From d024144ac47fb21bd06ff4d8ae373c1f1da6f263 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 10 Apr 2024 20:03:29 +0000 Subject: [PATCH] Auto-Update: 2024-04-10T20:00:38.476237+00:00 --- CVE-2020/CVE-2020-367xx/CVE-2020-36776.json | 94 +++++++- CVE-2020/CVE-2020-367xx/CVE-2020-36777.json | 142 ++++++++++- CVE-2021/CVE-2021-469xx/CVE-2021-46932.json | 142 ++++++++++- CVE-2021/CVE-2021-469xx/CVE-2021-46933.json | 142 ++++++++++- CVE-2021/CVE-2021-469xx/CVE-2021-46934.json | 106 +++++++- CVE-2021/CVE-2021-469xx/CVE-2021-46935.json | 118 ++++++++- CVE-2021/CVE-2021-469xx/CVE-2021-46936.json | 142 ++++++++++- CVE-2021/CVE-2021-469xx/CVE-2021-46937.json | 70 +++++- CVE-2021/CVE-2021-469xx/CVE-2021-46938.json | 142 ++++++++++- CVE-2021/CVE-2021-469xx/CVE-2021-46939.json | 154 +++++++++++- CVE-2021/CVE-2021-469xx/CVE-2021-46940.json | 94 +++++++- CVE-2021/CVE-2021-469xx/CVE-2021-46941.json | 94 +++++++- CVE-2021/CVE-2021-469xx/CVE-2021-46942.json | 70 +++++- CVE-2021/CVE-2021-469xx/CVE-2021-46943.json | 106 +++++++- CVE-2021/CVE-2021-469xx/CVE-2021-46944.json | 106 +++++++- CVE-2021/CVE-2021-471xx/CVE-2021-47181.json | 48 ++++ CVE-2021/CVE-2021-471xx/CVE-2021-47182.json | 24 ++ CVE-2021/CVE-2021-471xx/CVE-2021-47183.json | 24 ++ CVE-2021/CVE-2021-471xx/CVE-2021-47184.json | 40 ++++ CVE-2021/CVE-2021-471xx/CVE-2021-47185.json | 48 ++++ CVE-2021/CVE-2021-471xx/CVE-2021-47186.json | 28 +++ CVE-2021/CVE-2021-471xx/CVE-2021-47187.json | 32 +++ CVE-2021/CVE-2021-471xx/CVE-2021-47188.json | 24 ++ CVE-2021/CVE-2021-471xx/CVE-2021-47189.json | 48 ++++ CVE-2021/CVE-2021-471xx/CVE-2021-47190.json | 32 +++ CVE-2021/CVE-2021-471xx/CVE-2021-47191.json | 28 +++ CVE-2021/CVE-2021-471xx/CVE-2021-47192.json | 32 +++ CVE-2021/CVE-2021-471xx/CVE-2021-47193.json | 24 ++ CVE-2021/CVE-2021-471xx/CVE-2021-47194.json | 48 ++++ CVE-2021/CVE-2021-471xx/CVE-2021-47195.json | 24 ++ CVE-2021/CVE-2021-471xx/CVE-2021-47196.json | 24 ++ CVE-2021/CVE-2021-471xx/CVE-2021-47197.json | 28 +++ CVE-2021/CVE-2021-471xx/CVE-2021-47198.json | 24 ++ CVE-2021/CVE-2021-471xx/CVE-2021-47199.json | 24 ++ CVE-2021/CVE-2021-472xx/CVE-2021-47200.json | 24 ++ CVE-2021/CVE-2021-472xx/CVE-2021-47201.json | 32 +++ CVE-2021/CVE-2021-472xx/CVE-2021-47202.json | 36 +++ CVE-2021/CVE-2021-472xx/CVE-2021-47203.json | 48 ++++ CVE-2021/CVE-2021-472xx/CVE-2021-47204.json | 32 +++ CVE-2021/CVE-2021-472xx/CVE-2021-47205.json | 24 ++ CVE-2021/CVE-2021-472xx/CVE-2021-47206.json | 48 ++++ CVE-2021/CVE-2021-472xx/CVE-2021-47207.json | 48 ++++ CVE-2021/CVE-2021-472xx/CVE-2021-47209.json | 24 ++ CVE-2021/CVE-2021-472xx/CVE-2021-47210.json | 36 +++ CVE-2021/CVE-2021-472xx/CVE-2021-47211.json | 24 ++ CVE-2021/CVE-2021-472xx/CVE-2021-47212.json | 24 ++ CVE-2021/CVE-2021-472xx/CVE-2021-47213.json | 24 ++ CVE-2021/CVE-2021-472xx/CVE-2021-47214.json | 24 ++ CVE-2021/CVE-2021-472xx/CVE-2021-47215.json | 24 ++ CVE-2021/CVE-2021-472xx/CVE-2021-47216.json | 48 ++++ CVE-2021/CVE-2021-472xx/CVE-2021-47217.json | 36 +++ CVE-2021/CVE-2021-472xx/CVE-2021-47218.json | 28 +++ CVE-2021/CVE-2021-472xx/CVE-2021-47219.json | 28 +++ CVE-2023/CVE-2023-520xx/CVE-2023-52070.json | 28 +++ CVE-2023/CVE-2023-69xx/CVE-2023-6916.json | 4 +- CVE-2024/CVE-2024-02xx/CVE-2024-0218.json | 4 +- CVE-2024/CVE-2024-15xx/CVE-2024-1511.json | 4 +- CVE-2024/CVE-2024-15xx/CVE-2024-1520.json | 4 +- CVE-2024/CVE-2024-15xx/CVE-2024-1599.json | 4 +- CVE-2024/CVE-2024-16xx/CVE-2024-1600.json | 4 +- CVE-2024/CVE-2024-16xx/CVE-2024-1602.json | 4 +- CVE-2024/CVE-2024-16xx/CVE-2024-1625.json | 4 +- CVE-2024/CVE-2024-16xx/CVE-2024-1643.json | 4 +- CVE-2024/CVE-2024-17xx/CVE-2024-1728.json | 4 +- CVE-2024/CVE-2024-17xx/CVE-2024-1740.json | 4 +- CVE-2024/CVE-2024-17xx/CVE-2024-1741.json | 4 +- CVE-2024/CVE-2024-19xx/CVE-2024-1902.json | 4 +- CVE-2024/CVE-2024-207xx/CVE-2024-20766.json | 4 +- CVE-2024/CVE-2024-207xx/CVE-2024-20770.json | 4 +- CVE-2024/CVE-2024-207xx/CVE-2024-20772.json | 4 +- CVE-2024/CVE-2024-20xx/CVE-2024-2029.json | 4 +- CVE-2024/CVE-2024-21xx/CVE-2024-2195.json | 4 +- CVE-2024/CVE-2024-21xx/CVE-2024-2196.json | 4 +- CVE-2024/CVE-2024-22xx/CVE-2024-2217.json | 4 +- CVE-2024/CVE-2024-22xx/CVE-2024-2221.json | 4 +- CVE-2024/CVE-2024-230xx/CVE-2024-23077.json | 28 +++ CVE-2024/CVE-2024-230xx/CVE-2024-23080.json | 4 +- CVE-2024/CVE-2024-230xx/CVE-2024-23083.json | 4 +- CVE-2024/CVE-2024-237xx/CVE-2024-23734.json | 4 +- CVE-2024/CVE-2024-237xx/CVE-2024-23735.json | 4 +- CVE-2024/CVE-2024-248xx/CVE-2024-24809.json | 4 +- CVE-2024/CVE-2024-268xx/CVE-2024-26816.json | 4 +- CVE-2024/CVE-2024-274xx/CVE-2024-27474.json | 4 +- CVE-2024/CVE-2024-274xx/CVE-2024-27476.json | 4 +- CVE-2024/CVE-2024-274xx/CVE-2024-27477.json | 4 +- CVE-2024/CVE-2024-27xx/CVE-2024-2730.json | 4 +- CVE-2024/CVE-2024-27xx/CVE-2024-2731.json | 4 +- CVE-2024/CVE-2024-283xx/CVE-2024-28344.json | 20 ++ CVE-2024/CVE-2024-283xx/CVE-2024-28345.json | 20 ++ CVE-2024/CVE-2024-292xx/CVE-2024-29296.json | 4 +- CVE-2024/CVE-2024-29xx/CVE-2024-2952.json | 4 +- CVE-2024/CVE-2024-30xx/CVE-2024-3025.json | 4 +- CVE-2024/CVE-2024-30xx/CVE-2024-3098.json | 4 +- CVE-2024/CVE-2024-312xx/CVE-2024-31214.json | 67 ++++++ CVE-2024/CVE-2024-312xx/CVE-2024-31230.json | 55 +++++ CVE-2024/CVE-2024-312xx/CVE-2024-31240.json | 4 +- CVE-2024/CVE-2024-312xx/CVE-2024-31242.json | 55 +++++ CVE-2024/CVE-2024-312xx/CVE-2024-31245.json | 4 +- CVE-2024/CVE-2024-312xx/CVE-2024-31247.json | 4 +- CVE-2024/CVE-2024-312xx/CVE-2024-31249.json | 4 +- CVE-2024/CVE-2024-312xx/CVE-2024-31253.json | 4 +- CVE-2024/CVE-2024-312xx/CVE-2024-31254.json | 4 +- CVE-2024/CVE-2024-312xx/CVE-2024-31259.json | 4 +- CVE-2024/CVE-2024-312xx/CVE-2024-31278.json | 4 +- CVE-2024/CVE-2024-312xx/CVE-2024-31282.json | 4 +- CVE-2024/CVE-2024-312xx/CVE-2024-31287.json | 4 +- CVE-2024/CVE-2024-312xx/CVE-2024-31297.json | 4 +- CVE-2024/CVE-2024-312xx/CVE-2024-31298.json | 4 +- CVE-2024/CVE-2024-312xx/CVE-2024-31299.json | 4 +- CVE-2024/CVE-2024-313xx/CVE-2024-31302.json | 4 +- CVE-2024/CVE-2024-313xx/CVE-2024-31342.json | 4 +- CVE-2024/CVE-2024-313xx/CVE-2024-31343.json | 4 +- CVE-2024/CVE-2024-313xx/CVE-2024-31353.json | 4 +- CVE-2024/CVE-2024-313xx/CVE-2024-31355.json | 4 +- CVE-2024/CVE-2024-313xx/CVE-2024-31356.json | 4 +- CVE-2024/CVE-2024-313xx/CVE-2024-31358.json | 4 +- CVE-2024/CVE-2024-313xx/CVE-2024-31386.json | 111 +++++++++ CVE-2024/CVE-2024-314xx/CVE-2024-31461.json | 71 ++++++ CVE-2024/CVE-2024-314xx/CVE-2024-31464.json | 71 ++++++ CVE-2024/CVE-2024-314xx/CVE-2024-31492.json | 4 +- CVE-2024/CVE-2024-318xx/CVE-2024-31871.json | 4 +- CVE-2024/CVE-2024-318xx/CVE-2024-31872.json | 4 +- CVE-2024/CVE-2024-318xx/CVE-2024-31873.json | 4 +- CVE-2024/CVE-2024-318xx/CVE-2024-31874.json | 4 +- CVE-2024/CVE-2024-319xx/CVE-2024-31924.json | 4 +- CVE-2024/CVE-2024-319xx/CVE-2024-31943.json | 55 +++++ CVE-2024/CVE-2024-319xx/CVE-2024-31944.json | 55 +++++ CVE-2024/CVE-2024-31xx/CVE-2024-3101.json | 4 +- CVE-2024/CVE-2024-31xx/CVE-2024-3157.json | 24 ++ CVE-2024/CVE-2024-32xx/CVE-2024-3283.json | 4 +- CVE-2024/CVE-2024-33xx/CVE-2024-3382.json | 4 +- CVE-2024/CVE-2024-33xx/CVE-2024-3383.json | 4 +- CVE-2024/CVE-2024-33xx/CVE-2024-3384.json | 4 +- CVE-2024/CVE-2024-33xx/CVE-2024-3385.json | 4 +- CVE-2024/CVE-2024-33xx/CVE-2024-3386.json | 4 +- CVE-2024/CVE-2024-33xx/CVE-2024-3387.json | 4 +- CVE-2024/CVE-2024-33xx/CVE-2024-3388.json | 4 +- CVE-2024/CVE-2024-34xx/CVE-2024-3448.json | 4 +- CVE-2024/CVE-2024-35xx/CVE-2024-3515.json | 24 ++ CVE-2024/CVE-2024-35xx/CVE-2024-3516.json | 24 ++ CVE-2024/CVE-2024-35xx/CVE-2024-3566.json | 4 +- CVE-2024/CVE-2024-35xx/CVE-2024-3567.json | 4 +- CVE-2024/CVE-2024-35xx/CVE-2024-3568.json | 4 +- CVE-2024/CVE-2024-35xx/CVE-2024-3569.json | 4 +- CVE-2024/CVE-2024-35xx/CVE-2024-3570.json | 4 +- README.md | 93 ++++--- _state.csv | 253 ++++++++++++-------- 147 files changed, 3877 insertions(+), 423 deletions(-) create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47181.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47182.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47183.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47184.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47185.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47186.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47187.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47188.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47189.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47190.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47191.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47192.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47193.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47194.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47195.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47196.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47197.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47198.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47199.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47200.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47201.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47202.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47203.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47204.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47205.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47206.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47207.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47209.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47210.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47211.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47212.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47213.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47214.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47215.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47216.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47217.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47218.json create mode 100644 CVE-2021/CVE-2021-472xx/CVE-2021-47219.json create mode 100644 CVE-2023/CVE-2023-520xx/CVE-2023-52070.json create mode 100644 CVE-2024/CVE-2024-230xx/CVE-2024-23077.json create mode 100644 CVE-2024/CVE-2024-283xx/CVE-2024-28344.json create mode 100644 CVE-2024/CVE-2024-283xx/CVE-2024-28345.json create mode 100644 CVE-2024/CVE-2024-312xx/CVE-2024-31214.json create mode 100644 CVE-2024/CVE-2024-312xx/CVE-2024-31230.json create mode 100644 CVE-2024/CVE-2024-312xx/CVE-2024-31242.json create mode 100644 CVE-2024/CVE-2024-313xx/CVE-2024-31386.json create mode 100644 CVE-2024/CVE-2024-314xx/CVE-2024-31461.json create mode 100644 CVE-2024/CVE-2024-314xx/CVE-2024-31464.json create mode 100644 CVE-2024/CVE-2024-319xx/CVE-2024-31943.json create mode 100644 CVE-2024/CVE-2024-319xx/CVE-2024-31944.json create mode 100644 CVE-2024/CVE-2024-31xx/CVE-2024-3157.json create mode 100644 CVE-2024/CVE-2024-35xx/CVE-2024-3515.json create mode 100644 CVE-2024/CVE-2024-35xx/CVE-2024-3516.json diff --git a/CVE-2020/CVE-2020-367xx/CVE-2020-36776.json b/CVE-2020/CVE-2020-367xx/CVE-2020-36776.json index 2d2f27c8226..18b6d81f57d 100644 --- a/CVE-2020/CVE-2020-367xx/CVE-2020-36776.json +++ b/CVE-2020/CVE-2020-367xx/CVE-2020-36776.json @@ -2,8 +2,8 @@ "id": "CVE-2020-36776", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T19:04:05.693", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-04-10T19:34:31.410", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,23 +14,103 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: Thermal/drivers/cpufreq_cooling: solucionar el problema de Slab OOB El problema de Slab OOB es escaneado por KASAN en cpu_power_to_freq(). Si la potencia se limita por debajo de la potencia de OPP0 en la tabla EM, provocar\u00e1 un problema de losa fuera de los l\u00edmites con un \u00edndice de matriz negativo. Devuelve la frecuencia m\u00e1s baja si la potencia limitada no puede encontrar un OPP adecuado en la tabla EM para solucionar este problema. Seguimiento inverso: [] die+0x104/0x5ac [] bug_handler+0x64/0xd0 [] brk_handler+0x160/0x258 [] do_debug_exception+0x 248/0x3f0 [] el1_dbg+0x14 /0xbc [] __kasan_report+0x1dc/0x1e0 [] kasan_report+0x10/0x20 [] __asan_report_load8_noabort+0x18/0x28 [] cpufreq_power2state+0x180/0x43c [] power_actor_set_power+0x114 /0x1d4 [] allocate_power+0xaec/0xde0 [] power_allocator_throttle+0x3ec/0x5a4 [] handle_thermal_trip+0x160/0x294 [] t\u00e9rmico _zone_device_check+0xe4/0x154 [] proceso_one_work+0x5e4 /0xe28 [] work_thread+0xa4c/0xfac [] kthread+0x33c/0x358 [] ret_from_fork+0xc/0x18" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-129" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.8.0", + "versionEndExcluding": "5.10.36", + "matchCriteriaId": "3B760ADC-7139-4E69-BD9F-4944140A9E34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11.0", + "versionEndExcluding": "5.11.20", + "matchCriteriaId": "EFB425F0-C28C-4B44-8B4C-AD512AA832DE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12.0", + "versionEndExcluding": "5.12.3", + "matchCriteriaId": "C3814FA3-8141-4313-A852-8C4212BE12AD" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/34ab17cc6c2c1ac93d7e5d53bb972df9a968f085", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6bf443acf6ca4f666d0e4225614ba9993a3aa1a9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/876a5f33e5d961d879c5436987c09b3d9ef70379", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c24a20912eef00587416628149c438e885eb1304", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-367xx/CVE-2020-36777.json b/CVE-2020/CVE-2020-367xx/CVE-2020-36777.json index 4d84266f79a..ffca788939d 100644 --- a/CVE-2020/CVE-2020-367xx/CVE-2020-36777.json +++ b/CVE-2020/CVE-2020-367xx/CVE-2020-36777.json @@ -2,8 +2,8 @@ "id": "CVE-2020-36777", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T19:04:05.760", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-04-10T19:32:09.210", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,39 +14,159 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: medios: dvbdev: corrige la p\u00e9rdida de memoria en dvb_media_device_free() dvb_media_device_free() est\u00e1 perdiendo memoria. Libere `dvbdev->adapter->conn` antes de configurarlo en NULL, como se documenta en include/media/media-device.h: \"La instancia media_entity debe ser liberada expl\u00edcitamente por el controlador si es necesario\"." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5.0", + "versionEndExcluding": "4.9.269", + "matchCriteriaId": "8413F613-F1EE-430D-9972-52EEF6C49672" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10.0", + "versionEndExcluding": "4.14.233", + "matchCriteriaId": "20505383-2EB8-41EF-A91B-F185B4FB81DF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15.0", + "versionEndExcluding": "4.19.191", + "matchCriteriaId": "B7281E1E-A00B-49C0-A849-9CE1CE780227" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20.0", + "versionEndExcluding": "5.4.118", + "matchCriteriaId": "5670AEA3-082C-42D6-A067-CD9ECED4B84B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5.0", + "versionEndExcluding": "5.10.36", + "matchCriteriaId": "C7148769-B830-4B8F-986F-E0C85A19FC7F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11.0", + "versionEndExcluding": "5.11.20", + "matchCriteriaId": "EFB425F0-C28C-4B44-8B4C-AD512AA832DE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12.0", + "versionEndExcluding": "5.12.3", + "matchCriteriaId": "C3814FA3-8141-4313-A852-8C4212BE12AD" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/06854b943e0571ccbd7ad0a529babed1a98ff275", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/32168ca1f123316848fffb85d059860adf3c409f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/43263fd43083e412311fa764cd04a727b0c6a749", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9185b3b1c143b8da409c19ac5a785aa18d67a81b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9ad15e214fcd73694ea51967d86055f47b802066", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bf9a40ae8d722f281a2721779595d6df1c33a0bf", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cd89f79be5d553c78202f686e8e4caa5fbe94e98", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cede24d13be6c2a62be6d7ceea63c2719b0cfa82", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46932.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46932.json index b3463aedeaf..c87db1d3381 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46932.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46932.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46932", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T10:15:07.753", - "lastModified": "2024-02-27T14:20:06.637", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-04-10T18:02:06.327", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,39 +14,159 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: Entrada: appletouch: inicializa el trabajo antes del registro del dispositivo Syzbot ha informado una advertencia en __flush_work(). Esta advertencia es causada por work->func == NULL, lo que significa que falta la inicializaci\u00f3n del trabajo. Esto puede suceder, ya que input_dev->close() llama a cancel_work_sync(&dev->work), pero la inicializaci\u00f3n dev->work ocurre _despu\u00e9s_ de la llamada input_register_device(). Entonces este parche mueve la inicializaci\u00f3n dev->work antes de registrar el dispositivo de entrada" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-665" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.6.23", + "versionEndExcluding": "4.4.298", + "matchCriteriaId": "BA4A6C50-3FFF-4800-9BCC-88823A3D2798" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5.0", + "versionEndExcluding": "4.9.296", + "matchCriteriaId": "883CB22B-11DA-4D54-8121-3F5494EDBD4C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10.0", + "versionEndExcluding": "4.14.261", + "matchCriteriaId": "B5D4F856-5F69-4F4A-911F-50A21B9A68B6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15.0", + "versionEndExcluding": "4.19.224", + "matchCriteriaId": "B34A1353-506A-4AB9-87EC-CD50F09DFB8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20.0", + "versionEndExcluding": "5.4.170", + "matchCriteriaId": "56D16FBB-453E-4316-A027-E517828203D7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5.0", + "versionEndExcluding": "5.10.90", + "matchCriteriaId": "C87FB3FD-3E74-4588-A1A4-B9BA8AE0C06B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11.0", + "versionEndExcluding": "5.15.13", + "matchCriteriaId": "083E0940-932B-447B-A6B2-677DAE27FD04" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/975774ea7528b489930b76a77ffc4d5379b95ff2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9f329d0d6c91142cf0ad08d23c72dd195db2633c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a02e1404e27855089d2b0a0acc4652c2ce65fe46", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d1962f263a176f493400b8f91bfbf2bfedce951e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e79ff8c68acb1eddf709d3ac84716868f2a91012", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46933.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46933.json index f4bad0215a3..7825ebfafff 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46933.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46933.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46933", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T10:15:07.807", - "lastModified": "2024-02-27T14:20:06.637", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-04-10T18:36:47.927", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,39 +14,159 @@ "value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: usb: gadget: f_fs: Borrar ffs_eventfd en ffs_data_clear. ffs_data_clear se llama indirectamente desde ffs_fs_kill_sb y ffs_ep0_release, por lo que termina siendo llamado dos veces cuando el \u00e1rea de usuario cierra ep0 y luego desmonta f_fs. Si Userland proporcion\u00f3 un eventfd junto con los descriptores USB de la funci\u00f3n, termina llamando a eventfd_ctx_put tantas veces, provocando un desbordamiento insuficiente de recuento. NULL-ify ffs_eventfd para evitar estas llamadas extra\u00f1as eventfd_ctx_put. Adem\u00e1s, establezca epfiles en NULL justo despu\u00e9s de desasignarlo, para facilitar la lectura. Para completar, ffs_data_clear en realidad termina siendo llamado tres veces, la \u00faltima llamada es antes de que se libere toda la estructura de ffs, por lo que cuando ocurre esta secuencia espec\u00edfica, se produce un segundo desbordamiento insuficiente (pero no se informa): /sys/kernel/debug/tracing # modprobe usb_f_fs /sys/kernel/debug/tracing# echo ffs_data_clear > set_ftrace_filter /sys/kernel/debug/tracing# echo function > current_tracer /sys/kernel/debug/tracing# echo 1 > tracing_on (dispositivo de configuraci\u00f3n, funci\u00f3n ejecutar y finalizar proceso de usuario, dispositivo de desmontaje) /sys/kernel/debug/tracing# echo 0 > tracing_on /sys/kernel/debug/tracing# cat trace smartcard-openp-436 [000] ..... 1946.208786: ffs_data_clear <-ffs_data_closed tarjeta inteligente -openp-431 [000] ..... 1946.279147: ffs_data_clear <-ffs_data_closed smartcard-openp-431 [000] .n... 1946.905512: ffs_data_clear <-ffs_data_put Salida de advertencia correspondiente al seguimiento anterior: [ 1946.284139] ADVERTENCIA: CPU : 0 PID: 431 en lib/refcount.c:28 refcount_warn_saturate+0x110/0x15c [ 1946.293094] refcount_t: desbordamiento insuficiente; use-after-free. [1946.298164] M\u00f3dulos vinculados en: usb_f_ncm(E) u_ether(E) usb_f_fs(E) hci_uart(E) btqca(E) btrtl(E) btbcm(E) btintel(E) bluetooth(E) nls_ascii(E) nls_cp437(E ) vfat(E) fat(E) bcm2835_v4l2(CE) bcm2835_mmal_vchiq(CE) videobuf2_vmalloc(E) videobuf2_memops(E) sha512_generic(E) videobuf2_v4l2(E) sha512_arm(E) videobuf2_common(E) videodev(E) cpufreq_dt(E) snd_b cm2835 (CE) brcmfmac(E) mc(E) vc4(E) ctr(E) brcmutil(E) snd_soc_core(E) snd_pcm_dmaengine(E) drbg(E) snd_pcm(E) snd_timer(E) snd(E) soundcore(E ) drm_kms_helper(E) cec(E) ansi_cprng(E) rc_core(E) syscopyarea(E) raspberrypi_cpufreq(E) sysfillrect(E) sysimgblt(E) cfg80211(E) max17040_battery(OE) raspberrypi_hwmon(E) fb_sys_fops(E) regmap_i2c (E) ecdh_generic(E) rfkill(E) ecc(E) bcm2835_rng(E) rng_core(E) vchiq(CE) leds_gpio(E) libcomposite(E) fuse(E) configfs(E) ip_tables(E) x_tables(E ) autofs4(E) ext4(E) crc16(E) mbcache(E) jbd2(E) crc32c_generic(E) sdhci_iproc(E) sdhci_pltfm(E) sdhci(E) [ 1946.399633] CPU: 0 PID: 431 Comm: tarjeta inteligente- openp Contaminado: GC OE 5.15.0-1-rpi #1 Debian 5.15.3-1 [ 1946.417950] Nombre de hardware: BCM2835 [ 1946.425442] Seguimiento inverso: [ 1946.432048] [] (dump_backtrace) de [] ( show_stack+0x20/0x24) [ 1946.448226] r7:00000009 r6:0000001c r5:c04a948c r4:c0a64e2c [ 1946.458412] [] (show_stack) de [] (dump_ pila+0x28/0x30) [ 1946.470380] [< c08d9ab8>] (dump_stack) de [] (__warn+0xe8/0x154) [ 1946.482067] r5:c04a948c r4:c0a71dc8 [ 1946.490184] [] (__warn) de [] (warn_slowpath_fmt+0xa0/ 0xe4) [ 1946.506758] r7:00000009 r6:0000001c r5:c0a71dc8 r4:c0a71e04 [ 1946.517070] [] (warn_slowpath_fmt) de [] (refcount_war n_saturado+0x110/0x15c) [ 1946.535309] r8:c0100224 r7:c0dfcb84 r6:ffffffff r5:c3b84c00 r4:c24a17c0 [ 1946.546708] [] (refcount_warn_saturate) de [] (eventfd_ctx_put+0x48/0x74) [ 1946.564476] [] (eventfd_ctx_put) de [] (ffs_data_clear+0xd0/0x118 [usb_f_fs]) [ 1946.582664] r5:c3b84c00 r4:c2695b00 [ 1946.590668] [] (ffs_data_clear [usb_f_fs]) de [] ( ffs_data_closed+0x9c/0x150 [usb_f_fs]) [ 1946.609608] r5:bf54d014 r4:c2695b00 [ 1946.617522] [] (ffs_data_closed [usb_f_fs" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.0.0", + "versionEndExcluding": "4.4.298", + "matchCriteriaId": "C01E3FB6-531E-4ABC-BF95-6FADD48AE7E0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5.0", + "versionEndExcluding": "4.9.296", + "matchCriteriaId": "883CB22B-11DA-4D54-8121-3F5494EDBD4C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10.0", + "versionEndExcluding": "4.14.261", + "matchCriteriaId": "B5D4F856-5F69-4F4A-911F-50A21B9A68B6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15.0", + "versionEndExcluding": "4.19.224", + "matchCriteriaId": "B34A1353-506A-4AB9-87EC-CD50F09DFB8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20.0", + "versionEndExcluding": "5.4.170", + "matchCriteriaId": "56D16FBB-453E-4316-A027-E517828203D7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5.0", + "versionEndExcluding": "5.10.90", + "matchCriteriaId": "C87FB3FD-3E74-4588-A1A4-B9BA8AE0C06B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11.0", + "versionEndExcluding": "5.15.13", + "matchCriteriaId": "083E0940-932B-447B-A6B2-677DAE27FD04" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1c4ace3e6b8575745c50dca9e76e0021e697d645", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/240fc586e83d645912accce081a48aa63a45f6ee", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/33f6a0cbb7772146e1c11f38028fffbfed14728b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/52500239e3f2d6fc77b6f58632a9fb98fe74ac09", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b1e0887379422975f237d43d8839b751a6bcf154", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cc8c8028c21b2a3842a1e98e99e55028df275919", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ebef2aa29f370b5096c16020c104e393192ef684", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f976dd7011150244a7ba820f2c331e9fb253befa", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46934.