From c2f45e9f996235c078412d079f335ee1b0c6686b Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sun, 14 Apr 2024 14:03:27 +0000 Subject: [PATCH] Auto-Update: 2024-04-14T14:00:38.067564+00:00 --- CVE-2024/CVE-2024-248xx/CVE-2024-24862.json | 55 +++++++++++++++++++++ CVE-2024/CVE-2024-248xx/CVE-2024-24863.json | 55 +++++++++++++++++++++ README.md | 17 +++---- _state.csv | 12 +++-- 4 files changed, 124 insertions(+), 15 deletions(-) create mode 100644 CVE-2024/CVE-2024-248xx/CVE-2024-24862.json create mode 100644 CVE-2024/CVE-2024-248xx/CVE-2024-24863.json diff --git a/CVE-2024/CVE-2024-248xx/CVE-2024-24862.json b/CVE-2024/CVE-2024-248xx/CVE-2024-24862.json new file mode 100644 index 00000000000..ac74eca37f3 --- /dev/null +++ b/CVE-2024/CVE-2024-248xx/CVE-2024-24862.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-24862", + "sourceIdentifier": "security@openanolis.org", + "published": "2024-04-14T13:15:48.400", + "lastModified": "2024-04-14T13:15:48.400", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In function pci1xxxx_spi_probe, there is a potential null pointer that\nmay be caused by a failed memory allocation by the function devm_kzalloc.\nHence, a null pointer check needs to be added to prevent null pointer\ndereferencing later in the code.\n\nTo fix this issue, spi_bus->spi_int[iter] should be checked. The memory\nallocated by devm_kzalloc will be automatically released, so just directly\nreturn -ENOMEM without worrying about memory leaks.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@openanolis.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@openanolis.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8748", + "source": "security@openanolis.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-248xx/CVE-2024-24863.json b/CVE-2024/CVE-2024-248xx/CVE-2024-24863.json new file mode 100644 index 00000000000..15cac0cfcf3 --- /dev/null +++ b/CVE-2024/CVE-2024-248xx/CVE-2024-24863.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-24863", + "sourceIdentifier": "security@openanolis.org", + "published": "2024-04-14T13:15:49.330", + "lastModified": "2024-04-14T13:15:49.330", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In malidp_mw_connector_reset, new memory is allocated with kzalloc, but \nno check is performed. In order to prevent null pointer dereferencing, \nensure that mw_state is checked before calling \n__drm_atomic_helper_connector_reset.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@openanolis.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@openanolis.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=8750", + "source": "security@openanolis.