *not* called, nor would it make sense to do so.\n\nNow, when tearing down a vmemmap page table pmd, the cleanup code\nwould unconditionally, and incorrectly call the pmd dtor, which\nresults in a crash (best case).\n\nThis issue was found when running the HMM selftests:\n\n | tools/testing/selftests/mm# ./test_hmm.sh smoke\n | ... # when unloading the test_hmm.ko module\n | page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10915b\n | flags: 0x1000000000000000(node=0|zone=1)\n | raw: 1000000000000000 0000000000000000 dead000000000122 0000000000000000\n | raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000\n | page dumped because: VM_BUG_ON_PAGE(ptdesc->pmd_huge_pte)\n | ------------[ cut here ]------------\n | kernel BUG at include/linux/mm.h:3080!\n | Kernel BUG [#1]\n | Modules linked in: test_hmm(-) sch_fq_codel fuse drm drm_panel_orientation_quirks backlight dm_mod\n | CPU: 1 UID: 0 PID: 514 Comm: modprobe Tainted: G W 6.12.0-00982-gf2a4f1682d07 #2\n | Tainted: [W]=WARN\n | Hardware name: riscv-virtio qemu/qemu, BIOS 2024.10 10/01/2024\n | epc : remove_pgd_mapping+0xbec/0x1070\n | ra : remove_pgd_mapping+0xbec/0x1070\n | epc : ffffffff80010a68 ra : ffffffff80010a68 sp : ff20000000a73940\n | gp : ffffffff827b2d88 tp : ff6000008785da40 t0 : ffffffff80fbce04\n | t1 : 0720072007200720 t2 : 706d756420656761 s0 : ff20000000a73a50\n | s1 : ff6000008915cff8 a0 : 0000000000000039 a1 : 0000000000000008\n | a2 : ff600003fff0de20 a3 : 0000000000000000 a4 : 0000000000000000\n | a5 : 0000000000000000 a6 : c0000000ffffefff a7 : ffffffff824469b8\n | s2 : ff1c0000022456c0 s3 : ff1ffffffdbfffff s4 : ff6000008915c000\n | s5 : ff6000008915c000 s6 : ff6000008915c000 s7 : ff1ffffffdc00000\n | s8 : 0000000000000001 s9 : ff1ffffffdc00000 s10: ffffffff819a31f0\n | s11: ffffffffffffffff t3 : ffffffff8000c950 t4 : ff60000080244f00\n | t5 : ff60000080244000 t6 : ff20000000a73708\n | status: 0000000200000120 badaddr: ffffffff80010a68 cause: 0000000000000003\n | [] remove_pgd_mapping+0xbec/0x1070\n | [] vmemmap_free+0x14/0x1e\n | [] section_deactivate+0x220/0x452\n | [] sparse_remove_section+0x4a/0x58\n | [] __remove_pages+0x7e/0xba\n | [] memunmap_pages+0x2bc/0x3fe\n | [] dmirror_device_remove_chunks+0x2ea/0x518 [test_hmm]\n | [] hmm_dmirror_exit+0x3e/0x1018 [test_hmm]\n | [] __riscv_sys_delete_module+0x15a/0x2a6\n | [] do_trap_ecall_u+0x1f2/0x266\n | [] _new_vmalloc_restore_context_a0+0xc6/0xd2\n | Code: bf51 7597 0184 8593 76a5 854a 4097 0029 80e7 2c00 (9002) 7597\n | ---[ end trace 0000000000000000 ]---\n | Kernel panic - not syncing: Fatal exception in interrupt\n\nAdd a check to avoid calling the pmd dtor, if the calling context is\nvmemmap_free()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/21f1b85c8912262adf51707e63614a114425eb10", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/344945806f2f7af68be98bac02836c867f223aa9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56674.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56674.json new file mode 100644 index 00000000000..5628dae12c6 --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56674.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-56674", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:27.313", + "lastModified": "2024-12-27T15:15:27.313", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: correct netdev_tx_reset_queue() invocation point\n\nWhen virtnet_close is followed by virtnet_open, some TX completions can\npossibly remain unconsumed, until they are finally processed during the\nfirst NAPI poll after the netdev_tx_reset_queue(), resulting in a crash\n[1]. Commit b96ed2c97c79 (\"virtio_net: move netdev_tx_reset_queue() call\nbefore RX napi enable\") was not sufficient to eliminate all BQL crash\ncases for virtio-net.\n\nThis issue can be reproduced with the latest net-next master by running:\n`while :; do ip l set DEV down; ip l set DEV up; done` under heavy network\nTX load from inside the machine.\n\nnetdev_tx_reset_queue() can actually be dropped from virtnet_open path;\nthe device is not stopped in any case. For BQL core part, it's just like\ntraffic nearly ceases to exist for some period. For stall detector added\nto BQL, even if virtnet_close could somehow lead to some TX completions\ndelayed for long, followed by virtnet_open, we can just take it as stall\nas mentioned in commit 6025b9135f7a (\"net: dqs: add NIC stall detector\nbased on BQL\"). Note also that users can still reset stall_max via sysfs.\n\nSo, drop netdev_tx_reset_queue() from virtnet_enable_queue_pair(). This\neliminates the BQL crashes. As a result, netdev_tx_reset_queue() is now\nexplicitly required in freeze/restore path. This patch adds it to\nimmediately after free_unused_bufs(), following the rule of thumb:\nnetdev_tx_reset_queue() should follow any SKB freeing not followed by\nnetdev_tx_completed_queue(). This seems the most consistent and\nstreamlined approach, and now netdev_tx_reset_queue() runs whenever\nfree_unused_bufs() is done.\n\n[1]:\n------------[ cut here ]------------\nkernel BUG at lib/dynamic_queue_limits.c:99!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 7 UID: 0 PID: 1598 Comm: ip Tainted: G N 6.12.0net-next_main+ #2\nTainted: [N]=TEST\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), \\\nBIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nRIP: 0010:dql_completed+0x26b/0x290\nCode: b7 c2 49 89 e9 44 89 da 89 c6 4c 89 d7 e8 ed 17 47 00 58 65 ff 0d\n4d 27 90 7e 0f 85 fd fe ff ff e8 ea 53 8d ff e9 f3 fe ff ff <0f> 0b 01\nd2 44 89 d1 29 d1 ba 00 00 00 00 0f 48 ca e9 28 ff ff ff\nRSP: 0018:ffffc900002b0d08 EFLAGS: 00010297\nRAX: 0000000000000000 RBX: ffff888102398c80 RCX: 0000000080190009\nRDX: 0000000000000000 RSI: 000000000000006a RDI: 0000000000000000\nRBP: ffff888102398c00 R08: 0000000000000000 R09: 0000000000000000\nR10: 00000000000000ca R11: 0000000000015681 R12: 0000000000000001\nR13: ffffc900002b0d68 R14: ffff88811115e000 R15: ffff8881107aca40\nFS: 00007f41ded69500(0000) GS:ffff888667dc0000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000556ccc2dc1a0 CR3: 0000000104fd8003 CR4: 0000000000772ef0\nPKRU: 55555554\nCall Trace:\n \n ? die+0x32/0x80\n ? do_trap+0xd9/0x100\n ? dql_completed+0x26b/0x290\n ? dql_completed+0x26b/0x290\n ? do_error_trap+0x6d/0xb0\n ? dql_completed+0x26b/0x290\n ? exc_invalid_op+0x4c/0x60\n ? dql_completed+0x26b/0x290\n ? asm_exc_invalid_op+0x16/0x20\n ? dql_completed+0x26b/0x290\n __free_old_xmit+0xff/0x170 [virtio_net]\n free_old_xmit+0x54/0xc0 [virtio_net]\n virtnet_poll+0xf4/0xe30 [virtio_net]\n ? __update_load_avg_cfs_rq+0x264/0x2d0\n ? update_curr+0x35/0x260\n ? reweight_entity+0x1be/0x260\n __napi_poll.constprop.0+0x28/0x1c0\n net_rx_action+0x329/0x420\n ? enqueue_hrtimer+0x35/0x90\n ? trace_hardirqs_on+0x1d/0x80\n ? kvm_sched_clock_read+0xd/0x20\n ? sched_clock+0xc/0x30\n ? kvm_sched_clock_read+0xd/0x20\n ? sched_clock+0xc/0x30\n ? sched_clock_cpu+0xd/0x1a0\n handle_softirqs+0x138/0x3e0\n do_softirq.part.0+0x89/0xc0\n \n \n __local_bh_enable_ip+0xa7/0xb0\n virtnet_open+0xc8/0x310 [virtio_net]\n __dev_open+0xfa/0x1b0\n __dev_change_flags+0x1de/0x250\n dev_change_flags+0x22/0x60\n do_setlink.isra.0+0x2df/0x10b0\n ? rtnetlink_rcv_msg+0x34f/0x3f0\n ? netlink_rcv_skb+0x54/0x100\n ? netlink_unicas\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/3ddccbefebdbe0c4c72a248676e4d39ac66a8e26", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b4294d4ac61fbb382811a1d64eaf81f446ce2af4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56675.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56675.json new file mode 100644 index 00000000000..593919a84be --- /dev/null +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56675.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-56675", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-27T15:15:27.420", + "lastModified": "2024-12-27T15:15:27.420", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors\n\nUprobes always use bpf_prog_run_array_uprobe() under tasks-trace-RCU\nprotection. But it is possible to attach a non-sleepable BPF program to a\nuprobe, and non-sleepable BPF programs are freed via normal RCU (see\n__bpf_prog_put_noref()). This leads to UAF of the bpf_prog because a normal\nRCU grace period does not imply a tasks-trace-RCU grace period.\n\nFix it by explicitly waiting for a tasks-trace-RCU grace period after\nremoving the attachment of a bpf_prog to a perf_event." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/9245459a992d22fe0e92e988f49db1fec82c184a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9b53d2c2a38a1effc341d99be3f99fa7ef17047d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ef1b808e3b7c98612feceedf985c2fbbeb28f956", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f9f85df30118f3f4112761e6682fc60ebcce23e5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 5ed097931cc..c70f3bf8135 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-27T15:00:20.734573+00:00 +2024-12-27T17:00:20.661560+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-27T14:15:34.747000+00:00 +2024-12-27T16:25:32.740000+00:00 ``` ### Last Data Feed Release @@ -33,53 +33,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -274869 +275003 ``` ### CVEs added in the last Commit -Recently added CVEs: `96` +Recently added CVEs: `134` -- [CVE-2024-53234](CVE-2024/CVE-2024-532xx/CVE-2024-53234.json) (`2024-12-27T14:15:31.783`) -- [CVE-2024-53235](CVE-2024/CVE-2024-532xx/CVE-2024-53235.json) (`2024-12-27T14:15:31.900`) -- [CVE-2024-53236](CVE-2024/CVE-2024-532xx/CVE-2024-53236.json) (`2024-12-27T14:15:32.013`) -- [CVE-2024-53237](CVE-2024/CVE-2024-532xx/CVE-2024-53237.json) (`2024-12-27T14:15:32.130`) -- [CVE-2024-53238](CVE-2024/CVE-2024-532xx/CVE-2024-53238.json) (`2024-12-27T14:15:32.253`) -- [CVE-2024-53239](CVE-2024/CVE-2024-532xx/CVE-2024-53239.json) (`2024-12-27T14:15:32.373`) -- [CVE-2024-56531](CVE-2024/CVE-2024-565xx/CVE-2024-56531.json) (`2024-12-27T14:15:32.503`) -- [CVE-2024-56532](CVE-2024/CVE-2024-565xx/CVE-2024-56532.json) (`2024-12-27T14:15:32.640`) -- [CVE-2024-56533](CVE-2024/CVE-2024-565xx/CVE-2024-56533.json) (`2024-12-27T14:15:32.800`) -- [CVE-2024-56534](CVE-2024/CVE-2024-565xx/CVE-2024-56534.json) (`2024-12-27T14:15:32.940`) -- [CVE-2024-56535](CVE-2024/CVE-2024-565xx/CVE-2024-56535.json) (`2024-12-27T14:15:33.067`) -- [CVE-2024-56536](CVE-2024/CVE-2024-565xx/CVE-2024-56536.json) (`2024-12-27T14:15:33.173`) -- [CVE-2024-56537](CVE-2024/CVE-2024-565xx/CVE-2024-56537.json) (`2024-12-27T14:15:33.290`) -- [CVE-2024-56538](CVE-2024/CVE-2024-565xx/CVE-2024-56538.json) (`2024-12-27T14:15:33.400`) -- [CVE-2024-56539](CVE-2024/CVE-2024-565xx/CVE-2024-56539.json) (`2024-12-27T14:15:33.530`) -- [CVE-2024-56540](CVE-2024/CVE-2024-565xx/CVE-2024-56540.json) (`2024-12-27T14:15:33.670`) -- [CVE-2024-56541](CVE-2024/CVE-2024-565xx/CVE-2024-56541.json) (`2024-12-27T14:15:33.767`) -- [CVE-2024-56542](CVE-2024/CVE-2024-565xx/CVE-2024-56542.json) (`2024-12-27T14:15:33.880`) -- [CVE-2024-56543](CVE-2024/CVE-2024-565xx/CVE-2024-56543.json) (`2024-12-27T14:15:34.020`) -- [CVE-2024-56544](CVE-2024/CVE-2024-565xx/CVE-2024-56544.json) (`2024-12-27T14:15:34.153`) -- [CVE-2024-56545](CVE-2024/CVE-2024-565xx/CVE-2024-56545.json) (`2024-12-27T14:15:34.270`) -- [CVE-2024-56546](CVE-2024/CVE-2024-565xx/CVE-2024-56546.json) (`2024-12-27T14:15:34.383`) -- [CVE-2024-56547](CVE-2024/CVE-2024-565xx/CVE-2024-56547.json) (`2024-12-27T14:15:34.497`) -- [CVE-2024-56548](CVE-2024/CVE-2024-565xx/CVE-2024-56548.json) (`2024-12-27T14:15:34.603`) -- [CVE-2024-56549](CVE-2024/CVE-2024-565xx/CVE-2024-56549.json) (`2024-12-27T14:15:34.747`) +- [CVE-2024-56651](CVE-2024/CVE-2024-566xx/CVE-2024-56651.json) (`2024-12-27T15:15:24.917`) +- [CVE-2024-56652](CVE-2024/CVE-2024-566xx/CVE-2024-56652.json) (`2024-12-27T15:15:25.027`) +- [CVE-2024-56653](CVE-2024/CVE-2024-566xx/CVE-2024-56653.json) (`2024-12-27T15:15:25.133`) +- [CVE-2024-56654](CVE-2024/CVE-2024-566xx/CVE-2024-56654.json) (`2024-12-27T15:15:25.237`) +- [CVE-2024-56655](CVE-2024/CVE-2024-566xx/CVE-2024-56655.json) (`2024-12-27T15:15:25.343`) +- [CVE-2024-56656](CVE-2024/CVE-2024-566xx/CVE-2024-56656.json) (`2024-12-27T15:15:25.447`) +- [CVE-2024-56657](CVE-2024/CVE-2024-566xx/CVE-2024-56657.json) (`2024-12-27T15:15:25.543`) +- [CVE-2024-56658](CVE-2024/CVE-2024-566xx/CVE-2024-56658.json) (`2024-12-27T15:15:25.643`) +- [CVE-2024-56659](CVE-2024/CVE-2024-566xx/CVE-2024-56659.json) (`2024-12-27T15:15:25.747`) +- [CVE-2024-56660](CVE-2024/CVE-2024-566xx/CVE-2024-56660.json) (`2024-12-27T15:15:25.857`) +- [CVE-2024-56661](CVE-2024/CVE-2024-566xx/CVE-2024-56661.json) (`2024-12-27T15:15:25.960`) +- [CVE-2024-56662](CVE-2024/CVE-2024-566xx/CVE-2024-56662.json) (`2024-12-27T15:15:26.073`) +- [CVE-2024-56663](CVE-2024/CVE-2024-566xx/CVE-2024-56663.json) (`2024-12-27T15:15:26.187`) +- [CVE-2024-56664](CVE-2024/CVE-2024-566xx/CVE-2024-56664.json) (`2024-12-27T15:15:26.297`) +- [CVE-2024-56665](CVE-2024/CVE-2024-566xx/CVE-2024-56665.json) (`2024-12-27T15:15:26.400`) +- [CVE-2024-56666](CVE-2024/CVE-2024-566xx/CVE-2024-56666.json) (`2024-12-27T15:15:26.503`) +- [CVE-2024-56667](CVE-2024/CVE-2024-566xx/CVE-2024-56667.json) (`2024-12-27T15:15:26.600`) +- [CVE-2024-56668](CVE-2024/CVE-2024-566xx/CVE-2024-56668.json) (`2024-12-27T15:15:26.693`) +- [CVE-2024-56669](CVE-2024/CVE-2024-566xx/CVE-2024-56669.json) (`2024-12-27T15:15:26.797`) +- [CVE-2024-56670](CVE-2024/CVE-2024-566xx/CVE-2024-56670.json) (`2024-12-27T15:15:26.890`) +- [CVE-2024-56671](CVE-2024/CVE-2024-566xx/CVE-2024-56671.json) (`2024-12-27T15:15:26.993`) +- [CVE-2024-56672](CVE-2024/CVE-2024-566xx/CVE-2024-56672.json) (`2024-12-27T15:15:27.107`) +- [CVE-2024-56673](CVE-2024/CVE-2024-566xx/CVE-2024-56673.json) (`2024-12-27T15:15:27.210`) +- [CVE-2024-56674](CVE-2024/CVE-2024-566xx/CVE-2024-56674.json) (`2024-12-27T15:15:27.313`) +- [CVE-2024-56675](CVE-2024/CVE-2024-566xx/CVE-2024-56675.json) (`2024-12-27T15:15:27.420`) ### CVEs