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46934.json index d7675bfeda4..e1a063960b2 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46934.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46934.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46934", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T10:15:07.877", - "lastModified": "2024-02-27T14:20:06.637", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-04-10T18:19:53.630", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,27 +14,117 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i2c: validar datos de usuario en compat ioctl Los datos de usuario incorrectos pueden causar advertencia en i2c_transfer(), ej: cero mensajes. El espacio de usuario no deber\u00eda poder activar advertencias, por lo que este parche agrega comprobaciones de validaci\u00f3n para los datos del usuario en ioctl compacto para evitar advertencias reportadas." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-754" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15.0", + "versionEndExcluding": "4.19.224", + "matchCriteriaId": "B34A1353-506A-4AB9-87EC-CD50F09DFB8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20.0", + "versionEndExcluding": "5.4.170", + "matchCriteriaId": "56D16FBB-453E-4316-A027-E517828203D7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5.0", + "versionEndExcluding": "5.10.90", + "matchCriteriaId": "C87FB3FD-3E74-4588-A1A4-B9BA8AE0C06B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11.0", + "versionEndExcluding": "5.15.13", + "matchCriteriaId": "083E0940-932B-447B-A6B2-677DAE27FD04" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/407c8708fb1bf2d4afc5337ef50635cf540c364b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8d31cbab4c295d7010ebb729e9d02d0e9cece18f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9e4a3f47eff476097e0c7faac04d1831fc70237d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bb436283e25aaf1533ce061605d23a9564447bdf", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f68599581067e8a5a8901ba9eb270b4519690e26", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46935.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46935.json index 048ae043be7..50b47023640 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46935.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46935.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46935", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T10:15:07.957", - "lastModified": "2024-02-27T14:20:06.637", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-04-10T18:24:38.927", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,31 +14,131 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: binder: corrige la contabilidad async_free_space para paquetes vac\u00edos En 4.13, el commit 74310e06be4d (\"android: binder: mover el b\u00fafer fuera del \u00e1rea compartida con el espacio del usuario\") solucion\u00f3 un problema de visibilidad de la estructura del kernel. Como parte de ese parche, se us\u00f3 sizeof(void *) como tama\u00f1o de b\u00fafer para cargas de datos de longitud 0, de modo que el controlador pudiera detectar clientes abusivos que enviaran transacciones asincr\u00f3nicas de longitud 0 a un servidor imponiendo l\u00edmites en async_free_size. Desafortunadamente, en el lado \"libre\", la contabilidad de async_free_space no volvi\u00f3 a agregar el tama\u00f1o de (void *). El resultado fue que se filtraron hasta 8 bytes de async_free_space en cada transacci\u00f3n as\u00edncrona de 8 bytes o menos. Estas peque\u00f1as transacciones son poco comunes, por lo que este problema contable ha pasado desapercibido durante varios a\u00f1os. La soluci\u00f3n es utilizar \"buffer_size\" (el tama\u00f1o del b\u00fafer asignado) en lugar de \"size\" (el tama\u00f1o del b\u00fafer l\u00f3gico) al actualizar async_free_space durante la operaci\u00f3n libre. Son iguales excepto por este caso de esquina de transacciones asincr\u00f3nicas con payloads <8 bytes." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-668" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.14.0", + "versionEndExcluding": "4.14.261", + "matchCriteriaId": "D04E4F21-CE5F-4E9D-A182-492968E35204" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15.0", + "versionEndExcluding": "4.19.224", + "matchCriteriaId": "B34A1353-506A-4AB9-87EC-CD50F09DFB8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20.0", + "versionEndExcluding": "5.4.170", + "matchCriteriaId": "56D16FBB-453E-4316-A027-E517828203D7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5.0", + "versionEndExcluding": "5.10.90", + "matchCriteriaId": "C87FB3FD-3E74-4588-A1A4-B9BA8AE0C06B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11.0", + "versionEndExcluding": "5.15.13", + "matchCriteriaId": "083E0940-932B-447B-A6B2-677DAE27FD04" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/103b16a8c51f96d5fe063022869ea906c256e5da", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/17691bada6b2f1d5f1c0f6d28cd9d0727023b0ff", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1cb8444f3114f0bb2f6e3bcadcf09aa4a28425d4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2d2df539d05205fd83c404d5f2dff48d36f9b495", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7c7064402609aeb6fb11be1b4ec10673ff17b593", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cfd0d84ba28c18b531648c9d4a35ecca89ad9901", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46936.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46936.json index d6fc723440f..a5bdbbe8c36 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46936.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46936.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46936", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T10:15:08.017", - "lastModified": "2024-02-27T14:19:41.650", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-04-10T19:20:08.790", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,39 +14,159 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: corrige use-after-free en tw_timer_handler Se encontr\u00f3 un problema de p\u00e1nico en el mundo real como se muestra a continuaci\u00f3n en Linux 5.4. ERROR: no se puede manejar el error de p\u00e1gina para la direcci\u00f3n: ffffde49a863de28 PGD 7e6fe62067 P4D 7e6fe62067 PUD 7e6fe63067 PMD f51e064067 PTE 0 RIP: 0010:tw_timer_handler+0x20/0x40 Seguimiento de llamadas: call_timer_fn+0x2b/ 0x120 run_timer_softirq+0x1ef/0x450 __do_softirq+0x10d/ 0x2b8 irq_exit+0xc7/0xd0 smp_apic_timer_interrupt+0x68/0x120 apic_timer_interrupt+0xf/0x20 Este problema tambi\u00e9n se inform\u00f3 desde 2017 en el hilo [1], desafortunadamente, el problema a\u00fan se puede reproducir despu\u00e9s de corregir DCCP. ipv4_mib_exit_net se llama antes de tcp_sk_exit_batch cuando se destruye un espacio de nombres de red, ya que tcp_sk_ops est\u00e1 registrado antes de ipv4_mib_ops, lo que significa que tcp_sk_ops est\u00e1 al frente de ipv4_mib_ops en la lista de pernet_list. Habr\u00e1 un use-after-free en net->mib.net_statistics en tw_timer_handler despu\u00e9s de ipv4_mib_exit_net si hay algunos temporizadores de espera a bordo. Este error no se introduce mediante la confirmaci\u00f3n f2bf415cfed7 (\"mib: add net to NET_ADD_STATS_BH\") ya que net_statistics es una variable global en lugar de una asignaci\u00f3n y liberaci\u00f3n din\u00e1micas. En realidad, la confirmaci\u00f3n 61a7e26028b9 (\"mib: poner estad\u00edsticas de red en struct net\") introduce el error ya que coloca estad\u00edsticas de red en struct net y las libera cuando se destruye el espacio de nombres de red. Mover init_ipv4_mibs() al frente de tcp_init() para corregir este error y reemplazar pr_crit() con p\u00e1nico() ya que continuar no tiene sentido cuando init_ipv4_mibs() falla. [1] https://groups.google.com/g/syzkaller/c/p1tn-_Kc6l4/m/smuL_FMAAgAJ?pli=1" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.6.27", + "versionEndExcluding": "4.4.298", + "matchCriteriaId": "0B63EF4E-6C8F-4CCD-A30C-09E949BDD667" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5.0", + "versionEndExcluding": "4.9.296", + "matchCriteriaId": "883CB22B-11DA-4D54-8121-3F5494EDBD4C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10.0", + "versionEndExcluding": "4.14.261", + "matchCriteriaId": "B5D4F856-5F69-4F4A-911F-50A21B9A68B6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15.0", + "versionEndExcluding": "4.19.224", + "matchCriteriaId": "B34A1353-506A-4AB9-87EC-CD50F09DFB8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20.0", + "versionEndExcluding": "5.4.170", + "matchCriteriaId": "56D16FBB-453E-4316-A027-E517828203D7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5.0", + "versionEndExcluding": "5.10.90", + "matchCriteriaId": "C87FB3FD-3E74-4588-A1A4-B9BA8AE0C06B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11.0", + "versionEndExcluding": "5.15.13", + "matchCriteriaId": "083E0940-932B-447B-A6B2-677DAE27FD04" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/08eacbd141e2495d2fcdde84358a06c4f95cbb13", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/15579e1301f856ad9385d720c9267c11032a5022", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2386e81a1d277f540e1285565c9d41d531bb69d4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5c2fe20ad37ff56070ae0acb34152333976929b4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a8e1944b44f94f5c5f530e434c5eaee787254566", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e22e45fc9e41bf9fcc1e92cfb78eb92786728ef0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e73164e89d1be561228a4534e1091369ee4ba41a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fe5838c22b986c1190f1dce9aa09bf6a491c1a69", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46937.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46937.json index d0826d973e5..3de58064cd1 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46937.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46937.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46937", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T10:15:08.067", - "lastModified": "2024-02-27T14:19:41.650", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-04-10T18:59:16.507", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,15 +14,75 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/damon/dbgfs: corrige las fugas de 'struct pid' en 'dbgfs_target_ids_write()' La interfaz DAMON debugfs aumenta los recuentos de referencias de 'struct pid' para los objetivos de la escritura del archivo 'target_ids' devoluci\u00f3n de llamada ('dbgfs_target_ids_write()'), pero disminuye los recuentos solo en la devoluci\u00f3n de llamada de terminaci\u00f3n de monitoreo de DAMON ('dbgfs_before_terminate()'). Por lo tanto, cuando el archivo 'target_ids' se escribe repetidamente sin que DAMON supervise el inicio/terminaci\u00f3n, el recuento de referencias no disminuye y, por lo tanto, no se puede liberar memoria para 'struct pid'. Este commit soluciona este problema al disminuir el recuento de referencias cuando se escribe 'target_ids'." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-668" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15.0", + "versionEndExcluding": "5.15.13", + "matchCriteriaId": "8CC64BCA-D219-487C-A123-4C470FE30AB2" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/ebb3f994dd92f8fb4d70c7541091216c1e10cb71", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ffe4a1ba1a82c416a6b3a09d46594f6a885ae141", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46938.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46938.json index d2b79e970ee..896960ca90d 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46938.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46938.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46938", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T19:04:05.823", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-04-10T19:20:55.173", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,39 +14,159 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: dm rq: corrige la liberaci\u00f3n doble de blk_mq_tag_set en dev y se elimina despu\u00e9s de que falla la carga de la tabla Al cargar una tabla de mapeador de dispositivos para un dispositivo mapeado basado en solicitudes y la asignaci\u00f3n/inicializaci\u00f3n de blk_mq_tag_set Si el dispositivo falla, la siguiente eliminaci\u00f3n del dispositivo provocar\u00e1 una doble liberaci\u00f3n. Por ejemplo, (dmesg): mapeador de dispositivos: n\u00facleo: no se puede inicializar la cola para el dispositivo asignado dm-mq basado en solicitudes mapeador de dispositivos: ioctl: no se puede configurar la cola de dispositivos para una nueva tabla. No se puede manejar la desreferencia del puntero del kernel en el espacio de direcciones virtual del kernel Direcci\u00f3n fallida: 0305e098835de000 TEID: 0305e098835de803 Fallo en el modo de espacio de inicio mientras se usa el kernel ASCE. AS:000000025efe0007 R3:0000000000000024 Ups: 0038 ilc:3 [#1] M\u00f3dulos SMP vinculados en: ... muchos m\u00f3dulos ... Compatible: S\u00ed, CPU externa: 0 PID: 7348 Comm: multipathd Kdump: cargado Contaminado: GWX 5.3.18-53-default #1 SLE15-SP3 Nombre de hardware: IBM 8561 T01 7I2 (LPAR) Krnl PSW: 0704e00180000000 000000025e368eca (kfree+0x42/0x330) R:0 T:1 IO:1 EX:1 Clave:0 M :1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3 Krnl GPRS: 000000000000004a 000000025efe5230 c1773200d779968d 00000000000000000 000000025e520270 000000025 e8d1b40 0000000000000003 00000007aae10000 000000025e5202a2 0000000000000001 c1773200d779968d 0305e098835de640 00000007a8170000 0 00003ff80138650 000000025e5202a2 000003e00396faa8 C\u00f3digo Krnl: 000000025e368eb8: c4180041e100 lgrl % r1,25eba50b8 000000025e368ebe: ecba06b93a55 risbg %r11,%r10,6,185,58 #000000025e368ec4: e3b010000008 ag %r11,0(%r1) >000000025e368eca: e310 b0080004 lg %r1,8(%r11) 000000025e368ed0: a7110001 tmll %r1,1 000000025e368ed4: a7740129 brc 7,25e369126 000000025e368ed8: e320b0080004 lg %r2,8(%r11) 000000025e368ede: b904001b lgr %r1,%r11 Seguimiento de llamadas: [<0 00000025e368eca>] kfree+0x42/0x330 [<000000025e5202a2>] blk_mq_free_tag_set+0x72/ 0xb8 [<000003ff801316a8>] dm_mq_cleanup_mapped_device+0x38/0x50 [dm_mod] [<000003ff80120082>] free_dev+0x52/0xd0 [dm_mod] [<000003ff801233f0>] __dm_destroy+0x1 50/0x1d0 [dm_mod] [<000003ff8012bb9a>] dev_remove+0x162/0x1c0 [dm_mod] [<000003ff8012a988>] ctl_ioctl+0x198/0x478 [dm_mod] [<000003ff8012ac8a>] dm_ctl_ioctl+0x22/0x38 [dm_mod] [<000000025e3b11ee>] ksys_ioctl+0xbe /0xe0 [<000000025e3b127a>] __s390x_sys_ioctl+0x2a/0x40 [ <000000025e8c15ac>] system_call+0xd8/0x2c8 \u00daltima direcci\u00f3n del evento de \u00faltima hora: [<000000025e52029c>] blk_mq_free_tag_set+0x6c/0xb8 P\u00e1nico del kernel: no se sincroniza: excepci\u00f3n grave: p\u00e1nico_on_oops Cuando la asignaci\u00f3n/inicializaci\u00f3n de blk_mq_tag_set falla en d m_mq_init_request_queue(), no est\u00e1 inicializado/liberado, pero el puntero no se restablece a NULL; entonces, cuando dev_remove() ingresa m\u00e1s tarde a dm_mq_cleanup_mapped_device(), ve el puntero e intenta desinicializarlo y liberarlo nuevamente. Solucione este problema estableciendo el puntero en NULL en el manejo de errores dm_mq_init_request_queue(). Tambi\u00e9n config\u00farelo en NULL en dm_mq_cleanup_mapped_device()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-415" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.6.0", + "versionEndExcluding": "4.9.269", + "matchCriteriaId": "487E21A9-6030-4B46-AFC1-E100B4C43057" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10.0", + "versionEndExcluding": "4.14.233", + "matchCriteriaId": "20505383-2EB8-41EF-A91B-F185B4FB81DF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15.0", + "versionEndExcluding": "4.19.191", + "matchCriteriaId": "B7281E1E-A00B-49C0-A849-9CE1CE780227" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20.0", + "versionEndExcluding": "5.4.118", + "matchCriteriaId": "5670AEA3-082C-42D6-A067-CD9ECED4B84B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5.0", + "versionEndExcluding": "5.10.36", + "matchCriteriaId": "C7148769-B830-4B8F-986F-E0C85A19FC7F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11.0", + "versionEndExcluding": "5.11.20", + "matchCriteriaId": "EFB425F0-C28C-4B44-8B4C-AD512AA832DE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12.0", + "versionEndExcluding": "5.12.3", + "matchCriteriaId": "C3814FA3-8141-4313-A852-8C4212BE12AD" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1cb02dc76f4c0a2749a02b26469512d6984252e9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6086f957416a6e87236c06079fcaba7a3998aeca", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/772b9f59657665af3b68d24d12b9d172d31f0dfb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8ae0185255eaf05bd66f4215c81e99bf01140fd9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8e947c8f4a5620df77e43c9c75310dc510250166", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a992a283c0b77d0a7c2c348add0e6a21fb1dab67", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b42c0a33dfdd451d9be62dd5de58c39f2750b6e3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d757bf4c69cda3c3ab7f775dfabbf5a80e2f6f9d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46939.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46939.json index ff335c1cca0..657c828e551 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46939.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46939.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46939", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T19:04:05.873", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-04-10T19:49:03.580", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,43 +14,173 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: rastreo: reestructurar trace_clock_global() para no bloquear nunca. Se inform\u00f3 que una soluci\u00f3n a la detecci\u00f3n de recursividad del b\u00fafer circular provocar\u00eda que la m\u00e1quina se bloqueara al realizar pruebas de suspensi\u00f3n/reanudaci\u00f3n. El siguiente seguimiento se extrajo de la depuraci\u00f3n de ese caso: Call Trace: trace_clock_global+0x91/0xa0 __rb_reserve_next+0x237/0x460 ring_buffer_lock_reserve+0x12a/0x3f0 trace_buffer_lock_reserve+0x10/0x50 __trace_graph_return+0x1f/0x80 trace_graph_return+0xb7 /0xf0? trace_clock_global+0x91/0xa0 ftrace_return_to_handler+0x8b/0xf0 ? pv_hash+0xa0/0xa0 return_to_handler+0x15/0x30 ? ftrace_graph_caller+0xa0/0xa0? trace_clock_global+0x91/0xa0? __rb_reserve_next+0x237/0x460? ring_buffer_lock_reserve+0x12a/0x3f0? trace_event_buffer_lock_reserve+0x3c/0x120? trace_event_buffer_reserve+0x6b/0xc0? trace_event_raw_event_device_pm_callback_start+0x125/0x2d0? dpm_run_callback+0x3b/0xc0? pm_ops_is_empty+0x50/0x50? platform_get_irq_byname_opcional+0x90/0x90? trace_device_pm_callback_start+0x82/0xd0? dpm_run_callback+0x49/0xc0 Con el siguiente RIP: RIP: 0010:native_queued_spin_lock_slowpath+0x69/0x200 Dado que la soluci\u00f3n a la detecci\u00f3n de recursi\u00f3n permitir\u00eda que ocurriera una sola recursi\u00f3n durante el seguimiento, esto llev\u00f3 a trace_clock_global() a tomar un bloqueo de giro y luego intentarlo para tomarlo de nuevo: ring_buffer_lock_reserve() { trace_clock_global() { arch_spin_lock() { queued_spin_lock_slowpath() { /* bloqueo tomado */ (algo m\u00e1s es rastreado por la funci\u00f3n de seguimiento del gr\u00e1fico) ring_buffer_lock_reserve() { trace_clock_global() { arch_spin_lock() { queued_spin_lock_slowpath () { /* \u00a1BLOQUEO MUERTO! */ El rastreo *nunca* debe bloquearse, ya que puede provocar bloqueos extra\u00f1os como el anterior. Reestructura el c\u00f3digo trace_clock_global() para que, en lugar de simplemente tomar un bloqueo para actualizar el \"prev_time\" registrado, simplemente lo uses, ya que dos eventos suceden en dos CPU diferentes que llaman a esto al mismo tiempo, realmente no importa cu\u00e1l va primero. Utilice un trylock para obtener el bloqueo para actualizar prev_time y, si falla, simplemente int\u00e9ntelo de nuevo la pr\u00f3xima vez. Si no se pudo tomar, eso significa que algo m\u00e1s ya lo est\u00e1 actualizando. Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=212761" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-662" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.6.30", + "versionEndExcluding": "4.4.269", + "matchCriteriaId": "08CFB593-6583-4E68-8BFB-9326D7B17183" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5.0", + "versionEndExcluding": "4.9.269", + "matchCriteriaId": "8413F613-F1EE-430D-9972-52EEF6C49672" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10.0", + "versionEndExcluding": "4.14.233", + "matchCriteriaId": "20505383-2EB8-41EF-A91B-F185B4FB81DF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15.0", + "versionEndExcluding": "4.19.191", + "matchCriteriaId": "B7281E1E-A00B-49C0-A849-9CE1CE780227" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20.0", + "versionEndExcluding": "5.4.118", + "matchCriteriaId": "5670AEA3-082C-42D6-A067-CD9ECED4B84B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5.0", + "versionEndExcluding": "5.10.36", + "matchCriteriaId": "C7148769-B830-4B8F-986F-E0C85A19FC7F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11.0", + "versionEndExcluding": "5.11.20", + "matchCriteriaId": "EFB425F0-C28C-4B44-8B4C-AD512AA832DE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12.0", + "versionEndExcluding": "5.12.3", + "matchCriteriaId": "C3814FA3-8141-4313-A852-8C4212BE12AD" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1fca00920327be96f3318224f502e4d5460f9545", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2a1bd74b8186d7938bf004f5603f25b84785f63e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6e2418576228eeb12e7ba82edb8f9500623942ff", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/859b47a43f5a0e5b9a92b621dc6ceaad39fb5c8b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/91ca6f6a91f679c8645d7f3307e03ce86ad518c4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a33614d52e97fc8077eb0b292189ca7d964cc534", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/aafe104aa9096827a429bc1358f8260ee565b7cc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c64da3294a7d59a4bf6874c664c13be892f15f44", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d43d56dbf452ccecc1ec735cd4b6840118005d7c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46940.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46940.json index eac254643c4..2a4525f92ee 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46940.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46940.