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 193761a9cb1..2de27f39099 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-04-14T06:00:38.460894+00:00 +2024-04-14T14:00:38.067564+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-04-14T04:15:56.870000+00:00 +2024-04-14T13:15:49.330000+00:00 ``` ### Last Data Feed Release @@ -33,24 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -245416 +245418 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `2` +- [CVE-2024-24862](CVE-2024/CVE-2024-248xx/CVE-2024-24862.json) (`2024-04-14T13:15:48.400`) +- [CVE-2024-24863](CVE-2024/CVE-2024-248xx/CVE-2024-24863.json) (`2024-04-14T13:15:49.330`) ### CVEs modified in the last Commit -Recently modified CVEs: `5` +Recently modified CVEs: `0` -- [CVE-2024-26811](CVE-2024/CVE-2024-268xx/CVE-2024-26811.json) (`2024-04-14T04:15:54.290`) -- [CVE-2024-3157](CVE-2024/CVE-2024-31xx/CVE-2024-3157.json) (`2024-04-14T04:15:56.260`) -- [CVE-2024-3378](CVE-2024/CVE-2024-33xx/CVE-2024-3378.json) (`2024-04-14T04:15:56.560`) -- [CVE-2024-3515](CVE-2024/CVE-2024-35xx/CVE-2024-3515.json) (`2024-04-14T04:15:56.830`) -- [CVE-2024-3516](CVE-2024/CVE-2024-35xx/CVE-2024-3516.json) (`2024-04-14T04:15:56.870`) ## Download and Usage diff --git a/_state.csv b/_state.csv index d7c0a5b1faa..7d911d2512a 100644 --- a/_state.csv +++ b/_state.csv @@ -241988,6 +241988,8 @@ CVE-2024-24859,0,0,e679ba08f49ce2259e6fae9f7247bb624101b65d866a2698d5f41c0ab1e59 CVE-2024-2486,0,0,eb662f43810ed9a31d708183bae884b2400a8194100e5a4a96f107305440f770,2024-04-11T01:25:24.927000 CVE-2024-24860,0,0,cc439582f3b205787436e95c2e570817bcdd2c0b521aeea3ff157e2bc11704f7,2024-02-14T19:50:10.803000 CVE-2024-24861,0,0,6b40afdcfeaef4379ad19505bbc3196ca9bd79cff347b2f5b0473b639a0022c5,2024-02-10T04:05:59.040000 +CVE-2024-24862,1,1,bd85fa913bc79b223fc12d8a61ba0366094a90b63ae8f5587f41887a152db9ee,2024-04-14T13:15:48.400000 +CVE-2024-24863,1,1,a9ae15f3d80abe37467798d47faae7eaf12bdb12e1ca6227328c7ccad4c751b1,2024-04-14T13:15:49.330000 CVE-2024-24864,0,0,cb2feb3346fb11cc5b4be9ff84c56cdf4de4a5045cdc4255bc9349b2b8259736,2024-02-10T04:05:22.843000 CVE-2024-24865,0,0,69d1d9e6b7dcdc1a41fcca26c5c38135753d56b8f5d02ca0d16d1408ab64d3a6,2024-02-07T23:30:50.313000 CVE-2024-24866,0,0,7234eb10c2179098475da368126463933a93e4c44ee1e87fac56ce5cbea64b85,2024-02-13T19:48:45.207000 @@ -243163,7 +243165,7 @@ CVE-2024-26808,0,0,4f31bc304a07232a3baf91061957b820ea1892642e797b2566eb9414b09af CVE-2024-26809,0,0,9fe73261a4fc78e6c4eacdd5a51592c430457963a39614d59847053f3066f6fb,2024-04-04T12:48:22.650000 CVE-2024-2681,0,0,cb05086c2c8d183d14408cf45e04435cc7af702ab8c219dc1bd4df4ce50beae6,2024-04-11T01:25:32.153000 CVE-2024-26810,0,0,1b304a2ab8dd45b7f8b668d3ded5617945895b32843d6ccf223d08b5069900cd,2024-04-13T12:15:11.527000 -CVE-2024-26811,0,1,8c27540c85b7b58fd32e2eb371d005ef60333ea96473bcd9ab259f1ab620b419,2024-04-14T04:15:54.290000 +CVE-2024-26811,0,0,8c27540c85b7b58fd32e2eb371d005ef60333ea96473bcd9ab259f1ab620b419,2024-04-14T04:15:54.290000 CVE-2024-26812,0,0,a42c8187b68beb1cc0b158f76e6d556e04202cce9b8d74f10baf062b3b08439c,2024-04-13T12:15:11.580000 CVE-2024-26813,0,0,e26d7e44e13f3412bd160f19d0ae99bd36159f47f75a2e8fb78ec9249e2769c3,2024-04-13T12:15:11.633000 CVE-2024-26814,0,0,cc1f4c4ee0ddb8caf435f1369c8b74e01b83a1ebb078466c399be2b768271bff,2024-04-13T12:15:11.683000 @@ -245122,7 +245124,7 @@ CVE-2024-31507,0,0,8a4d05957463fb55563022c4622a2463374ff774a0631f4c63214875a7c78 