modified in the last Commit -Recently modified CVEs: `9` +Recently modified CVEs: `39` -- [CVE-2024-27012](CVE-2024/CVE-2024-270xx/CVE-2024-27012.json) (`2024-12-27T13:15:18.897`) -- [CVE-2024-35895](CVE-2024/CVE-2024-358xx/CVE-2024-35895.json) (`2024-12-27T13:15:19.797`) -- [CVE-2024-35995](CVE-2024/CVE-2024-359xx/CVE-2024-35995.json) (`2024-12-27T13:15:20.103`) -- [CVE-2024-36917](CVE-2024/CVE-2024-369xx/CVE-2024-36917.json) (`2024-12-27T13:15:20.233`) -- [CVE-2024-41013](CVE-2024/CVE-2024-410xx/CVE-2024-41013.json) (`2024-12-27T14:15:23.343`) -- [CVE-2024-43895](CVE-2024/CVE-2024-438xx/CVE-2024-43895.json) (`2024-12-27T13:15:20.460`) -- [CVE-2024-46858](CVE-2024/CVE-2024-468xx/CVE-2024-46858.json) (`2024-12-27T13:15:20.603`) -- [CVE-2024-47683](CVE-2024/CVE-2024-476xx/CVE-2024-47683.json) (`2024-12-27T13:15:20.820`) -- [CVE-2024-49984](CVE-2024/CVE-2024-499xx/CVE-2024-49984.json) (`2024-12-27T13:15:20.990`) +- [CVE-2024-1091](CVE-2024/CVE-2024-10xx/CVE-2024-1091.json) (`2024-12-27T15:45:27.200`) +- [CVE-2024-11607](CVE-2024/CVE-2024-116xx/CVE-2024-11607.json) (`2024-12-27T15:15:09.637`) +- [CVE-2024-12908](CVE-2024/CVE-2024-129xx/CVE-2024-12908.json) (`2024-12-27T15:15:10.240`) +- [CVE-2024-12926](CVE-2024/CVE-2024-129xx/CVE-2024-12926.json) (`2024-12-27T15:15:10.360`) +- [CVE-2024-12927](CVE-2024/CVE-2024-129xx/CVE-2024-12927.json) (`2024-12-27T15:15:10.513`) +- [CVE-2024-12928](CVE-2024/CVE-2024-129xx/CVE-2024-12928.json) (`2024-12-27T15:15:10.650`) +- [CVE-2024-12929](CVE-2024/CVE-2024-129xx/CVE-2024-12929.json) (`2024-12-27T15:15:10.793`) +- [CVE-2024-12930](CVE-2024/CVE-2024-129xx/CVE-2024-12930.json) (`2024-12-27T15:15:10.947`) +- [CVE-2024-12943](CVE-2024/CVE-2024-129xx/CVE-2024-12943.json) (`2024-12-27T15:15:11.083`) +- [CVE-2024-12944](CVE-2024/CVE-2024-129xx/CVE-2024-12944.json) (`2024-12-27T15:15:11.230`) +- [CVE-2024-12949](CVE-2024/CVE-2024-129xx/CVE-2024-12949.json) (`2024-12-27T15:15:11.363`) +- [CVE-2024-12958](CVE-2024/CVE-2024-129xx/CVE-2024-12958.json) (`2024-12-27T15:15:11.510`) +- [CVE-2024-12982](CVE-2024/CVE-2024-129xx/CVE-2024-12982.json) (`2024-12-27T16:15:23.540`) +- [CVE-2024-12983](CVE-2024/CVE-2024-129xx/CVE-2024-12983.json) (`2024-12-27T16:15:23.683`) +- [CVE-2024-21436](CVE-2024/CVE-2024-214xx/CVE-2024-21436.json) (`2024-12-27T16:25:32.740`) +- [CVE-2024-3056](CVE-2024/CVE-2024-30xx/CVE-2024-3056.json) (`2024-12-27T16:15:24.437`) +- [CVE-2024-38816](CVE-2024/CVE-2024-388xx/CVE-2024-38816.json) (`2024-12-27T16:15:24.313`) +- [CVE-2024-41123](CVE-2024/CVE-2024-411xx/CVE-2024-41123.json) (`2024-12-27T16:15:24.577`) +- [CVE-2024-47153](CVE-2024/CVE-2024-471xx/CVE-2024-47153.json) (`2024-12-27T15:15:12.460`) +- [CVE-2024-47154](CVE-2024/CVE-2024-471xx/CVE-2024-47154.json) (`2024-12-27T15:15:12.587`) +- [CVE-2024-47155](CVE-2024/CVE-2024-471xx/CVE-2024-47155.json) (`2024-12-27T15:15:12.723`) +- [CVE-2024-47157](CVE-2024/CVE-2024-471xx/CVE-2024-47157.json) (`2024-12-27T15:15:12.870`) +- [CVE-2024-48949](CVE-2024/CVE-2024-489xx/CVE-2024-48949.json) (`2024-12-27T16:15:24.730`) +- [CVE-2024-49761](CVE-2024/CVE-2024-497xx/CVE-2024-49761.json) (`2024-12-27T16:15:24.890`) +- [CVE-2024-56527](CVE-2024/CVE-2024-565xx/CVE-2024-56527.json) (`2024-12-27T15:15:13.580`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 5b2d38ef748..e25c8931098 100644 --- a/_state.csv +++ b/_state.csv @@ -96357,7 +96357,7 @@ CVE-2017-12584,0,0,31595b6d3eacbe799eef59a7567c0e209b6a2421f12c85d3d56228f0946c7 CVE-2017-12585,0,0,6339351a122cfb289bad097e411b1fc410382b088e18c91261b4dfccbf3a068c,2024-11-21T03:09:48.347000 CVE-2017-12586,0,0,cfdee14d5ee49e578f2a9cc1477557aaeca69f99e1d44f084097b8ad3595817a,2024-11-21T03:09:48.487000 CVE-2017-12587,0,0,c3ef9880abab8736eb869b99e75227e83005abcba0994d876729e7459b621086,2024-11-21T03:09:48.627000 -CVE-2017-12588,0,0,2757ead22dc96d51872b077a916e450140d837debdcdea2bea9c2c2eb81f9c16,2024-11-21T03:09:48.777000 +CVE-2017-12588,0,1,8e2a37727ba5de4a6b017224d4dd2dd0e6df1a9f359fdead16c95a3a99cd0704,2024-12-27T16:15:21.503000 CVE-2017-12589,0,0,7146e7a14f2ee668fcef3cdf5b6ef84c474fd989fb96ec1dce494bef2ac5df02,2024-11-21T03:09:48.930000 CVE-2017-12590,0,0,c53b785b5ac31e28e81355339be5cf951872dbff73359e1ecaa7ed7d6d4bfd63,2024-11-21T03:09:49.077000 CVE-2017-12591,0,0,edfa35e8f633a795819c4c8e10de4b3b3db19ea299fc91fcdf671ae101ae8526,2024-11-21T03:09:49.220000 @@ -108801,7 +108801,7 @@ CVE-2017-8918,0,0,2e1f965b05396da63f824d46d99fdae5b63247c58aa5a5c6d14c8139017ee5 CVE-2017-8919,0,0,35b5cbb61c6993e6d606beba9e33a9e5e58dd420d8038d3a194a2b6a2c94fa38,2024-11-21T03:34:58.733000 CVE-2017-8920,0,0,a1a5521680dc347e5f9457e45bcb861179c941ef32254c72199d4d837752e3a5,2024-11-21T03:34:58.890000 CVE-2017-8921,0,0,e5776f4ee4f1e962e254dea6e049bb8e8a88f8475e24eaaf1f2490fbda8d2fb7,2024-11-21T03:34:59.050000 -CVE-2017-8923,0,0,1a8d35ba36f62e32bc3fe5a1cf8cfadfdeacaf50bcfa6c379098a7498f0946a4,2024-11-21T03:34:59.200000 +CVE-2017-8923,0,1,94b7855ab0ef9c83556d96d7549e1f678b7f37dd6dc8a5da46cda247e0068dc9,2024-12-27T16:15:22.243000 CVE-2017-8924,0,0,8958a640bfd353de56ae41c498e8b8388e4f8c78873a76eed10b6a8146af5a73,2024-11-21T03:34:59.353000 CVE-2017-8925,0,0,43e9ea1b2cb2d1063f34928b06955ad431ace258020acb7ab9da0026af262f21,2024-11-21T03:34:59.517000 CVE-2017-8926,0,0,1d730b96c2bd4f9dd50f1a6ca5a0b0237dca438b62fe8cdd8cbd6a61cdf809ff,2024-11-21T03:34:59.680000 @@ -113144,7 +113144,7 @@ CVE-2018-12115,0,0,63de01d2abd4ce6a3eab144c578cd5025b49d2ef72f98c0f935b26ccaa10b CVE-2018-12116,0,0,14b8604db2dcecf240c6064b334de42d1e6e48ac5efde2b964ef36202e0ac146,2024-11-21T03:44:37.917000 CVE-2018-1212,0,0,c2005bdaf1f0043e5bd6cc157fdb8c9b94ff99498aeea3f0a39918e278fbc5f4,2024-11-21T03:59:24.007000 CVE-2018-12120,0,0,5005c1a5ad0427dafca9ff38ab2612a8dd5a245855697ebc9cd45cb7dfb192e2,2024-11-21T03:44:38.050000 -CVE-2018-12121,0,0,e940d8f61cd0bc34866a74d18300d4d9f30e89625fb45d1587b1bd0803cee824,2024-11-21T03:44:38.177000 +CVE-2018-12121,0,1,1fed4b3a2461d3347b852be02af145affb794b6737c9b2b6d9c4ee17f94fdfe5,2024-12-27T16:15:22.400000 CVE-2018-12122,0,0,b8f9b6ce1ad84a787b195d15e50c17580151ae7354f6ef0d74a280b85ca5a34d,2024-12-13T14:15:19.043000 CVE-2018-12123,0,0,0d2c5185ee17eac3b17233c70e3fc4506fcf37a36d5e56d74261221a7020c610,2024-12-13T14:15:19.250000 CVE-2018-12125,0,0,f99608b02f3b51d6b7348f2a325bea878fdd51cdd84df5b43567cffb0ba60a6d,2023-11-07T02:52:01.980000 @@ -119828,7 +119828,7 @@ CVE-2018-20057,0,0,ed1593cb211a8c4e1eb76488f9af881ba1c296975bf2a6ff04a60967255e4 CVE-2018-20058,0,0,796255e5a0a4c1cff20812a5594623626ee0709d7fbd1c9dbeae7957c08e7388,2024-11-21T04:00:49.170000 CVE-2018-20059,0,0,a51c9dc7c637cc654ff1697815121d270bdcff703f0c68f60fdcdc128d1e4b50,2024-11-21T04:00:49.307000 CVE-2018-2006,0,0,47aaf5fb46e012c3cfb603348c2121f9a9a743a62e7e9289ff736907f0b910fd,2024-11-21T04:03:34.943000 -CVE-2018-20060,0,0,0bc81f10f1def73a91e8f38e7b4484f130c9b0f519f926a26858daffc985f26b,2024-11-21T04:00:49.450000 +CVE-2018-20060,0,1,e1385d2fac30923e70f75b5e2c91f03777167fa23ae8a6a4823f87a95d33d42f,2024-12-27T16:15:22.593000 CVE-2018-20061,0,0,1f3af18deb366266af78da0ceefcafeb4c84a14e1efa3997c111e9f0e822cf58,2024-11-21T04:00:49.627000 CVE-2018-20062,0,0,895b2a07e3ec5bb09e0b27112cf14ed238ec98899ad322b27beeb51e0922ca57,2024-11-21T04:00:49.783000 CVE-2018-20063,0,0,34f0aa6d0bd4f9600ecd5e922724926b6fd20feacc9a5c41e95ea24a58e17160,2024-11-21T04:00:49.940000 @@ -154451,7 +154451,7 @@ CVE-2020-24718,0,0,cfe39eafac801179db9190fa29a72dec3d115766d7ca32af6d2e7ffce0967 CVE-2020-24719,0,0,802f7bc2adcc6cc30fab6d06a941b76cccd3a76085a430900a4405c8ac8883db,2024-11-21T05:15:57.893000 CVE-2020-24721,0,0,632a0b35f20de0d234a152de0b1a8bb00cd80643afda0c8c7fd849cc3a44d353,2024-11-21T05:15:58.070000 CVE-2020-24722,0,0,2d6a9475ff7960b2ecf45b8ba5bf6c934c48a3a2b042af9ca26c088478309242,2024-11-21T05:15:58.240000 -CVE-2020-24723,0,0,f7f193dd10a46e3f3493785a5cae29dcdb3662fbb39755168539043c46d9ed5c,2024-11-21T05:15:58.427000 +CVE-2020-24723,0,1,d30b5c6288ca401e5ce6ccdfaf5cd9c0422ec60236daac85beb5cc6ec7984b8d,2024-12-27T15:55:35.150000 CVE-2020-24736,0,0,574f1fd3b8ee76dd1e77d5db8bd64ae8e0509b0cb53d8650de9c53ef74c43f1b,2024-11-21T05:15:58.713000 CVE-2020-24739,0,0,d13577f8d3e3cab7f5e3967df365f49682627bab5163d108cfd37030740a75ec,2024-11-21T05:15:58.870000 CVE-2020-24740,0,0,d2e75505e1e478dc1429baf514fec0f2ed8907950ea232f832c9f28a10f5d964,2024-11-21T05:16:00.147000 @@ -155264,7 +155264,7 @@ CVE-2020-2593,0,0,35ee9c1e7647ee90863b45953f0446f402cbc89c8ee0660838e8981f72436b CVE-2020-2594,0,0,6b177fd766bc21458a98b27aee50afa120af060c110f6d7481622fef2ec67634,2024-11-21T05:25:40.257000 CVE-2020-2595,0,0,64c84573bcb1c934cca09de09fece27275d0cf9861d538c5cd2b93850a2cbca4,2024-11-21T05:25:40.447000 CVE-2020-25950,0,0,fbe4519a0b3fefde92b7e39153e7ae82c652b8b77052c265332bad57f63c9c0a,2024-11-21T05:19:00.657000 -CVE-2020-25952,0,0,61d379c1dfbcb338b542d29a30d975d5b6c6fc4a12a11dc85923ecfd677e39d9,2024-11-21T05:19:00.827000 +CVE-2020-25952,0,1,1d24c462de3556ccce77858bec4c8a95c315d067baec081a15f18e4daa8e5d8a,2024-12-27T15:55:35.150000 CVE-2020-25955,0,0,ea810d7a802ea59edcf4d347b5f0b5201e41d62d80b1ced817e65c0e81d8bf3a,2024-11-21T05:19:01.017000 CVE-2020-2596,0,0,ac718d3aced7ee6a9848acea0d718168af4cd02a01aa31b6de9b3e67fb837f9d,2024-11-21T05:25:40.653000 CVE-2020-25966,0,0,13ccf03ef5c36ee007cda0e8174cf70b570bf1cff5824a3191282f8f8f2872e2,2024-11-21T05:19:01.203000 @@ -186613,7 +186613,7 @@ CVE-2021-46174,0,0,ddb921f010627a38461c9c9418a1513648f11f1c697f4b7b1f8ea2fc4158c CVE-2021-46179,0,0,02ca5a54df105af6183de91266817180be200b5a25b296df26541ddc0d4a9130,2024-11-21T06:33:44.897000 CVE-2021-46195,0,0,e7965c1995783427888f83010d1ac6fe7c8f26732cbb13ce66bff151598e607f,2024-11-21T06:33:45.040000 CVE-2021-46198,0,0,7241f11b419ed180fd33232bbf80b8e7f8c5821d60eb8abbe9bd2ea9e62f28a4,2024-11-21T06:33:45.187000 -CVE-2021-46200,0,0,0604af183da1121087cacef260254928c5454d9f593d0aa60b302b80d63014e6,2024-11-21T06:33:45.340000 +CVE-2021-46200,0,1,33e79e14934d787aec840e56d63f7e0fcbc2d5ba6fadaf1f3ca87f32e6b758ab,2024-12-27T15:55:35.150000 CVE-2021-46201,0,0,55e12781c99897964331dc5d6b60adbbe1ddead3c69eb36c83c86fd1dc97dc19,2024-11-21T06:33:45.490000 CVE-2021-46203,0,0,9907bd5271dcddeff0d900404f9ef5a64330e32c2f02a68f68f15c162ae93896,2024-11-21T06:33:45.640000 CVE-2021-46204,0,0,37209fb1b5fe4e5143a44add170bc3ff002acb82f091df8add419e0313009f11,2024-11-21T06:33:45.780000 @@ -213016,7 +213016,7 @@ CVE-2022-49030,0,0,7ab2b327c91a8e953151ef25e9dc417eb3ed601ae80c97f870ca11042c450 CVE-2022-49031,0,0,aa4c0a2c52253ed7dda6fcd2867ecede5eef551e7e278755cebdcb2c013d9b80,2024-10-24T16:03:12.907000 