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46940", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T19:04:05.927", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-04-10T19:44:37.227", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,23 +14,103 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: herramientas/turbostat de potencia: soluciona el problema de desbordamiento de compensaci\u00f3n en la conversi\u00f3n de \u00edndice. La funci\u00f3n idx_to_offset() devuelve el tipo int (32 bits firmado), pero MSR_PKG_ENERGY_STAT es u32 y se interpretar\u00eda como negativo. n\u00famero. El resultado final es que alcanza la verificaci\u00f3n if (offset < 0) en update_msr_sum(), lo que evita que la devoluci\u00f3n de llamada del temporizador actualice la estad\u00edstica en segundo plano cuando se utilizan duraciones prolongadas. Existe un problema similar en offset_to_idx() y update_msr_sum(). Solucione este problema convirtiendo 'int' a 'off_t' en consecuencia." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10.0", + "versionEndExcluding": "5.10.36", + "matchCriteriaId": "4E778606-3A80-42DD-996C-5570B1192986" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11.0", + "versionEndExcluding": "5.11.20", + "matchCriteriaId": "EFB425F0-C28C-4B44-8B4C-AD512AA832DE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12.0", + "versionEndExcluding": "5.12.3", + "matchCriteriaId": "C3814FA3-8141-4313-A852-8C4212BE12AD" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/13a779de4175df602366d129e41782ad7168cef0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/337b1546cde87fb8588ddaedf0201b769baa572a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/dbdf22fc825fdb1d97f23230064e0f9819471628", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ea6803ff2cd1a2d7d880256bf562172b708a76ff", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46941.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46941.json index d9b9a80fb0e..60b4c619ee7 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46941.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46941.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46941", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T19:04:05.970", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-04-10T19:42:17.610", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,23 +14,103 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: dwc3: core: Realiza un reinicio suave del n\u00facleo al cambiar de modo Seg\u00fan la gu\u00eda de programaci\u00f3n, para cambiar el modo del controlador DRD, el controlador debe hacer lo siguiente. Para cambiar de dispositivo a host: 1. Reinicie el controlador con GCTL.CoreSoftReset 2. Configure GCTL.PrtCapDir (modo de host) 3. Reinicie el host con USBCMD.HCRESET 4. Luego siga con la secuencia de inicializaci\u00f3n de registros del host Para cambiar de host a dispositivo: 1. Reinicie el controlador con GCTL.CoreSoftReset 2. Configure GCTL.PrtCapDir (modo de dispositivo) 3. Reinicie el dispositivo con DCTL.CSftRst 4. Luego siga con la secuencia de inicializaci\u00f3n de registros Actualmente nos falta el paso 1) para hacer GCTL .CoreSoftReset y paso 3) de cambio de host a dispositivo. John Stult inform\u00f3 un problema de bloqueo observado con la plataforma HiKey960 sin estos pasos[1]. Se observa un problema similar con la plataforma de pruebas de Ferry[2]. Entonces, aplique los pasos requeridos junto con algunas correcciones a la versi\u00f3n de Yu Chen y John Stultz. Las principales correcciones a sus versiones son la falta de espera para la sincronizaci\u00f3n de los relojes antes de borrar GCTL.CoreSoftReset y solo aplicar DCTL.CSftRst al cambiar de host a dispositivo. [1] https://lore.kernel.org/linux-usb/20210108015115.27920-1-john.stultz@linaro.org/ [2] https://lore.kernel.org/linux-usb/0ba7a6ba-e6a7- 9cd4-0695-64fc927e01f1@gmail.com/" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.12.0", + "versionEndExcluding": "5.10.36", + "matchCriteriaId": "2467C736-2ED6-4BF9-AB1F-D95FFB0AB0A0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11.0", + "versionEndExcluding": "5.11.20", + "matchCriteriaId": "EFB425F0-C28C-4B44-8B4C-AD512AA832DE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12.0", + "versionEndExcluding": "5.12.3", + "matchCriteriaId": "C3814FA3-8141-4313-A852-8C4212BE12AD" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1c10fd60c8595ea7ff7e29d3cf1fa88069941da3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/800f58217626c8b147aa40660e572ed8a0d56e3b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f88359e1588b85cf0e8209ab7d6620085f3441d9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fce7bbcd07d59ac30dba8ce225316b3b4c1c7b50", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46942.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46942.json index c152790b7f6..a60fd1d681f 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46942.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46942.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46942", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T19:04:06.017", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-04-10T19:56:14.227", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,15 +14,75 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: io_uring: corrige bloqueos de cancelaci\u00f3n de sqpoll compartido [736.982891] INFORMACI\u00d3N: tarea iou-sqp-4294:4295 bloqueada durante m\u00e1s de 122 segundos. [ 736.982897] Seguimiento de llamadas: [ 736.982901] agenda+0x68/0xe0 [ 736.982903] io_uring_cancel_sqpoll+0xdb/0x110 [ 736.982908] io_sqpoll_cancel_cb+0x24/0x30 [ 736.982911] io_run_task_work_head+0x28/0x50 [ 736.982913] io_sq_thread+0x4e3/0x720 Llamamos a io_uring_cancel_sqpoll( ) uno por uno para cada ctx, ya sea en sq_thread() o mediante tareas, y est\u00e1 destinado a cancelar todas las solicitudes de un contexto espec\u00edfico. Sin embargo, la funci\u00f3n utiliza contadores por tarea para rastrear la cantidad de solicitudes en curso, por lo que cuenta m\u00e1s solicitudes de las disponibles a trav\u00e9s de currect io_uring ctx y se pone en suspensi\u00f3n para que aparezcan (por ejemplo, desde IRQ), eso nunca suceder\u00e1. Cancele un poco m\u00e1s que antes, es decir, todos los ctx que comparten sqpoll y contin\u00faan usando contadores compartidos. No olvide que no debemos eliminar ctx de la lista antes de ejecutar task_work sqpoll-cancel; de lo contrario, la funci\u00f3n no podr\u00e1 encontrar el contexto y se bloquear\u00e1." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12.0", + "versionEndExcluding": "5.12.3", + "matchCriteriaId": "C3814FA3-8141-4313-A852-8C4212BE12AD" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/734551df6f9bedfbefcd113ede665945e9de0b99", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cb5e0b3d0f993a6268c1a2c7ede2f9aa0c17ef68", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46943.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46943.json index bf93dae2b19..a853ccda5a1 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46943.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46943.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46943", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T19:04:06.063", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-04-10T19:54:14.133", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,27 +14,117 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: medios: staging/intel-ipu3: Corrija el manejo de errores set_fmt Si ocurre un error durante un set_fmt, no sobrescriba los tama\u00f1os anteriores con la configuraci\u00f3n no v\u00e1lida. Sin este parche, el cumplimiento de v4l2 termina asignando 4 GiB de RAM y provocando los siguientes OOP [38.662975] ipu3-imgu 0000:00:05.0: el b\u00fafer swiotlb est\u00e1 lleno (sz: 4096 bytes) [38.662980] DMA: Fuera de SW-IOMMU espacio para 4096 bytes en el dispositivo 0000:00:05.0 [38.663010] falla de protecci\u00f3n general: 0000 [#1] PREEMPT SMP" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-131" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.2.0", + "versionEndExcluding": "5.4.118", + "matchCriteriaId": "5D320A21-D672-45FD-B78C-393AED970627" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5.0", + "versionEndExcluding": "5.10.36", + "matchCriteriaId": "C7148769-B830-4B8F-986F-E0C85A19FC7F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11.0", + "versionEndExcluding": "5.11.20", + "matchCriteriaId": "EFB425F0-C28C-4B44-8B4C-AD512AA832DE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12.0", + "versionEndExcluding": "5.12.3", + "matchCriteriaId": "C3814FA3-8141-4313-A852-8C4212BE12AD" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/34892ea938387d83ffcfb7775ec55f0f80767916", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6fb617e37a39db0a3eca4489431359d0bdf3b9bc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a03fb1e8a110658215a4cefc3e2ad53279e496a6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ad91849996f9dd79741a961fd03585a683b08356", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c6b81b897f6f9445d57f8d47c4e060ec21556137", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46944.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46944.json index cf45c12b28e..839d9fd4541 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46944.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46944.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46944", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T19:04:06.143", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-04-10T19:53:31.403", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,27 +14,117 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: medios: staging/intel-ipu3: Reparar p\u00e9rdida de memoria en imu_fmt Estamos perdiendo la referencia a una memoria asignada si lo intentamos. Cambie el orden del cheque para evitarlo." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.2.0", + "versionEndExcluding": "5.4.118", + "matchCriteriaId": "5D320A21-D672-45FD-B78C-393AED970627" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5.0", + "versionEndExcluding": "5.10.36", + "matchCriteriaId": "C7148769-B830-4B8F-986F-E0C85A19FC7F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11.0", + "versionEndExcluding": "5.11.20", + "matchCriteriaId": "EFB425F0-C28C-4B44-8B4C-AD512AA832DE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12.0", + "versionEndExcluding": "5.12.3", + "matchCriteriaId": "C3814FA3-8141-4313-A852-8C4212BE12AD" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/14d0e99c3ef6b0648535a31bf2eaabb4eff97b9e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3630901933afba1d16c462b04d569b7576339223", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/517f6f570566a863c2422b843c8b7d099474f6a9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/74ba0adb5e983503b18a96121d965cad34ac7ce3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ff792ae52005c85a2d829c153e08d99a356e007d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47181.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47181.json new file mode 100644 index 00000000000..481f646d73b --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47181.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2021-47181", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:47.180", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: musb: tusb6010: check return value after calling platform_get_resource()\n\nIt will cause null-ptr-deref if platform_get_resource() returns NULL,\nwe need check the return value." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/06cfb4cb2241e704d72e3045cf4d7dfb567fbce0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/14651496a3de6807a17c310f63c894ea0c5d858e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1ba7605856e05fa991d4654ac69e5ace66c767b9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/28be095eb612a489705d38c210afaf1103c5f4f8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3ee15f1af17407be381bcf06a78fa60b471242dd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/679eee466d0f9ffa60a2b0c6ec19be5128927f04", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b3f43659eb0b9af2e6ef18a8d829374610b19e7a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f87a79c04a33ab4e5be598c7b0867e6ef193d702", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47182.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47182.json new file mode 100644 index 00000000000..2e1e2c06aa8 --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47182.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47182", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:47.243", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix scsi_mode_sense() buffer length handling\n\nSeveral problems exist with scsi_mode_sense() buffer length handling:\n\n 1) The allocation length field of the MODE SENSE(10) command is 16-bits,\n occupying bytes 7 and 8 of the CDB. With this command, access to mode\n pages larger than 255 bytes is thus possible. However, the CDB\n allocation length field is set by assigning len to byte 8 only, thus\n truncating buffer length larger than 255.\n\n 2) If scsi_mode_sense() is called with len smaller than 8 with\n sdev->use_10_for_ms set, or smaller than 4 otherwise, the buffer length\n is increased to 8 and 4 respectively, and the buffer is zero filled\n with these increased values, thus corrupting the memory following the\n buffer.\n\nFix these 2 problems by using put_unaligned_be16() to set the allocation\nlength field of MODE SENSE(10) CDB and by returning an error when len is\ntoo small.\n\nFurthermore, if len is larger than 255B, always try MODE SENSE(10) first,\neven if the device driver did not set sdev->use_10_for_ms. In case of\ninvalid opcode error for MODE SENSE(10), access to mode pages larger than\n255 bytes are not retried using MODE SENSE(6). To avoid buffer length\noverflows for the MODE_SENSE(10) case, check that len is smaller than 65535\nbytes.\n\nWhile at it, also fix the folowing:\n\n * Use get_unaligned_be16() to retrieve the mode data length and block\n descriptor length fields of the mode sense reply header instead of using\n an open coded calculation.\n\n * Fix the kdoc dbd argument explanation: the DBD bit stands for Disable\n Block Descriptor, which is the opposite of what the dbd argument\n description was." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/17b49bcbf8351d3dbe57204468ac34f033ed60bc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e15de347faf4a9f494cbd4e9a623d343dc1b5851", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47183.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47183.json new file mode 100644 index 00000000000..bc9e8078913 --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47183.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47183", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:47.287", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix link down processing to address NULL pointer dereference\n\nIf an FC link down transition while PLOGIs are outstanding to fabric well\nknown addresses, outstanding ABTS requests may result in a NULL pointer\ndereference. Driver unload requests may hang with repeated \"2878\" log\nmessages.\n\nThe Link down processing results in ABTS requests for outstanding ELS\nrequests. The Abort WQEs are sent for the ELSs before the driver had set\nthe link state to down. Thus the driver is sending the Abort with the\nexpectation that an ABTS will be sent on the wire. The Abort request is\nstalled waiting for the link to come up. In some conditions the driver may\nauto-complete the ELSs thus if the link does come up, the Abort completions\nmay reference an invalid structure.\n\nFix by ensuring that Abort set the flag to avoid link traffic if issued due\nto conditions where the link failed." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1854f53ccd88ad4e7568ddfafafffe71f1ceb0a6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/28de48a7cea495ab48082d9ff4ef63f7cb4e563a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47184.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47184.json new file mode 100644 index 00000000000..682d9ca6d6b --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47184.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2021-47184", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:47.333", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix NULL ptr dereference on VSI filter sync\n\nRemove the reason of null pointer dereference in sync VSI filters.\nAdded new I40E_VSI_RELEASING flag to signalize deleting and releasing\nof VSI resources to sync this thread with sync filters subtask.\nWithout this patch it is possible to start update the VSI filter list\nafter VSI is removed, that's causing a kernel oops." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/37d9e304acd903a445df8208b8a13d707902dea6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/78f2a9e831f9610e3655a0be5e675e1aa2472089", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/87c421ab4a43433cb009fea44bbbc77f46913e1d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c30162da91327e4cdf7cd03079f096bb3654738c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e91e8427a1e1633a0261e3bb0201c836ac5b3890", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f866513ead4370402428ef724b03c3312295c178", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47185.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47185.json new file mode 100644 index 00000000000..cceb8d4141d --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47185.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2021-47185", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:47.383", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: tty_buffer: Fix the softlockup issue in flush_to_ldisc\n\nWhen running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup,\nwhich look like this one:\n\n Workqueue: events_unbound flush_to_ldisc\n Call trace:\n dump_backtrace+0x0/0x1ec\n show_stack+0x24/0x30\n dump_stack+0xd0/0x128\n panic+0x15c/0x374\n watchdog_timer_fn+0x2b8/0x304\n __run_hrtimer+0x88/0x2c0\n __hrtimer_run_queues+0xa4/0x120\n hrtimer_interrupt+0xfc/0x270\n arch_timer_handler_phys+0x40/0x50\n handle_percpu_devid_irq+0x94/0x220\n __handle_domain_irq+0x88/0xf0\n gic_handle_irq+0x84/0xfc\n el1_irq+0xc8/0x180\n slip_unesc+0x80/0x214 [slip]\n tty_ldisc_receive_buf+0x64/0x80\n tty_port_default_receive_buf+0x50/0x90\n flush_to_ldisc+0xbc/0x110\n process_one_work+0x1d4/0x4b0\n worker_thread+0x180/0x430\n kthread+0x11c/0x120\n\nIn the testcase pty04, The first process call the write syscall to send\ndata to the pty master. At the same time, the workqueue will do the\nflush_to_ldisc to pop data in a loop until there is no more data left.\nWhen the sender and workqueue running in different core, the sender sends\ndata fastly in full time which will result in workqueue doing work in loop\nfor a long time and occuring softlockup in flush_to_ldisc with kernel\nconfigured without preempt. So I add need_resched check and cond_resched\nin the flush_to_ldisc loop to avoid it." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0380f643f3a7a61b0845cdc738959c2ad5735d61", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3968ddcf05fb4b9409cd1859feb06a5b0550a1c1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4c1623651a0936ee197859824cdae6ebbd04d3ed", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4f300f47dbcf9c3d4b2ea76c8554c8f360400725", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5c34486f04700f1ba04907231dce0cc2705c2d7d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/77e9fed33056f2a88eba9dd4d2d5412f0c7d1f41", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b1ffc16ec05ae40d82b6e373322d62e9d6b54fbc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d491c84df5c469dd9621863b6a770b3428137063", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47186.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47186.json new file mode 100644 index 00000000000..ffeb09a4492 --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47186.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2021-47186", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:47.430", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: check for null after calling kmemdup\n\nkmemdup can return a null pointer so need to check for it, otherwise\nthe null key will be dereferenced later in tipc_crypto_key_xmit as\ncan be seen in the trace [1].\n\n\n[1] https://syzkaller.appspot.com/bug?id=bca180abb29567b189efdbdb34cbf7ba851c2a58" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/3e6db079751afd527bf3db32314ae938dc571916", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9404c4145542c23019a80ab1bb2ecf73cd057b10", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a7d91625863d4ffed63b993b5e6dc1298b6430c9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47187.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47187.json new file mode 100644 index 00000000000..a9ba1713cbb --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47187.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2021-47187", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:47.480", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency\n\nThe entry/exit latency and minimum residency in state for the idle\nstates of MSM8998 were ..bad: first of all, for all of them the\ntimings were written for CPU sleep but the min-residency-us param\nwas miscalculated (supposedly, while porting this from downstream);\nThen, the power collapse states are setting PC on both the CPU\ncluster *and* the L2 cache, which have different timings: in the\nspecific case of L2 the times are higher so these ones should be\ntaken into account instead of the CPU ones.\n\nThis parameter misconfiguration was not giving particular issues\nbecause on MSM8998 there was no CPU scaling at all, so cluster/L2\npower collapse was rarely (if ever) hit.\nWhen CPU scaling is enabled, though, the wrong timings will produce\nSoC unstability shown to the user as random, apparently error-less,\nsudden reboots and/or lockups.\n\nThis set of parameters are stabilizing the SoC when CPU scaling is\nON and when power collapse is frequently hit." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/118c826ef8b43efe0fda8faf419673707ee8c5e5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3f1dcaff642e75c1d2ad03f783fa8a3b1f56dd50", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a14d7038ea201c5526375becfc43b9ba281b1e82", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e52fecdd0c142b95c720683885b06ee3f0e065c8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47188.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47188.json new file mode 100644 index 00000000000..20df69bdfee --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47188.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47188", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:47.527", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Improve SCSI abort handling\n\nThe following has been observed on a test setup:\n\nWARNING: CPU: 4 PID: 250 at drivers/scsi/ufs/ufshcd.c:2737 ufshcd_queuecommand+0x468/0x65c\nCall trace:\n ufshcd_queuecommand+0x468/0x65c\n scsi_send_eh_cmnd+0x224/0x6a0\n scsi_eh_test_devices+0x248/0x418\n scsi_eh_ready_devs+0xc34/0xe58\n scsi_error_handler+0x204/0x80c\n kthread+0x150/0x1b4\n ret_from_fork+0x10/0x30\n\nThat warning is triggered by the following statement:\n\n\tWARN_ON(lrbp->cmd);\n\nFix this warning by clearing lrbp->cmd from the abort handler." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/3ff1f6b6ba6f97f50862aa50e79959cc8ddc2566", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c36baca06efa833adaefba61f45fefdc49b6d070", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47189.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47189.json new file mode 100644 index 00000000000..10035ef75d0 --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47189.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2021-47189", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:47.570", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix memory ordering between normal and ordered work functions\n\nOrdered work functions aren't guaranteed to be handled by the same thread\nwhich executed the normal work functions. The only way execution between\nnormal/ordered functions is synchronized is via the WORK_DONE_BIT,\nunfortunately the used bitops don't guarantee any ordering whatsoever.