CVE-2024-3151,0,0,2dd1cf236cf7e4dbb7d9720cf950d856f9b652cd7c08d701ecc784bea1322bb1,2024-04-11T01:25:55.410000 CVE-2024-31544,0,0,bc835e0f71240df22cec22617fbfab2cab4d97b1f555eabe4ef7c23231d6357c,2024-04-10T13:24:22.187000 CVE-2024-3156,0,0,672d7786ba8482c7e78ab9597c9f5a6e717f264787edb700157c849ff3c9f687,2024-04-08T18:48:40.217000 -CVE-2024-3157,0,1,2e52cffd8e495ebf0f6229208ba6bf71114b109adc77acfe8f48ee6cddf311ea,2024-04-14T04:15:56.260000 +CVE-2024-3157,0,0,2e52cffd8e495ebf0f6229208ba6bf71114b109adc77acfe8f48ee6cddf311ea,2024-04-14T04:15:56.260000 CVE-2024-3158,0,0,d2414412e299d1c6c6fd5c25934ca9d016ec38ac6210ea884f5d6eabc2220b22,2024-04-08T18:48:40.217000 CVE-2024-3159,0,0,ab3d3fc3f58ff99c2f10e23574a75e665f3343c344ecfe71138e927973febb6e,2024-04-08T18:48:40.217000 CVE-2024-3160,0,0,f58561faca7869291dbd40f98b5207b12f048bddf4323b50e2fa0b0605fe77f4,2024-04-11T01:25:55.513000 @@ -245298,7 +245300,7 @@ CVE-2024-3366,0,0,641beaaa3f9fd7d2de3006c0b03aadadafd130dcdab91419774c604b06cf9b CVE-2024-3369,0,0,943fbc9826beb11428b980e60e48ec152ecf5fda97b5d1c26bb0e96c030079eb,2024-04-11T01:26:00.317000 CVE-2024-3376,0,0,f944ee3af49afac066405b13bcc14ad1a3aba304f57c015d653c31ce71a21bf1,2024-04-11T01:26:00.397000 CVE-2024-3377,0,0,4f5c5a9a0c925d4c25c7e7a8167aad399bf59289271bce69d10c801ec2848ece,2024-04-11T01:26:00.473000 -CVE-2024-3378,0,1,4f86c276b9b6898b0be7d5e038b0b93861aa9bc2234c5fb397df84486317a3f0,2024-04-14T04:15:56.560000 +CVE-2024-3378,0,0,4f86c276b9b6898b0be7d5e038b0b93861aa9bc2234c5fb397df84486317a3f0,2024-04-14T04:15:56.560000 CVE-2024-3382,0,0,359ee56c09e0a2a64315ebc823efc4b55ab60390ccbf48a0550f896cf550e0d4,2024-04-10T19:49:51.183000 CVE-2024-3383,0,0,23294a2c02d282067f57807e610d19ad62151e7737eff1a2dbce91b2ce33a939,2024-04-10T19:49:51.183000 CVE-2024-3384,0,0,f1db02aa38b819888be52a421a922174001b5f3c9e0abe3ab9082a168503f129,2024-04-10T19:49:51.183000 @@ -245350,8 +245352,8 @@ CVE-2024-3465,0,0,a42aecf57f43969ec60c90b90013ebe0e449783aa33103b39be184486d2b2c CVE-2024-3466,0,0,06b3d0b5c629cfcd72994ab03bcc3d914522a60f9b439b6d13775db50704418a,2024-04-11T01:26:03.777000 CVE-2024-3512,0,0,0bde0dc5c2508608f7df2e92075f3b315e69961d5bc617a9cf046c486aab6ef4,2024-04-10T13:23:38.787000 CVE-2024-3514,0,0,6b760aa2049aa25a8d1a8a27afd68abe75f99cb1cc8192949aefe4b5db8f51ce,2024-04-10T13:23:38.787000 -CVE-2024-3515,0,1,5468697271bc6b150a37cdc37185fba19452278c6e2af7511e30c6bc99ef52e2,2024-04-14T04:15:56.830000 -CVE-2024-3516,0,1,b99578f278d72fa6dbd30e45b2e689c8f24fcea01522b8a3f366bd43db470b94,2024-04-14T04:15:56.870000 +CVE-2024-3515,0,0,5468697271bc6b150a37cdc37185fba19452278c6e2af7511e30c6bc99ef52e2,2024-04-14T04:15:56.830000 +CVE-2024-3516,0,0,b99578f278d72fa6dbd30e45b2e689c8f24fcea01522b8a3f366bd43db470b94,2024-04-14T04:15:56.870000 CVE-2024-3521,0,0,e61d852c00114c6bd3f4a1b5eeb2ffc212b4c353a3c03a3453182d437a66b289,2024-04-11T01:26:03.900000 CVE-2024-3522,0,0,2dd2aff8352737c957083bbb548feca94c6bc4d24050574d0269bbbcc566f409,2024-04-11T01:26:03.977000 CVE-2024-3523,0,0,4bcdc0c2641557edee953608e7aa9e663000e70c847d90476983bd4354ae7983,2024-04-11T01:26:04.057000