CVE-2022-49032,0,0,86da0aa47c23e92f2087fdf4dca666e785ec273028f1f5de3a039945ae0bd0d5,2024-10-24T16:04:49.880000 CVE-2022-49033,0,0,0e35c3f12a3c9f6c6c0b1536faaccdd26d066a0a34e10136f9bf0dff823dabfd,2024-10-30T21:50:50.007000 -CVE-2022-49034,1,1,b2ccfc2a6ec16f73d39c2672bdef1c16ae4953f38ae62813dacf4296340d718e,2024-12-27T14:15:22.533000 +CVE-2022-49034,0,0,b2ccfc2a6ec16f73d39c2672bdef1c16ae4953f38ae62813dacf4296340d718e,2024-12-27T14:15:22.533000 CVE-2022-49037,0,0,ba8a6a37b29910ba10716c43128f83a823f54e3f8329f435a27f476a76d2be8f,2024-10-08T16:08:55.390000 CVE-2022-49038,0,0,bd146ec9709824bb07837d9135ece055cceab92147c2fea66709fe52142c866d,2024-10-08T16:08:35.743000 CVE-2022-49039,0,0,2e6986860d0713e7ec4c3ad3a55491afee239c111c896c50f17ebb6b95907a37,2024-10-08T16:08:08.507000 @@ -239826,7 +239826,7 @@ CVE-2023-52435,0,0,4511ddd5fc96777a4d1f57c09b94f2c6faa283be3bbe7bed342b3e7847c5e CVE-2023-52436,0,0,a1d6ae97e0519eaf28cd31921dc5d9066b5d3c0d9e7a62cba2649db5d3a51484,2024-11-21T08:39:45.483000 CVE-2023-52437,0,0,42872141987ae74e64d2ed167d955818bd8792275db5df08a84277dbded74cb3,2024-02-22T13:15:08.020000 CVE-2023-52438,0,0,f704ce7035d9c7c425313c129c92bd1e19768fac31271544b6300d36dc52e559,2024-11-21T08:39:45.667000 -CVE-2023-52439,0,0,59628829e238e0d0567d11f14a69af258bdd8691b8c92655b788a70d1e728061,2024-11-21T08:39:45.820000 +CVE-2023-52439,0,1,89c74915aadbba4ecfdcdbe1c621f682b075d68fb1f53acd1233016229941502,2024-12-27T16:15:23.080000 CVE-2023-5244,0,0,edea9e4915507c997b45b182cef8d61ff33b6d4610b5d5c0fd73fb1cd2c3768a,2024-11-21T08:41:21.760000 CVE-2023-52440,0,0,9030bb361d0826ce4809631e8c54bff2f91f3e86d5c67243e589800a66f1d35d,2024-11-21T08:39:45.973000 CVE-2023-52441,0,0,4f9065a3927fe5f10797f77c21e9f2345c1920d0bb718a2259b1325d06c98c8e,2024-11-21T08:39:46.177000 @@ -242549,7 +242549,7 @@ CVE-2024-0434,0,0,0c57c5e159e3e6c393bce0fbeb391a87baccb445e5bdfb638a63d25f31352e CVE-2024-0435,0,0,2695ddf1b97c59d19a0b2f2fd225ce7c66470a1925aae18fba3c028e4dbb9310,2024-11-21T08:46:35.133000 CVE-2024-0436,0,0,93179bf49191fe2e74fd10468594231656b25598868faf48ef1f2db03d99b0c6,2024-11-21T08:46:35.243000 CVE-2024-0437,0,0,b3dbadc4bf51769a17424af985e0a0105b8dbb7d07004337c8d5eaa5c305f6a5,2024-11-21T08:46:35.363000 -CVE-2024-0438,0,0,cddb6a3cbf600697068892925b083a569892096273bc14952320241844049b6a,2024-11-21T08:46:35.487000 +CVE-2024-0438,0,1,d8d9eff4f5112adcfa9d0d912a225f89819e081a28cbd99d4ee09d61949b8798,2024-12-27T15:51:18.320000 CVE-2024-0439,0,0,01a9023bc79401248bf263081929d866c325402fc40001a5a2486055884e0bdc,2024-11-21T08:46:35.647000 CVE-2024-0440,0,0,9b41d4c42ff0b29e0c33a27150bc353ca04590e3373335ebb1c4da265e318a35,2024-11-21T08:46:35.767000 CVE-2024-0442,0,0,6ac0c6b5a09420cab59e78b387f25232ca3bbf73dad3a572eb084f761b1560a7,2024-11-21T08:46:35.890000 @@ -242931,7 +242931,7 @@ CVE-2024-0834,0,0,4909462b05092a27a61fc0c22b9068b69fa51b5caf1c544fca449cadfb1bfd CVE-2024-0835,0,0,9af51f6890e6470dad21ae7757ef0efed2c1f2e67204635a479a146277d8662f,2024-11-21T08:47:28.640000 CVE-2024-0836,0,0,cd82249cdfcb5ab173c90bf4120548bfdb723d07f1e7b14e20f0d32f1d9c1e6a,2024-11-21T08:47:28.770000 CVE-2024-0837,0,0,54f84e3002cfdda564fee9168d6c1c7df787ca0f6cd3259ca2097134909dbeda,2024-11-21T08:47:28.917000 -CVE-2024-0838,0,0,23a3dc39c50effe4528ebae359451d4481c8d1da9b8fe5d431485e98c58e6151,2024-11-21T08:47:29.030000 +CVE-2024-0838,0,1,65c3c84015040543239e3e8dfad6fe5d4d6702f7df313f51a124b3b4f9fdd8a5,2024-12-27T15:57:28.327000 CVE-2024-0839,0,0,49086e11eae50fdeaa0fd1455d8cc94d52d9a0af6af252bac9ff62fabed8f3b8,2024-11-21T08:47:29.143000 CVE-2024-0840,0,0,ca8aa458c2576a35731bcb5034c90e7663554fbe2d4d8fb60f218a463413d155,2024-11-21T08:47:29.257000 CVE-2024-0841,0,0,3a05f459f3a8d83064b8e1099ecdeed027bd751dc61114ac0cf64a122e6ab390,2024-11-21T08:47:29.387000 @@ -243061,8 +243061,8 @@ CVE-2024-0978,0,0,e5b95e6b8cd60bc606669bd0fdf2ca409c6d12e1690aeeb535a6f721a61918 CVE-2024-0979,0,0,baa5d9094fbc29dc7aa565142f1c9b80958eef1deb5e225475c26bd3e852a37c,2024-11-21T08:47:56.553000 CVE-2024-0980,0,0,0b0cf2cf274aa5011f1334c9bf9f827ad2c15dd7211176348585ac6956002ccb,2024-11-21T08:47:56.703000 CVE-2024-0981,0,0,ff5d0045d5a8a398c8154a7c935f4019293c97480e88e5858137ddb0060d7f11,2024-11-21T08:47:56.900000 -CVE-2024-0983,0,0,9f4909d4767d677327bd901e980efee82d892c092d44eb3ad622aa163f3f5f44,2024-11-21T08:47:57.023000 -CVE-2024-0984,0,0,fb1e33ae5d3f20e88ae757a36edc2e4a61d4dd5afb6c60cfdee5a6aac1f6daf4,2024-11-21T08:47:57.147000 +CVE-2024-0983,0,1,914d45697e79a505a77be76eaf128e0e88329aebd661a4dbb9c54e743e949c5a,2024-12-27T16:05:07.067000 +CVE-2024-0984,0,1,b730c9eb4e3cda5325c66780d140a9d5f205de3a66a47679819aed3b27255b47,2024-12-27T16:08:43.113000 CVE-2024-0985,0,0,a5d15a5d9e859f9dc53b420d16404c5f439648b99dc1e5499dc4dd4c4c093bdd,2024-12-20T13:15:19.070000 CVE-2024-0986,0,0,8af20ad83e0b736451510f1abab02dc3ff951bd6641a28d581e64e2373d25871,2024-11-21T08:47:57.427000 CVE-2024-0987,0,0,1c509a99693a940ac194d4b71fa26fd5461d6e95c22da5284f444c12c11f127c,2024-11-21T08:47:57.603000 @@ -243813,7 +243813,7 @@ CVE-2024-10884,0,0,16baa0ddc60b6914a200a885f7a19af70c42e03c111f9014bb7a8fee34834 CVE-2024-10885,0,0,a8e0aca0ed6b583e8b35f4d777bb46a35ed2c0e733f662c3c92bd53f59a064ba,2024-12-04T04:15:04.133000 CVE-2024-10886,0,0,06f1f0696fb00e4c4215846a85793d2e105a22d4a4fa004e0272eec7b05b7d02,2024-11-23T04:15:08.340000 CVE-2024-10887,0,0,fb1e1a2823528196fcc2145f8cf57602578b0b49c0e0002d9570cfb1dfea2ec0,2024-11-13T17:01:16.850000 -CVE-2024-1089,0,0,a8b705082ee081738688e4145db882248091be94e1ae46f0bab923d247b2abd0,2024-11-21T08:49:46.367000 +CVE-2024-1089,0,1,00bc7373160c902e28c9024d7ab1875cd57911fe2d32770007c709c73dcb2ea5,2024-12-27T15:26:53.030000 CVE-2024-10890,0,0,291737e09e39acbad6d8cc1c52c0ae5cd2168a1e41e273e4ff02b1422afae399,2024-11-21T13:57:24.187000 CVE-2024-10891,0,0,6756c0c33d7417e4f522126d4552796d2cb16a6b1d07395aaddee44058a352b0,2024-11-21T13:57:24.187000 CVE-2024-10892,0,0,8e3017fcb4997696be5d41543367e2c13d86752e79c067544969077765372ab5,2024-12-18T15:15:08.067000 @@ -243823,12 +243823,12 @@ CVE-2024-10896,0,0,e962891bb7ff0bd290fd7c88332bde91f2f69d0bdc8b8df6012dc8f056efa CVE-2024-10897,0,0,b52986d028914704172403e43ebe70daf322cea1711e1657c62b53facd1dfbeb,2024-11-20T16:09:16.643000 CVE-2024-10898,0,0,d9a5fb3426672bd932cc2ebb845531319083e29bf1e7e7f09eeff58772f4f200,2024-11-26T20:32:20.217000 CVE-2024-10899,0,0,3278ed9055fdf20d3bd937513eb10691156bd1e9c65996b252cdb3333f0a4c29,2024-11-26T21:01:21.643000 -CVE-2024-1090,0,0,13070687a9aca9d2c032d1aba11108c855956a062f4c2fe5203f8c3f5a124fa8,2024-11-21T08:49:46.483000 +CVE-2024-1090,0,1,25394912143750ca3ffe33d94e93f357a3dc60f87581aca09b64a7b29ccebdf4,2024-12-27T15:41:41.897000 CVE-2024-10900,0,0,5438023601d5947725ce57a2b51b24b31a697395c49ac1553534945223b38a58,2024-11-29T20:58:31.967000 CVE-2024-10903,0,0,a68c0cc53ca5b89dd19bc28dd6accc85cbd2f6a47b294f240d492e62851c9e4d,2024-12-26T06:15:05.397000 CVE-2024-10905,0,0,98e243c9c6d3626765a0f5bec050b58ca35d0a0d124978428fd582cb710fa7ee,2024-12-06T18:15:22.207000 CVE-2024-10909,0,0,8a3e5be040021a81e0e5e83c9e95ad90e5ace916bf19a03e529e43ec6a7f9976,2024-12-06T10:15:05.107000 -CVE-2024-1091,0,0,3701be0652cebe1f8842028e1c86398912776727f0cc97ce37e2c9b3930cdb0e,2024-11-21T08:49:46.597000 +CVE-2024-1091,0,1,d045bb00be6b727b8446a1313ae1a5f17faa5a6975f018f9a79f0e7c5bff1bb0,2024-12-27T15:45:27.200000 CVE-2024-10910,0,0,12cc5162d3cce57df46ca9addf59b20cc86c6f311c37d3d38568ce7d7c80fc43,2024-12-12T05:15:07.183000 CVE-2024-10913,0,0,639e0b55d02891f5478b4712f7fb23002245caf49026270fe765e7bbdd3b73c7,2024-11-21T13:57:24.187000 CVE-2024-10914,0,0,0c0e1d2bc49848006e629bb079ed677411f0de4d90fb8273d64b81628c286fd7,2024-11-24T15:15:06.090000 @@ -244393,7 +244393,7 @@ CVE-2024-11599,0,0,a26c993827526d1af73bfe90f868b9bfb9a722b6b2267b567215827aef919 CVE-2024-1160,0,0,12b04de1fea0a3119efc89b33ba5d2f3d172880f1becfa13297009e56b4efb45,2024-11-21T08:49:55.987000 CVE-2024-11601,0,0,51a555e6d26623f2054da12f000d146e4e1662608f2c3f75f4d4bafe7cada303,2024-11-22T06:15:19.830000 CVE-2024-11605,0,0,4141913c0b2f19dfef8e60f71838dd2bbeb4a9af0ce35e3f896fb060c830d253,2024-12-27T06:15:22.820000 -CVE-2024-11607,0,0,a3e7ab3b4bf71230b822320739f90a8a1c3aa363296a6626871d83ebf17a9ca5,2024-12-21T06:15:20.813000 +CVE-2024-11607,0,1,64db1cb50de786964ba95a2d2de30c3c373b3627734b2fcf18c662efd5d3b19e,2024-12-27T15:15:09.637000 CVE-2024-11608,0,0,8ddbc230a8730b76ffe6955779ba3c4d90ea8f23edd3f564c2db516009c0d0dc,2024-12-09T18:15:22.580000 CVE-2024-1161,0,0,68cc61ca71a85d6059ad02181ec1fb4a89655dbd3db8900d271e7a26ec14fb67,2024-11-21T08:49:56.127000 CVE-2024-11612,0,0,bb444eed2bab8dc9d7d3d2707a19c782bc9311cf8cab3a2875a904169993bb7a,2024-11-22T21:15:17.387000 @@ -245119,6 +245119,7 @@ CVE-2024-12845,0,0,4291254c308b66e0c715e21bc18b77504015cd917159726af921dfd1ff44e CVE-2024-12846,0,0,9690583a4102b053af9756b9270b8bc42327f0664ded7d993b4ca2544e24e5cb,2024-12-21T05:15:07.373000 CVE-2024-1285,0,0,f377c2065ba4ae04295fe1855da43b832210575f04c4c7725642d3c9965142c4,2024-11-21T08:50:13.903000 CVE-2024-12850,0,0,337106ad10d501f734e3bf88bd4810b6de5d19df8b985806eb036bbc69e4e77c,2024-12-24T10:15:06.033000 +CVE-2024-12856,1,1,44abca023e51e16cc47340f08463a2babdc98fc7bef3f84315519e31e1080c91,2024-12-27T16:15:23.403000 CVE-2024-1286,0,0,3a37afba636befcbf537a255eb60a76fe80040636283609c3669d2692aee914a,2024-11-21T08:50:14.037000 CVE-2024-12867,0,0,01e49ed64d6e9cd55a7b69c5d48fb82a0f55b6ea873444ea934a92cdc9c1bea1,2024-12-20T20:15:22.740000 CVE-2024-1287,0,0,86cfcf8ed68830eef8991c1cc47e2012e7e4c97ca8a27598ab8fa2741ba6d8b0,2024-11-21T08:50:14.227000 @@ -245143,15 +245144,15 @@ CVE-2024-12900,0,0,1012b3733f239b410a68b2041572702d5a7f787259c3b8be862ffc1a0d536 CVE-2024-12901,0,0,7438bb24c69768569f04db263b25be4e855460433a924b6dad82e02e6b0c486b,2024-12-23T02:15:06.613000 CVE-2024-12902,0,0,dc8ea62d5500cfba347f51f27017c7c034c6314a6ca11a7df4d8bb8555d9de85,2024-12-23T11:15:06.153000 CVE-2024-12903,0,0,bc4a71a13a64e9c0d45e023c2f146d73439b3078b2350002a42c4be342765e96,2024-12-23T13:15:06.390000 -CVE-2024-12908,0,0,b6b5f22116dfcb3666f4cb811c1a3f7e5747b47443d62abc367bbed55ab61bde,2024-12-26T16:15:06.050000 +CVE-2024-12908,0,1,2d4ec901c5e52671c99daeff4e2515d1229f84ee20f75a87f76f42077774cc8d,2024-12-27T15:15:10.240000 CVE-2024-1291,0,0,52c4840726a3cf584db63abe3d1006ff575604ba403c25fca89470816948ce5e,2024-11-21T08:50:14.863000 CVE-2024-1292,0,0,38d9bc6a557167174bf37c6662c68d5de6a783380fb5a30941c923054e3f2f16,2024-11-21T08:50:14.983000 -CVE-2024-12926,0,0,e218ff80ac001bcdc288d778a26371bdd41dd905c42a161e5fc197e8c4673bb2,2024-12-25T20:15:22.147000 -CVE-2024-12927,0,0,3e5b42fff439c719e41016207aca1dc7e835b2d040ee620b993078ed4ef9e9f3,2024-12-25T23:15:17.430000 -CVE-2024-12928,0,0,000c9232b0026a751fd78ebe571857611c04cc2288300f44734b8380aad9d523,2024-12-26T00:15:21.740000 -CVE-2024-12929,0,0,8b4ad9e2d5f7ae6ffc421134389555160c900b397c62b70258ebb0b7477370cb,2024-12-26T00:15:22.300000 +CVE-2024-12926,0,1,9ea039375da0569aab94e61b9ddfb0683abe7bb26b707561c17394fd9df2640c,2024-12-27T15:15:10.360000 +CVE-2024-12927,0,1,2a9385ea20268064a5568a794af20c165dd341ee7035280b3d12cc594556567a,2024-12-27T15:15:10.513000 +CVE-2024-12928,0,1,ff09b1214027a0662e29bb002f15cc35e3ad1147c846a8ab5ed1635d78dcde86,2024-12-27T15:15:10.650000 +CVE-2024-12929,0,1,54b6d65f2778de17bffb8d43b1913c8c0cef7d77c963ca2b65c8505c335d81e4,2024-12-27T15:15:10.793000 CVE-2024-1293,0,0,a122e9ddbaac35fa4b5b33d2b10cf37b4d4e3a3677cea83da66723805eec222b,2024-11-21T08:50:15.167000 -CVE-2024-12930,0,0,31e95b7cb48d02fb9532fdd75b88b036b1acacc2654bb60cd04aed6b027ebbbd,2024-12-26T02:15:23.210000 +CVE-2024-12930,0,1,078455f77e9510f08f28ff2971c16cdb9402aa0212afb05a5187fad35735c8f1,2024-12-27T15:15:10.947000 CVE-2024-12931,0,0,6b882517c2a0aa1351abe5ba78e4ecf4a2af7e368b8073360ec648ee10add50d,2024-12-26T18:15:06.663000 CVE-2024-12932,0,0,81ec75deb70d1ce3a840264810c61f612efb59eb6151538363851d7e866367b7,2024-12-26T18:15:09.233000 CVE-2024-12933,0,0,9af20e5f81ecf2f25b3c4dee70c4e1c77e8eddf90d945f16067ea8c441c99619,2024-12-26T18:15:11.783000 @@ -245165,13 +245166,13 @@ CVE-2024-1294,0,0,b71ea2285980093702250bdd703066da616a4eac45cb0506e646936d244fcc CVE-2024-12940,0,0,1c74a088a4362e9ecae3f7e4f19e2cccdaaacb87c2184c4a981ac6ba14015d8e,2024-12-26T07:15:11.637000 CVE-2024-12941,0,0,81d66ceba288cafeac8e4b6f922f500756cbe0105cfa165f8fb1332807b03285,2024-12-26T08:15:05.117000 