\n\nThis manifested as seemingly inexplicable crashes on ARM64, where\nasync_chunk::inode is seen as non-null in async_cow_submit which causes\nsubmit_compressed_extents to be called and crash occurs because\nasync_chunk::inode suddenly became NULL. The call trace was similar to:\n\n pc : submit_compressed_extents+0x38/0x3d0\n lr : async_cow_submit+0x50/0xd0\n sp : ffff800015d4bc20\n\n \n\n Call trace:\n submit_compressed_extents+0x38/0x3d0\n async_cow_submit+0x50/0xd0\n run_ordered_work+0xc8/0x280\n btrfs_work_helper+0x98/0x250\n process_one_work+0x1f0/0x4ac\n worker_thread+0x188/0x504\n kthread+0x110/0x114\n ret_from_fork+0x10/0x18\n\nFix this by adding respective barrier calls which ensure that all\naccesses preceding setting of WORK_DONE_BIT are strictly ordered before\nsetting the flag. At the same time add a read barrier after reading of\nWORK_DONE_BIT in run_ordered_work which ensures all subsequent loads\nwould be strictly ordered after reading the bit. This in turn ensures\nare all accesses before WORK_DONE_BIT are going to be strictly ordered\nbefore any access that can occur in ordered_func." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/45da9c1767ac31857df572f0a909fbe88fd5a7e9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/47e6f9f69153247109042010f3a77579e9dc61ff", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/637d652d351fd4f263ef302dc52f3971d314e500", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/670f6b3867c8f0f11e5097f353b164cecfec6179", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6adbc07ebcaf8bead08b21687d49e0fc94400987", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/804a9d239ae9cbe88e861a7cd62319cc6ec7b136", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bd660a20fea3ec60a49709ef5360f145ec0fe779", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ed058d735a70f4b063323f1a7bb33cda0f987513", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47190.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47190.json new file mode 100644 index 00000000000..a52ca1088d3 --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47190.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2021-47190", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:47.617", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf bpf: Avoid memory leak from perf_env__insert_btf()\n\nperf_env__insert_btf() doesn't insert if a duplicate BTF id is\nencountered and this causes a memory leak. Modify the function to return\na success/error value and then free the memory if insertion didn't\nhappen.\n\nv2. Adds a return -1 when the insertion error occurs in\n perf_env__fetch_btf. This doesn't affect anything as the result is\n never checked." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/11589d3144bc4e272e0aae46ce8156162e99babc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4924b1f7c46711762fd0e65c135ccfbcfd6ded1f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/642fc22210a5e59d40b1e4d56d21ec3effd401f2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ab7c3d8d81c511ddfb27823fb07081c96422b56e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47191.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47191.json new file mode 100644 index 00000000000..69ffa0ab10f --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47191.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2021-47191", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:47.663", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: scsi_debug: Fix out-of-bound read in resp_readcap16()\n\nThe following warning was observed running syzkaller:\n\n[ 3813.830724] sg_write: data in/out 65466/242 bytes for SCSI command 0x9e-- guessing data in;\n[ 3813.830724] program syz-executor not setting count and/or reply_len properly\n[ 3813.836956] ==================================================================\n[ 3813.839465] BUG: KASAN: stack-out-of-bounds in sg_copy_buffer+0x157/0x1e0\n[ 3813.841773] Read of size 4096 at addr ffff8883cf80f540 by task syz-executor/1549\n[ 3813.846612] Call Trace:\n[ 3813.846995] dump_stack+0x108/0x15f\n[ 3813.847524] print_address_description+0xa5/0x372\n[ 3813.848243] kasan_report.cold+0x236/0x2a8\n[ 3813.849439] check_memory_region+0x240/0x270\n[ 3813.850094] memcpy+0x30/0x80\n[ 3813.850553] sg_copy_buffer+0x157/0x1e0\n[ 3813.853032] sg_copy_from_buffer+0x13/0x20\n[ 3813.853660] fill_from_dev_buffer+0x135/0x370\n[ 3813.854329] resp_readcap16+0x1ac/0x280\n[ 3813.856917] schedule_resp+0x41f/0x1630\n[ 3813.858203] scsi_debug_queuecommand+0xb32/0x17e0\n[ 3813.862699] scsi_dispatch_cmd+0x330/0x950\n[ 3813.863329] scsi_request_fn+0xd8e/0x1710\n[ 3813.863946] __blk_run_queue+0x10b/0x230\n[ 3813.864544] blk_execute_rq_nowait+0x1d8/0x400\n[ 3813.865220] sg_common_write.isra.0+0xe61/0x2420\n[ 3813.871637] sg_write+0x6c8/0xef0\n[ 3813.878853] __vfs_write+0xe4/0x800\n[ 3813.883487] vfs_write+0x17b/0x530\n[ 3813.884008] ksys_write+0x103/0x270\n[ 3813.886268] __x64_sys_write+0x77/0xc0\n[ 3813.886841] do_syscall_64+0x106/0x360\n[ 3813.887415] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nThis issue can be reproduced with the following syzkaller log:\n\nr0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\\x00', 0x26e1, 0x0)\nr1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fd/3\\x00')\nopen_by_handle_at(r1, &(0x7f00000003c0)=ANY=[@ANYRESHEX], 0x602000)\nr2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40782)\nwrite$binfmt_aout(r2, &(0x7f0000000340)=ANY=[@ANYBLOB=\"00000000deff000000000000000000000000000000000000000000000000000047f007af9e107a41ec395f1bded7be24277a1501ff6196a83366f4e6362bc0ff2b247f68a972989b094b2da4fb3607fcf611a22dd04310d28c75039d\"], 0x126)\n\nIn resp_readcap16() we get \"int alloc_len\" value -1104926854, and then pass\nthe huge arr_len to fill_from_dev_buffer(), but arr is only 32 bytes. This\nleads to OOB in sg_copy_buffer().\n\nTo solve this issue, define alloc_len as u32." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/3e20cb072679bdb47747ccc8bee3233a4cf0765a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4e3ace0051e7e504b55d239daab8789dd89b863c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5b8bed6464ad6653586e30df046185fd816ad999", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47192.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47192.json new file mode 100644 index 00000000000..a5bb5fa4ccc --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47192.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2021-47192", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:47.710", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: sysfs: Fix hang when device state is set via sysfs\n\nThis fixes a regression added with:\n\ncommit f0f82e2476f6 (\"scsi: core: Fix capacity set to zero after\nofflinining device\")\n\nThe problem is that after iSCSI recovery, iscsid will call into the kernel\nto set the dev's state to running, and with that patch we now call\nscsi_rescan_device() with the state_mutex held. If the SCSI error handler\nthread is just starting to test the device in scsi_send_eh_cmnd() then it's\ngoing to try to grab the state_mutex.\n\nWe are then stuck, because when scsi_rescan_device() tries to send its I/O\nscsi_queue_rq() calls -> scsi_host_queue_ready() -> scsi_host_in_recovery()\nwhich will return true (the host state is still in recovery) and I/O will\njust be requeued. scsi_send_eh_cmnd() will then never be able to grab the\nstate_mutex to finish error handling.\n\nTo prevent the deadlock move the rescan-related code to after we drop the\nstate_mutex.\n\nThis also adds a check for if we are already in the running state. This\nprevents extra scans and helps the iscsid case where if the transport class\nhas already onlined the device during its recovery process then we don't\nneed userspace to do it again plus possibly block that daemon." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/4edd8cd4e86dd3047e5294bbefcc0a08f66a430f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a792e0128d232251edb5fdf42fb0f9fbb0b44a73", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bcc0e3175a976b7fa9a353960808adb0bb49ead8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/edd783162bf2385b43de6764f2d4c6e9f4f6be27", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47193.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47193.json new file mode 100644 index 00000000000..1f9eb39a2d1 --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47193.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47193", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:47.757", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: pm80xx: Fix memory leak during rmmod\n\nDriver failed to release all memory allocated. This would lead to memory\nleak during driver removal.\n\nProperly free memory when the module is removed." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/269a4311b15f68d24e816f43f123888f241ed13d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/51e6ed83bb4ade7c360551fa4ae55c4eacea354b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47194.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47194.json new file mode 100644 index 00000000000..f0b11573fbe --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47194.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2021-47194", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:47.807", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncfg80211: call cfg80211_stop_ap when switch from P2P_GO type\n\nIf the userspace tools switch from NL80211_IFTYPE_P2P_GO to\nNL80211_IFTYPE_ADHOC via send_msg(NL80211_CMD_SET_INTERFACE), it\ndoes not call the cleanup cfg80211_stop_ap(), this leads to the\ninitialization of in-use data. For example, this path re-init the\nsdata->assigned_chanctx_list while it is still an element of\nassigned_vifs list, and makes that linked list corrupt." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0738cdb636c21ab552eaecf905efa4a6070e3ebc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4e458abbb4a523f1413bfe15c079cf4e24c15b21", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/52affc201fc22a1ab9a59ef0ed641a9adfcb8d13", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/563fbefed46ae4c1f70cffb8eb54c02df480b2c2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5a9b671c8d74a3e1b999e7a0c7f366079bcc93dd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7b97b5776daa0b39dbdadfea176f9cc0646d4a66", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8f06bb8c216bcd172394f61e557727e691b4cb24", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b8a045e2a9b234cfbc06cf36923886164358ddec", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47195.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47195.json new file mode 100644 index 00000000000..84f8a7a78cf --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47195.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47195", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:47.853", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fix use-after-free of the add_lock mutex\n\nCommit 6098475d4cb4 (\"spi: Fix deadlock when adding SPI controllers on\nSPI buses\") introduced a per-controller mutex. But mutex_unlock() of\nsaid lock is called after the controller is already freed:\n\n spi_unregister_controller(ctlr)\n -> put_device(&ctlr->dev)\n -> spi_controller_release(dev)\n -> mutex_unlock(&ctrl->add_lock)\n\nMove the put_device() after the mutex_unlock()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/37330f37f6666c7739a44b2b6b95b047ccdbed2d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6c53b45c71b4920b5e62f0ea8079a1da382b9434", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47196.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47196.json new file mode 100644 index 00000000000..2b7baff6d11 --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47196.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47196", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:47.897", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Set send and receive CQ before forwarding to the driver\n\nPreset both receive and send CQ pointers prior to call to the drivers and\noverwrite it later again till the mlx4 is going to be changed do not\noverwrite ibqp properties.\n\nThis change is needed for mlx5, because in case of QP creation failure, it\nwill go to the path of QP destroy which relies on proper CQ pointers.\n\n BUG: KASAN: use-after-free in create_qp.cold+0x164/0x16e [mlx5_ib]\n Write of size 8 at addr ffff8880064c55c0 by task a.out/246\n\n CPU: 0 PID: 246 Comm: a.out Not tainted 5.15.0+ #291\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Call Trace:\n dump_stack_lvl+0x45/0x59\n print_address_description.constprop.0+0x1f/0x140\n kasan_report.cold+0x83/0xdf\n create_qp.cold+0x164/0x16e [mlx5_ib]\n mlx5_ib_create_qp+0x358/0x28a0 [mlx5_ib]\n create_qp.part.0+0x45b/0x6a0 [ib_core]\n ib_create_qp_user+0x97/0x150 [ib_core]\n ib_uverbs_handler_UVERBS_METHOD_QP_CREATE+0x92c/0x1250 [ib_uverbs]\n ib_uverbs_cmd_verbs+0x1c38/0x3150 [ib_uverbs]\n ib_uverbs_ioctl+0x169/0x260 [ib_uverbs]\n __x64_sys_ioctl+0x866/0x14d0\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\n Allocated by task 246:\n kasan_save_stack+0x1b/0x40\n __kasan_kmalloc+0xa4/0xd0\n create_qp.part.0+0x92/0x6a0 [ib_core]\n ib_create_qp_user+0x97/0x150 [ib_core]\n ib_uverbs_handler_UVERBS_METHOD_QP_CREATE+0x92c/0x1250 [ib_uverbs]\n ib_uverbs_cmd_verbs+0x1c38/0x3150 [ib_uverbs]\n ib_uverbs_ioctl+0x169/0x260 [ib_uverbs]\n __x64_sys_ioctl+0x866/0x14d0\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\n Freed by task 246:\n kasan_save_stack+0x1b/0x40\n kasan_set_track+0x1c/0x30\n kasan_set_free_info+0x20/0x30\n __kasan_slab_free+0x10c/0x150\n slab_free_freelist_hook+0xb4/0x1b0\n kfree+0xe7/0x2a0\n create_qp.part.0+0x52b/0x6a0 [ib_core]\n ib_create_qp_user+0x97/0x150 [ib_core]\n ib_uverbs_handler_UVERBS_METHOD_QP_CREATE+0x92c/0x1250 [ib_uverbs]\n ib_uverbs_cmd_verbs+0x1c38/0x3150 [ib_uverbs]\n ib_uverbs_ioctl+0x169/0x260 [ib_uverbs]\n __x64_sys_ioctl+0x866/0x14d0\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/6cd7397d01c4a3e09757840299e4f114f0aa5fa0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b70e072feffa0ba5c41a99b9524b9878dee7748e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47197.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47197.json new file mode 100644 index 00000000000..c7c2eb0bfd1 --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47197.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2021-47197", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:47.940", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove()\n\nPrior to this patch in case mlx5_core_destroy_cq() failed it proceeds\nto rest of destroy operations. mlx5_core_destroy_cq() could be called again\nby user and cause additional call of mlx5_debug_cq_remove().\ncq->dbg was not nullify in previous call and cause the crash.\n\nFix it by nullify cq->dbg pointer after removal.\n\nAlso proceed to destroy operations only if FW return 0\nfor MLX5_CMD_OP_DESTROY_CQ command.\n\ngeneral protection fault, probably for non-canonical address 0x2000300004058: 0000 [#1] SMP PTI\nCPU: 5 PID: 1228 Comm: python Not tainted 5.15.0-rc5_for_upstream_min_debug_2021_10_14_11_06 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:lockref_get+0x1/0x60\nCode: 5d e9 53 ff ff ff 48 8d 7f 70 e8 0a 2e 48 00 c7 85 d0 00 00 00 02\n00 00 00 c6 45 70 00 fb 5d c3 c3 cc cc cc cc cc cc cc cc 53 <48> 8b 17\n48 89 fb 85 d2 75 3d 48 89 d0 bf 64 00 00 00 48 89 c1 48\nRSP: 0018:ffff888137dd7a38 EFLAGS: 00010206\nRAX: 0000000000000000 RBX: ffff888107d5f458 RCX: 00000000fffffffe\nRDX: 000000000002c2b0 RSI: ffffffff8155e2e0 RDI: 0002000300004058\nRBP: ffff888137dd7a88 R08: 0002000300004058 R09: ffff8881144a9f88\nR10: 0000000000000000 R11: 0000000000000000 R12: ffff8881141d4000\nR13: ffff888137dd7c68 R14: ffff888137dd7d58 R15: ffff888137dd7cc0\nFS: 00007f4644f2a4c0(0000) GS:ffff8887a2d40000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000055b4500f4380 CR3: 0000000114f7a003 CR4: 0000000000170ea0\nCall Trace:\n simple_recursive_removal+0x33/0x2e0\n ? debugfs_remove+0x60/0x60\n debugfs_remove+0x40/0x60\n mlx5_debug_cq_remove+0x32/0x70 [mlx5_core]\n mlx5_core_destroy_cq+0x41/0x1d0 [mlx5_core]\n devx_obj_cleanup+0x151/0x330 [mlx5_ib]\n ? __pollwait+0xd0/0xd0\n ? xas_load+0x5/0x70\n ? xa_load+0x62/0xa0\n destroy_hw_idr_uobject+0x20/0x80 [ib_uverbs]\n uverbs_destroy_uobject+0x3b/0x360 [ib_uverbs]\n uobj_destroy+0x54/0xa0 [ib_uverbs]\n ib_uverbs_cmd_verbs+0xaf2/0x1160 [ib_uverbs]\n ? uverbs_finalize_object+0xd0/0xd0 [ib_uverbs]\n ib_uverbs_ioctl+0xc4/0x1b0 [ib_uverbs]\n __x64_sys_ioctl+0x3e4/0x8e0" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2ae38157080616a13a9fe3f0b4b6ec0070aa408a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/471c492890557bd58f73314bb4ad85d5a8fd5026", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/76ded29d3fcda4928da8849ffc446ea46871c1c2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47198.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47198.json new file mode 100644 index 00000000000..911ef55836e --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47198.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47198", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:47.990", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine\n\nAn error is detected with the following report when unloading the driver:\n \"KASAN: use-after-free in lpfc_unreg_rpi+0x1b1b\"\n\nThe NLP_REG_LOGIN_SEND nlp_flag is set in lpfc_reg_fab_ctrl_node(), but the\nflag is not cleared upon completion of the login.\n\nThis allows a second call to lpfc_unreg_rpi() to proceed with nlp_rpi set\nto LPFC_RPI_ALLOW_ERROR. This results in a use after free access when used\nas an rpi_ids array index.\n\nFix by clearing the NLP_REG_LOGIN_SEND nlp_flag in\nlpfc_mbx_cmpl_fc_reg_login()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/79b20beccea3a3938a8500acef4e6b9d7c66142f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dbebf865b3239595c1d4dba063b122862583b52a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47199.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47199.json new file mode 100644 index 00000000000..cc2cbfa12bc --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47199.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47199", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.037", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: CT, Fix multiple allocations and memleak of mod acts\n\nCT clear action offload adds additional mod hdr actions to the\nflow's original mod actions in order to clear the registers which\nhold ct_state.\nWhen such flow also includes encap action, a neigh update event\ncan cause the driver to unoffload the flow and then reoffload it.\n\nEach time this happens, the ct clear handling adds that same set\nof mod hdr actions to reset ct_state until the max of mod hdr\nactions is reached.\n\nAlso the driver never releases the allocated mod hdr actions and\ncausing a memleak.\n\nFix above two issues by moving CT clear mod acts allocation\ninto the parsing actions phase and only use it when offloading the rule.\nThe release of mod acts will be done in the normal flow_put().\n\n backtrace:\n [<000000007316e2f3>] krealloc+0x83/0xd0\n [<00000000ef157de1>] mlx5e_mod_hdr_alloc+0x147/0x300 [mlx5_core]\n [<00000000970ce4ae>] mlx5e_tc_match_to_reg_set_and_get_id+0xd7/0x240 [mlx5_core]\n [<0000000067c5fa17>] mlx5e_tc_match_to_reg_set+0xa/0x20 [mlx5_core]\n [<00000000d032eb98>] mlx5_tc_ct_entry_set_registers.isra.0+0x36/0xc0 [mlx5_core]\n [<00000000fd23b869>] mlx5_tc_ct_flow_offload+0x272/0x1f10 [mlx5_core]\n [<000000004fc24acc>] mlx5e_tc_offload_fdb_rules.part.0+0x150/0x620 [mlx5_core]\n [<00000000dc741c17>] mlx5e_tc_encap_flows_add+0x489/0x690 [mlx5_core]\n [<00000000e92e49d7>] mlx5e_rep_update_flows+0x6e4/0x9b0 [mlx5_core]\n [<00000000f60f5602>] mlx5e_rep_neigh_update+0x39a/0x5d0 [mlx5_core]" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/486e8de6e233ff2999493533c6259d1cb538653b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/806401c20a0f9c51b6c8fd7035671e6ca841f6c2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47200.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47200.json new file mode 100644 index 00000000000..0ccbee3e557 --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47200.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47200", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.077", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/prime: Fix use after free in mmap with drm_gem_ttm_mmap\n\ndrm_gem_ttm_mmap() drops a reference to the gem object on success. If\nthe gem object's refcount == 1 on entry to drm_gem_prime_mmap(), that\ndrop will free the gem object, and the subsequent drm_gem_object_get()\nwill be a UAF. Fix by grabbing a reference before calling the mmap\nhelper.\n\nThis issue was forseen when the reference dropping was adding in\ncommit 9786b65bc61ac (\"drm/ttm: fix mmap refcounting\"):\n \"For that to work properly the drm_gem_object_get() call in\n drm_gem_ttm_mmap() must be moved so it happens before calling\n obj->funcs->mmap(), otherwise the gem refcount would go down\n to zero.\"" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/4f8e469a2384dfa4047145b0093126462cbb6dc0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8244a3bc27b3efd057da154b8d7e414670d5044f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47201.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47201.json new file mode 100644 index 00000000000..e1c99a7fa7d --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47201.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2021-47201", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.123", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niavf: free q_vectors before queues in iavf_disable_vf\n\niavf_free_queues() clears adapter->num_active_queues, which\niavf_free_q_vectors() relies on, so swap the order of these two function\ncalls in iavf_disable_vf(). This resolves a panic encountered when the\ninterface is disabled and then later brought up again after PF\ncommunication is restored." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/78638b47132244e3934dc5dc79f6372d5ce8e98c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/89f22f129696ab53cfbc608e0a2184d0fea46ac1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/926e8c83d4c1c2dac0026637eb0d492df876489e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9ef6589cac9a8c47f5544ccdf4c498093733bb3f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47202.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47202.json new file mode 100644 index 00000000000..e3d556e4e35 --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47202.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2021-47202", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.167", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: Fix NULL pointer dereferences in of_thermal_ functions\n\nof_parse_thermal_zones() parses the thermal-zones node and registers a\nthermal_zone device for each subnode. However, if a thermal zone is\nconsuming a thermal sensor and that thermal sensor device hasn't probed\nyet, an attempt to set trip_point_*_temp for that thermal zone device\ncan cause a NULL pointer dereference. Fix it.\n\n console:/sys/class/thermal/thermal_zone87 # echo 120000 > trip_point_0_temp\n ...\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ...\n Call trace:\n of_thermal_set_trip_temp+0x40/0xc4\n trip_point_temp_store+0xc0/0x1dc\n dev_attr_store+0x38/0x88\n sysfs_kf_write+0x64/0xc0\n kernfs_fop_write_iter+0x108/0x1d0\n vfs_write+0x2f4/0x368\n ksys_write+0x7c/0xec\n __arm64_sys_write+0x20/0x30\n el0_svc_common.llvm.7279915941325364641+0xbc/0x1bc\n do_el0_svc+0x28/0xa0\n el0_svc+0x14/0x24\n el0_sync_handler+0x88/0xec\n el0_sync+0x1c0/0x200\n\nWhile at it, fix the possible NULL pointer dereference in other\nfunctions as well: of_thermal_get_temp(), of_thermal_set_emul_temp(),\nof_thermal_get_trend()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0750f769b95841b34a9fe8c418dd792ff526bf86", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6a315471cb6a07f651e1d3adc8962730f4fcccac", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/828f4c31684da94ecf0b44a2cbd35bbede04f0bd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/96cfe05051fd8543cdedd6807ec59a0e6c409195", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ef2590a5305e0b8e9342f84c2214aa478ee7f28e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47203.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47203.json new file mode 100644 index 00000000000..87df593141d --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47203.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2021-47203", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.217", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()\n\nWhen parsing the txq list in lpfc_drain_txq(), the driver attempts to pass\nthe requests to the adapter. If such an attempt fails, a local \"fail_msg\"\nstring is set and a log message output. The job is then added to a\ncompletions list for cancellation.\n\nProcessing of any further jobs from the txq list continues, but since\n\"fail_msg\" remains set, jobs are added to the completions list regardless\nof whether a wqe was passed to the adapter. If successfully added to\ntxcmplq, jobs are added to both lists resulting in list corruption.\n\nFix by clearing the fail_msg string after adding a job to the completions\nlist. This stops the subsequent jobs from being added to the completions\nlist unless they had an appropriate failure." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/16bcbfb56d759c25665f786e33ec633b9508a08f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/814d3610c4ce86e8cf285b2cdac0057a42e82de5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/99154581b05c8fb22607afb7c3d66c1bace6aa5d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ad4776b5eb2e58af1226847fcd3b4f6d051674dd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b291d147d0268e93ad866f8bc820ea14497abc9b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c097bd5a59162156d9c2077a2f58732ffbaa9fca", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ec70d80a8642900086447ba0cdc79e3f44d42e8f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f05a0191b90156e539cccc189b9d87ca2a4d9305", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47204.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47204.json new file mode 100644 index 00000000000..600109171a5 --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47204.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2021-47204", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.270", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dpaa2-eth: fix use-after-free in dpaa2_eth_remove\n\nAccess to netdev after free_netdev() will cause use-after-free bug.\nMove debug log before free_netdev() call to avoid it." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1c4099dc0d6a01e76e4f7dd98e4b3e0d55d80ad9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/32d4686224744819ddcae58b666c21d2a4ef4c88", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9b5a333272a48c2f8b30add7a874e46e8b26129c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d74ff10ed2d93dc9b67e99a74b36fb9a83273d8a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47205.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47205.json new file mode 100644 index 00000000000..754a6532a76 --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47205.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47205", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.310", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: sunxi-ng: Unregister clocks/resets when unbinding\n\nCurrently, unbinding a CCU driver unmaps the device's MMIO region, while\nleaving its clocks/resets and their providers registered. This can cause\na page fault later when some clock operation tries to perform MMIO. Fix\nthis by separating the CCU initialization from the memory allocation,\nand then using a devres callback to unregister the clocks and resets.\n\nThis also fixes a memory leak of the `struct ccu_reset`, and uses the\ncorrect owner (the specific platform driver) for the clocks and resets.\n\nEarly OF clock providers are never unregistered, and limited error\nhandling is possible, so they are mostly unchanged. The error reporting\nis made more consistent by moving the message inside of_sunxi_ccu_probe." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/9bec2b9c6134052994115d2d3374e96f2ccb9b9d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b5dd513daa70ee8f6d281a20bd28485ee9bb7db2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47206.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47206.json new file mode 100644 index 00000000000..c36a9482695 --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47206.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2021-47206", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.357", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: host: ohci-tmio: check return value after calling platform_get_resource()\n\nIt will cause null-ptr-deref if platform_get_resource() returns NULL,\nwe need check the return value." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/065334f6640d074a1caec2f8b0091467a22f9483", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2474eb7fc3bfbce10f7b8ea431fcffe5dd5f5100", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/28e016e02118917e50a667bc72fb80098cf2b460", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2f18f97a1a787154a372c0738f1576f14b693d91", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/951b8239fd24678b56c995c5c0456ab12e059d19", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9eff2b2e59fda25051ab36cd1cb5014661df657b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bb6ed2e05eb6e8619b30fa854f9becd50c11723f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f98986b7acb4219f95789095eced93ed69d81d35", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47207.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47207.json new file mode 100644 index 00000000000..277684e66de --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47207.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2021-47207", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.400", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: gus: fix null pointer dereference on pointer block\n\nThe pointer block return from snd_gf1_dma_next_block could be\nnull, so there is a potential null pointer dereference issue.\nFix this by adding a null check before dereference." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/16721797dcef2c7c030ffe73a07f39a65f9323c3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1ac6cd87d8ddd36c43620f82c4d65b058f725f0f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3e28e083dcdf03a18a083f8a47b6bb6b1604b5be", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/542fa721594a02d2aee0370a764d306ef48d030c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a0d21bb3279476c777434c40d969ea88ca64f9aa", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ab4c1ebc40f699f48346f634d7b72b9c5193f315", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c6d2cefdd05c4810c416fb8d384b5c377bd977bc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cb09c760c201f82df83babc92a5ffea0a01807fc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47209.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47209.json new file mode 100644 index 00000000000..084587f2b57 --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47209.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47209", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.447", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Prevent dead task groups from regaining cfs_rq's\n\nKevin is reporting crashes which point to a use-after-free of a cfs_rq\nin update_blocked_averages(). Initial debugging revealed that we've\nlive cfs_rq's (on_list=1) in an about to be kfree()'d task group in\nfree_fair_sched_group(). However, it was unclear how that can happen.\n\nHis kernel config happened to lead to a layout of struct sched_entity\nthat put the 'my_q' member directly into the middle of the object\nwhich makes it incidentally overlap with SLUB's freelist pointer.\nThat, in combination with SLAB_FREELIST_HARDENED's freelist pointer\nmangling, leads to a reliable access violation in form of a #GP which\nmade the UAF fail fast.\n\nMichal seems to have run into the same issue[1]. He already correctly\ndiagnosed that commit a7b359fc6a37 (\"sched/fair: Correctly insert\ncfs_rq's to list on unthrottle\") is causing the preconditions for the\nUAF to happen by re-adding cfs_rq's also to task groups that have no\nmore running tasks, i.e. also to dead ones. His analysis, however,\nmisses the real root cause and it cannot be seen from the crash\nbacktrace only, as the real offender is tg_unthrottle_up() getting\ncalled via sched_cfs_period_timer() via the timer interrupt at an\ninconvenient time.\n\nWhen unregister_fair_sched_group() unlinks all cfs_rq's from the dying\ntask group, it doesn't protect itself from getting interrupted. If the\ntimer interrupt triggers while we iterate over all CPUs or after\nunregister_fair_sched_group() has finished but prior to unlinking the\ntask group, sched_cfs_period_timer() will execute and walk the list of\ntask groups, trying to unthrottle cfs_rq's, i.e. re-add them to the\ndying task group. These will later -- in free_fair_sched_group() -- be\nkfree()'ed while still being linked, leading to the fireworks Kevin\nand Michal are seeing.\n\nTo fix this race, ensure the dying task group gets unlinked first.\nHowever, simply switching the order of unregistering and unlinking the\ntask group isn't sufficient, as concurrent RCU walkers might still see\nit, as can be seen below:\n\n CPU1: CPU2:\n : timer IRQ:\n : do_sched_cfs_period_timer():\n : :\n : distribute_cfs_runtime():\n : rcu_read_lock();\n : :\n : unthrottle_cfs_rq():\n sched_offline_group(): :\n : walk_tg_tree_from(\u2026,tg_unthrottle_up,\u2026):\n list_del_rcu(&tg->list); :\n (1) : list_for_each_entry_rcu(child, &parent->children, siblings)\n : :\n (2) list_del_rcu(&tg->siblings); :\n : tg_unthrottle_up():\n unregister_fair_sched_group(): struct cfs_rq *cfs_rq = tg->cfs_rq[cpu_of(rq)];\n : :\n list_del_leaf_cfs_rq(tg->cfs_rq[cpu]); :\n : :\n : if (!cfs_rq_is_decayed(cfs_rq) || cfs_rq->nr_running)\n (3) : list_add_leaf_cfs_rq(cfs_rq);\n : :\n : :\n : :\n : :\n : \n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/512e21c150c1c3ee298852660f3a796e267e62ec", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b027789e5e50494c2325cc70c8642e7fd6059479", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47210.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47210.json new file mode 100644 index 00000000000..a7aee535ecd --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47210.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2021-47210", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.497", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tipd: Remove WARN_ON in tps6598x_block_read\n\nCalling tps6598x_block_read with a higher than allowed len can be\nhandled by just returning an error. There's no need to crash systems\nwith panic-on-warn enabled." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2a897d384513ba7f7ef05611338b9a6ec6aeac00", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2c71811c963b6c310a29455d521d31a7ea6c5b5e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/30dcfcda8992dc42f18e7d35b6a1fa72372d382d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b7a0a63f3fed57d413bb857de164ea9c3984bc4e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/eff8b7628410cb2eb562ca0d5d1f12e27063733e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47211.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47211.json new file mode 100644 index 00000000000..4b398b975d7 --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47211.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47211", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.547", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: fix null pointer dereference on pointer cs_desc\n\nThe pointer cs_desc return from snd_usb_find_clock_source could\nbe null, so there is a potential null pointer dereference issue.\nFix this by adding a null check before dereference." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/58fa50de595f152900594c28ec9915c169643739", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b97053df0f04747c3c1e021ecbe99db675342954", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47212.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47212.json new file mode 100644 index 00000000000..734da09d2c0 --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47212.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47212", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.597", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Update error handler for UCTX and UMEM\n\nIn the fast unload flow, the device state is set to internal error,\nwhich indicates that the driver started the destroy process.\nIn this case, when a destroy command is being executed, it should return\nMLX5_CMD_STAT_OK.\nFix MLX5_CMD_OP_DESTROY_UCTX and MLX5_CMD_OP_DESTROY_UMEM to return OK\ninstead of EIO.\n\nThis fixes a call trace in the umem release process -\n[ 2633.536695] Call Trace:\n[ 2633.537518] ib_uverbs_remove_one+0xc3/0x140 [ib_uverbs]\n[ 2633.538596] remove_client_context+0x8b/0xd0 [ib_core]\n[ 2633.539641] disable_device+0x8c/0x130 [ib_core]\n[ 2633.540615] __ib_unregister_device+0x35/0xa0 [ib_core]\n[ 2633.541640] ib_unregister_device+0x21/0x30 [ib_core]\n[ 2633.542663] __mlx5_ib_remove+0x38/0x90 [mlx5_ib]\n[ 2633.543640] auxiliary_bus_remove+0x1e/0x30 [auxiliary]\n[ 2633.544661] device_release_driver_internal+0x103/0x1f0\n[ 2633.545679] bus_remove_device+0xf7/0x170\n[ 2633.546640] device_del+0x181/0x410\n[ 2633.547606] mlx5_rescan_drivers_locked.part.10+0x63/0x160 [mlx5_core]\n[ 2633.548777] mlx5_unregister_device+0x27/0x40 [mlx5_core]\n[ 2633.549841] mlx5_uninit_one+0x21/0xc0 [mlx5_core]\n[ 2633.550864] remove_one+0x69/0xe0 [mlx5_core]\n[ 2633.551819] pci_device_remove+0x3b/0xc0\n[ 2633.552731] device_release_driver_internal+0x103/0x1f0\n[ 2633.553746] unbind_store+0xf6/0x130\n[ 2633.554657] kernfs_fop_write+0x116/0x190\n[ 2633.555567] vfs_write+0xa5/0x1a0\n[ 2633.556407] ksys_write+0x4f/0xb0\n[ 2633.557233] do_syscall_64+0x5b/0x1a0\n[ 2633.558071] entry_SYSCALL_64_after_hwframe+0x65/0xca\n[ 2633.559018] RIP: 0033:0x7f9977132648\n[ 2633.559821] Code: 89 02 48 c7 c0 ff ff ff ff eb b3 0f 1f 80 00 00 00 00 f3 0f 1e fa 48 8d 05 55 6f 2d 00 8b 00 85 c0 75 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 41 54 49 89 d4 55\n[ 2633.562332] RSP: 002b:00007fffb1a83888 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 2633.563472] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007f9977132648\n[ 2633.564541] RDX: 000000000000000c RSI: 000055b90546e230 RDI: 0000000000000001\n[ 2633.565596] RBP: 000055b90546e230 R08: 00007f9977406860 R09: 00007f9977a54740\n[ 2633.566653] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99774056e0\n[ 2633.567692] R13: 000000000000000c R14: 00007f9977400880 R15: 000000000000000c\n[ 2633.568725] ---[ end trace 10b4fe52945e544d ]---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/a51a6da375d82aed5c8f83abd13e7d060421bd48", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ba50cd9451f6c49cf0841c0a4a146ff6a2822699", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47213.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47213.json new file mode 100644 index 00000000000..ef8c2eafc3c --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47213.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47213", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.640", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Fix exposure in nfsd4_decode_bitmap()\n\nrtm@csail.mit.edu reports:\n> nfsd4_decode_bitmap4() will write beyond bmval[bmlen-1] if the RPC\n> directs it to do so. This can cause nfsd4_decode_state_protect4_a()\n> to write client-supplied data beyond the end of\n> nfsd4_exchange_id.spo_must_allow[] when called by\n> nfsd4_decode_exchange_id().\n\nRewrite the loops so nfsd4_decode_bitmap() cannot iterate beyond\n@bmlen.\n\nReported by: rtm@csail.mit.edu" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/10c22d9519f3f5939de61a1500aa3a926b778d3a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c0019b7db1d7ac62c711cda6b357a659d46428fe", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47214.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47214.json new file mode 100644 index 00000000000..275d6472d09 --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47214.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47214", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.680", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhugetlb, userfaultfd: fix reservation restore on userfaultfd error\n\nCurrently in the is_continue case in hugetlb_mcopy_atomic_pte(), if we\nbail out using \"goto out_release_unlock;\" in the cases where idx >=\nsize, or !huge_pte_none(), the code will detect that new_pagecache_page\n== false, and so call restore_reserve_on_error(). In this case I see\nrestore_reserve_on_error() delete the reservation, and the following\ncall to remove_inode_hugepages() will increment h->resv_hugepages\ncausing a 100% reproducible leak.\n\nWe should treat the is_continue case similar to adding a page into the\npagecache and set new_pagecache_page to true, to indicate that there is\nno reservation to restore on the error path, and we need not call\nrestore_reserve_on_error(). Rename new_pagecache_page to\npage_in_pagecache to make that clear." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/b5069d44e2fbc4a9093d005b3ef0949add3dd27e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cc30042df6fcc82ea18acf0dace831503e60a0b7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47215.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47215.json new file mode 100644 index 00000000000..d81fc352fd9 --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47215.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47215", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.727", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: kTLS, Fix crash in RX resync flow\n\nFor the TLS RX resync flow, we maintain a list of TLS contexts\nthat require some attention, to communicate their resync information\nto the HW.\nHere we fix list corruptions, by protecting the entries against\nmovements coming from resync_handle_seq_match(), until their resync\nhandling in napi is fully completed." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/cc4a9cc03faa6d8db1a6954bb536f2c1e63bdff6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ebeda7a9528ae690e6bf12791a868f0cca8391f2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47216.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47216.json new file mode 100644 index 00000000000..f2edaa73bf6 --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47216.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2021-47216", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.770", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: advansys: Fix kernel pointer leak\n\nPointers should be printed with %p or %px rather than cast to 'unsigned\nlong' and printed with %lx.\n\nChange %lx to %p to print the hashed pointer." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/055eced3edf5b675d12189081303f6285ef26511", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/06d7d12efb5c62db9dea15141ae2b322c2719515", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/27490ae6a85a70242d80615ca74d0362a820d6a7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5612287991debe310c914600599bd59511ababfb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ad19f7046c24f95c674fbea21870479b2b9f5bab", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cc248790bfdcf879e3094fa248c85bf92cdf9dae", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d4996c6eac4c81b8872043e9391563f67f13e406", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f5a0ba4a9b5e70e7b2f767636d26523f9d1ac59d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47217.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47217.json new file mode 100644 index 00000000000..c6a5d2cc8aa --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47217.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2021-47217", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.813", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails\n\nCheck for a valid hv_vp_index array prior to derefencing hv_vp_index when\nsetting Hyper-V's TSC change callback. If Hyper-V setup failed in\nhyperv_init(), the kernel will still report that it's running under\nHyper-V, but will have silently disabled nearly all functionality.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000010\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP\n CPU: 4 PID: 1 Comm: swapper/0 Not tainted 5.15.0-rc2+ #75\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n RIP: 0010:set_hv_tscchange_cb+0x15/0xa0\n Code: <8b> 04 82 8b 15 12 17 85 01 48 c1 e0 20 48 0d ee 00 01 00 f6 c6 08\n ...\n Call Trace:\n kvm_arch_init+0x17c/0x280\n kvm_init+0x31/0x330\n vmx_init+0xba/0x13a\n do_one_initcall+0x41/0x1c0\n kernel_init_freeable+0x1f2/0x23b\n kernel_init+0x16/0x120\n ret_from_fork+0x22/0x30" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/8823ea27fff6084bbb4bc71d15378fae0220b1d8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9c177eee116cf888276d3748cb176e72562cfd5c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b0e44dfb4e4c699cca33ede431b8d127e6e8d661", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b20ec58f8a6f4fef32cc71480ddf824584e24743", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/daf972118c517b91f74ff1731417feb4270625a4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47218.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47218.json new file mode 100644 index 00000000000..684db8c41dd --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47218.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2021-47218", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.860", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: fix NULL-pointer dereference when hashtab allocation fails\n\nWhen the hash table slot array allocation fails in hashtab_init(),\nh->size is left initialized with a non-zero value, but the h->htable\npointer is NULL. This may then cause a NULL pointer dereference, since\nthe policydb code relies on the assumption that even after a failed\nhashtab_init(), hashtab_map() and hashtab_destroy() can be safely called\non it. Yet, these detect an empty hashtab only by looking at the size.\n\nFix this by making sure that hashtab_init() always leaves behind a valid\nempty hashtab when the allocation fails." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/83c8ab8503adf56bf68dafc7a382f4946c87da79", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b17dd53cac769dd13031b0ca34f90cc65e523fab", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dc27f3c5d10c58069672215787a96b4fae01818b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-472xx/CVE-2021-47219.json b/CVE-2021/CVE-2021-472xx/CVE-2021-47219.json new file mode 100644 index 00000000000..9a6af14cc00 --- /dev/null +++ b/CVE-2021/CVE-2021-472xx/CVE-2021-47219.