CVE-2024-12942,0,0,777d8ad0d37f683335fc4ffee46b00086a2d1edb297e09b262dc4388586a1f65,2024-12-26T08:15:05.540000 -CVE-2024-12943,0,0,0e0352c3cdfb6c94c92b061e0c57fc94486d90b8be968f83a37598213c129c83,2024-12-26T09:15:06.747000 -CVE-2024-12944,0,0,94ac533f69831e0792eddb5df819ea87ca6f4e8141ed76c926ecab8ac06efc51,2024-12-26T09:15:07.030000 +CVE-2024-12943,0,1,c1f5c00bc0c08f6b62c503997f15472d332b9662963d3726910534602bea0905,2024-12-27T15:15:11.083000 +CVE-2024-12944,0,1,733f859f62155adad601cac1f6cf6835ed17a0fd92f43c10755d3c82385d7a03,2024-12-27T15:15:11.230000 CVE-2024-12945,0,0,bb203015455df487cf9786180bf2361288934f93cb529565b060259c4a0972e6,2024-12-26T17:15:07.017000 CVE-2024-12946,0,0,7f66dbd6e787ab963effcb1cee71eadb44b5e7e4446b208eadabbde79a97b50c,2024-12-26T17:15:07.153000 CVE-2024-12947,0,0,36dfb235c1324fb0ab34ed74a2f1c5cd0a98e6ca9c233605a7bfd37bd66992cd,2024-12-26T17:15:07.293000 CVE-2024-12948,0,0,1411dc28cc8ad85d0e4600276fbd63c3737adb47866325d019941fd1987754be,2024-12-26T17:15:07.427000 -CVE-2024-12949,0,0,86d3ebeba0868e6b562019ec87488552d967c5cd5ccaf8d01f425a8fe584af62,2024-12-26T12:15:05.997000 +CVE-2024-12949,0,1,7e28fd5ab126ba544b812931a8df49644f52f9748db61de56c95af0049a3c708,2024-12-27T15:15:11.363000 CVE-2024-1295,0,0,58e65e331ff11f824ceffb79237c2ca705e423c379ee489ababaab58413247e4,2024-11-21T08:50:15.410000 CVE-2024-12950,0,0,8f7dbac8ca59122eeeb24a115a877f36f5293f5fafac4cf4c861baf46c7b8121,2024-12-26T17:15:07.553000 CVE-2024-12951,0,0,0a12db8b7c5fc4ae5da0ad4788be58d750d64838f93d7574048d431978efeae4,2024-12-26T16:15:06.730000 @@ -245180,7 +245181,7 @@ CVE-2024-12953,0,0,b6658fb4c7ce816c34d17982ad9065b1b2273c2711dd83d876543af9deecc CVE-2024-12954,0,0,5b3615740107f6cda64b7337a871541f03c27d10081cdea2daacf61f08c096ca,2024-12-26T16:15:17.510000 CVE-2024-12955,0,0,a8777044c9076e12b90807fbb55d952d1381d25a2406bca0f486e11fcc4343f9,2024-12-26T16:15:20.320000 CVE-2024-12956,0,0,277dbeee2c836d1ea7f61c74b6cd65abb129ed40587a3a4d389474be190962ee,2024-12-26T16:15:22.847000 -CVE-2024-12958,0,0,750f2f464b0d44b3315b5a0380e86b50db9852ce8f322705c4d405807c7053b6,2024-12-26T16:15:25.667000 +CVE-2024-12958,0,1,87c6668bd8fdc0649a86503365f33a2f4177e2809614548012f3a56101ed0753,2024-12-27T15:15:11.510000 CVE-2024-12959,0,0,ad9ab3bb035c04c7413feef8cc4008dc338f6f3f3a2985de139ec649d8ab5665,2024-12-26T16:15:27.643000 CVE-2024-1296,0,0,2c8681669a40b4c1355bcd3bfff211c08a874ea1e31940665fa8f736883bd89e,2024-11-21T08:50:15.633000 CVE-2024-12960,0,0,40350317db5cdb5cbb22695ae55056b69f50a7afc4d85cc53b16ab138e8da154,2024-12-26T18:15:21.027000 @@ -245201,8 +245202,12 @@ CVE-2024-12979,0,0,d19ccb6e4893fe1115af92b3a6a877045561af4a1fa80a64eb87260155e07 CVE-2024-1298,0,0,04246e35362f6f4b760051526529d0b042d99f56b78c06a26d303553264d4594,2024-11-21T08:50:15.890000 CVE-2024-12980,0,0,bb0ee44365ac631330dc2574bc3d25821baf905a38d0c50b763cddb4e32a144c,2024-12-27T05:15:07.353000 CVE-2024-12981,0,0,c44e3bfc83c2e97b51180987551bcf8310bfc671acb459959a94743959a4fd5e,2024-12-27T06:15:23.463000 -CVE-2024-12982,0,0,74b49aa83677bdccde5e83ce9b1d234e523fa114bdc4dc9b7bdaaa35b38234f5,2024-12-27T06:15:23.680000 -CVE-2024-12983,0,0,de7b8412985750161c1ac5483e9067e7e05cfe06e0ce439eb0bb8ef4c0d4e86f,2024-12-27T07:15:11.180000 +CVE-2024-12982,0,1,3ddcfa5f9513000cded766b56cf50cf493e790b67acab68e668c256542e5e962,2024-12-27T16:15:23.540000 +CVE-2024-12983,0,1,caa3a92899e6317399e74786e89a2599fb1c325429fc8fce558e5136199403ed,2024-12-27T16:15:23.683000 +CVE-2024-12984,1,1,16963c6cd7fdeb7369723345cb5992a010ad0bed8cac0815909b3d21f80db812,2024-12-27T15:15:11.957000 +CVE-2024-12985,1,1,ca7959ae084393c61274726fe6418a6652fc28856e8fab1b2faefce66892b3c5,2024-12-27T16:15:23.807000 +CVE-2024-12986,1,1,5486f921102cf10d5fb206679adb12fb42af027a109bad20f032176d7d929406,2024-12-27T16:15:23.927000 +CVE-2024-12987,1,1,78f5dc173e2dcf2db9b3ba8c662fb0396832c46bd2100db04d5d08db6a8e2144,2024-12-27T16:15:24.143000 CVE-2024-1299,0,0,c7f245e662ec35ddd87c48ae29ff03e74531f9ba7973bf15293ed4e82f111599,2024-12-11T20:23:27.497000 CVE-2024-1300,0,0,1449d51d635587092ee7e467b53bae80464f92cc07a6bda2595172832d29c1e4,2024-11-25T03:15:10.053000 CVE-2024-1301,0,0,a82904378c141da107f996cbfc3663893c64b71f2f3d06fe2a7b32b9cc0bfa85,2024-11-21T08:50:16.340000 @@ -247137,7 +247142,7 @@ CVE-2024-21432,0,0,383166da4d90f1ee1cfef67e6d182aa84566741c3c0e128fe9520b1f9369c CVE-2024-21433,0,0,169ebb9226bd055e2a2df774f914a6a576daf1057c3747303761a709907325f6,2024-11-29T20:47:35.220000 CVE-2024-21434,0,0,5a97cc40126e2511c956fde2238e338b85f5e0308bceaa3dc349de3f8e6e5909,2024-12-05T03:25:12.337000 CVE-2024-21435,0,0,05799bcb5bcef8b819de018f7ae27c77e898ccee709d2c1d302c51a287937859,2024-11-21T08:54:21.443000 -CVE-2024-21436,0,0,61dbaaf526ab3622483af215bf7055c75bb667616b6bcc870c5d1937be2d918d,2024-11-21T08:54:21.563000 +CVE-2024-21436,0,1,f1cad3bc66542d56fee0c6a5c8d8e167fd12d03ebef4421607efcc51688f9277,2024-12-27T16:25:32.740000 CVE-2024-21437,0,0,0127daea16a4fc586e400b345a90453b02e33616ca62e55b08f946c67c22540a,2024-11-21T08:54:21.703000 CVE-2024-21438,0,0,a304c7403d7aa6a0a77fd43806349c8dea20cced63446529948d3e95a30dc3db,2024-12-05T03:25:34.603000 CVE-2024-21439,0,0,5f19753100e6f1fa343a4664c10305366ed757e6ea586e762f55e0335c4bec5e,2024-11-21T08:54:22.137000 @@ -251229,7 +251234,7 @@ CVE-2024-27008,0,0,4e064fc0f7588788c120ef24bea1bb9cea462fd8ed3b587804b4c2fbe847f CVE-2024-27009,0,0,56a08cc283b225cf86d33c977cde7fe16d287c90a7e78b50fdcc1bf72160b491,2024-11-21T09:03:36.687000 CVE-2024-27010,0,0,97960f90d5f8b3bf5d51908449345af17f673343664d872a4fe0c28390341888,2024-12-23T14:05:34.153000 CVE-2024-27011,0,0,f6c5ae5bd00c199fb1f8ce883fee32167577ef6bda898e38e50c46aa10dc2a5f,2024-12-23T14:06:38.180000 -CVE-2024-27012,0,1,d50b3205e05b02917ee56662cb57978a39fbf26a3b7448115aee8e1b17b000e3,2024-12-27T13:15:18.897000 +CVE-2024-27012,0,0,d50b3205e05b02917ee56662cb57978a39fbf26a3b7448115aee8e1b17b000e3,2024-12-27T13:15:18.897000 CVE-2024-27013,0,0,3e6a0c79726bbd2618aa71f807476d4976c3f13b9f60cadee5171e91404898cd,2024-11-21T09:03:39.500000 CVE-2024-27014,0,0,1f6c1af2aa100465f708dcf6f73bfdb68657e70c75a9eec6905d054e57ee3497,2024-11-21T09:03:39.663000 CVE-2024-27015,0,0,f458259997fe7eb1805c79d039a3ee7d4a0d739c91110c9a59f48c5495416009,2024-11-21T09:03:39.927000 @@ -253944,7 +253949,7 @@ CVE-2024-30556,0,0,8394748f811bbbbbc5f018da98bc56eaa890d296c422a1ec18748a9acffb5 CVE-2024-30557,0,0,73719cff1ffe9366cfd217ccf85949ff49e1ba941dc4dcc225869ca71b030df0,2024-11-21T09:12:10.367000 CVE-2024-30558,0,0,4bb241e7c9ba6e4c41288966623f3f4e6bce41e40adda6c3545d328dffee22be,2024-11-21T09:12:10.493000 CVE-2024-30559,0,0,619283ace15f1b905d526a616ba5ff133b0ac08af72ee96d9e7e1858b01606b7,2024-11-21T09:12:10.620000 -CVE-2024-3056,0,0,ffe847395f78c9f20ba12b938fc1110784bdd07f9cba66d4d366f2946f96dfc6,2024-10-16T05:15:14.297000 +CVE-2024-3056,0,1,098948e02adb6fef2c90c331cb02bb99822b3f63a60e571b278c499abbabb9bb,2024-12-27T16:15:24.437000 CVE-2024-30560,0,0,b59125ce2223ca2880fb89db3a3f3dfd059a1d0d73b4049fe43e1fd24daf2c54,2024-11-21T09:12:10.740000 CVE-2024-30561,0,0,ac7e0304f31638e780a2d720d189c314381f988fd2e6f5eb3ed2071500f77264,2024-11-21T09:12:10.877000 CVE-2024-30564,0,0,b20ff337c9f1037b2e952029ea8bdf19426b12dd02e41f2275aa126ef8bb1798,2024-11-21T09:12:11.007000 @@ -257856,7 +257861,7 @@ CVE-2024-35891,0,0,793ce9a7581fc1f9655e8a3bbe05ad39139c5e534fa600787c206ef13a85d CVE-2024-35892,0,0,69a045f4582c781dfa4942d8e2e4da93d09d9d5ba8e90e9166c3822ae028e3d9,2024-11-21T09:21:08.533000 CVE-2024-35893,0,0,4a1d265eb79d94b0c1d5d35b602a251fd1d2908be4bb19174906ebb9036b62f0,2024-11-21T09:21:08.660000 CVE-2024-35894,0,0,e07697653aa4d238ff91c6dd5508d412935ed89d3765995364bfebd17cd5688b,2024-11-21T09:21:08.797000 -CVE-2024-35895,0,1,e26dca18be3d61a22a73f11baae4a23a2f94059dcf5b8b2ea938dd3b22ad5c2f,2024-12-27T13:15:19.797000 +CVE-2024-35895,0,0,e26dca18be3d61a22a73f11baae4a23a2f94059dcf5b8b2ea938dd3b22ad5c2f,2024-12-27T13:15:19.797000 CVE-2024-35896,0,0,ba73434c305e835934f4d1d052fec72c6128b328d43b5c492991e413e8e0288b,2024-11-21T09:21:09.050000 CVE-2024-35897,0,0,0516a56c89d43cf4bf0e00a483ae8808e72493de016922add00ab07985299ae2,2024-11-21T09:21:09.183000 CVE-2024-35898,0,0,2b19af62e4da32f554d6bf40a3b42f6e30dee8f2419aa52b6846f1820743e701,2024-11-21T09:21:09.313000 @@ -257966,7 +257971,7 @@ CVE-2024-35991,0,0,e0023617065fc6765387efe6164edb62b49cf60b15228846cbcdf1b9ebe00 CVE-2024-35992,0,0,bfbb7854dade209905bdfce5443e18018e21600807fcef0e644a216c759cf1dd,2024-11-21T09:21:22.950000 CVE-2024-35993,0,0,25bf5df43ffabcc1c3c39e9ec80b13fc57305035ece44241ce5ce26a94ff2287,2024-11-21T09:21:23.090000 CVE-2024-35994,0,0,fd24b6c74f07d76959a4e5c7dc8fd8b5418060428f4844117d8af41ee7dd54c0,2024-11-21T09:21:23.207000 -CVE-2024-35995,0,1,1242844d24fdf639ce7070fece1f3f90b7ad1c231e4220d5d4a5026de8e89854,2024-12-27T13:15:20.103000 +CVE-2024-35995,0,0,1242844d24fdf639ce7070fece1f3f90b7ad1c231e4220d5d4a5026de8e89854,2024-12-27T13:15:20.103000 CVE-2024-35996,0,0,a13038760306c3b9a1782c7a096c6830b6a7c18e69a72b02346120583ee4f780,2024-11-21T09:21:23.480000 CVE-2024-35997,0,0,2b7566775af2605b6dd3f326d145971eebe59170a079856104434bdd7843c704,2024-11-21T09:21:23.627000 CVE-2024-35998,0,0,7f41ef2499e723fb0083804342413a663038ff098b130c2442060e6afe347a3c,2024-11-21T09:21:23.853000 @@ -258606,7 +258611,7 @@ CVE-2024-36913,0,0,3df6f81bc4c66d7997e363b6f871f0f9865e6b6d5f3121325af3a2c19a8a9 CVE-2024-36914,0,0,ea1fc40f41e38217502e1cbd1bdaa2f31aed9ffb446f9a631bee53aa16643c06,2024-11-21T09:22:48.380000 CVE-2024-36915,0,0,d1a82007ae7bd7dc92955ab07af530a79c0b88f5db3c11dc081ade25b3ca30b2,2024-12-02T08:15:05.977000 CVE-2024-36916,0,0,4dcdaa3b5ad88274d2e85a9d8bb4500751fd58752420318488ea09e8ed03c13a,2024-11-21T09:22:48.607000 -CVE-2024-36917,0,1,2834b21cd6cfc464ead435ef2a94cfd801d1853b0689db5677bdd46b63c93388,2024-12-27T13:15:20.233000 +CVE-2024-36917,0,0,2834b21cd6cfc464ead435ef2a94cfd801d1853b0689db5677bdd46b63c93388,2024-12-27T13:15:20.233000 CVE-2024-36918,0,0,656c3d5451e5beca6ee6a6a3553611cb012eaaca0a8e7c671e3832a37f49a9e2,2024-11-21T09:22:48.950000 CVE-2024-36919,0,0,c8236a27af4455ec9782dbde0746332ca88ed9ceccca807d8dacc26bfb3a452a,2024-11-21T09:22:49.097000 CVE-2024-3692,0,0,4dcb31a4127d38bd6452acf10121a61d94095197d226ab1d1d43421fddb139b4,2024-11-21T09:30:11.447000 @@ -260240,7 +260245,7 @@ CVE-2024-38812,0,0,2e704a7e06ecb019d5085676217a7390700a3558f717063ea75069351632b CVE-2024-38813,0,0,1409084c41adee72bdcf9934e18e7da6818185b8a3db90d337d0b96891a93438,2024-11-22T02:00:03.353000 CVE-2024-38814,0,0,90eab84aa18fb46329df62927ccc1d1c59410e741ce48795ab41f85e30e47d90,2024-10-21T18:20:53.267000 CVE-2024-38815,0,0,c2f3d96806ad2c957e6f1813738eb63c778dd5bcfc2ca0fb6ff008ef1226ae9b,2024-10-10T12:51:56.987000 -CVE-2024-38816,0,0,0b9be07313f5b4bae4c2668eaa8acd43a2bfb4e9eb1135724f123d6e85fcb6b1,2024-09-13T14:06:04.777000 +CVE-2024-38816,0,1,65fd0cf5f0fe6505681fcc328b56e581fddf781c33094976bd261108a87a06bd,2024-12-27T16:15:24.313000 CVE-2024-38817,0,0,d35b7b204aab6983c6c262b508cc4ec8ea32f0ec3634fab0504cad88bd52a03a,2024-10-10T12:51:56.987000 CVE-2024-38818,0,0,f3b0a463e446554a0bbb57d124414991153a9fb40d9dc2ce6360b72156684b2b,2024-10-10T12:51:56.987000 CVE-2024-38819,0,0,01a25b1c88f735eaacbcfb06631db26d7043df56d9b2944e91c6aa6ade5ab98d,2024-12-19T18:15:10.557000 @@ -261599,7 +261604,7 @@ CVE-2024-41009,0,0,50d3dc9b0f60705543844e0218d590f2c6c0e854dbd1bb63b717b28a07f3b CVE-2024-41010,0,0,7d2daef6e7d0ee3e0487437fe1a45624bf889ddd16049d1a5a89a934f340ee6a,2024-11-21T09:32:03.607000 CVE-2024-41011,0,0,9f4ff30565fcca32f4ad6c1fcd8959c5c6e4a1ef7a7a74225d8f93f4f9f215c1,2024-11-21T09:32:03.737000 CVE-2024-41012,0,0,eb5eeba32dbc20c53f5d8ec529e31bdb298f6fa48fa5e0e88492ead04150e399,2024-11-21T09:32:03.867000 -CVE-2024-41013,0,1,5d2d648bcd81be2d07c67cd7c293fb6286aeb556fc436fcb8cbc4e97f940239e,2024-12-27T14:15:23.343000 +CVE-2024-41013,0,0,5d2d648bcd81be2d07c67cd7c293fb6286aeb556fc436fcb8cbc4e97f940239e,2024-12-27T14:15:23.343000 CVE-2024-41014,0,0,ce054a6837537eb177c323bd52b02da07d4802be3d96dd01d30c4a3231ce0258,2024-12-14T21:15:20.327000 CVE-2024-41015,0,0,9b3ae1f79342e0b13e2fef94889a75a92c8d75d0a17ab7cd43a433c966ccfd17,2024-11-21T09:32:04.217000 CVE-2024-41016,0,0,8df47623ea6d364b67b323c6874ead4a0fb1cdd6a839c86e81c3f8df2e89dd14,2024-11-21T09:32:04.357000 @@ -261710,7 +261715,7 @@ CVE-2024-4112,0,0,9bc0f5f209106fb82ffabf66b4775078e13784b0401056688ab8694af415cd CVE-2024-41120,0,0,5b938dd69bd2492a246908a754283ba6e9688c03153ff57c918b4a00a2e575dd,2024-11-21T09:32:16.570000 CVE-2024-41121,0,0,374711efd90f8bef888fc0a990e1377a432545303c0f660f4c0aa92e85f6e951,2024-11-21T09:32:16.693000 CVE-2024-41122,0,0,45d752aacfa539a5e009f40936a14e6a360821e6c83ae104526079fdf4e09c41,2024-11-21T09:32:16.823000 -CVE-2024-41123,0,0,c9bedd294414bc6f6669c8a345b53efb694fc80698a93f59813dda226fbd2d0f,2024-10-10T12:56:29.837000 +CVE-2024-41123,0,1,7e9ed91fb18054807e3a746438fe52e5d89b0b74cd5b911099f9c7a16d711aa7,2024-12-27T16:15:24.577000 CVE-2024-41124,0,0,c4f286fd015754836823c37dd17aa889da8c9f175cd6647cce69ed6aed7bdd6c,2024-11-21T09:32:17.073000 CVE-2024-41125,0,0,29e522c43ddf3efb9b126000daac66e0f7ea931701487ca74273db4e7bac2a5a,2024-11-27T19:15:32.883000 CVE-2024-41126,0,0,a90a0a33e308ebe055227766e956a7976d129bbc0d44bc113cdbf825781ee00a,2024-11-27T19:15:33.050000 @@ -263779,7 +263784,7 @@ CVE-2024-43891,0,0,e5a9c55570878cea8755acd584247bf0869cba1699e5fb311d6ef0cd2f722 CVE-2024-43892,0,0,750c84757873721e27c1d0c57ae44695c3956db7153c2ac9da7a4cd8d353d509,2024-09-12T12:15:49.593000 CVE-2024-43893,0,0,a1a1da2548f5c9c5435af2660c54e88f5a6d244f3a36b1cfb21427aadad11945,2024-09-10T18:13:21.920000 CVE-2024-43894,0,0,47f12674f2995c136aeda3cb636ef8836cbcef94a283c50325a51544cecd99e1,2024-09-10T18:09:41.230000 -CVE-2024-43895,0,1,0f3a1cbd9a6f6cac6d7cc5ba7aaa76de102af7f89bf745bcaf7f97122c8f2fd8,2024-12-27T13:15:20.460000 +CVE-2024-43895,0,0,0f3a1cbd9a6f6cac6d7cc5ba7aaa76de102af7f89bf745bcaf7f97122c8f2fd8,2024-12-27T13:15:20.460000 CVE-2024-43896,0,0,8c9213cc300dd3a7715e237d2eb0bdb4e883b30338338963c560fd9968c0d15f,2024-09-05T18:37:16.483000 CVE-2024-43897,0,0,4606c8628817eac1ef6765ce087a83548c0d330cce9a3a34d77f63bf0774c24e,2024-09-12T12:15:50.297000 CVE-2024-43898,0,0,b70a0322f8294223b16267a9061a592097cc320e64347a35bbaee6def942a528,2024-09-10T08:15:02.960000 @@ -265594,7 +265599,7 @@ CVE-2024-46854,0,0,d2b8ace374763a38df18b61a469d196e1746b4597f0027e5c9c667cf2f8fd CVE-2024-46855,0,0,46b0faa9ce85540614181cf4962008995b9781bd009434c91e4d733a9654cd2a,2024-10-17T14:15:12.790000 CVE-2024-46856,0,0,fc79baec1dd907d409f369701e0489f1abd5dff0ade3e1d9a2c6136e910ba1b5,2024-10-01T16:04:54.247000 CVE-2024-46857,0,0,9d43bcd60492be3bf55675eb3c30b6ba5a833c377a4f4bedac3814b378fa3b2b,2024-10-01T17:10:29.657000 -CVE-2024-46858,0,1,c772f73c921db7b44797f218d27b29e0e7f1f8666d0f1c7218a487e9ef0feb7f,2024-12-27T13:15:20.603000 +CVE-2024-46858,0,0,c772f73c921db7b44797f218d27b29e0e7f1f8666d0f1c7218a487e9ef0feb7f,2024-12-27T13:15:20.603000 CVE-2024-46859,0,0,429a7bc97d0f74999f6effdf035be42ee5a8224dbb9ab6d98c9ba20620858794,2024-10-17T14:15:13.183000 CVE-2024-4686,0,0,a7148f09a71b9fa9bf83d891174c267019d36e06917b048c8dba5c0e4aae9e48,2024-11-21T09:43:22.853000 CVE-2024-46860,0,0,85ff2db5a92c554730eedd12d20f77682b0f4a12a0f8f7e00510a25f409275c8,2024-10-02T14:04:38.863000 @@ -265817,11 +265822,11 @@ CVE-2024-47149,0,0,5261609e1b3b04bc96a5ac1deae0807182848625a77e72b8f4b1f85416cfa CVE-2024-4715,0,0,cfdee50dbf680b557a3c5935dd446958982a7767348e746e1514b6a87d45fd32,2024-11-21T09:43:26.243000 CVE-2024-47150,0,0,80a76ab25794ed4af6b0e0579fc0dab72665d62124264c7819ef61bd2275f848,2024-12-26T17:15:07.923000 CVE-2024-47151,0,0,a6a7ac643bbd0fc16f84ae7176a31ab79ca5310cba9b802f09343b0fc969b713,2024-12-26T17:15:08.037000 -CVE-2024-47153,0,0,3c9ddb156d4838ab4dd50ad2be03036f905c4748cf151f06b44931abbf5374c8,2024-12-26T12:15:07.183000 -CVE-2024-47154,0,0,91109d991ba96e992fa2e33be15597c37ea7cea8c8a483406508c60a9929a172,2024-12-26T12:15:07.303000 -CVE-2024-47155,0,0,6e65506a0eb90f835c2c554e3bfb26aa486643f08e76807e5aa35a34c35f9533,2024-12-26T12:15:07.433000 +CVE-2024-47153,0,1,1047e04b5969c16b91b4b44e33036083d5f51901ecb46ce1a31037348ea7264e,2024-12-27T15:15:12.460000 +CVE-2024-47154,0,1,bb67bd3b4b591d922d709928e60517be44549daf2928b4957f3351837acb2108,2024-12-27T15:15:12.587000 +CVE-2024-47155,0,1,f10e7c22eafac395177d5484023230db05153a19622c347b1506a3b24f0b4dd9,2024-12-27T15:15:12.723000 CVE-2024-47156,0,0,3602194834e974cb1386b0e928ae8c9b1627d25842118fa8a727b8376eac6cbf,2024-12-26T17:15:08.150000 -CVE-2024-47157,0,0,ac92958500bb1c8504ede364fb0734e8d324168e5026a932d89c148f0239dca6,2024-12-26T12:15:07.547000 +CVE-2024-47157,0,1,6e69bb9c60692181149f615043d927e8ce828301b6934af54c3a9b0dfd9ac6de,2024-12-27T15:15:12.870000 CVE-2024-47158,0,0,b0c240c01999f96b32d54a0c5d41b1284741ebcdb34e1f30df025b02e60124f4,2024-11-06T17:10:03.857000 CVE-2024-47159,0,0,dc6f344db4381cf6189daa37a80d59a488ca43c446da4d79e165921cf750d139,2024-09-24T18:09:50.877000 CVE-2024-4716,0,0,1b3bc70b6559a322c14d4188be000e8930d586f2680c7df71f292bb133ecff27,2024-11-21T09:43:26.380000 @@ -266268,7 +266273,7 @@ CVE-2024-4768,0,0,549226b47b403dfb616cfdbc2bfe8fadde448b645debb0528dd2ce2cac6cac CVE-2024-47680,0,0,030785e66a4655efa22271cb7b52dcbe897f8c08a5d6064b3e7976d571357bc0,2024-10-24T13:28:28.393000 CVE-2024-47681,0,0,f5a0c6d7379c2cad3ebee4df0e49687fd7f34e91d3784a0eb776da1767bac770,2024-10-22T14:57:47.973000 CVE-2024-47682,0,0,578e24bb5cba83e014986f820ac82ef2b2265b290f4e6502badb63c6fb77e601,2024-10-23T14:57:12.700000 -CVE-2024-47683,0,1,3a4bec09e179f768ad1a3c6578b5f36dc086b7ec164050d47dddb428649a46cc,2024-12-27T13:15:20.820000 +CVE-2024-47683,0,0,3a4bec09e179f768ad1a3c6578b5f36dc086b7ec164050d47dddb428649a46cc,2024-12-27T13:15:20.820000 CVE-2024-47684,0,0,b54a4e64cdf3e2bc4834fecf66556953ac1a50c50eb47e473d91ef6f2eea793f,2024-11-08T16:15:24.967000 CVE-2024-47685,0,0,b4bf99dd84b095e7c0c1dd8bbaa3a6859323c974d3b8d63ad8cb9c5a9a115236,2024-11-08T16:15:25.083000 CVE-2024-47686,0,0,2a051325bb279ce8e81b7086b0e59d3484d9b1441269242f1c6b37a81c55805b,2024-10-23T15:34:50.460000 @@ -266934,7 +266939,7 @@ CVE-2024-4894,0,0,08da41b1eb3b39a5ce145f87a7f03263d958bbcc39f79a29e392f05f23c08d CVE-2024-48941,0,0,ac5a4122835fc378fb46e450704764b8fe26775e4f072c0574729413dfa4910e,2024-10-11T21:36:46.327000 CVE-2024-48942,0,0,01b20df2f41dbb802f4a1391c6d96fe318f95cae9fddeee38b72a9647c646d8a,2024-10-11T21:36:47.090000 CVE-2024-48948,0,0,350fb0c91e46855544ee6431947b6e209e71e7a45b35cd8ffac429aebb5346a5,2024-12-20T13:15:21.617000 -CVE-2024-48949,0,0,ce2daeb07f2e92c4ed5dfe3a7448960700e4a092ef4ccf564054007c623b89ee,2024-10-15T14:07:04.057000 +CVE-2024-48949,0,1,067c557eb8bd093d000d981eba48cca71a1e0d888d72b2c59f00e03c0a924311,2024-12-27T16:15:24.730000 CVE-2024-4895,0,0,3024a1fbee38a7ec6c675e9a5868d17a51e330cbe678ef07012606dad66c8a44,2024-11-21T09:43:48.767000 CVE-2024-48950,0,0,7387f6158c934b62aa1ce66c1f17619e18421caa2fa3716e33734d532689d10e,2024-11-08T19:01:03.880000 CVE-2024-48951,0,0,9955e0a528c62a806e0f9a01557426333b92f2f1c309f49ea9b5a584817df5f4,2024-11-08T19:01:03.880000 @@ -267519,7 +267524,7 @@ CVE-2024-49758,0,0,f891ae0ec5c7895deabc0eccebd3e73286a9d9fd4354848fbc41505bd0bd6 CVE-2024-49759,0,0,610a4e9f5af24f6dcf0d77f64b6089eb7684536e8fb10bf2683f8d4527857243,2024-11-20T14:40:17.500000 CVE-2024-4976,0,0,16bd07a57c5dc4ac4f14e557fadcc8a28548e360e7369bfe14dca9926e162c22,2024-11-21T09:43:59.473000 CVE-2024-49760,0,0,75841761dd5df70a4ca6c3e394f7ea6839399355b25f53d5f5cc9d4a1b4206b8,2024-11-06T15:01:01.013000 -CVE-2024-49761,0,0,735d1f6bf22b34d7626cb7b1f14c66e0311214a9459d9bf5f4e73176dc300294,2024-11-05T16:41:46.660000 +CVE-2024-49761,0,1,2a9c84e1993360f8869c44a6d1fa9145d33a380330bc27b195f16f2f6a7e64f1,2024-12-27T16:15:24.890000 CVE-2024-49762,0,0,8bec7a982a398dc7244cc4fcff8a6228db9aa548054deba17633d09b61bb84ad,2024-10-25T12:56:07.750000 CVE-2024-49763,0,0,706ba0a589607648882ee8e4b87865f557d35a41cb0b61901470810e2b3915c9,2024-12-02T17:15:11.830000 CVE-2024-49764,0,0,c58346f4b08915617a12907bf094ef531c309d79e272f856d128e79e546c89b5,2024-11-20T14:40:02.630000 @@ -267695,7 +267700,7 @@ CVE-2024-49980,0,0,2c439b92265055bfa7c592dd734b6bba9eabd53a2f5290bf2bc0dabe1e768 CVE-2024-49981,0,0,b2dada26c477645e5cd604c8db7edb6af2f22096086996c0222f69b55969500f,2024-11-08T16:15:39.567000 CVE-2024-49982,0,0,424557bc42bd4be3a03125bd55cb5e6b70284b59b68e2d8d41e08bab769a83ae,2024-11-08T16:15:39.680000 CVE-2024-49983,0,0,fba9ad84bd3b39c0df95f0c7d1561917108c648ab0978c3af7bbe34be50046ed,2024-10-29T16:23:31.943000 -CVE-2024-49984,0,1,adc162a96ec34c01b8f53f29049611da84fab48f2750fed2dd73b913b40d76bc,2024-12-27T13:15:20.990000 +CVE-2024-49984,0,0,adc162a96ec34c01b8f53f29049611da84fab48f2750fed2dd73b913b40d76bc,2024-12-27T13:15:20.990000 CVE-2024-49985,0,0,cc7aba22aa265c1b248e2c78c17c046547e84778bb411195c18bb4a30a2e989a,2024-11-08T16:15:39.950000 CVE-2024-49986,0,0,ed7baed713344df44fcd8cf4839e63227c60ba7d910efaf44079996db9651376,2024-11-17T15:15:18.707000 CVE-2024-49987,0,0,6d69bfa491b80a45dad42ab542fd3f94b70c09df97b5387b22e4d06e11340340,2024-10-28T16:23:44.477000 @@ -269856,86 +269861,86 @@ CVE-2024-53160,0,0,ff254e02cac78a07c63aec4bee692adfccd26dd44365edfa283e8f1b144c6 CVE-2024-53161,0,0,4c889d5326cb457d8a3e33cf6bc06ad8054072494111666dc71c53124ff17e4c,2024-12-24T12:15:24.453000 CVE-2024-53162,0,0,68c59ac64dee7b71afad079ff17be1238407665149bddd0b27b657c5b48b01d9,2024-12-24T12:15:24.567000 CVE-2024-53163,0,0,95ccc2d9839e1df02d7976d62d1f670c0803478f2bc2be176b260986c38c459b,2024-12-24T12:15:24.670000 -CVE-2024-53164,1,1,12707b2bae2d34444bb14b0e6d180a9c9f1eb189171e88f8082d09904cfd9113,2024-12-27T14:15:23.480000 -CVE-2024-53165,1,1,9fb3f1fd3be34855804e16ae162f5c650f12cdf608005b4370504d81811ea840,2024-12-27T14:15:23.583000 -CVE-2024-53166,1,1,a558f31ff2cbc1c51fc621e99900449189496e03b7eaf4a8624190156bd73edd,2024-12-27T14:15:23.703000 -CVE-2024-53167,1,1,b72025c49e85905e6a4d6fe7c6f49ce7581a2e378db1a5b9e0822357483286c6,2024-12-27T14:15:23.820000 -CVE-2024-53168,1,1,1bc918260c6b95a535abf367390ee28bc11ff755f44e90dfb7a82ab5c73b80f3,2024-12-27T14:15:23.940000 -CVE-2024-53169,1,1,da746e9ca829d9d35438edfbb3883d06bf2069ed42369c17b92523b7b98ea196,2024-12-27T14:15:24.057000 +CVE-2024-53164,0,0,12707b2bae2d34444bb14b0e6d180a9c9f1eb189171e88f8082d09904cfd9113,2024-12-27T14:15:23.480000 +CVE-2024-53165,0,0,9fb3f1fd3be34855804e16ae162f5c650f12cdf608005b4370504d81811ea840,2024-12-27T14:15:23.583000 +CVE-2024-53166,0,0,a558f31ff2cbc1c51fc621e99900449189496e03b7eaf4a8624190156bd73edd,2024-12-27T14:15:23.703000 +CVE-2024-53167,0,0,b72025c49e85905e6a4d6fe7c6f49ce7581a2e378db1a5b9e0822357483286c6,2024-12-27T14:15:23.820000 +CVE-2024-53168,0,0,1bc918260c6b95a535abf367390ee28bc11ff755f44e90dfb7a82ab5c73b80f3,2024-12-27T14:15:23.940000 +CVE-2024-53169,0,0,da746e9ca829d9d35438edfbb3883d06bf2069ed42369c17b92523b7b98ea196,2024-12-27T14:15:24.057000 CVE-2024-5317,0,0,c2af981f2442def6d43cf11dee826712fdb79df4e8b131d1c0815426b050d563,2024-11-21T09:47:25.040000 -CVE-2024-53170,1,1,acd4edc95bd7b5996996c7024eab913066da285a54cfe32b3dc4b4e444301912,2024-12-27T14:15:24.183000 -CVE-2024-53171,1,1,1d0023eb4f3d55a8ab0d9068df62a934cea3f407845992df0333637d1793f5fd,2024-12-27T14:15:24.300000 -CVE-2024-53172,1,1,133a68f2d41104a686c9b27849d8d103926e8f9f9e4e80698f5bad89e95bed31,2024-12-27T14:15:24.433000 -CVE-2024-53173,1,1,5bcbd06cd942d06105b5bdf0659198ff683556d317379b44f267db26d1164005,2024-12-27T14:15:24.577000 -CVE-2024-53174,1,1,08782f424382345f0e379094a9216cf707a624feb499922d2d60e0d469d4209c,2024-12-27T14:15:24.703000 -CVE-2024-53175,1,1,32ac1d285c912725f004c3d43c4f5deb24b0b1c5936ed63f1ee114d9a64a2137,2024-12-27T14:15:24.820000 -CVE-2024-53176,1,1,2bb37dd205742a5b5daab5115635b40eb5c9a046bbeac65f6f06ce538db709a4,2024-12-27T14:15:24.947000 -CVE-2024-53177,1,1,4a8419425e928f6376e880ca3d8f4af477cd98ca2e211452fdc67054a35ba68a,2024-12-27T14:15:25.067000 -CVE-2024-53178,1,1,8ed91f119ae6ccd4b0dabb6f5a616612272be2a616e02e7ca2947f799fc04e78,2024-12-27T14:15:25.183000 -CVE-2024-53179,1,1,7b6a895a20dff7cf075e31ab41576bf3f6cb5927a5578780173af96bc7c1566d,2024-12-27T14:15:25.307000 +CVE-2024-53170,0,0,acd4edc95bd7b5996996c7024eab913066da285a54cfe32b3dc4b4e444301912,2024-12-27T14:15:24.183000 +CVE-2024-53171,0,0,1d0023eb4f3d55a8ab0d9068df62a934cea3f407845992df0333637d1793f5fd,2024-12-27T14:15:24.300000 +CVE-2024-53172,0,0,133a68f2d41104a686c9b27849d8d103926e8f9f9e4e80698f5bad89e95bed31,2024-12-27T14:15:24.433000 +CVE-2024-53173,0,0,5bcbd06cd942d06105b5bdf0659198ff683556d317379b44f267db26d1164005,2024-12-27T14:15:24.577000 +CVE-2024-53174,0,0,08782f424382345f0e379094a9216cf707a624feb499922d2d60e0d469d4209c,2024-12-27T14:15:24.703000 +CVE-2024-53175,0,0,32ac1d285c912725f004c3d43c4f5deb24b0b1c5936ed63f1ee114d9a64a2137,2024-12-27T14:15:24.820000 +CVE-2024-53176,0,0,2bb37dd205742a5b5daab5115635b40eb5c9a046bbeac65f6f06ce538db709a4,2024-12-27T14:15:24.947000 +CVE-2024-53177,0,0,4a8419425e928f6376e880ca3d8f4af477cd98ca2e211452fdc67054a35ba68a,2024-12-27T14:15:25.067000 +CVE-2024-53178,0,0,8ed91f119ae6ccd4b0dabb6f5a616612272be2a616e02e7ca2947f799fc04e78,2024-12-27T14:15:25.183000 +CVE-2024-53179,0,0,7b6a895a20dff7cf075e31ab41576bf3f6cb5927a5578780173af96bc7c1566d,2024-12-27T14:15:25.307000 CVE-2024-5318,0,0,87e97b53a33051fc1fa3c078212ad6afb68bf37151bd321e62e233d7b2989703,2024-12-13T17:04:31.133000 -CVE-2024-53180,1,1,65372ea87bbf804af8089610612d3e460801b34f89508c384bc1d324961d6b12,2024-12-27T14:15:25.410000 -CVE-2024-53181,1,1,db7db4d5f0b41d2542fe77308d1c9b52b68b78cfffaeea78f3903f2a6ffa43ad,2024-12-27T14:15:25.530000 -CVE-2024-53182,1,1,ed8f00d5587c537aca1893cb51c6627474385608bfcc94f6c4a293fe3f940c35,2024-12-27T14:15:25.643000 -CVE-2024-53183,1,1,4dc01e1df98536f0ef1832427b575f4e549decce41d7176bc92b7baa02b50d8e,2024-12-27T14:15:25.743000 -CVE-2024-53184,1,1,18405a63bf3907794fe519ac0709489d8c9ef65772527e61a7ca2434f8ec9e27,2024-12-27T14:15:25.853000 -CVE-2024-53185,1,1,80bc611e4cfbc2d030cf43d1eddebeafad75ff3d326054e7c34c6bb1e3fe3f1e,2024-12-27T14:15:25.973000 -CVE-2024-53186,1,1,f2765c403008410c9ecf5ca96931ccb9e83e7e4e0aca274fbb605eab76a307dd,2024-12-27T14:15:26.083000 -CVE-2024-53187,1,1,1cac12e0ccba3c583686a9b98b3e446db1d5bbaf8290674f64f2e6fc36de56e4,2024-12-27T14:15:26.190000 -CVE-2024-53188,1,1,955bf9f8f4362d4a97e47fe74b5ce753e294606f5d2be72494f6e6df96e09142,2024-12-27T14:15:26.297000 -CVE-2024-53189,1,1,09a4cf52472b34b316efb10eebc8c2dcbb9aae6a81b4ec0596d464e989c0676d,2024-12-27T14:15:26.400000 -CVE-2024-53190,1,1,7b6e7935921520b840402ea19d8b4338c05ddd8e49a8ccb63eb20383f9712ec8,2024-12-27T14:15:26.530000 -CVE-2024-53191,1,1,8db7e3626ccce1161ac5f2302ffd9405630960f02ca4ca30e2771a59e06c03a0,2024-12-27T14:15:26.657000 -CVE-2024-53192,1,1,8e1d19629a67350f77ce4c7f1fdc0bccfb9c253a7b3d700f48728dcc8ef75486,2024-12-27T14:15:26.780000 -CVE-2024-53193,1,1,20a7b7a032a97fb8abadf19b3a9cf683b295615ba211a99c19667038cf05eec9,2024-12-27T14:15:26.897000 -CVE-2024-53194,1,1,788203c3190a5038291600870459efb6f7785da53735176d6b6fa9a486c93012,2024-12-27T14:15:27.007000 -CVE-2024-53195,1,1,037ba5e66340670696643208e097a23fa68a768483fe9fc232b7869b48e933d6,2024-12-27T14:15:27.137000 -CVE-2024-53196,1,1,89dfda36217ea780e7ddffec8614d1c4a24ddfad720aebfd04fd0c9c8385192e,2024-12-27T14:15:27.267000 -CVE-2024-53197,1,1,07aaa8c2b7fefe3a7733e16dd390e43b75b7b9cd15ab5a0d5a69c55a8077a9cd,2024-12-27T14:15:27.383000 -CVE-2024-53198,1,1,9008dc0571767e83ef962b8c1a53967a16331273727d7de3fe49a283a2177386,2024-12-27T14:15:27.497000 -CVE-2024-53199,1,1,d95ad174fe98221904990a6a259bbbad94db847a5660222af2048b95113a2f35,2024-12-27T14:15:27.623000 -CVE-2024-53200,1,1,080a4d53b058be68a09a4583f3e23d45973fb2645fd08a1d3652d33fa34d7f34,2024-12-27T14:15:27.733000 -CVE-2024-53201,1,1,3307bec271eb3f8e509fcbd3dc5fe826eab94d26d865a3c6d22f05da369ea027,2024-12-27T14:15:27.853000 -CVE-2024-53202,1,1,a8f7abfd01636484cbc0630dfe96f820051b8e5d53cbdae913d6e79ae923ccfe,2024-12-27T14:15:27.970000 -CVE-2024-53203,1,1,a01fc43d1c39608dcc71f15fe449e92ed81ea9c585b64f91852ae6b1da9c3294,2024-12-27T14:15:28.083000 -CVE-2024-53204,1,1,5390378c11c5a95f2089ea5765fe7514336d3d31d13762584cec1e3f02b1633c,2024-12-27T14:15:28.207000 -CVE-2024-53205,1,1,7c274ef97d991808e719102e2d880d53f2eb242b30ee1d3836b05ab0fd4e1447,2024-12-27T14:15:28.340000 -CVE-2024-53206,1,1,018dcd56483f6e8f8aa256a7166aebbc44b922e6ee967820f0c3fe615e00b32f,2024-12-27T14:15:28.453000 -CVE-2024-53207,1,1,6339789d7154dfbfb0ac142f02eca2809243e5bcf46c997d88aade0acd8c69db,2024-12-27T14:15:28.563000 -CVE-2024-53208,1,1,cc67f524d399a5e0b651db24f4b20cb5d8e46b42fadef3c7b7c4f3205901144d,2024-12-27T14:15:28.677000 -CVE-2024-53209,1,1,e88e9da5c529bb3d9dbb5af66facba82e29270b3fe6e02e6630e8a59cbe29d33,2024-12-27T14:15:28.793000 +CVE-2024-53180,0,0,65372ea87bbf804af8089610612d3e460801b34f89508c384bc1d324961d6b12,2024-12-27T14:15:25.410000 +CVE-2024-53181,0,0,db7db4d5f0b41d2542fe77308d1c9b52b68b78cfffaeea78f3903f2a6ffa43ad,2024-12-27T14:15:25.530000 +CVE-2024-53182,0,0,ed8f00d5587c537aca1893cb51c6627474385608bfcc94f6c4a293fe3f940c35,2024-12-27T14:15:25.643000 +CVE-2024-53183,0,0,4dc01e1df98536f0ef1832427b575f4e549decce41d7176bc92b7baa02b50d8e,2024-12-27T14:15:25.743000 +CVE-2024-53184,0,0,18405a63bf3907794fe519ac0709489d8c9ef65772527e61a7ca2434f8ec9e27,2024-12-27T14:15:25.853000 +CVE-2024-53185,0,0,80bc611e4cfbc2d030cf43d1eddebeafad75ff3d326054e7c34c6bb1e3fe3f1e,2024-12-27T14:15:25.973000 +CVE-2024-53186,0,0,f2765c403008410c9ecf5ca96931ccb9e83e7e4e0aca274fbb605eab76a307dd,2024-12-27T14:15:26.083000 +CVE-2024-53187,0,0,1cac12e0ccba3c583686a9b98b3e446db1d5bbaf8290674f64f2e6fc36de56e4,2024-12-27T14:15:26.190000 +CVE-2024-53188,0,0,955bf9f8f4362d4a97e47fe74b5ce753e294606f5d2be72494f6e6df96e09142,2024-12-27T14:15:26.297000 +CVE-2024-53189,0,0,09a4cf52472b34b316efb10eebc8c2dcbb9aae6a81b4ec0596d464e989c0676d,2024-12-27T14:15:26.400000 +CVE-2024-53190,0,0,7b6e7935921520b840402ea19d8b4338c05ddd8e49a8ccb63eb20383f9712ec8,2024-12-27T14:15:26.530000 +CVE-2024-53191,0,0,8db7e3626ccce1161ac5f2302ffd9405630960f02ca4ca30e2771a59e06c03a0,2024-12-27T14:15:26.657000 +CVE-2024-53192,0,0,8e1d19629a67350f77ce4c7f1fdc0bccfb9c253a7b3d700f48728dcc8ef75486,2024-12-27T14:15:26.780000 +CVE-2024-53193,0,0,20a7b7a032a97fb8abadf19b3a9cf683b295615ba211a99c19667038cf05eec9,2024-12-27T14:15:26.897000 +CVE-2024-53194,0,0,788203c3190a5038291600870459efb6f7785da53735176d6b6fa9a486c93012,2024-12-27T14:15:27.007000 +CVE-2024-53195,0,0,037ba5e66340670696643208e097a23fa68a768483fe9fc232b7869b48e933d6,2024-12-27T14:15:27.137000 +CVE-2024-53196,0,0,89dfda36217ea780e7ddffec8614d1c4a24ddfad720aebfd04fd0c9c8385192e,2024-12-27T14:15:27.267000 +CVE-2024-53197,0,0,07aaa8c2b7fefe3a7733e16dd390e43b75b7b9cd15ab5a0d5a69c55a8077a9cd,2024-12-27T14:15:27.383000 +CVE-2024-53198,0,0,9008dc0571767e83ef962b8c1a53967a16331273727d7de3fe49a283a2177386,2024-12-27T14:15:27.497000 +CVE-2024-53199,0,0,d95ad174fe98221904990a6a259bbbad94db847a5660222af2048b95113a2f35,2024-12-27T14:15:27.623000 +CVE-2024-53200,0,0,080a4d53b058be68a09a4583f3e23d45973fb2645fd08a1d3652d33fa34d7f34,2024-12-27T14:15:27.733000 +CVE-2024-53201,0,0,3307bec271eb3f8e509fcbd3dc5fe826eab94d26d865a3c6d22f05da369ea027,2024-12-27T14:15:27.853000 +CVE-2024-53202,0,0,a8f7abfd01636484cbc0630dfe96f820051b8e5d53cbdae913d6e79ae923ccfe,2024-12-27T14:15:27.970000 +CVE-2024-53203,0,0,a01fc43d1c39608dcc71f15fe449e92ed81ea9c585b64f91852ae6b1da9c3294,2024-12-27T14:15:28.083000 +CVE-2024-53204,0,0,5390378c11c5a95f2089ea5765fe7514336d3d31d13762584cec1e3f02b1633c,2024-12-27T14:15:28.207000 +CVE-2024-53205,0,0,7c274ef97d991808e719102e2d880d53f2eb242b30ee1d3836b05ab0fd4e1447,2024-12-27T14:15:28.340000 +CVE-2024-53206,0,0,018dcd56483f6e8f8aa256a7166aebbc44b922e6ee967820f0c3fe615e00b32f,2024-12-27T14:15:28.453000 +CVE-2024-53207,0,0,6339789d7154dfbfb0ac142f02eca2809243e5bcf46c997d88aade0acd8c69db,2024-12-27T14:15:28.563000 +CVE-2024-53208,0,0,cc67f524d399a5e0b651db24f4b20cb5d8e46b42fadef3c7b7c4f3205901144d,2024-12-27T14:15:28.677000 +CVE-2024-53209,0,0,e88e9da5c529bb3d9dbb5af66facba82e29270b3fe6e02e6630e8a59cbe29d33,2024-12-27T14:15:28.793000 CVE-2024-5321,0,0,0f218b8b6fcc3fc0b4ccef7040ede5ee801dc8e00258e6450bd3f123b6e73ca4,2024-11-21T09:47:25.283000 -CVE-2024-53210,1,1,f3a2b48b2cc6255013568db58d10bbc033fdd7344b906741c03ef56e96cfe12d,2024-12-27T14:15:28.897000 -CVE-2024-53211,1,1,dfb723583c78c95fbdbe8ff218a0a8928b388575c0d9ba292c6d0747e74a690b,2024-12-27T14:15:29.017000 -CVE-2024-53212,1,1,bb82d815e7f12588e092106b884fb2f259fa36cca26ededc72d226c6be97a029,2024-12-27T14:15:29.130000 -CVE-2024-53213,1,1,5ffd97ebe41aecc074b46065af451094f1e6a831dc9c7ac53898c1a90a43f4b0,2024-12-27T14:15:29.237000 -CVE-2024-53214,1,1,ba7a6124d0562af2b4faea9b36acfa8b19a76d3bcc429aa45d66f19d85f11bf9,2024-12-27T14:15:29.337000 -CVE-2024-53215,1,1,9b696891c756cb26425237f71c6234095e93ca79f614ff9a4032a713a7478a85,2024-12-27T14:15:29.467000 -CVE-2024-53216,1,1,578b3ee548040ad892aecd0f4798b9be96b3cb2d73b68452e543c8f7db4e4f72,2024-12-27T14:15:29.587000 -CVE-2024-53217,1,1,859516e56e92a825bc679c19b88ef333f5aab2d55577f88b66962b88b01afb48,2024-12-27T14:15:29.693000 -CVE-2024-53218,1,1,2a1011ec7b02e407b07ca43d5e7af4c36bd9109f92f8a3894fc7c67ca0da42e2,2024-12-27T14:15:29.840000 -CVE-2024-53219,1,1,80775d486472ffefd75cdc43d8d18068009ea55329da5cd486f73bb97c802b62,2024-12-27T14:15:29.963000 +CVE-2024-53210,0,0,f3a2b48b2cc6255013568db58d10bbc033fdd7344b906741c03ef56e96cfe12d,2024-12-27T14:15:28.897000 +CVE-2024-53211,0,0,dfb723583c78c95fbdbe8ff218a0a8928b388575c0d9ba292c6d0747e74a690b,2024-12-27T14:15:29.017000 +CVE-2024-53212,0,0,bb82d815e7f12588e092106b884fb2f259fa36cca26ededc72d226c6be97a029,2024-12-27T14:15:29.130000 +CVE-2024-53213,0,0,5ffd97ebe41aecc074b46065af451094f1e6a831dc9c7ac53898c1a90a43f4b0,2024-12-27T14:15:29.237000 +CVE-2024-53214,0,0,ba7a6124d0562af2b4faea9b36acfa8b19a76d3bcc429aa45d66f19d85f11bf9,2024-12-27T14:15:29.337000 +CVE-2024-53215,0,0,9b696891c756cb26425237f71c6234095e93ca79f614ff9a4032a713a7478a85,2024-12-27T14:15:29.467000 +CVE-2024-53216,0,0,578b3ee548040ad892aecd0f4798b9be96b3cb2d73b68452e543c8f7db4e4f72,2024-12-27T14:15:29.587000 +CVE-2024-53217,0,0,859516e56e92a825bc679c19b88ef333f5aab2d55577f88b66962b88b01afb48,2024-12-27T14:15:29.693000 +CVE-2024-53218,0,0,2a1011ec7b02e407b07ca43d5e7af4c36bd9109f92f8a3894fc7c67ca0da42e2,2024-12-27T14:15:29.840000 +CVE-2024-53219,0,0,80775d486472ffefd75cdc43d8d18068009ea55329da5cd486f73bb97c802b62,2024-12-27T14:15:29.963000 CVE-2024-5322,0,0,6e9032fa3deabc9be71dae1989b7f0a781e1608a9b8c8f048902e90e4caef6d4,2024-11-21T09:47:25.413000 -CVE-2024-53220,1,1,abf7615d815f052348f35f27257dd22f259dc7edc701827d4f05813168872073,2024-12-27T14:15:30.077000 -CVE-2024-53221,1,1,36a3e735c2e3d8b286a545dd05a2990d20a4f304171cf03a93e8c47bef611d4e,2024-12-27T14:15:30.190000 -CVE-2024-53222,1,1,23878aca8713f43a8cceba36335d2d57c9eb752e2839a019961fa633f7eda06a,2024-12-27T14:15:30.327000 -CVE-2024-53223,1,1,9a43446f7ec546678ca7804c429b933f73f172577a455afbe46b7aec11040d6f,2024-12-27T14:15:30.453000 -CVE-2024-53224,1,1,37067b3b551b5b6b1b6199d868f6ae9819554e0db164e1ed7f6156f3c5bb3ecc,2024-12-27T14:15:30.583000 -CVE-2024-53225,1,1,f1a31b1e1462aa8a90d193ab3bde302f3b87765cf2e3eb1f344198c19510b57c,2024-12-27T14:15:30.687000 -CVE-2024-53226,1,1,16a5ae33d68dd6af926116582116d56a09940c7e7fb21557e10e0fccd50cb8dd,2024-12-27T14:15:30.800000 -CVE-2024-53227,1,1,14831fc72ce975e1e5d51ccba1da244de62b46505c81da576f78d7e45f492bf6,2024-12-27T14:15:30.937000 -CVE-2024-53228,1,1,96ce1e0554671b07d336f6f39f6c612287563d8f8c1ba6cf07b19bcf1f6d92e6,2024-12-27T14:15:31.057000 -CVE-2024-53229,1,1,9b24fbc3e537c83760f54931fe826632b7a9105ebb45b4f900549bec02047d6d,2024-12-27T14:15:31.163000 -CVE-2024-53230,1,1,e24ce2f6f9921f75fe4b0f1a1ee197537bc0cac905eea60055be94032271d7c2,2024-12-27T14:15:31.290000 -CVE-2024-53231,1,1,fb50e8448eb73967b16834642b732c11eadc3b8f5d84a1120ac89b01752638d8,2024-12-27T14:15:31.390000 -CVE-2024-53232,1,1,a08efdb1408c7894a3de3c849fd975288aabcc6c4a11d8cb609db9de396da3f6,2024-12-27T14:15:31.510000 -CVE-2024-53233,1,1,5ddb89099930c2afbec6a8c2203471074998bfc312cc5c33b2ac76bd8e8023e6,2024-12-27T14:15:31.630000 -CVE-2024-53234,1,1,6c16f82e8bef4cb8f40e9719d8d9f664794f3d7bbb55a85e144d8e61c7d16efd,2024-12-27T14:15:31.783000 -CVE-2024-53235,1,1,f69e2f06d920f8eccc0b9ec89b30429c30cf40835839a35affe5d8fed95f35e2,2024-12-27T14:15:31.900000 -CVE-2024-53236,1,1,fff51253400f00eb4d74d57b298214bc29c19649995545edd82557e643d3fe8e,2024-12-27T14:15:32.013000 -CVE-2024-53237,1,1,bc21f019e16efb54a18247d5d323e41fead858eaf4bb0b87c714866e3939e42d,2024-12-27T14:15:32.130000 -CVE-2024-53238,1,1,55ba8847e7a1ffa0d8400dcaf4a59a630ee0b37336f6436921bd313cc195e054,2024-12-27T14:15:32.253000 -CVE-2024-53239,1,1,7a111e5592f6087098c3cf4714da90804b2bcf3ecf34d0a666426418a15fe898,2024-12-27T14:15:32.373000 +CVE-2024-53220,0,0,abf7615d815f052348f35f27257dd22f259dc7edc701827d4f05813168872073,2024-12-27T14:15:30.077000 +CVE-2024-53221,0,0,36a3e735c2e3d8b286a545dd05a2990d20a4f304171cf03a93e8c47bef611d4e,2024-12-27T14:15:30.190000 +CVE-2024-53222,0,0,23878aca8713f43a8cceba36335d2d57c9eb752e2839a019961fa633f7eda06a,2024-12-27T14:15:30.327000 +CVE-2024-53223,0,0,9a43446f7ec546678ca7804c429b933f73f172577a455afbe46b7aec11040d6f,2024-12-27T14:15:30.453000 +CVE-2024-53224,0,0,37067b3b551b5b6b1b6199d868f6ae9819554e0db164e1ed7f6156f3c5bb3ecc,2024-12-27T14:15:30.583000 +CVE-2024-53225,0,0,f1a31b1e1462aa8a90d193ab3bde302f3b87765cf2e3eb1f344198c19510b57c,2024-12-27T14:15:30.687000 +CVE-2024-53226,0,0,16a5ae33d68dd6af926116582116d56a09940c7e7fb21557e10e0fccd50cb8dd,2024-12-27T14:15:30.800000 +CVE-2024-53227,0,0,14831fc72ce975e1e5d51ccba1da244de62b46505c81da576f78d7e45f492bf6,2024-12-27T14:15:30.937000 +CVE-2024-53228,0,0,96ce1e0554671b07d336f6f39f6c612287563d8f8c1ba6cf07b19bcf1f6d92e6,2024-12-27T14:15:31.057000 +CVE-2024-53229,0,0,9b24fbc3e537c83760f54931fe826632b7a9105ebb45b4f900549bec02047d6d,2024-12-27T14:15:31.163000 +CVE-2024-53230,0,0,e24ce2f6f9921f75fe4b0f1a1ee197537bc0cac905eea60055be94032271d7c2,2024-12-27T14:15:31.290000 +CVE-2024-53231,0,0,fb50e8448eb73967b16834642b732c11eadc3b8f5d84a1120ac89b01752638d8,2024-12-27T14:15:31.390000 +CVE-2024-53232,0,0,a08efdb1408c7894a3de3c849fd975288aabcc6c4a11d8cb609db9de396da3f6,2024-12-27T14:15:31.510000 +CVE-2024-53233,0,0,5ddb89099930c2afbec6a8c2203471074998bfc312cc5c33b2ac76bd8e8023e6,2024-12-27T14:15:31.630000 +CVE-2024-53234,0,0,6c16f82e8bef4cb8f40e9719d8d9f664794f3d7bbb55a85e144d8e61c7d16efd,2024-12-27T14:15:31.783000 +CVE-2024-53235,0,0,f69e2f06d920f8eccc0b9ec89b30429c30cf40835839a35affe5d8fed95f35e2,2024-12-27T14:15:31.900000 +CVE-2024-53236,0,0,fff51253400f00eb4d74d57b298214bc29c19649995545edd82557e643d3fe8e,2024-12-27T14:15:32.013000 +CVE-2024-53237,0,0,bc21f019e16efb54a18247d5d323e41fead858eaf4bb0b87c714866e3939e42d,2024-12-27T14:15:32.130000 +CVE-2024-53238,0,0,55ba8847e7a1ffa0d8400dcaf4a59a630ee0b37336f6436921bd313cc195e054,2024-12-27T14:15:32.253000 +CVE-2024-53239,0,0,7a111e5592f6087098c3cf4714da90804b2bcf3ecf34d0a666426418a15fe898,2024-12-27T14:15:32.373000 CVE-2024-5324,0,0,616d1ba80af339308061f2c79fb4da68886ab2b91b97eb35403d14df6efb4acc,2024-11-21T09:47:25.537000 CVE-2024-53240,0,0,e69ff2fdc28ca3622d0897f90e8abc77194686814995361bc6e5824ed60d497d,2024-12-24T10:15:06.460000 CVE-2024-53241,0,0,a002e355ac961e14d0fd6f099edd2f8bca3b3ff394530055699c10d0b25dc065,2024-12-24T10:15:06.640000 @@ -271154,6 +271159,9 @@ CVE-2024-5646,0,0,c48b41c63e1dae6ddb1f5f69529911450f8300b5322652ac7b1465148b11ea CVE-2024-5648,0,0,bc73cf61a73f7ebbf93011e7f0eec24203116f4c2ab4460b3b361f438af2c397,2024-11-21T09:48:05.320000 CVE-2024-5649,0,0,92f21873e8ee5bd32fcc22cd04303aa3780b31222c125187737acc3fe33a1fe2,2024-11-21T09:48:05.430000 CVE-2024-5650,0,0,e326c3216630004af5368334e17751b93c2144fc6e95ba439673319f24c5efbd,2024-11-21T09:48:05.557000 +CVE-2024-56507,1,1,bd0b8cd40955dc44b8f538c225189a3f3dfaebcc21256c26011151aa064f06e8,2024-12-27T16:15:25.043000 +CVE-2024-56508,1,1,fb0cfaf83fd8c1d4ba897f00c9aa511840725915f7c482cb925e2522487b3590,2024-12-27T16:15:25.187000 +CVE-2024-56509,1,1,5cda3107c19c1a1da3aa0c0cbb23f03c8c36f56cc2fc23c04c34c18506ff7797,2024-12-27T16:15:25.333000 CVE-2024-5651,0,0,1b52d2c21baa1eebb0031be2e17eaf5cabf9f1b7ab486745a4d7c4c1e8ed2d60,2024-08-30T14:15:16.820000 CVE-2024-56510,0,0,628cf455c5d073351deb04857a30ea4a4964dad3ef3dc8716b118a8686175e7f,2024-12-26T21:15:06.743000 CVE-2024-56519,0,0,eff34b522be262d74b6b60fd08fffa0cfbdfc4bdea937916892fd39272ff4c9e,2024-12-27T05:15:07.677000 @@ -271161,40 +271169,166 @@ CVE-2024-5652,0,0,1dda3b28a95a3027cca32754d8e2a9cb8bd181dca86e7b0a455abcf575817a CVE-2024-56520,0,0,4a9aa9a1a3adcd1997d0b43db425637bc4984e59f1d448be2595594ab203989e,2024-12-27T05:15:07.837000 CVE-2024-56521,0,0,97b68e3a5a928b0646ce77bf269259779b5065ddddc387966f52663153bd98a8,2024-12-27T05:15:07.977000 CVE-2024-56522,0,0,932806003c80917db6a4613c79f24ada3f16757e896618a1b3cbf4f9e43c330c,2024-12-27T05:15:08.130000 -CVE-2024-56527,0,0,a95ede13f42e0f5c8d03401eae4d751f87e3519a7b965ab82dddf7167b4a00be,2024-12-27T06:15:23.880000 +CVE-2024-56527,0,1,dab1750dba7011f720d0e872851547ae4b76d8885c770ca588ec84e0d205cba8,2024-12-27T15:15:13.580000 CVE-2024-5653,0,0,6a43b27cee3d2293652e8e6e2ccb4fc0236822263be85c5365c247a4f0b2a7b5,2024-11-21T09:48:05.873000 -CVE-2024-56531,1,1,aa7a2b0529de2aaf00ad78e03c50eb61b577053ac1fd73582426ce44706e04f7,2024-12-27T14:15:32.503000 -CVE-2024-56532,1,1,356bd52ed55ce1deb2238d9f1d6546ed8f5000ee1eb152ee78a656b54595c191,2024-12-27T14:15:32.640000 -CVE-2024-56533,1,1,d621095a9ef851782ca3c8001a30adf6b1b4ff77404dcce6a9e669c60b3c5bbf,2024-12-27T14:15:32.800000 -CVE-2024-56534,1,1,53be7de35cbd52b9cdec7e33dd8e75618b74e2d8796bc1fa0e288c08bb5a7a9a,2024-12-27T14:15:32.940000 -CVE-2024-56535,1,1,2554fcb53bf9ef4cd2759c4d65e9299ac0177a25db253fe0eeba0b0f8f401f0c,2024-12-27T14:15:33.067000 -CVE-2024-56536,1,1,93994ffee5ddab2d909453bc51f328f7279e9296d30809a800e2e26b7b72370c,2024-12-27T14:15:33.173000 -CVE-2024-56537,1,1,e537999898eddb1e10afd2850f0b61cd3d6f655308ad4a2bf9294153d5c9b23c,2024-12-27T14:15:33.290000 -CVE-2024-56538,1,1,2fbf18822936596c18c262fd62b56fbd8f8d418854c6c8a6be2c8519d348665d,2024-12-27T14:15:33.400000 -CVE-2024-56539,1,1,5e0e3131956a79a4336aa24198d85a10614ad8f91f9982a05a28b79c287cefdc,2024-12-27T14:15:33.530000 +CVE-2024-56531,0,0,aa7a2b0529de2aaf00ad78e03c50eb61b577053ac1fd73582426ce44706e04f7,2024-12-27T14:15:32.503000 +CVE-2024-56532,0,0,356bd52ed55ce1deb2238d9f1d6546ed8f5000ee1eb152ee78a656b54595c191,2024-12-27T14:15:32.640000 +CVE-2024-56533,0,0,d621095a9ef851782ca3c8001a30adf6b1b4ff77404dcce6a9e669c60b3c5bbf,2024-12-27T14:15:32.800000 +CVE-2024-56534,0,0,53be7de35cbd52b9cdec7e33dd8e75618b74e2d8796bc1fa0e288c08bb5a7a9a,2024-12-27T14:15:32.940000 +CVE-2024-56535,0,0,2554fcb53bf9ef4cd2759c4d65e9299ac0177a25db253fe0eeba0b0f8f401f0c,2024-12-27T14:15:33.067000 +CVE-2024-56536,0,0,93994ffee5ddab2d909453bc51f328f7279e9296d30809a800e2e26b7b72370c,2024-12-27T14:15:33.173000 +CVE-2024-56537,0,0,e537999898eddb1e10afd2850f0b61cd3d6f655308ad4a2bf9294153d5c9b23c,2024-12-27T14:15:33.290000 +CVE-2024-56538,0,0,2fbf18822936596c18c262fd62b56fbd8f8d418854c6c8a6be2c8519d348665d,2024-12-27T14:15:33.400000 +CVE-2024-56539,0,0,5e0e3131956a79a4336aa24198d85a10614ad8f91f9982a05a28b79c287cefdc,2024-12-27T14:15:33.530000 CVE-2024-5654,0,0,a36981ce1f77c761dfb14f4c731f47a8dfd22625db842c571518ed3950c72b86,2024-11-21T09:48:06.020000 -CVE-2024-56540,1,1,3b8811c555dcaed668d0c5ad1c2f883979f6d7012d9ccdf2707dae0416097f1b,2024-12-27T14:15:33.670000 -CVE-2024-56541,1,1,f3a5924d5cfdcf4c9092838eb536c8881fcc80b21be973a74a4f72599976275b,2024-12-27T14:15:33.767000 -CVE-2024-56542,1,1,706001cd055735d43df0f6d1738992c711ca6c44d3030083dd83774141bb7097,2024-12-27T14:15:33.880000 -CVE-2024-56543,1,1,b60d6fc810aff4a63a993897826f864bf0e16a760846ec73747ecbbc15510273,2024-12-27T14:15:34.020000 -CVE-2024-56544,1,1,e3ec9364256cc88fb044e597aba95ff1d7e1af903fb754683d09e11666af698b,2024-12-27T14:15:34.153000 -CVE-2024-56545,1,1,13c21b1592cf8d29ccd484b326aab5ed18665b122d8656f7e7cc19230d6616da,2024-12-27T14:15:34.270000 -CVE-2024-56546,1,1,0469991bedceb5a09c5d07be3f01a19819ce9cf237fa2d9ae3f8e057d896612f,2024-12-27T14:15:34.383000 -CVE-2024-56547,1,1,d9f13d11ad89a699b5501ed9c77a4fb75b0163752541d28d13d4774c6efaebe6,2024-12-27T14:15:34.497000 -CVE-2024-56548,1,1,2d9bc54d4ad2119b7960b6df63f28668a036a48d5799bf84357aa710cd9bba5e,2024-12-27T14:15:34.603000 -CVE-2024-56549,1,1,d5bebdf590a98a5437487bd2c6f6081f0bcdeec44839686faa6bd4e69e43fbc7,2024-12-27T14:15:34.747000 +CVE-2024-56540,0,0,3b8811c555dcaed668d0c5ad1c2f883979f6d7012d9ccdf2707dae0416097f1b,2024-12-27T14:15:33.670000 +CVE-2024-56541,0,0,f3a5924d5cfdcf4c9092838eb536c8881fcc80b21be973a74a4f72599976275b,2024-12-27T14:15:33.767000 +CVE-2024-56542,0,0,706001cd055735d43df0f6d1738992c711ca6c44d3030083dd83774141bb7097,2024-12-27T14:15:33.880000 +CVE-2024-56543,0,0,b60d6fc810aff4a63a993897826f864bf0e16a760846ec73747ecbbc15510273,2024-12-27T14:15:34.020000 +CVE-2024-56544,0,0,e3ec9364256cc88fb044e597aba95ff1d7e1af903fb754683d09e11666af698b,2024-12-27T14:15:34.153000 +CVE-2024-56545,0,0,13c21b1592cf8d29ccd484b326aab5ed18665b122d8656f7e7cc19230d6616da,2024-12-27T14:15:34.270000 +CVE-2024-56546,0,0,0469991bedceb5a09c5d07be3f01a19819ce9cf237fa2d9ae3f8e057d896612f,2024-12-27T14:15:34.383000 +CVE-2024-56547,0,0,d9f13d11ad89a699b5501ed9c77a4fb75b0163752541d28d13d4774c6efaebe6,2024-12-27T14:15:34.497000 +CVE-2024-56548,0,0,2d9bc54d4ad2119b7960b6df63f28668a036a48d5799bf84357aa710cd9bba5e,2024-12-27T14:15:34.603000 +CVE-2024-56549,0,0,d5bebdf590a98a5437487bd2c6f6081f0bcdeec44839686faa6bd4e69e43fbc7,2024-12-27T14:15:34.747000 CVE-2024-5655,0,0,0fa4e3b504ccc8e08941dc807198e5a29b07306b6e1d02090b484b1570bb08fd,2024-11-21T09:48:06.140000 +CVE-2024-56550,1,1,9303d721ca52d23d0edb1b01cb30808fe1328aa9f929fcc4f4c13477e24171ea,2024-12-27T15:15:13.737000 +CVE-2024-56551,1,1,ffca6446ae9185155de071451963551dc316fe98e9f8aa91ad6c4b5de3b1642d,2024-12-27T15:15:13.850000 +CVE-2024-56552,1,1,be8f7237fa7078c0bf756eba520d90896d8119f468fdc653102de98c474fb78c,2024-12-27T15:15:13.970000 +CVE-2024-56553,1,1,8ced6aa574d6136b75ea423b186ba91c0494cb175720618962161c05d95fac98,2024-12-27T15:15:14.073000 +CVE-2024-56554,1,1,5516a735e52af0cbbf76db8e4454e00d182cdfeb99374e433d99ededb613e04a,2024-12-27T15:15:14.183000 +CVE-2024-56555,1,1,d831a210f0e66efc159dd6b4cf40e8453aadbcfd4c6d609a1db7ca7cf0f758ce,2024-12-27T15:15:14.297000 +CVE-2024-56556,1,1,75ce9ed3199679277c3edbbbae700ff5c874610b1ce65503e126551c23382066,2024-12-27T15:15:14.410000 +CVE-2024-56557,1,1,34ac7c97d26689bb285031723461261b9d1feaa697e712181006086890633358,2024-12-27T15:15:14.520000 +CVE-2024-56558,1,1,ee41ec86c709548ab5cb442114239a24c0e5da4832e5dc52e6c3598f177b22f3,2024-12-27T15:15:14.633000 +CVE-2024-56559,1,1,c6be612341f575dda37bcf110278c4822857334536aa0268e354480834be2c4b,2024-12-27T15:15:14.760000 CVE-2024-5656,0,0,ba99339cfecc1c5fdb0f6d1bb26f06bfe70b58ff628ceb5bd66c459a2628a6f1,2024-06-13T14:15:13.397000 +CVE-2024-56560,1,1,cd3ceca0fcfe8d4e9444e7d85aa345a493ddb77d06325dfd5df7157c875821b9,2024-12-27T15:15:14.873000 +CVE-2024-56561,1,1,28db00c6aa33452a2ec0a764d5620010be17299538ad6ff1a6356c537b78c4bc,2024-12-27T15:15:14.983000 +CVE-2024-56562,1,1,dc0d65749160ce9777e96c2abeb93d56065828e885dd224b19fc7361483c7f05,2024-12-27T15:15:15.087000 +CVE-2024-56563,1,1,89fc675ea88e373124621318b3b3c38288364aa9a945f02c8a4c3982ba750f36,2024-12-27T15:15:15.197000 +CVE-2024-56564,1,1,a2eaea9188b859764154424121ca018da40f9280e75df9738b0a9343c34bca0d,2024-12-27T15:15:15.297000 +CVE-2024-56565,1,1,b913b284459cd4e94e8fb9c7be333a1e18cf54e3c87f375cf56304f04cbdbc6f,2024-12-27T15:15:15.400000 +CVE-2024-56566,1,1,8b0eadd4adb74f4c9874e53589b0c950ca8136482c0252b021bedcbb8f159357,2024-12-27T15:15:15.517000 +CVE-2024-56567,1,1,cc00d6448507ff864ff2dcaebc8895a4e51b831536e421d351a4320b7c367ed4,2024-12-27T15:15:15.630000 +CVE-2024-56568,1,1,f30528e4d33335ddd1c485931d899845ad64824449b3706bf0f5bda1df527dd9,2024-12-27T15:15:15.733000 +CVE-2024-56569,1,1,c05bdfb8fd988cb5cef136187b18bd95d1f54b855ffe064aa013a553cc6fb607,2024-12-27T15:15:15.840000 CVE-2024-5657,0,0,322b989a97af9a632a310787c45ccef95cbff8f0006f11abe6348fcd1668034b,2024-11-21T09:48:06.280000 +CVE-2024-56570,1,1,e70883617e99e55a24e51f881f5976a100648d1d2c1e4246173e8e305b6fd049,2024-12-27T15:15:15.963000 +CVE-2024-56571,1,1,04549b5693c5017ec1058c97c9efa53a38b79a3b68b667074ffacf5bc4ea017b,2024-12-27T15:15:16.077000 +CVE-2024-56572,1,1,e93521765e53dfd97425aceecccdba6792bd08a88e7ec5799aa246da2ee09ba0,2024-12-27T15:15:16.210000 +CVE-2024-56573,1,1,46f8646e3cd33704151c38b08ac7438c9717ba818bde7738e9e0bbde46a72942,2024-12-27T15:15:16.320000 +CVE-2024-56574,1,1,6b3a421f273e50d68f35bd0c32276a29f211c905b9c0f7ce5319aa3bd01de406,2024-12-27T15:15:16.420000 +CVE-2024-56575,1,1,a04cc2b1a84a2d6d57f8df4f82331ac53d68b04f985dda1a791b839849327427,2024-12-27T15:15:16.537000 +CVE-2024-56576,1,1,de1335f3e59f8d8eb1312991c65c06471629adadc88539a76142314a5c4744b7,2024-12-27T15:15:16.657000 +CVE-2024-56577,1,1,49e0ae6ed6f145bb1a3a5aae7adee9db278a4e3929c0aa6e2f932e16ccc31169,2024-12-27T15:15:16.767000 +CVE-2024-56578,1,1,81597b3e41b8e282bb148ae69c9b6e057ef7becc72a9ddddab811f56b8ea0f9f,2024-12-27T15:15:16.873000 +CVE-2024-56579,1,1,6853794c2d2d650811ddf3b8c6e5b4c5e1cec48d4168e760b7f17323948956d6,2024-12-27T15:15:16.983000 CVE-2024-5658,0,0,7e7462fc3515e519516e2f809c98e13e2106352e6aac99c565fb770e189dd063,2024-11-21T09:48:06.413000 +CVE-2024-56580,1,1,80d14bc574d178931587d55c1ae771908f99273a7e026055086b7dbb2e4685d8,2024-12-27T15:15:17.093000 +CVE-2024-56581,1,1,a01a9c0c6180e5b8a0ded79a7da3d3afb8d9523f730dc3650aa6f17c803d94da,2024-12-27T15:15:17.207000 +CVE-2024-56582,1,1,fabf53e24b289dd70779aa8814ba4249ffea7cbc05265d5c032800f37c1fb2ee,2024-12-27T15:15:17.333000 +CVE-2024-56583,1,1,f3e50af676092d4b47e4c2276d9f43715af36c5ea1afad2aa882d2fff9848bff,2024-12-27T15:15:17.453000 +CVE-2024-56584,1,1,b0234524e53c18323042ae67bc78949800459dabe34e1bcfbd3bb1fa9f7bf7cd,2024-12-27T15:15:17.567000 +CVE-2024-56585,1,1,a474bffda5758ddd41422ff2bdb5b9ec1d4b79d557a8cfd90b2ca32841d5acfc,2024-12-27T15:15:17.677000 +CVE-2024-56586,1,1,ec08a09656d2fed54a2a10f54341405e4cd99e42737e5780d23d2fb9234d7274,2024-12-27T15:15:17.800000 +CVE-2024-56587,1,1,d374e584c21f1dd52faeaa6c4d4ed63a9d40e8905bd79ade5c710628dbeac8c9,2024-12-27T15:15:17.917000 +CVE-2024-56588,1,1,70523f735746f6e9259b22c067ad8b55f7b4944f03333c93e3d37bedc70b9d08,2024-12-27T15:15:18.040000 +CVE-2024-56589,1,1,02630c66d672b40860d9b57ede578c8e36a988d48da24445d505551a88ac4a84,2024-12-27T15:15:18.150000 CVE-2024-5659,0,0,83e7687f93b86419198f1683634dd14733df87a0c466715b2e7e79370f69ac01,2024-11-21T09:48:06.543000 +CVE-2024-56590,1,1,8dc9b0144e2ef46cc10b86e1b6db328a145a8ddb6aeefcc210d04e870ce37e92,2024-12-27T15:15:18.263000 +CVE-2024-56591,1,1,4ae24165efdeb1780ab855e360751a9b2dfdc248391aa020e9030d221a07a21f,2024-12-27T15:15:18.383000 +CVE-2024-56592,1,1,91faa620e1a50791f864586345f3c15ff6625b99c7fff94b6603c2b01b3e9096,2024-12-27T15:15:18.500000 +CVE-2024-56593,1,1,04c00828d09cce0473cf465135aa16525a128cf821530f908b903892c3919c89,2024-12-27T15:15:18.613000 +CVE-2024-56594,1,1,1e8f0d115d24e56be8df7ab7518c325cdbd92aac67de0f11a84af97d343c5f6a,2024-12-27T15:15:18.727000 +CVE-2024-56595,1,1,7a24f059da8c4974923b62470c5c1e555e0354525cd31681b86c882b3e49ecba,2024-12-27T15:15:18.843000 +CVE-2024-56596,1,1,d726dba38a2cc74c286244bd8b3d3462c9d936815fd9f5a0f54a8a9353706332,2024-12-27T15:15:18.963000 +CVE-2024-56597,1,1,a23dba785d093f162c76f47360e9b3e5f9e0403370f41ff04e549f64d5e2dcc6,2024-12-27T15:15:19.080000 +CVE-2024-56598,1,1,bfa03e7a11a04446d5a075227e6ba9bc961e9f5ef1f0bc77c26a3e8c10252401,2024-12-27T15:15:19.200000 +CVE-2024-56599,1,1,6fbc96e74b70596bce122e7dcf7544f425f67f170d58493c18a9d5a984349b13,2024-12-27T15:15:19.307000 CVE-2024-5660,0,0,185ada92ecf12140397c738113ef0443174eeeea8f301748716001f7b999562c,2024-12-16T14:15:05.123000 +CVE-2024-56600,1,1,30ea673118573e196f3e4240b9977f2141456a6d125ea572e51fa33689f24a01,2024-12-27T15:15:19.410000 +CVE-2024-56601,1,1,28f9417e210a083f2e5ee98da615410e168ffce3ce5eca6c18d7bc84de80c03e,2024-12-27T15:15:19.527000 +CVE-2024-56602,1,1,15c6d1f50b4ac3de252f90878de925555e4b92d8fc18c8da56f465fe83cf934b,2024-12-27T15:15:19.650000 +CVE-2024-56603,1,1,8453bfadb62b2cadfb57471dba7986b0344efa3f18c177cf489c30654f8f0fbc,2024-12-27T15:15:19.770000 +CVE-2024-56604,1,1,f08a056611e3c8eeca7be2d28f596e23fffc66cc0a6cea9463f12375569d6081,2024-12-27T15:15:19.887000 +CVE-2024-56605,1,1,0e6e276a4a95ff97639f6afa5c4368c721b69e4f8e16c59b703a9fd35e946e3e,2024-12-27T15:15:19.980000 +CVE-2024-56606,1,1,9ac1243cb6ab16954cc0e98da001a6c76c87f9ba5bfe32a5ad2ed99bab063c12,2024-12-27T15:15:20.087000 +CVE-2024-56607,1,1,2a997a1b34efc05a7d85ebb19023b47fd67af3e445591edd3e00e6eff69de418,2024-12-27T15:15:20.180000 +CVE-2024-56608,1,1,dbe571b5ed82e25de1f06e12a6af0203a14d69843169973b81092d359a967f50,2024-12-27T15:15:20.283000 +CVE-2024-56609,1,1,745623c229655b940e38e08ee171557cb88a2a87ffa827470bedc47b5db2ec0a,2024-12-27T15:15:20.387000 CVE-2024-5661,0,0,7d090de96660a134ff2e3cb7262fde0b3d927ce5a88611486b37761a6a2d78a0,2024-11-21T09:48:06.673000 +CVE-2024-56610,1,1,1dc28ba150d4bc9d8b5db2104c93951f2d86ed2d000dbc01869000d657653f4d,2024-12-27T15:15:20.490000 +CVE-2024-56611,1,1,4786667360d68264d757b750e74ce4013208f86fe406add8ba8ba72783c4fb53,2024-12-27T15:15:20.587000 +CVE-2024-56612,1,1,1fc46b5532a9858c1d13f3691e9c3e9d40a2e2d3c5df7a4eb91a2d4879cb0912,2024-12-27T15:15:20.687000 +CVE-2024-56613,1,1,f12097ea4967941b3dc5aee5e88b29ae1704864795319f92ee50bd2ae8ef5ad6,2024-12-27T15:15:20.793000 +CVE-2024-56614,1,1,0fecf7d26aaadf9e5e65a58f8da467243f07bd84ada4bb09cba339597bada2ef,2024-12-27T15:15:20.897000 +CVE-2024-56615,1,1,2d705746331f8e7db8f230501b7d715532a3fb35f733b63d661f7eabaf2d8aa4,2024-12-27T15:15:21.013000 +CVE-2024-56616,1,1,5c28696f7be2b9ccde041642cec183fb7f2e043961446683dcd19552d05875e6,2024-12-27T15:15:21.120000 +CVE-2024-56617,1,1,c5c0354238162844e67533dbfaea1f0ebdc0290711cf028385f1733f0ce1baf5,2024-12-27T15:15:21.227000 +CVE-2024-56618,1,1,b300751b0afcf45c05fd2d31eebe92d611e2a3f64a7b52ae99d4a4ecd1e10c24,2024-12-27T15:15:21.337000 +CVE-2024-56619,1,1,60e64a708dad194d4bc3e0f7146aa801f7e1411b59a48099845f54e756fd3e75,2024-12-27T15:15:21.437000 CVE-2024-5662,0,0,a32230f368c985ce000177685318420ae12365dafb7b142a133da07f0e3fd986,2024-11-21T09:48:06.860000 +CVE-2024-56620,1,1,16c688b7fe23f1d9ecdb89417949c3d8c6e4626ae4c1907d33c10ad706c0291b,2024-12-27T15:15:21.540000 +CVE-2024-56621,1,1,0b798218b591db8a6d0ef2ac397ce483e8ca0b8c1d05cde99ecb66ae625e877e,2024-12-27T15:15:21.637000 +CVE-2024-56622,1,1,8f94843242ce72a3bbb6371db8568b741b5f1d3bd35ca9cacb7eb1e5963c11d0,2024-12-27T15:15:21.730000 +CVE-2024-56623,1,1,e5ee166c3f7b9c2b7176e64b4fb1d5bc09be4fdf06f68ef70c0edd7f1d1bc9bf,2024-12-27T15:15:21.823000 +CVE-2024-56624,1,1,f9434f6bebf5a53beb19969866afae3879ec724d9499790d400f552468a8d5aa,2024-12-27T15:15:21.933000 +CVE-2024-56625,1,1,b4a5546d2fb03b8bd0af513daaeba708c1b044a91940be086118d80b7ce93f1b,2024-12-27T15:15:22.033000 +CVE-2024-56626,1,1,ed63e9d10c0871010f2a12229cfea1de6e7f48441719d16c9f30e5984ec186a2,2024-12-27T15:15:22.140000 +CVE-2024-56627,1,1,cd43a046ce40ef1dcf49db6760ef1d7f7229fa0863270b4b281fde497dfd0e39,2024-12-27T15:15:22.250000 +CVE-2024-56628,1,1,99c12aeb736543d9289f9483a876e2200709468fd193f52834cb96b03ea7d49b,2024-12-27T15:15:22.357000 +CVE-2024-56629,1,1,aaaf44f6f008a11345fbb33b0901a3a4d3e9b66e6871a16f9a58d04b2e2d21b1,2024-12-27T15:15:22.463000 CVE-2024-5663,0,0,3d93cfa6260123c05a0fe5dd837778ab353045f85b9b96941dd647b061b7390d,2024-11-21T09:48:06.970000 +CVE-2024-56630,1,1,0da14080da4cd90f3796d394899571bd7dad442e58b40c7daae681d5244fdcfc,2024-12-27T15:15:22.577000 +CVE-2024-56631,1,1,5e695e16bfdb44f573e847a0a2c069d192796f647995fdb5e24cf4c637ed77de,2024-12-27T15:15:22.690000 +CVE-2024-56632,1,1,de4b04be7f2a3fa47301ee1eb53636aa7eabf421398afbd019bee3da858f1776,2024-12-27T15:15:22.803000 +CVE-2024-56633,1,1,73740047b8816b8699eb1a505651759aecd3bb6cacf12c49fb9dc5f15d6b80db,2024-12-27T15:15:22.933000 +CVE-2024-56634,1,1,e162f342f4873ad77a77c9bc6d80843c98efa9ce113566c4d40fcf4eee9c0cb0,2024-12-27T15:15:23.073000 +CVE-2024-56635,1,1,4f11a6816e57a0b86f508e8c57866581ef3aa5ca87bb4236fdeea6e5eec979b9,2024-12-27T15:15:23.207000 +CVE-2024-56636,1,1,130b19d76964e5e6980230329f94e420886eab76204b06718e5cac4353d5e877,2024-12-27T15:15:23.320000 +CVE-2024-56637,1,1,73c74849df291f691aa042d8492135c49dd5349cd1c1bcb951dc1ff721d41a0e,2024-12-27T15:15:23.430000 +CVE-2024-56638,1,1,99f601b0d5f26844120c2b83bcfceb91bd014150e1e98e75945fea7a5b358346,2024-12-27T15:15:23.527000 +CVE-2024-56639,1,1,c049e59aa851c525f7dfd8c3dafc3c776321b1816a9b3253417e4011cbe4af7b,2024-12-27T15:15:23.633000 CVE-2024-5664,0,0,b6962e20742af8ea90e612bbc7ac8c73d6aa535f0e49e5cabd0c7dd59647632b,2024-11-21T09:48:07.107000 +CVE-2024-56640,1,1,e2cdc2a6a85bccd2efa7fee53cd2d47d4675f3daf2110eefc7b3033895b879d8,2024-12-27T15:15:23.730000 +CVE-2024-56641,1,1,b6afe723cd0b6231e67606377b0e857b4f14cd52d5e3694d83f4d5d7d4c1c9c5,2024-12-27T15:15:23.830000 +CVE-2024-56642,1,1,2fad8bf77c55759a9f6d9e5c0ad39db189cd0c77f52902e8e2234336ff4856f3,2024-12-27T15:15:23.930000 +CVE-2024-56643,1,1,4d8343e966d5312afb29e992e933928605e367539813a0a94c527d924805e4d0,2024-12-27T15:15:24.040000 +CVE-2024-56644,1,1,a93ade0e36f08805b6fe6ec90b1214d549dd37df625b652c5f1b3f8e561c8135,2024-12-27T15:15:24.163000 +CVE-2024-56645,1,1,e1be362b9961ca93be3360c91868f5c4915bba1472ca6c2d027ab2eeb321b35c,2024-12-27T15:15:24.260000 +CVE-2024-56646,1,1,727dd85886d14fc0b05fc4cd6055ee06fb112ce89b85855af784f88c86b345dd,2024-12-27T15:15:24.367000 +CVE-2024-56647,1,1,5309bc5ac7a17157a0383403f4d9697564bff21ae182019c850a8ab39711691e,2024-12-27T15:15:24.467000 +CVE-2024-56648,1,1,fe3bcd09aed99c5ff227189f523967a8342ab5e92f4581f0031568a023e80584,2024-12-27T15:15:24.570000 +CVE-2024-56649,1,1,c7ea8df7bef398877c158e43881c993236b186d7256d038cebc5ab558213e51c,2024-12-27T15:15:24.680000 CVE-2024-5665,0,0,9453654adc5e5ab7f7af61e3a6b4b700f16ee5089b916c01517c8b052cc20e43,2024-11-21T09:48:07.230000 +CVE-2024-56650,1,1,78e700a895ba20d3fab7c4e424ec40720a93af8d309bbe0a982b43091a62734f,2024-12-27T15:15:24.783000 +CVE-2024-56651,1,1,376c0d59de427492a47cd82d014368bc83f45b6e0b6eec776382335686b498ec,2024-12-27T15:15:24.917000 +CVE-2024-56652,1,1,7aaf2a3b2b1608aca2ad3e96dd8ede22a5affe87852a91a7ba0eb5e279ce083f,2024-12-27T15:15:25.027000 +CVE-2024-56653,1,1,5e70d326cf102374dfab42de530d71affd62c74a39cc67e2076467378900249d,2024-12-27T15:15:25.133000 +CVE-2024-56654,1,1,1b83ef34e2873e3b4dd6a16c8a45dd3ca727eecc523ca611f2adf597448aaaa5,2024-12-27T15:15:25.237000 +CVE-2024-56655,1,1,716f05d12d8eb880b04807ae42676ac2bf59639668f0dd3036c34b85aa5d797f,2024-12-27T15:15:25.343000 +CVE-2024-56656,1,1,7eeaedfb6939d75d715c0ebc75133058ec32797f9db2a7f9d2122640a189d966,2024-12-27T15:15:25.447000 +CVE-2024-56657,1,1,24d1aeff94e70642f13ce4e81341f4cb7bd7f9c953f1c376d9e8af58d660e7c5,2024-12-27T15:15:25.543000 +CVE-2024-56658,1,1,0114be9413833b52df73f76ad03135f52316e5bf2311d61d3c52b1fabdcd7342,2024-12-27T15:15:25.643000 +CVE-2024-56659,1,1,c08b8dfe01498b2162a755fe4adb4e5d0793eeee976e1c7d69237785094ce590,2024-12-27T15:15:25.747000 CVE-2024-5666,0,0,8139975e898ee1091802fa011bf50726a9ce2f054b4cff2fd9267df5d7986a48,2024-11-21T09:48:07.360000 +CVE-2024-56660,1,1,a0dd1cb22a691e883fa61a471de831a7cde1a7a57d407ed94b7fdd8804ab4323,2024-12-27T15:15:25.857000 +CVE-2024-56661,1,1,b65c7e2883e916c38e26627fa18d0ea7d9223279c1758a5d66e60309a7187f27,2024-12-27T15:15:25.960000 +CVE-2024-56662,1,1,6a6f138d2f105750e1154c72925e65621d94c3cf33a41f4160f69d0ee14b8204,2024-12-27T15:15:26.073000 +CVE-2024-56663,1,1,4f589b92aa8d3692c760a45dfbbf56515135d98d79a6f639a686217874853087,2024-12-27T15:15:26.187000 +CVE-2024-56664,1,1,af18954eb50a287212530353e9aced0af43df07d7a3794847a94156a39af80ec,2024-12-27T15:15:26.297000 +CVE-2024-56665,1,1,02644b0311c85692f50da0246471aabcb490fd7d77a686fd33a1a1643ffd1494,2024-12-27T15:15:26.400000 +CVE-2024-56666,1,1,cf01861b76c20ab381dd3f9ae81b807f6f96b015199bfd547cb160d0c0283e72,2024-12-27T15:15:26.503000 +CVE-2024-56667,1,1,aa491ee8c2e7a0fc06fc9c7de7512ce1ea0741f5af4a22acfbb540092ea32963,2024-12-27T15:15:26.600000 +CVE-2024-56668,1,1,b3939b2b8fe24effea069d9fe9d77edc1221417f9c8ff44b8809db011121c6e4,2024-12-27T15:15:26.693000 +CVE-2024-56669,1,1,dad3d84efd54c8db18f4beaa59331a54917afe8218572d90788811b8dc06730a,2024-12-27T15:15:26.797000 +CVE-2024-56670,1,1,dc10516ecbb1573831fb65155ecf797f3ea1448a29a9b4dfe9bec520710c4561,2024-12-27T15:15:26.890000 +CVE-2024-56671,1,1,64c975406a9a779737b43f8de106afdfb7ce3bc610cb5954dd72685397983a7a,2024-12-27T15:15:26.993000 +CVE-2024-56672,1,1,24bd11f05f5f611e916b4512195adacf100be7c8d4902123b0c533311a958769,2024-12-27T15:15:27.107000 +CVE-2024-56673,1,1,e90ee1d575ef7e3c3731c0bda05541d86d18ea4ec79b3942ac4f1c34d85caa6e,2024-12-27T15:15:27.210000 +CVE-2024-56674,1,1,311b5d287cfc8b1d6bdbf0c2aafd253837cc5472ab2ecf54d0b275db08146ff5,2024-12-27T15:15:27.313000 +CVE-2024-56675,1,1,79b5d36fc5241d4ac2211f8c103756c5587d68511e4946f0a38e03aa8330bf15,2024-12-27T15:15:27.420000 CVE-2024-5668,0,0,2b1741b5ea64caa13c1677e3669ebb1b484d460f590a95b675b1be78a69cec45,2024-08-08T13:04:18.753000 CVE-2024-5669,0,0,9cd51c21a0e40ca0880591ec94cc1c064da62242943ba53e10301d0eb8bfe684,2024-11-21T09:48:07.570000 CVE-2024-5670,0,0,833b3289d1bb921143306eb422f5f9db6cfd66717dc638bdad9a2ca39097d40f,2024-11-21T09:48:07.687000