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2021-47219", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-10T19:15:48.903", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs()\n\nThe following issue was observed running syzkaller:\n\nBUG: KASAN: slab-out-of-bounds in memcpy include/linux/string.h:377 [inline]\nBUG: KASAN: slab-out-of-bounds in sg_copy_buffer+0x150/0x1c0 lib/scatterlist.c:831\nRead of size 2132 at addr ffff8880aea95dc8 by task syz-executor.0/9815\n\nCPU: 0 PID: 9815 Comm: syz-executor.0 Not tainted 4.19.202-00874-gfc0fe04215a9 #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0xe4/0x14a lib/dump_stack.c:118\n print_address_description+0x73/0x280 mm/kasan/report.c:253\n kasan_report_error mm/kasan/report.c:352 [inline]\n kasan_report+0x272/0x370 mm/kasan/report.c:410\n memcpy+0x1f/0x50 mm/kasan/kasan.c:302\n memcpy include/linux/string.h:377 [inline]\n sg_copy_buffer+0x150/0x1c0 lib/scatterlist.c:831\n fill_from_dev_buffer+0x14f/0x340 drivers/scsi/scsi_debug.c:1021\n resp_report_tgtpgs+0x5aa/0x770 drivers/scsi/scsi_debug.c:1772\n schedule_resp+0x464/0x12f0 drivers/scsi/scsi_debug.c:4429\n scsi_debug_queuecommand+0x467/0x1390 drivers/scsi/scsi_debug.c:5835\n scsi_dispatch_cmd+0x3fc/0x9b0 drivers/scsi/scsi_lib.c:1896\n scsi_request_fn+0x1042/0x1810 drivers/scsi/scsi_lib.c:2034\n __blk_run_queue_uncond block/blk-core.c:464 [inline]\n __blk_run_queue+0x1a4/0x380 block/blk-core.c:484\n blk_execute_rq_nowait+0x1c2/0x2d0 block/blk-exec.c:78\n sg_common_write.isra.19+0xd74/0x1dc0 drivers/scsi/sg.c:847\n sg_write.part.23+0x6e0/0xd00 drivers/scsi/sg.c:716\n sg_write+0x64/0xa0 drivers/scsi/sg.c:622\n __vfs_write+0xed/0x690 fs/read_write.c:485\nkill_bdev:block_device:00000000e138492c\n vfs_write+0x184/0x4c0 fs/read_write.c:549\n ksys_write+0x107/0x240 fs/read_write.c:599\n do_syscall_64+0xc2/0x560 arch/x86/entry/common.c:293\n entry_SYSCALL_64_after_hwframe+0x49/0xbe\n\nWe get 'alen' from command its type is int. If userspace passes a large\nlength we will get a negative 'alen'.\n\nSwitch n, alen, and rlen to u32." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/66523553fa62c7878fc5441dc4e82be71934eb77", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8440377e1a5644779b4c8d013aa2a917f5fc83c3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f347c26836c270199de1599c3cd466bb7747caa9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-520xx/CVE-2023-52070.json b/CVE-2023/CVE-2023-520xx/CVE-2023-52070.json new file mode 100644 index 00000000000..7bf18596a03 --- /dev/null +++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52070.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-52070", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-10T19:15:48.973", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBounds via the 'setSeriesNeedle(int index, int type)' method." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://jfreechart.com", + "source": "cve@mitre.org" + }, + { + "url": "http://jfreeorg.com", + "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/LLM4IG/f55de46e65fb5a19b7815adb36fd858b", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6916.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6916.json index 4950dd23637..8df4d831bac 100644 --- a/CVE-2023/CVE-2023-69xx/CVE-2023-6916.json +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6916.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6916", "sourceIdentifier": "prodsec@nozominetworks.com", "published": "2024-04-10T16:15:09.190", - "lastModified": "2024-04-10T16:15:09.190", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-02xx/CVE-2024-0218.json b/CVE-2024/CVE-2024-02xx/CVE-2024-0218.json index c1e646d0610..acb12ea1f85 100644 --- a/CVE-2024/CVE-2024-02xx/CVE-2024-0218.json +++ b/CVE-2024/CVE-2024-02xx/CVE-2024-0218.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0218", "sourceIdentifier": "prodsec@nozominetworks.com", "published": "2024-04-10T16:15:09.413", - "lastModified": "2024-04-10T16:15:09.413", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-15xx/CVE-2024-1511.json b/CVE-2024/CVE-2024-15xx/CVE-2024-1511.json index 37db8372ef4..940c1c37a29 100644 --- a/CVE-2024/CVE-2024-15xx/CVE-2024-1511.json +++ b/CVE-2024/CVE-2024-15xx/CVE-2024-1511.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1511", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:51.670", - "lastModified": "2024-04-10T17:15:51.670", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-15xx/CVE-2024-1520.json b/CVE-2024/CVE-2024-15xx/CVE-2024-1520.json index 000d3a65e87..2674a3c533d 100644 --- a/CVE-2024/CVE-2024-15xx/CVE-2024-1520.json +++ b/CVE-2024/CVE-2024-15xx/CVE-2024-1520.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1520", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:51.930", - "lastModified": "2024-04-10T17:15:51.930", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-15xx/CVE-2024-1599.json b/CVE-2024/CVE-2024-15xx/CVE-2024-1599.json index b5cf1c8e2aa..40a197c9880 100644 --- a/CVE-2024/CVE-2024-15xx/CVE-2024-1599.json +++ b/CVE-2024/CVE-2024-15xx/CVE-2024-1599.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1599", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:52.120", - "lastModified": "2024-04-10T17:15:52.120", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-16xx/CVE-2024-1600.json b/CVE-2024/CVE-2024-16xx/CVE-2024-1600.json index dea6061cae0..4f602b24c64 100644 --- a/CVE-2024/CVE-2024-16xx/CVE-2024-1600.json +++ b/CVE-2024/CVE-2024-16xx/CVE-2024-1600.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1600", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:52.317", - "lastModified": "2024-04-10T17:15:52.317", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-16xx/CVE-2024-1602.json b/CVE-2024/CVE-2024-16xx/CVE-2024-1602.json index bf8b85a138d..f39d1a61091 100644 --- a/CVE-2024/CVE-2024-16xx/CVE-2024-1602.json +++ b/CVE-2024/CVE-2024-16xx/CVE-2024-1602.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1602", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:52.537", - "lastModified": "2024-04-10T17:15:52.537", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-16xx/CVE-2024-1625.json b/CVE-2024/CVE-2024-16xx/CVE-2024-1625.json index e9279a26718..e4710013a95 100644 --- a/CVE-2024/CVE-2024-16xx/CVE-2024-1625.json +++ b/CVE-2024/CVE-2024-16xx/CVE-2024-1625.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1625", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:52.727", - "lastModified": "2024-04-10T17:15:52.727", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-16xx/CVE-2024-1643.json b/CVE-2024/CVE-2024-16xx/CVE-2024-1643.json index 982838e3b62..5c49c02a382 100644 --- a/CVE-2024/CVE-2024-16xx/CVE-2024-1643.json +++ b/CVE-2024/CVE-2024-16xx/CVE-2024-1643.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1643", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:52.917", - "lastModified": "2024-04-10T17:15:52.917", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-17xx/CVE-2024-1728.json b/CVE-2024/CVE-2024-17xx/CVE-2024-1728.json index d5be9dc2cd2..897791ebfe3 100644 --- a/CVE-2024/CVE-2024-17xx/CVE-2024-1728.json +++ b/CVE-2024/CVE-2024-17xx/CVE-2024-1728.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1728", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:53.097", - "lastModified": "2024-04-10T17:15:53.097", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-17xx/CVE-2024-1740.json b/CVE-2024/CVE-2024-17xx/CVE-2024-1740.json index 1c47b5383ad..a019d0d46e4 100644 --- a/CVE-2024/CVE-2024-17xx/CVE-2024-1740.json +++ b/CVE-2024/CVE-2024-17xx/CVE-2024-1740.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1740", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:53.293", - "lastModified": "2024-04-10T17:15:53.293", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-17xx/CVE-2024-1741.json b/CVE-2024/CVE-2024-17xx/CVE-2024-1741.json index 5893838f25c..7fce299d122 100644 --- a/CVE-2024/CVE-2024-17xx/CVE-2024-1741.json +++ b/CVE-2024/CVE-2024-17xx/CVE-2024-1741.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1741", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:53.483", - "lastModified": "2024-04-10T17:15:53.483", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-19xx/CVE-2024-1902.json b/CVE-2024/CVE-2024-19xx/CVE-2024-1902.json index ee636b9ce12..775360fb336 100644 --- a/CVE-2024/CVE-2024-19xx/CVE-2024-1902.json +++ b/CVE-2024/CVE-2024-19xx/CVE-2024-1902.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1902", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:53.680", - "lastModified": "2024-04-10T17:15:53.680", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20766.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20766.json index 08d29f4302f..57768340f39 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20766.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20766.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20766", "sourceIdentifier": "psirt@adobe.com", "published": "2024-04-10T13:51:37.820", - "lastModified": "2024-04-10T13:51:37.820", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20770.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20770.json index 73f5e7b6702..cc031be868f 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20770.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20770.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20770", "sourceIdentifier": "psirt@adobe.com", "published": "2024-04-10T13:51:38.157", - "lastModified": "2024-04-10T13:51:38.157", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20772.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20772.json index 6288255464f..85efa360a90 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20772.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20772.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20772", "sourceIdentifier": "psirt@adobe.com", "published": "2024-04-10T13:51:38.357", - "lastModified": "2024-04-10T13:51:38.357", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-20xx/CVE-2024-2029.json b/CVE-2024/CVE-2024-20xx/CVE-2024-2029.json index d00cb0cc7be..1f3f2f82775 100644 --- a/CVE-2024/CVE-2024-20xx/CVE-2024-2029.json +++ b/CVE-2024/CVE-2024-20xx/CVE-2024-2029.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2029", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:53.880", - "lastModified": "2024-04-10T17:15:53.880", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-21xx/CVE-2024-2195.json b/CVE-2024/CVE-2024-21xx/CVE-2024-2195.json index 6b8b05fc919..2a22bef1f2b 100644 --- a/CVE-2024/CVE-2024-21xx/CVE-2024-2195.json +++ b/CVE-2024/CVE-2024-21xx/CVE-2024-2195.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2195", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:54.067", - "lastModified": "2024-04-10T17:15:54.067", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-21xx/CVE-2024-2196.json b/CVE-2024/CVE-2024-21xx/CVE-2024-2196.json index 0749692e91f..b3b3349954d 100644 --- a/CVE-2024/CVE-2024-21xx/CVE-2024-2196.json +++ b/CVE-2024/CVE-2024-21xx/CVE-2024-2196.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2196", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:54.257", - "lastModified": "2024-04-10T17:15:54.257", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-22xx/CVE-2024-2217.json b/CVE-2024/CVE-2024-22xx/CVE-2024-2217.json index 11dc9ec3962..8b8d648c296 100644 --- a/CVE-2024/CVE-2024-22xx/CVE-2024-2217.json +++ b/CVE-2024/CVE-2024-22xx/CVE-2024-2217.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2217", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:54.440", - "lastModified": "2024-04-10T17:15:54.440", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-22xx/CVE-2024-2221.json b/CVE-2024/CVE-2024-22xx/CVE-2024-2221.json index 3cb77b96d0e..24a26875f22 100644 --- a/CVE-2024/CVE-2024-22xx/CVE-2024-2221.json +++ b/CVE-2024/CVE-2024-22xx/CVE-2024-2221.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2221", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:54.633", - "lastModified": "2024-04-10T17:15:54.633", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-230xx/CVE-2024-23077.json b/CVE-2024/CVE-2024-230xx/CVE-2024-23077.json new file mode 100644 index 00000000000..3eaa497249c --- /dev/null +++ b/CVE-2024/CVE-2024-230xx/CVE-2024-23077.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-23077", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-10T19:15:49.020", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBounds via the component /chart/plot/CompassPlot.java." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://jfreechart.com", + "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/LLM4IG/f55de46e65fb5a19b7815adb36fd858b", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/jfree/jfreechart", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-230xx/CVE-2024-23080.json b/CVE-2024/CVE-2024-230xx/CVE-2024-23080.json index 230dce6ab53..9e437ac2f84 100644 --- a/CVE-2024/CVE-2024-230xx/CVE-2024-23080.json +++ b/CVE-2024/CVE-2024-230xx/CVE-2024-23080.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23080", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-10T13:51:38.547", - "lastModified": "2024-04-10T13:51:38.547", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-230xx/CVE-2024-23083.json b/CVE-2024/CVE-2024-230xx/CVE-2024-23083.json index ec899c6b478..900ba52556a 100644 --- a/CVE-2024/CVE-2024-230xx/CVE-2024-23083.json +++ b/CVE-2024/CVE-2024-230xx/CVE-2024-23083.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23083", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-10T14:15:07.430", - "lastModified": "2024-04-10T14:15:07.430", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-237xx/CVE-2024-23734.json b/CVE-2024/CVE-2024-237xx/CVE-2024-23734.json index 332be4a954a..5be5cc12398 100644 --- a/CVE-2024/CVE-2024-237xx/CVE-2024-23734.json +++ b/CVE-2024/CVE-2024-237xx/CVE-2024-23734.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23734", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-10T16:15:09.890", - "lastModified": "2024-04-10T16:15:09.890", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-237xx/CVE-2024-23735.json b/CVE-2024/CVE-2024-237xx/CVE-2024-23735.json index f3696827fe5..f1ec7f174d9 100644 --- a/CVE-2024/CVE-2024-237xx/CVE-2024-23735.json +++ b/CVE-2024/CVE-2024-237xx/CVE-2024-23735.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23735", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-10T16:15:09.950", - "lastModified": "2024-04-10T16:15:09.950", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-248xx/CVE-2024-24809.json b/CVE-2024/CVE-2024-248xx/CVE-2024-24809.json index 501d9bc26e3..56e45efd16b 100644 --- a/CVE-2024/CVE-2024-248xx/CVE-2024-24809.json +++ b/CVE-2024/CVE-2024-248xx/CVE-2024-24809.json @@ -2,8 +2,8 @@ "id": "CVE-2024-24809", "sourceIdentifier": "security-advisories@github.com", "published": "2024-04-10T15:16:04.027", - "lastModified": "2024-04-10T15:16:04.027", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-268xx/CVE-2024-26816.json b/CVE-2024/CVE-2024-268xx/CVE-2024-26816.json index 5689d57e20e..c4b1907af0c 100644 --- a/CVE-2024/CVE-2024-268xx/CVE-2024-26816.json +++ b/CVE-2024/CVE-2024-268xx/CVE-2024-26816.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26816", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-10T14:15:07.490", - "lastModified": "2024-04-10T14:15:07.490", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-274xx/CVE-2024-27474.json b/CVE-2024/CVE-2024-274xx/CVE-2024-27474.json index 30de53ac67e..3d78d408cc1 100644 --- a/CVE-2024/CVE-2024-274xx/CVE-2024-27474.json +++ b/CVE-2024/CVE-2024-274xx/CVE-2024-27474.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27474", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-10T15:16:04.867", - "lastModified": "2024-04-10T15:16:04.867", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-274xx/CVE-2024-27476.json b/CVE-2024/CVE-2024-274xx/CVE-2024-27476.json index e2850d19e1e..f8576bb39c7 100644 --- a/CVE-2024/CVE-2024-274xx/CVE-2024-27476.json +++ b/CVE-2024/CVE-2024-274xx/CVE-2024-27476.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27476", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-10T15:16:04.923", - "lastModified": "2024-04-10T15:16:04.923", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-274xx/CVE-2024-27477.json b/CVE-2024/CVE-2024-274xx/CVE-2024-27477.json index 9faf8e0b58b..4702a0c0bcb 100644 --- a/CVE-2024/CVE-2024-274xx/CVE-2024-27477.json +++ b/CVE-2024/CVE-2024-274xx/CVE-2024-27477.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27477", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-10T15:16:04.980", - "lastModified": "2024-04-10T15:16:04.980", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-27xx/CVE-2024-2730.json b/CVE-2024/CVE-2024-27xx/CVE-2024-2730.json index 20df8895958..6997219ced4 100644 --- a/CVE-2024/CVE-2024-27xx/CVE-2024-2730.json +++ b/CVE-2024/CVE-2024-27xx/CVE-2024-2730.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2730", "sourceIdentifier": "vulnerability@ncsc.ch", "published": "2024-04-10T14:15:07.550", - "lastModified": "2024-04-10T14:15:07.550", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-27xx/CVE-2024-2731.json b/CVE-2024/CVE-2024-27xx/CVE-2024-2731.json index 28350a8b379..105c8ac7f02 100644 --- a/CVE-2024/CVE-2024-27xx/CVE-2024-2731.json +++ b/CVE-2024/CVE-2024-27xx/CVE-2024-2731.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2731", "sourceIdentifier": "vulnerability@ncsc.ch", "published": "2024-04-10T14:15:07.757", - "lastModified": "2024-04-10T14:15:07.757", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-283xx/CVE-2024-28344.json b/CVE-2024/CVE-2024-283xx/CVE-2024-28344.json new file mode 100644 index 00000000000..64fe24c23fb --- /dev/null +++ b/CVE-2024/CVE-2024-283xx/CVE-2024-28344.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-28344", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-10T19:15:49.070", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An Open Redirect vulnerability was found in Sipwise C5 NGCP Dashboard below mr11.5.1. The Open Redirect vulnerability allows attackers to control the \"back\" parameter in the URL through a double encoded URL." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://securitycafe.ro/2024/03/21/cve-2024-28344-cve-2024-28345-in-sipwise-c5/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-283xx/CVE-2024-28345.json b/CVE-2024/CVE-2024-283xx/CVE-2024-28345.json new file mode 100644 index 00000000000..125e4cdd001 --- /dev/null +++ b/CVE-2024/CVE-2024-283xx/CVE-2024-28345.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-28345", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-10T19:15:49.117", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue discovered in Sipwise C5 NGCP Dashboard below mr11.5.1 allows a low privileged user to access the Journal endpoint by directly visit the URL." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://securitycafe.ro/2024/03/21/cve-2024-28344-cve-2024-28345-in-sipwise-c5/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-292xx/CVE-2024-29296.json b/CVE-2024/CVE-2024-292xx/CVE-2024-29296.json index c9d8ba9b5e0..f6ee56807e1 100644 --- a/CVE-2024/CVE-2024-292xx/CVE-2024-29296.json +++ b/CVE-2024/CVE-2024-292xx/CVE-2024-29296.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29296", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-10T15:16:05.033", - "lastModified": "2024-04-10T15:16:05.033", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-29xx/CVE-2024-2952.json b/CVE-2024/CVE-2024-29xx/CVE-2024-2952.json index 905d6ba30b4..71304c804ba 100644 --- a/CVE-2024/CVE-2024-29xx/CVE-2024-2952.json +++ b/CVE-2024/CVE-2024-29xx/CVE-2024-2952.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2952", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:54.823", - "lastModified": "2024-04-10T17:15:54.823", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-30xx/CVE-2024-3025.json b/CVE-2024/CVE-2024-30xx/CVE-2024-3025.json index 0392ca83398..c2a831bdcd2 100644 --- a/CVE-2024/CVE-2024-30xx/CVE-2024-3025.json +++ b/CVE-2024/CVE-2024-30xx/CVE-2024-3025.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3025", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:55.993", - "lastModified": "2024-04-10T17:15:55.993", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-30xx/CVE-2024-3098.json b/CVE-2024/CVE-2024-30xx/CVE-2024-3098.json index 3b50b5910e4..68ef13e2ea5 100644 --- a/CVE-2024/CVE-2024-30xx/CVE-2024-3098.json +++ b/CVE-2024/CVE-2024-30xx/CVE-2024-3098.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3098", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:56.213", - "lastModified": "2024-04-10T17:15:56.213", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-312xx/CVE-2024-31214.json b/CVE-2024/CVE-2024-312xx/CVE-2024-31214.json new file mode 100644 index 00000000000..3198232c7fd --- /dev/null +++ b/CVE-2024/CVE-2024-312xx/CVE-2024-31214.json @@ -0,0 +1,67 @@ +{ + "id": "CVE-2024-31214", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-04-10T18:15:07.350", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Traccar is an open source GPS tracking system. Traccar versions 5.1 through 5.12 allow arbitrary files to be uploaded through the device image upload API. Attackers have full control over the file contents, full control over the directory where the file is stored, full control over the file extension, and partial control over the file name. While it's not for an attacker to overwrite an existing file, an attacker can create new files with certain names and attacker-controlled extensions anywhere on the file system. This can potentially lead to remote code execution, XSS, DOS, etc. The default install of Traccar makes this vulnerability more severe. Self-registration is enabled by default, allowing anyone to create an account to exploit this vulnerability. Traccar also runs by default with root/system privileges, allowing files to be placed anywhere on the file system. Version 6.0 contains a fix for the issue. One may also turn off self-registration by default, as that would make most vulnerabilities in the application much harder to exploit by default and reduce the severity considerably.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.6, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.8, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/traccar/traccar/blob/master/src/main/java/org/traccar/model/Device.java#L56", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/traccar/traccar/blob/v5.12/src/main/java/org/traccar/api/resource/DeviceResource.java#L191", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/traccar/traccar/commit/3fbdcd81566bc72e319ec05c77cf8a4120b87b8f", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/traccar/traccar/security/advisories/GHSA-3gxq-f2qj-c8v9", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-312xx/CVE-2024-31230.json b/CVE-2024/CVE-2024-312xx/CVE-2024-31230.json new file mode 100644 index 00000000000..a17b3b0aad4 --- /dev/null +++ b/CVE-2024/CVE-2024-312xx/CVE-2024-31230.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-31230", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-10T18:15:07.540", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in ShortPixel ShortPixel Adaptive Images.This issue affects ShortPixel Adaptive Images: from n/a through 3.8.2.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/shortpixel-adaptive-images/wordpress-shortpixel-adaptive-images-plugin-3-8-2-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-312xx/CVE-2024-31240.json b/CVE-2024/CVE-2024-312xx/CVE-2024-31240.json index 348f7b305dd..1dc140474a8 100644 --- a/CVE-2024/CVE-2024-312xx/CVE-2024-31240.json +++ b/CVE-2024/CVE-2024-312xx/CVE-2024-31240.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31240", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T16:15:12.047", - "lastModified": "2024-04-10T16:15:12.047", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-312xx/CVE-2024-31242.json b/CVE-2024/CVE-2024-312xx/CVE-2024-31242.json new file mode 100644 index 00000000000..e2f6d43943c --- /dev/null +++ b/CVE-2024/CVE-2024-312xx/CVE-2024-31242.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-31242", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-10T18:15:07.730", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Bricksforge.This issue affects Bricksforge: from n/a through 2.0.17.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/bricksforge/wordpress-bricksforge-plugin-2-0-17-unauthenticated-arbitrary-email-sending-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-312xx/CVE-2024-31245.json b/CVE-2024/CVE-2024-312xx/CVE-2024-31245.json index 656501daa2f..88d282936c7 100644 --- a/CVE-2024/CVE-2024-312xx/CVE-2024-31245.json +++ b/CVE-2024/CVE-2024-312xx/CVE-2024-31245.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31245", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T16:15:12.257", - "lastModified": "2024-04-10T16:15:12.257", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-312xx/CVE-2024-31247.json b/CVE-2024/CVE-2024-312xx/CVE-2024-31247.json index 64dda92b470..1f6c4b7897a 100644 --- a/CVE-2024/CVE-2024-312xx/CVE-2024-31247.json +++ b/CVE-2024/CVE-2024-312xx/CVE-2024-31247.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31247", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T16:15:12.470", - "lastModified": "2024-04-10T16:15:12.470", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-312xx/CVE-2024-31249.json b/CVE-2024/CVE-2024-312xx/CVE-2024-31249.json index 75b467a8ce7..1248f8bb65e 100644 --- a/CVE-2024/CVE-2024-312xx/CVE-2024-31249.json +++ b/CVE-2024/CVE-2024-312xx/CVE-2024-31249.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31249", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T16:15:12.670", - "lastModified": "2024-04-10T16:15:12.670", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-312xx/CVE-2024-31253.json b/CVE-2024/CVE-2024-312xx/CVE-2024-31253.json index e219a820838..f5cf93638d4 100644 --- a/CVE-2024/CVE-2024-312xx/CVE-2024-31253.json +++ b/CVE-2024/CVE-2024-312xx/CVE-2024-31253.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31253", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T16:15:12.867", - "lastModified": "2024-04-10T16:15:12.867", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-312xx/CVE-2024-31254.json b/CVE-2024/CVE-2024-312xx/CVE-2024-31254.json index f30277c0540..77df51a06f4 100644 --- a/CVE-2024/CVE-2024-312xx/CVE-2024-31254.json +++ b/CVE-2024/CVE-2024-312xx/CVE-2024-31254.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31254", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T16:15:13.073", - "lastModified": "2024-04-10T16:15:13.073", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-312xx/CVE-2024-31259.json b/CVE-2024/CVE-2024-312xx/CVE-2024-31259.json index 6e80576db06..a18d2bef4e7 100644 --- a/CVE-2024/CVE-2024-312xx/CVE-2024-31259.json +++ b/CVE-2024/CVE-2024-312xx/CVE-2024-31259.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31259", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T16:15:13.283", - "lastModified": "2024-04-10T16:15:13.283", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-312xx/CVE-2024-31278.json b/CVE-2024/CVE-2024-312xx/CVE-2024-31278.json index 3296561b01e..65fc65eedf0 100644 --- a/CVE-2024/CVE-2024-312xx/CVE-2024-31278.json +++ b/CVE-2024/CVE-2024-312xx/CVE-2024-31278.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31278", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T16:15:13.483", - "lastModified": "2024-04-10T16:15:13.483", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-312xx/CVE-2024-31282.json b/CVE-2024/CVE-2024-312xx/CVE-2024-31282.json index 22a5b8fe737..79246d56127 100644 --- a/CVE-2024/CVE-2024-312xx/CVE-2024-31282.json +++ b/CVE-2024/CVE-2024-312xx/CVE-2024-31282.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31282", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T16:15:13.693", - "lastModified": "2024-04-10T16:15:13.693", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-312xx/CVE-2024-31287.json b/CVE-2024/CVE-2024-312xx/CVE-2024-31287.json index 6a9af50c9aa..bd4d0654f41 100644 --- a/CVE-2024/CVE-2024-312xx/CVE-2024-31287.json +++ b/CVE-2024/CVE-2024-312xx/CVE-2024-31287.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31287", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T16:15:13.910", - "lastModified": "2024-04-10T16:15:13.910", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-312xx/CVE-2024-31297.json b/CVE-2024/CVE-2024-312xx/CVE-2024-31297.json index 199498e3e72..b2cb32dd33d 100644 --- a/CVE-2024/CVE-2024-312xx/CVE-2024-31297.json +++ b/CVE-2024/CVE-2024-312xx/CVE-2024-31297.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31297", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T16:15:14.137", - "lastModified": "2024-04-10T16:15:14.137", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-312xx/CVE-2024-31298.json b/CVE-2024/CVE-2024-312xx/CVE-2024-31298.json index ca09cc0eabe..5d0b2507b7a 100644 --- a/CVE-2024/CVE-2024-312xx/CVE-2024-31298.json +++ b/CVE-2024/CVE-2024-312xx/CVE-2024-31298.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31298", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T16:15:14.353", - "lastModified": "2024-04-10T16:15:14.353", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-312xx/CVE-2024-31299.json b/CVE-2024/CVE-2024-312xx/CVE-2024-31299.json index adf5774196e..271c1305da6 100644 --- a/CVE-2024/CVE-2024-312xx/CVE-2024-31299.json +++ b/CVE-2024/CVE-2024-312xx/CVE-2024-31299.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31299", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T17:15:55.013", - "lastModified": "2024-04-10T17:15:55.013", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-313xx/CVE-2024-31302.json b/CVE-2024/CVE-2024-313xx/CVE-2024-31302.json index 1a55b1e4365..725285d9ff1 100644 --- a/CVE-2024/CVE-2024-313xx/CVE-2024-31302.json +++ b/CVE-2024/CVE-2024-313xx/CVE-2024-31302.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31302", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T16:15:14.563", - "lastModified": "2024-04-10T16:15:14.563", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-313xx/CVE-2024-31342.json b/CVE-2024/CVE-2024-313xx/CVE-2024-31342.json index 93f77c44f8d..cac2dab0f20 100644 --- a/CVE-2024/CVE-2024-313xx/CVE-2024-31342.json +++ b/CVE-2024/CVE-2024-313xx/CVE-2024-31342.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31342", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T17:15:55.217", - "lastModified": "2024-04-10T17:15:55.217", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-313xx/CVE-2024-31343.json b/CVE-2024/CVE-2024-313xx/CVE-2024-31343.json index b160736f17c..ec38aa98bfb 100644 --- a/CVE-2024/CVE-2024-313xx/CVE-2024-31343.json +++ b/CVE-2024/CVE-2024-313xx/CVE-2024-31343.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31343", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T17:15:55.417", - "lastModified": "2024-04-10T17:15:55.417", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-313xx/CVE-2024-31353.json b/CVE-2024/CVE-2024-313xx/CVE-2024-31353.json index 1fff40b8f93..19571178045 100644 --- a/CVE-2024/CVE-2024-313xx/CVE-2024-31353.json +++ b/CVE-2024/CVE-2024-313xx/CVE-2024-31353.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31353", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T16:15:14.777", - "lastModified": "2024-04-10T16:15:14.777", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-313xx/CVE-2024-31355.json b/CVE-2024/CVE-2024-313xx/CVE-2024-31355.json index 881c6e75ff8..7500e71a690 100644 --- a/CVE-2024/CVE-2024-313xx/CVE-2024-31355.json +++ b/CVE-2024/CVE-2024-313xx/CVE-2024-31355.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31355", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T17:15:55.617", - "lastModified": "2024-04-10T17:15:55.617", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-313xx/CVE-2024-31356.json b/CVE-2024/CVE-2024-313xx/CVE-2024-31356.json index d34ca86ab19..fb4c33aee9c 100644 --- a/CVE-2024/CVE-2024-313xx/CVE-2024-31356.json +++ b/CVE-2024/CVE-2024-313xx/CVE-2024-31356.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31356", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T17:15:55.807", - "lastModified": "2024-04-10T17:15:55.807", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-313xx/CVE-2024-31358.json b/CVE-2024/CVE-2024-313xx/CVE-2024-31358.json index a2bc7046bb1..c04b99eced5 100644 --- a/CVE-2024/CVE-2024-313xx/CVE-2024-31358.json +++ b/CVE-2024/CVE-2024-313xx/CVE-2024-31358.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31358", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T16:15:14.980", - "lastModified": "2024-04-10T16:15:14.980", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-313xx/CVE-2024-31386.json b/CVE-2024/CVE-2024-313xx/CVE-2024-31386.json new file mode 100644 index 00000000000..3e7ad4177c9 --- /dev/null +++ b/CVE-2024/CVE-2024-313xx/CVE-2024-31386.json @@ -0,0 +1,111 @@ +{ + "id": "CVE-2024-31386", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-10T19:15:49.167", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Hidekazu Ishikawa X-T9, Hidekazu Ishikawa Lightning, themeinwp Default Mag, Out the Box Namaha, Out the Box CityLogic, Marsian i-max, Jetmonsters Emmet Lite, Macho Themes Decode, Wayneconnor Sliding Door, Out the Box Shopstar!, Modernthemesnet Gridsby, TT Themes HappenStance, Marsian i-excel, Out the Box Panoramic, Modernthemesnet Sensible WP.This issue affects X-T9: from n/a through 1.19.0; Lightning: from n/a through 15.18.0; Default Mag: from n/a through 1.3.5; Namaha: from n/a through 1.0.40; CityLogic: from n/a through 1.1.29; i-max: from n/a through 1.6.2; Emmet Lite: from n/a through 1.7.5; Decode: from n/a through 3.15.3; Sliding Door: from n/a through 3.3; Shopstar!: from n/a through 1.1.33; Gridsby: from n/a through 1.3.0; HappenStance: from n/a through 3.0.1; i-excel: from n/a through 1.7.9; Panoramic: from n/a through 1.1.56; Sensible WP: from n/a through 1.3.1.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/citylogic/wordpress-citylogic-theme-1-1-29-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://patchstack.com/database/vulnerability/decode/wordpress-decode-theme-3-15-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://patchstack.com/database/vulnerability/default-mag/wordpress-default-mag-theme-1-3-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://patchstack.com/database/vulnerability/emmet-lite/wordpress-emmet-lite-theme-1-7-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://patchstack.com/database/vulnerability/gridsby/wordpress-gridsby-theme-1-3-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://patchstack.com/database/vulnerability/happenstance/wordpress-happenstance-theme-3-0-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://patchstack.com/database/vulnerability/i-excel/wordpress-i-excel-theme-1-7-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://patchstack.com/database/vulnerability/i-max/wordpress-i-max-theme-1-6-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://patchstack.com/database/vulnerability/lightning/wordpress-lightning-theme-15-18-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://patchstack.com/database/vulnerability/namaha/wordpress-namaha-theme-1-0-40-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://patchstack.com/database/vulnerability/panoramic/wordpress-panoramic-theme-1-1-56-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://patchstack.com/database/vulnerability/sensible-wp/wordpress-sensible-wp-theme-1-3-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://patchstack.com/database/vulnerability/shopstar/wordpress-shopstar-theme-1-1-33-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://patchstack.com/database/vulnerability/sliding-door/wordpress-sliding-door-theme-3-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://patchstack.com/database/vulnerability/x-t9/wordpress-x-t9-theme-1-19-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-314xx/CVE-2024-31461.json b/CVE-2024/CVE-2024-314xx/CVE-2024-31461.json new file mode 100644 index 00000000000..e95a1fe05e2 --- /dev/null +++ b/CVE-2024/CVE-2024-314xx/CVE-2024-31461.json @@ -0,0 +1,71 @@ +{ + "id": "CVE-2024-31461", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-04-10T18:15:07.917", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Plane, an open-source project management tool, has a Server-Side Request Forgery (SSRF) vulnerability in versions prior to 0.17-dev. This issue may allow an attacker to send arbitrary requests from the server hosting the application, potentially leading to unauthorized access to internal systems. The impact of this vulnerability includes, but is not limited to, unauthorized access to internal services accessible from the server, potential leakage of sensitive information from internal services, manipulation of internal systems by interacting with internal APIs. Version 0.17-dev contains a patch for this issue. Those who are unable to update immediately may mitigate the issue by restricting outgoing network connections from servers hosting the application to essential services only and/or implementing strict input validation on URLs or parameters that are used to generate server-side requests." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/makeplane/plane/commit/4b0ccea1461b7ca38761dfe0d0f07c2f94425005", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/makeplane/plane/commit/d887b780aea5efba3f3d28c47d7d83f8b3e1e21c", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/makeplane/plane/pull/3323", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/makeplane/plane/pull/3333", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/makeplane/plane/security/advisories/GHSA-j77v-w36v-63v6", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-314xx/CVE-2024-31464.json b/CVE-2024/CVE-2024-314xx/CVE-2024-31464.json new file mode 100644 index 00000000000..71df3846f2e --- /dev/null +++ b/CVE-2024/CVE-2024-314xx/CVE-2024-31464.json @@ -0,0 +1,71 @@ +{ + "id": "CVE-2024-31464", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-04-10T19:15:49.413", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "XWiki Platform is a generic wiki platform. Starting in version 5.0-rc-1 and prior to versions 14.10.19, 15.5.4, and 15.9-rc-1, it is possible to access the hash of a password by using the diff feature of the history whenever the object storing the password is deleted. Using that vulnerability it's possible for an attacker to have access to the hash password of a user if they have rights to edit the users' page. With the default right scheme in XWiki this vulnerability is normally prevented on user profiles, except by users with Admin rights. Note that this vulnerability also impacts any extensions that might use passwords stored in xobjects: for those usecases it depends on the right of those pages. There is currently no way to be 100% sure that this vulnerability has been exploited, as an attacker with enough privilege could have deleted the revision where the xobject was deleted after rolling-back the deletion. But again, this operation requires high privileges on the target page (Admin right). A page with a user password xobject which have in its history a revision where the object has been deleted should be considered at risk and the password should be changed there. a diff, to ensure it's not coming from a password field. As another mitigation, admins should ensure that the user pages are properly protected: the edit right shouldn't be allowed for other users than Admin and owner of the profile (which is the default right). There is not much workaround possible for a privileged user other than upgrading XWiki." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/xwiki/xwiki-platform/commit/9075668a4135cce114ef2a4b72eba3161a9e94c4", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/955fb097e02a2a7153f527522ee9eef42447e5d7", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/f1eaec1e512220fabd970d053c627e435a1652cf", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-v782-xr4w-3vqx", + "source": "security-advisories@github.com" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-19948", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-314xx/CVE-2024-31492.json b/CVE-2024/CVE-2024-314xx/CVE-2024-31492.json index 4398c9f0e47..71667a21105 100644 --- a/CVE-2024/CVE-2024-314xx/CVE-2024-31492.json +++ b/CVE-2024/CVE-2024-314xx/CVE-2024-31492.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31492", "sourceIdentifier": "psirt@fortinet.com", "published": "2024-04-10T13:51:38.607", - "lastModified": "2024-04-10T13:51:38.607", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-318xx/CVE-2024-31871.json b/CVE-2024/CVE-2024-318xx/CVE-2024-31871.json index f8abf72e98e..87e6c9a35e5 100644 --- a/CVE-2024/CVE-2024-318xx/CVE-2024-31871.json +++ b/CVE-2024/CVE-2024-318xx/CVE-2024-31871.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31871", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-04-10T16:15:15.183", - "lastModified": "2024-04-10T16:15:15.183", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-318xx/CVE-2024-31872.json b/CVE-2024/CVE-2024-318xx/CVE-2024-31872.json index 96c71d1f0ba..67bca8ae673 100644 --- a/CVE-2024/CVE-2024-318xx/CVE-2024-31872.json +++ b/CVE-2024/CVE-2024-318xx/CVE-2024-31872.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31872", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-04-10T16:15:15.413", - "lastModified": "2024-04-10T16:15:15.413", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-318xx/CVE-2024-31873.json b/CVE-2024/CVE-2024-318xx/CVE-2024-31873.json index 3881202b35f..f3c863fbda2 100644 --- a/CVE-2024/CVE-2024-318xx/CVE-2024-31873.json +++ b/CVE-2024/CVE-2024-318xx/CVE-2024-31873.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31873", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-04-10T16:15:15.670", - "lastModified": "2024-04-10T16:15:15.670", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-318xx/CVE-2024-31874.json b/CVE-2024/CVE-2024-318xx/CVE-2024-31874.json index cadabf1ea83..72c24a42a78 100644 --- a/CVE-2024/CVE-2024-318xx/CVE-2024-31874.json +++ b/CVE-2024/CVE-2024-318xx/CVE-2024-31874.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31874", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-04-10T16:15:15.890", - "lastModified": "2024-04-10T16:15:15.890", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-319xx/CVE-2024-31924.json b/CVE-2024/CVE-2024-319xx/CVE-2024-31924.json index bcd43d18bda..29712bc9f99 100644 --- a/CVE-2024/CVE-2024-319xx/CVE-2024-31924.json +++ b/CVE-2024/CVE-2024-319xx/CVE-2024-31924.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31924", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-10T13:51:38.793", - "lastModified": "2024-04-10T13:51:38.793", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-319xx/CVE-2024-31943.json b/CVE-2024/CVE-2024-319xx/CVE-2024-31943.json new file mode 100644 index 00000000000..d42b59d2da0 --- /dev/null +++ b/CVE-2024/CVE-2024-319xx/CVE-2024-31943.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-31943", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-10T18:15:08.103", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Octolize USPS Shipping for WooCommerce \u2013 Live Rates.This issue affects USPS Shipping for WooCommerce \u2013 Live Rates: from n/a through 1.9.2.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/flexible-shipping-usps/wordpress-usps-shipping-for-woocommerce-plugin-1-9-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-319xx/CVE-2024-31944.json b/CVE-2024/CVE-2024-319xx/CVE-2024-31944.json new file mode 100644 index 00000000000..4f3ab6d7244 --- /dev/null +++ b/CVE-2024/CVE-2024-319xx/CVE-2024-31944.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-31944", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-10T18:15:08.293", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Octolize WooCommerce UPS Shipping \u2013 Live Rates and Access Points.This issue affects WooCommerce UPS Shipping \u2013 Live Rates and Access Points: from n/a through 2.2.4.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/flexible-shipping-ups/wordpress-woocommerce-ups-shipping-plugin-2-2-4-cross-site-request-forgery-csrf-leading-to-notice-dismissal-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-31xx/CVE-2024-3101.json b/CVE-2024/CVE-2024-31xx/CVE-2024-3101.json index 2e5bca1fcba..5d736d1ab61 100644 --- a/CVE-2024/CVE-2024-31xx/CVE-2024-3101.json +++ b/CVE-2024/CVE-2024-31xx/CVE-2024-3101.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3101", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:56.417", - "lastModified": "2024-04-10T17:15:56.417", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-31xx/CVE-2024-3157.json b/CVE-2024/CVE-2024-31xx/CVE-2024-3157.json new file mode 100644 index 00000000000..3de5e507e27 --- /dev/null +++ b/CVE-2024/CVE-2024-31xx/CVE-2024-3157.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-3157", + "sourceIdentifier": "chrome-cve-admin@google.com", + "published": "2024-04-10T19:15:49.623", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: High)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_10.html", + "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://issues.chromium.org/issues/331237485", + "source": "chrome-cve-admin@google.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3283.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3283.json index 5832630a1df..6721511e98b 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3283.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3283.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3283", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:56.600", - "lastModified": "2024-04-10T17:15:56.600", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-33xx/CVE-2024-3382.json b/CVE-2024/CVE-2024-33xx/CVE-2024-3382.json index 4e8f60f1275..02aee865fa6 100644 --- a/CVE-2024/CVE-2024-33xx/CVE-2024-3382.json +++ b/CVE-2024/CVE-2024-33xx/CVE-2024-3382.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3382", "sourceIdentifier": "psirt@paloaltonetworks.com", "published": "2024-04-10T17:15:56.793", - "lastModified": "2024-04-10T17:15:56.793", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-33xx/CVE-2024-3383.json b/CVE-2024/CVE-2024-33xx/CVE-2024-3383.json index 43a128c5b20..f7114778835 100644 --- a/CVE-2024/CVE-2024-33xx/CVE-2024-3383.json +++ b/CVE-2024/CVE-2024-33xx/CVE-2024-3383.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3383", "sourceIdentifier": "psirt@paloaltonetworks.com", "published": "2024-04-10T17:15:57.000", - "lastModified": "2024-04-10T17:15:57.000", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-33xx/CVE-2024-3384.json b/CVE-2024/CVE-2024-33xx/CVE-2024-3384.json index 1542b33cbbd..c216b1f1e4e 100644 --- a/CVE-2024/CVE-2024-33xx/CVE-2024-3384.json +++ b/CVE-2024/CVE-2024-33xx/CVE-2024-3384.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3384", "sourceIdentifier": "psirt@paloaltonetworks.com", "published": "2024-04-10T17:15:57.217", - "lastModified": "2024-04-10T17:15:57.217", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-33xx/CVE-2024-3385.json b/CVE-2024/CVE-2024-33xx/CVE-2024-3385.json index 82a92ebc684..21bd474c1e6 100644 --- a/CVE-2024/CVE-2024-33xx/CVE-2024-3385.json +++ b/CVE-2024/CVE-2024-33xx/CVE-2024-3385.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3385", "sourceIdentifier": "psirt@paloaltonetworks.com", "published": "2024-04-10T17:15:57.410", - "lastModified": "2024-04-10T17:15:57.410", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-33xx/CVE-2024-3386.json b/CVE-2024/CVE-2024-33xx/CVE-2024-3386.json index 28d3c48182e..6b313e2d1e5 100644 --- a/CVE-2024/CVE-2024-33xx/CVE-2024-3386.json +++ b/CVE-2024/CVE-2024-33xx/CVE-2024-3386.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3386", "sourceIdentifier": "psirt@paloaltonetworks.com", "published": "2024-04-10T17:15:57.593", - "lastModified": "2024-04-10T17:15:57.593", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-33xx/CVE-2024-3387.json b/CVE-2024/CVE-2024-33xx/CVE-2024-3387.json index 090370206e0..607031b212a 100644 --- a/CVE-2024/CVE-2024-33xx/CVE-2024-3387.json +++ b/CVE-2024/CVE-2024-33xx/CVE-2024-3387.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3387", "sourceIdentifier": "psirt@paloaltonetworks.com", "published": "2024-04-10T17:15:57.787", - "lastModified": "2024-04-10T17:15:57.787", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-33xx/CVE-2024-3388.json b/CVE-2024/CVE-2024-33xx/CVE-2024-3388.json index 49e9d555b25..91c4c24d410 100644 --- a/CVE-2024/CVE-2024-33xx/CVE-2024-3388.json +++ b/CVE-2024/CVE-2024-33xx/CVE-2024-3388.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3388", "sourceIdentifier": "psirt@paloaltonetworks.com", "published": "2024-04-10T17:15:57.970", - "lastModified": "2024-04-10T17:15:57.970", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-34xx/CVE-2024-3448.json b/CVE-2024/CVE-2024-34xx/CVE-2024-3448.json index 3f7a348eb60..daf431a77e2 100644 --- a/CVE-2024/CVE-2024-34xx/CVE-2024-3448.json +++ b/CVE-2024/CVE-2024-34xx/CVE-2024-3448.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3448", "sourceIdentifier": "vulnerability@ncsc.ch", "published": "2024-04-10T14:15:07.937", - "lastModified": "2024-04-10T14:15:07.937", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-35xx/CVE-2024-3515.json b/CVE-2024/CVE-2024-35xx/CVE-2024-3515.json new file mode 100644 index 00000000000..1d091e7a9bf --- /dev/null +++ b/CVE-2024/CVE-2024-35xx/CVE-2024-3515.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-3515", + "sourceIdentifier": "chrome-cve-admin@google.com", + "published": "2024-04-10T19:15:49.670", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_10.html", + "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://issues.chromium.org/issues/331123811", + "source": "chrome-cve-admin@google.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-35xx/CVE-2024-3516.json b/CVE-2024/CVE-2024-35xx/CVE-2024-3516.json new file mode 100644 index 00000000000..2f991290f73 --- /dev/null +++ b/CVE-2024/CVE-2024-35xx/CVE-2024-3516.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-3516", + "sourceIdentifier": "chrome-cve-admin@google.com", + "published": "2024-04-10T19:15:49.717", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_10.html", + "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://issues.chromium.org/issues/328859176", + "source": "chrome-cve-admin@google.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-35xx/CVE-2024-3566.json b/CVE-2024/CVE-2024-35xx/CVE-2024-3566.json index 6e50db67246..3298b1311c8 100644 --- a/CVE-2024/CVE-2024-35xx/CVE-2024-3566.json +++ b/CVE-2024/CVE-2024-35xx/CVE-2024-3566.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3566", "sourceIdentifier": "cret@cert.org", "published": "2024-04-10T16:15:16.083", - "lastModified": "2024-04-10T16:15:16.083", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-35xx/CVE-2024-3567.json b/CVE-2024/CVE-2024-35xx/CVE-2024-3567.json index 28a1993f724..ccc3540cac9 100644 --- a/CVE-2024/CVE-2024-35xx/CVE-2024-3567.json +++ b/CVE-2024/CVE-2024-35xx/CVE-2024-3567.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3567", "sourceIdentifier": "secalert@redhat.com", "published": "2024-04-10T15:16:05.097", - "lastModified": "2024-04-10T15:16:05.097", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-35xx/CVE-2024-3568.json b/CVE-2024/CVE-2024-35xx/CVE-2024-3568.json index f2843f4e443..d5cf04e0ba5 100644 --- a/CVE-2024/CVE-2024-35xx/CVE-2024-3568.json +++ b/CVE-2024/CVE-2024-35xx/CVE-2024-3568.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3568", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:58.160", - "lastModified": "2024-04-10T17:15:58.160", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-35xx/CVE-2024-3569.json b/CVE-2024/CVE-2024-35xx/CVE-2024-3569.json index a4e4b27d5d0..e876f62c3a5 100644 --- a/CVE-2024/CVE-2024-35xx/CVE-2024-3569.json +++ b/CVE-2024/CVE-2024-35xx/CVE-2024-3569.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3569", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:58.350", - "lastModified": "2024-04-10T17:15:58.350", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-35xx/CVE-2024-3570.json b/CVE-2024/CVE-2024-35xx/CVE-2024-3570.json index 16c84f5b196..b3a400a9c3e 100644 --- a/CVE-2024/CVE-2024-35xx/CVE-2024-3570.json +++ b/CVE-2024/CVE-2024-35xx/CVE-2024-3570.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3570", "sourceIdentifier": "security@huntr.dev", "published": "2024-04-10T17:15:58.543", - "lastModified": "2024-04-10T17:15:58.543", - "vulnStatus": "Received", + "lastModified": "2024-04-10T19:49:51.183", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/README.md b/README.md index 6c40b4697bc..4b9a74779bf 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-04-10T18:00:30.750444+00:00 +2024-04-10T20:00:38.476237+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-04-10T17:15:58.543000+00:00 +2024-04-10T19:56:14.227000+00:00 ``` ### Last Data Feed Release @@ -33,52 +33,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -245067 +245120 ``` ### CVEs added in the last Commit -Recently added CVEs: `60` +Recently added CVEs: `53` -- [CVE-2024-31298](CVE-2024/CVE-2024-312xx/CVE-2024-31298.json) (`2024-04-10T16:15:14.353`) -- [CVE-2024-31299](CVE-2024/CVE-2024-312xx/CVE-2024-31299.json) (`2024-04-10T17:15:55.013`) -- [CVE-2024-31302](CVE-2024/CVE-2024-313xx/CVE-2024-31302.json) (`2024-04-10T16:15:14.563`) -- [CVE-2024-31342](CVE-2024/CVE-2024-313xx/CVE-2024-31342.json) (`2024-04-10T17:15:55.217`) -- [CVE-2024-31343](CVE-2024/CVE-2024-313xx/CVE-2024-31343.json) (`2024-04-10T17:15:55.417`) -- [CVE-2024-31353](CVE-2024/CVE-2024-313xx/CVE-2024-31353.json) (`2024-04-10T16:15:14.777`) -- [CVE-2024-31355](CVE-2024/CVE-2024-313xx/CVE-2024-31355.json) (`2024-04-10T17:15:55.617`) -- [CVE-2024-31356](CVE-2024/CVE-2024-313xx/CVE-2024-31356.json) (`2024-04-10T17:15:55.807`) -- [CVE-2024-31358](CVE-2024/CVE-2024-313xx/CVE-2024-31358.json) (`2024-04-10T16:15:14.980`) -- [CVE-2024-31871](CVE-2024/CVE-2024-318xx/CVE-2024-31871.json) (`2024-04-10T16:15:15.183`) -- [CVE-2024-31872](CVE-2024/CVE-2024-318xx/CVE-2024-31872.json) (`2024-04-10T16:15:15.413`) -- [CVE-2024-31873](CVE-2024/CVE-2024-318xx/CVE-2024-31873.json) (`2024-04-10T16:15:15.670`) -- [CVE-2024-31874](CVE-2024/CVE-2024-318xx/CVE-2024-31874.json) (`2024-04-10T16:15:15.890`) -- [CVE-2024-3283](CVE-2024/CVE-2024-32xx/CVE-2024-3283.json) (`2024-04-10T17:15:56.600`) -- [CVE-2024-3382](CVE-2024/CVE-2024-33xx/CVE-2024-3382.json) (`2024-04-10T17:15:56.793`) -- [CVE-2024-3383](CVE-2024/CVE-2024-33xx/CVE-2024-3383.json) (`2024-04-10T17:15:57.000`) -- [CVE-2024-3384](CVE-2024/CVE-2024-33xx/CVE-2024-3384.json) (`2024-04-10T17:15:57.217`) -- [CVE-2024-3385](CVE-2024/CVE-2024-33xx/CVE-2024-3385.json) (`2024-04-10T17:15:57.410`) -- [CVE-2024-3386](CVE-2024/CVE-2024-33xx/CVE-2024-3386.json) (`2024-04-10T17:15:57.593`) -- [CVE-2024-3387](CVE-2024/CVE-2024-33xx/CVE-2024-3387.json) (`2024-04-10T17:15:57.787`) -- [CVE-2024-3388](CVE-2024/CVE-2024-33xx/CVE-2024-3388.json) (`2024-04-10T17:15:57.970`) -- [CVE-2024-3566](CVE-2024/CVE-2024-35xx/CVE-2024-3566.json) (`2024-04-10T16:15:16.083`) -- [CVE-2024-3568](CVE-2024/CVE-2024-35xx/CVE-2024-3568.json) (`2024-04-10T17:15:58.160`) -- [CVE-2024-3569](CVE-2024/CVE-2024-35xx/CVE-2024-3569.json) (`2024-04-10T17:15:58.350`) -- [CVE-2024-3570](CVE-2024/CVE-2024-35xx/CVE-2024-3570.json) (`2024-04-10T17:15:58.543`) +- [CVE-2021-47210](CVE-2021/CVE-2021-472xx/CVE-2021-47210.json) (`2024-04-10T19:15:48.497`) +- [CVE-2021-47211](CVE-2021/CVE-2021-472xx/CVE-2021-47211.json) (`2024-04-10T19:15:48.547`) +- [CVE-2021-47212](CVE-2021/CVE-2021-472xx/CVE-2021-47212.json) (`2024-04-10T19:15:48.597`) +- [CVE-2021-47213](CVE-2021/CVE-2021-472xx/CVE-2021-47213.json) (`2024-04-10T19:15:48.640`) +- [CVE-2021-47214](CVE-2021/CVE-2021-472xx/CVE-2021-47214.json) (`2024-04-10T19:15:48.680`) +- [CVE-2021-47215](CVE-2021/CVE-2021-472xx/CVE-2021-47215.json) (`2024-04-10T19:15:48.727`) +- [CVE-2021-47216](CVE-2021/CVE-2021-472xx/CVE-2021-47216.json) (`2024-04-10T19:15:48.770`) +- [CVE-2021-47217](CVE-2021/CVE-2021-472xx/CVE-2021-47217.json) (`2024-04-10T19:15:48.813`) +- [CVE-2021-47218](CVE-2021/CVE-2021-472xx/CVE-2021-47218.json) (`2024-04-10T19:15:48.860`) +- [CVE-2021-47219](CVE-2021/CVE-2021-472xx/CVE-2021-47219.json) (`2024-04-10T19:15:48.903`) +- [CVE-2023-52070](CVE-2023/CVE-2023-520xx/CVE-2023-52070.json) (`2024-04-10T19:15:48.973`) +- [CVE-2024-23077](CVE-2024/CVE-2024-230xx/CVE-2024-23077.json) (`2024-04-10T19:15:49.020`) +- [CVE-2024-28344](CVE-2024/CVE-2024-283xx/CVE-2024-28344.json) (`2024-04-10T19:15:49.070`) +- [CVE-2024-28345](CVE-2024/CVE-2024-283xx/CVE-2024-28345.json) (`2024-04-10T19:15:49.117`) +- [CVE-2024-31214](CVE-2024/CVE-2024-312xx/CVE-2024-31214.json) (`2024-04-10T18:15:07.350`) +- [CVE-2024-31230](CVE-2024/CVE-2024-312xx/CVE-2024-31230.json) (`2024-04-10T18:15:07.540`) +- [CVE-2024-31242](CVE-2024/CVE-2024-312xx/CVE-2024-31242.json) (`2024-04-10T18:15:07.730`) +- [CVE-2024-31386](CVE-2024/CVE-2024-313xx/CVE-2024-31386.json) (`2024-04-10T19:15:49.167`) +- [CVE-2024-31461](CVE-2024/CVE-2024-314xx/CVE-2024-31461.json) (`2024-04-10T18:15:07.917`) +- [CVE-2024-31464](CVE-2024/CVE-2024-314xx/CVE-2024-31464.json) (`2024-04-10T19:15:49.413`) +- [CVE-2024-3157](CVE-2024/CVE-2024-31xx/CVE-2024-3157.json) (`2024-04-10T19:15:49.623`) +- [CVE-2024-31943](CVE-2024/CVE-2024-319xx/CVE-2024-31943.json) (`2024-04-10T18:15:08.103`) +- [CVE-2024-31944](CVE-2024/CVE-2024-319xx/CVE-2024-31944.json) (`2024-04-10T18:15:08.293`) +- [CVE-2024-3515](CVE-2024/CVE-2024-35xx/CVE-2024-3515.json) (`2024-04-10T19:15:49.670`) +- [CVE-2024-3516](CVE-2024/CVE-2024-35xx/CVE-2024-3516.json) (`2024-04-10T19:15:49.717`) ### CVEs modified in the last Commit -Recently modified CVEs: `8` +Recently modified CVEs: `92` -- [CVE-2021-46926](CVE-2021/CVE-2021-469xx/CVE-2021-46926.json) (`2024-04-10T16:26:55.390`) -- [CVE-2021-46927](CVE-2021/CVE-2021-469xx/CVE-2021-46927.json) (`2024-04-10T16:25:32.067`) -- [CVE-2021-46928](CVE-2021/CVE-2021-469xx/CVE-2021-46928.json) (`2024-04-10T16:29:19.867`) -- [CVE-2021-46929](CVE-2021/CVE-2021-469xx/CVE-2021-46929.json) (`2024-04-10T17:05:51.133`) -- [CVE-2021-46930](CVE-2021/CVE-2021-469xx/CVE-2021-46930.json) (`2024-04-10T16:39:23.653`) -- [CVE-2021-46931](CVE-2021/CVE-2021-469xx/CVE-2021-46931.json) (`2024-04-10T16:31:14.667`) -- [CVE-2024-22423](CVE-2024/CVE-2024-224xx/CVE-2024-22423.json) (`2024-04-10T16:15:09.793`) -- [CVE-2024-24576](CVE-2024/CVE-2024-245xx/CVE-2024-24576.json) (`2024-04-10T16:15:10.010`) +- [CVE-2024-31343](CVE-2024/CVE-2024-313xx/CVE-2024-31343.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-31353](CVE-2024/CVE-2024-313xx/CVE-2024-31353.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-31355](CVE-2024/CVE-2024-313xx/CVE-2024-31355.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-31356](CVE-2024/CVE-2024-313xx/CVE-2024-31356.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-31358](CVE-2024/CVE-2024-313xx/CVE-2024-31358.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-31492](CVE-2024/CVE-2024-314xx/CVE-2024-31492.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-31871](CVE-2024/CVE-2024-318xx/CVE-2024-31871.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-31872](CVE-2024/CVE-2024-318xx/CVE-2024-31872.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-31873](CVE-2024/CVE-2024-318xx/CVE-2024-31873.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-31874](CVE-2024/CVE-2024-318xx/CVE-2024-31874.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-31924](CVE-2024/CVE-2024-319xx/CVE-2024-31924.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-3283](CVE-2024/CVE-2024-32xx/CVE-2024-3283.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-3382](CVE-2024/CVE-2024-33xx/CVE-2024-3382.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-3383](CVE-2024/CVE-2024-33xx/CVE-2024-3383.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-3384](CVE-2024/CVE-2024-33xx/CVE-2024-3384.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-3385](CVE-2024/CVE-2024-33xx/CVE-2024-3385.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-3386](CVE-2024/CVE-2024-33xx/CVE-2024-3386.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-3387](CVE-2024/CVE-2024-33xx/CVE-2024-3387.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-3388](CVE-2024/CVE-2024-33xx/CVE-2024-3388.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-3448](CVE-2024/CVE-2024-34xx/CVE-2024-3448.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-3566](CVE-2024/CVE-2024-35xx/CVE-2024-3566.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-3567](CVE-2024/CVE-2024-35xx/CVE-2024-3567.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-3568](CVE-2024/CVE-2024-35xx/CVE-2024-3568.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-3569](CVE-2024/CVE-2024-35xx/CVE-2024-3569.json) (`2024-04-10T19:49:51.183`) +- [CVE-2024-3570](CVE-2024/CVE-2024-35xx/CVE-2024-3570.json) (`2024-04-10T19:49:51.183`) ## Download and Usage diff --git a/_state.csv b/_state.csv index c04223c7d17..c24d4d061dc 100644 --- a/_state.csv +++ b/_state.csv @@ -159228,8 +159228,8 @@ CVE-2020-36772,0,0,ff3e4f879e7ae418a701647a13240a39df8c57776ec6e58c53b6a64dafad1 CVE-2020-36773,0,0,d0ddb06ecf8d46409b82e3ffb254421534eaa86dda122f28d93753543197a5b1,2024-03-04T23:04:23.720000 CVE-2020-36774,0,0,caefdac33e8d57c5a006664b2d809197b3c6abe35049510ce3150d4c26215374,2024-02-20T19:50:53.960000 CVE-2020-36775,0,0,bebe52696a44c06274c8ae812282ae2f64cd40883bb94084381cc8f248cf9dd7,2024-02-26T22:10:40.463000 -CVE-2020-36776,0,0,9f4a8ddcc101366ee37a97df34853d39bf78a8fa3bf2590795a8cd78e56ff303,2024-02-28T14:06:45.783000 -CVE-2020-36777,0,0,26d79336d36f547d8fa78ebe9b0c361676563d8d295342f0f02ba90159c5b986,2024-02-28T14:06:45.783000 +CVE-2020-36776,0,1,0d6a9157d7be92178ede0efa42b523dcc249f49fe1156166723fda7b340f9325,2024-04-10T19:34:31.410000 +CVE-2020-36777,0,1,08fa78c9c2f6757fa09a48c61f09e33f93d3cddffe3460adda403850ad08e31e,2024-04-10T19:32:09.210000 CVE-2020-36778,0,0,cfe13668981468f714abe64449a0c090bc5d650427cab2f289f1a6bc1a11f72e,2024-02-28T14:06:45.783000 CVE-2020-36779,0,0,800e402da8435767caed3dd52e393d977f31994fbffd36f2929f8f235df72bf8,2024-02-28T14:06:45.783000 CVE-2020-3678,0,0,ecf0de89ab487ccb7df5ba1d4c3d906dfe90a809a18e797bd999ae3abaa31cc9,2020-11-06T16:36:51.433000 @@ -186652,25 +186652,25 @@ CVE-2021-46922,0,0,bc44649993c2053b091993780315d0214f8c9fdc19d93c56c08e0250fb1c7 CVE-2021-46923,0,0,4ba8e4a9d497c82663ac89bd2952857ad7e9da7a3ae27e8e690944aa5d25a23a,2024-04-10T15:25:34.540000 CVE-2021-46924,0,0,1b188c031acbd3e89c859a161de93ccf51307cd4e074b941fe243f5ca63e3586,2024-04-10T15:23:33.673000 CVE-2021-46925,0,0,5f7a03505455e06d33eb5f6b12ee64219c5e8061146bbaac873228cf606677ff,2024-04-10T15:22:29.233000 -CVE-2021-46926,0,1,69a453bb34927e15f51a76183ecb823345636e84a4aecefa13daaf19b0a1367f,2024-04-10T16:26:55.390000 -CVE-2021-46927,0,1,8866ef59254581aa59106533b67836f6e1d0b15b03744b16dc33f11840194ebe,2024-04-10T16:25:32.067000 -CVE-2021-46928,0,1,c7b576859aa8f97d77e45663c9a464b067424497e5e4d5e1863c8e898a30c9a8,2024-04-10T16:29:19.867000 -CVE-2021-46929,0,1,8f810f43e77b2402b6774bc8d613fbb52147e81f1ae87e80bb9768c8e6d60711,2024-04-10T17:05:51.133000 -CVE-2021-46930,0,1,f706d0b884fb56b1eb355d6b7497f0c63cec9e8906cbd2e01b5eecdf9e3ee40b,2024-04-10T16:39:23.653000 -CVE-2021-46931,0,1,1a317c0ad2ef6e1e0589260741f734ae36ad06bbba426c2fc956c698f3ddd7f2,2024-04-10T16:31:14.667000 -CVE-2021-46932,0,0,af4fa97462ca77ad0297791adac31c0bbbba8005816d05bc37a6ef0155fd65ca,2024-02-27T14:20:06.637000 -CVE-2021-46933,0,0,5b393242bab245c32b7390bce3f6a0135931bce678e79c90a35a4793c099496d,2024-02-27T14:20:06.637000 -CVE-2021-46934,0,0,3cba70d201389ce696f69ce14587ca31f9f2f9a88aa137cfc0afd894af992f80,2024-02-27T14:20:06.637000 -CVE-2021-46935,0,0,fe143b9bcd0d2c0fe8deafa69e05765f6caaee8a5a9e914ebfbbef2539f5955c,2024-02-27T14:20:06.637000 -CVE-2021-46936,0,0,a534c3941a824eed6266a7537f0ff4f4ebe2a3f8cbb70c2b754776af44cf11f2,2024-02-27T14:19:41.650000 -CVE-2021-46937,0,0,f9b5b3eb75a4d660f5718504909d7be59706423a3d0138c3d17d24c9ff907f69,2024-02-27T14:19:41.650000 -CVE-2021-46938,0,0,2910dee92dc3aa9b53eb2aa6ba18ab971eabf7da7a9b2351f7187f71ce8930f5,2024-02-28T14:06:45.783000 -CVE-2021-46939,0,0,11d548c16808b4d9285f808f340f15315aebcd22daa12ba1b14b91d9cf8d35f0,2024-02-28T14:06:45.783000 -CVE-2021-46940,0,0,96c34cf05627f7bb3bd9ee1f39f417cc033e41660c6f5c1edbca7b8e59d0abcb,2024-02-28T14:06:45.783000 -CVE-2021-46941,0,0,222ef5a0dd93bee1441b175881a681475f4274f9ddeb70a6a3fb1e6918a89687,2024-02-28T14:06:45.783000 -CVE-2021-46942,0,0,8373f52b7a7712e6d53b6ce89bd8d6c650901ce20a55aa22819475074dd2b779,2024-02-28T14:06:45.783000 -CVE-2021-46943,0,0,4367949ad59122baf37577ab771f661960f882c9ffda3fa652b1fc8acf5f5ead,2024-02-28T14:06:45.783000 -CVE-2021-46944,0,0,2e0771427d4c6c8a118919e50fede87429f47b4eb89c2f8fa112e70bda4c38bb,2024-02-28T14:06:45.783000 +CVE-2021-46926,0,0,69a453bb34927e15f51a76183ecb823345636e84a4aecefa13daaf19b0a1367f,2024-04-10T16:26:55.390000 +CVE-2021-46927,0,0,8866ef59254581aa59106533b67836f6e1d0b15b03744b16dc33f11840194ebe,2024-04-10T16:25:32.067000 +CVE-2021-46928,0,0,c7b576859aa8f97d77e45663c9a464b067424497e5e4d5e1863c8e898a30c9a8,2024-04-10T16:29:19.867000 +CVE-2021-46929,0,0,8f810f43e77b2402b6774bc8d613fbb52147e81f1ae87e80bb9768c8e6d60711,2024-04-10T17:05:51.133000 +CVE-2021-46930,0,0,f706d0b884fb56b1eb355d6b7497f0c63cec9e8906cbd2e01b5eecdf9e3ee40b,2024-04-10T16:39:23.653000 +CVE-2021-46931,0,0,1a317c0ad2ef6e1e0589260741f734ae36ad06bbba426c2fc956c698f3ddd7f2,2024-04-10T16:31:14.667000 +CVE-2021-46932,0,1,d1c455451d177c0d45c35cb31a23e524a52117a2f2293e8cb34e43f1747477f0,2024-04-10T18:02:06.327000 +CVE-2021-46933,0,1,1aa8a33045cb64e009a60ca7ed9cf59dce17e524200bbe6bb989102758ab0bf8,2024-04-10T18:36:47.927000 +CVE-2021-46934,0,1,792b350d71c717ceda8c7c000a3cd316d06ae58447ca9f8ae660871ff0765e45,2024-04-10T18:19:53.630000 +CVE-2021-46935,0,1,6c42dbef7367dbc1ff7a56ced304e7e5f97473bebead0993f52ccf6180c8f58a,2024-04-10T18:24:38.927000 +CVE-2021-46936,0,1,436caaf091c0133b99604183a9fc84c93ea027e69d3b147ca3b911576a85e74d,2024-04-10T19:20:08.790000 +CVE-2021-46937,0,1,15de64c80f560d42032dab346c5a8f48b489a14f32fbb65332f34f56b25d91f9,2024-04-10T18:59:16.507000 +CVE-2021-46938,0,1,bcc5d9b507e207e7819ac9797ecc02cac7a40d093cd3b58efd686d459147581a,2024-04-10T19:20:55.173000 +CVE-2021-46939,0,1,3134647908b93f4788d476ad204fe3caac50339dba313f7c3be495c1f1c764f2,2024-04-10T19:49:03.580000 +CVE-2021-46940,0,1,b89d962cc8e0cc41f5c0010ff508a5594952aef00ff143b69c79d90906962d62,2024-04-10T19:44:37.227000 +CVE-2021-46941,0,1,2ce82780f5a41832c9f1a25f06ccfdaa21aea0198a98e335b1d5dcb3a914967c,2024-04-10T19:42:17.610000 +CVE-2021-46942,0,1,71a41cff6abe69a3265caabe98ca8aa57ab0c584e39536edfbd964c34d56e2cf,2024-04-10T19:56:14.227000 +CVE-2021-46943,0,1,2a1ca0405fb7880053d590ee8ada03dc0948253fa996ab8b3397058593a5b290,2024-04-10T19:54:14.133000 +CVE-2021-46944,0,1,d82544911189784027f8e2047744f9ca05b54cebfb5102fe4426566e939bb2ca,2024-04-10T19:53:31.403000 CVE-2021-46945,0,0,53308dea563b2c2054372d093394c707d636a68cacb285100380a12f17fbd1d1,2024-02-28T14:06:45.783000 CVE-2021-46946,0,0,0a7824c78fda312e2a69c092b1751fd0538157938572285a8b1a980223fde408,2024-03-08T10:15:45.650000 CVE-2021-46947,0,0,6220ae1ef0c0836f165cbf1a4a847090c0f87ed038ea97e182954eadb2c0367c,2024-02-28T14:06:45.783000 @@ -186907,7 +186907,45 @@ CVE-2021-47177,0,0,17b9c85fef923a6278fd6497872c22e2b4ea493f8584902c2660ab96e3601 CVE-2021-47178,0,0,d62a0b0430d909fcce88ca031870efdb985e58c953eb3149d1b68d4f1ab3f7b7,2024-04-04T14:15:08.850000 CVE-2021-47179,0,0,b000bf7d856337be976af2349b8f73420ab8bf8fd491053a6643b7a7d226e562,2024-04-04T14:15:08.920000 CVE-2021-47180,0,0,afc9fd20c69c989d18f2e23ff0432fb8cf966ef1d2dccd25cb3768f2bf56673b,2024-03-25T13:47:14.087000 +CVE-2021-47181,1,1,f514826cfd3964119b898dae26583a73f28c0616add32f51b88634f7b795117c,2024-04-10T19:49:51.183000 +CVE-2021-47182,1,1,d8638aeb7f3d070c315cd0d20f041c0708393c20163ab8ebe6e1d8ea3606255e,2024-04-10T19:49:51.183000 +CVE-2021-47183,1,1,729c74bcf531cbf13d3a8d0b3ebed4af1d53bb85b37ee3a89ec273a2030d53f7,2024-04-10T19:49:51.183000 +CVE-2021-47184,1,1,42ed410ab408c3953438a7b5d39d557e3bcd49f633a3b8668671cce03c8f1e77,2024-04-10T19:49:51.183000 +CVE-2021-47185,1,1,96d130eb2d29fafe17fb425d9b79c0ea8ab6208e1929c9e63cd65dec64c83e87,2024-04-10T19:49:51.183000 +CVE-2021-47186,1,1,4badd03c6b06c49592b3526605c467557d8f42c7f8cd126f26d292402a4ed131,2024-04-10T19:49:51.183000 +CVE-2021-47187,1,1,23d3a5c2f0a01ae6b1096c427c1f0a891af2f272141d9f776fd786911bc8fbaf,2024-04-10T19:49:51.183000 +CVE-2021-47188,1,1,19c9989864780fe125fb5c66c547214b93e2458ebc79a8389552181805de3c22,2024-04-10T19:49:51.183000 +CVE-2021-47189,1,1,ff3cc76e7479417b6bd2fb2862f9fe573670f5eb5972edf86571a3e60ce51b96,2024-04-10T19:49:51.183000 +CVE-2021-47190,1,1,94edff036375ac251084a67dc167ecd7e9b907738293af8df07154bde4a24049,2024-04-10T19:49:51.183000 +CVE-2021-47191,1,1,4cea375373e75c52ad27f4606afe43084ac30d2268e0eba2c3e5bf14d6fdfe5f,2024-04-10T19:49:51.183000 +CVE-2021-47192,1,1,56ce4ccbfee414d8d1a13111b5104bd2c6bcf57e05815dcd85e9ededf1d49f6f,2024-04-10T19:49:51.183000 +CVE-2021-47193,1,1,88ba6dc5df569bd9daeefb09a959c439577d334ff95473d60ebf8085fd8a26a2,2024-04-10T19:49:51.183000 +CVE-2021-47194,1,1,8a1c5f7607a9ab91614599c87080d7480b7d8a3110e2e5f2cae1ea2033552130,2024-04-10T19:49:51.183000 +CVE-2021-47195,1,1,d0a553f28594c0a3c799f55bf1845b63e5fcece30b53746e5f40d51550a8e9ee,2024-04-10T19:49:51.183000 +CVE-2021-47196,1,1,99f531be60a8873f6e304b886f7e32791da0205ed9e0eea6b893db78a5a47305,2024-04-10T19:49:51.183000 +CVE-2021-47197,1,1,eb59f9b28ece15808313258d8a7c12235ba3ee23784e49be615c91ce8244e5ad,2024-04-10T19:49:51.183000 +CVE-2021-47198,1,1,659e0b954b14dbebed27d834b8623cc07cdc35376a6808119cb7404fa935c761,2024-04-10T19:49:51.183000 +CVE-2021-47199,1,1,1e18d71e0b8552a2eff146fa2225d16cb508d6160da737e8b9ff77f7e9afd4a4,2024-04-10T19:49:51.183000 +CVE-2021-47200,1,1,13cdc62acbcba03728ce4019782686d0d57a7037fccb071bed30ae94e67d4aac,2024-04-10T19:49:51.183000 +CVE-2021-47201,1,1,6827be25346cb084588714b272391db7217178840cac1bb4bb6677e121a923e2,2024-04-10T19:49:51.183000 +CVE-2021-47202,1,1,c6046ff7011700d06d24058bc949506a7f6ad00c853da28fae138e10256f9836,2024-04-10T19:49:51.183000 +CVE-2021-47203,1,1,d1b9f038e9f8ea808dd8cd6f253be352c52b4820d57fb6d3f8645e05966f5f67,2024-04-10T19:49:51.183000 +CVE-2021-47204,1,1,416f14d945665e22c6fdd5c86142c16d41503968c9cec0a4d046b45c59197cf5,2024-04-10T19:49:51.183000 +CVE-2021-47205,1,1,97e46f3a83f6008215d39cf42d6b2e7e591f83f7737ad932d5a762a1b6120dc8,2024-04-10T19:49:51.183000 +CVE-2021-47206,1,1,b382c1cb3c4153d5c347f11c2c6dbff18f058d7fb5b0ffbe5970edc250ba90c4,2024-04-10T19:49:51.183000 +CVE-2021-47207,1,1,a08117d66d662279588f6bb0fb4c8e1d554fb8ab2b163d4bf804c48a5de2dd15,2024-04-10T19:49:51.183000 CVE-2021-47208,0,0,57c6e04cc3294191b13b85e8749af75b7a3cf7dd62e5631fa202db0d597dd575,2024-04-08T18:48:40.217000 +CVE-2021-47209,1,1,b3c5fad15896faf0c20431f4fa6d49d7871e7814ef4a0e4a14e2f1f6e64fa23d,2024-04-10T19:49:51.183000 +CVE-2021-47210,1,1,02f56afd5c8a71f76c95e0cc02ae61e36b1f76329535046c4c979aa5ee0066f8,2024-04-10T19:49:51.183000 +CVE-2021-47211,1,1,434737a60d195070cfbd1c5ece7f974812325da50ccb791fcf143b5b95fd448d,2024-04-10T19:49:51.183000 +CVE-2021-47212,1,1,fc3b5f57aaf2bf29dca0e210bc0025b7948646a9cb8fce38f0715e6a0178df6b,2024-04-10T19:49:51.183000 +CVE-2021-47213,1,1,2155432bd12f42077f9b9dbec2f641b90cc5ae727e0aee77f0df72b03c39960a,2024-04-10T19:49:51.183000 +CVE-2021-47214,1,1,4b914ca77aeb40afc76333561500dc29035f9b25764969e5fb4bb21bf974cd14,2024-04-10T19:49:51.183000 +CVE-2021-47215,1,1,eaae8697e8d589caf327128881b69c1934da51bd8d19c92b7c074f0140310ae5,2024-04-10T19:49:51.183000 +CVE-2021-47216,1,1,efa218f7a298cc93b029973ba59e8094a3a996b830dde67d24c27e988bc67ec1,2024-04-10T19:49:51.183000 +CVE-2021-47217,1,1,4a21bc0236edb36e7153dcb55bcbd779f639cb0880dd0e093e2ad1a60bbec903,2024-04-10T19:49:51.183000 +CVE-2021-47218,1,1,10cd04baaddb3f7389b560ddeaf4372ae3f2aca00c44360e81843a91638d8fad,2024-04-10T19:49:51.183000 +CVE-2021-47219,1,1,270213a40fe4e8aa0711b52627b5aeb4ff0a1350c4914daea5b0d23ef8ae9b94,2024-04-10T19:49:51.183000 CVE-2022-0001,0,0,d8fdf66a3692474461fa30afb4569bb8513a7a0b04c6840c7e2c146df6b5709c,2024-04-09T15:15:26.797000 CVE-2022-0002,0,0,4ba989879ca817729e7cddc36d35dc20834fb13fd71d0cce189890fe2defbd53,2022-08-19T12:28:50.667000 CVE-2022-0004,0,0,4891f62a2edc2f307dec62ec3f2089232f3fddba4652b7ef635786ed0f8a2286,2022-06-10T20:52:37.810000 @@ -235962,6 +236000,7 @@ CVE-2023-52064,0,0,d161416577f26fcbecd38bb973b8c964ce87228edb02a6ee42c92f03db6b0 CVE-2023-52068,0,0,46dc0fb42ad609daf31d3e02e701415ff11a96cf786461d87c5b67e664893e04,2024-01-22T19:53:08.497000 CVE-2023-52069,0,0,770903ab1d55ddc9209197d2b9a5ac15e4c462725c148188d13afa72d2843b5a,2024-01-23T21:41:02.097000 CVE-2023-5207,0,0,68bb12ed05545b826662bd3f81bdb86f249305fd13af79b5c6ef464a8fb92564,2023-10-04T01:55:31.953000 +CVE-2023-52070,1,1,74b9c81339cac8b7dfb6be70ad507723e107f8672d679f4dc3dc9d7a0c67c883,2024-04-10T19:49:51.183000 CVE-2023-52071,0,0,ad965383e3002b3edaaabcd0d35cb4f0d481af86aa23ed4bd97e6efd9d6aa2dc,2024-02-23T09:15:21.867000 CVE-2023-52072,0,0,02127eb9ae4273b1ad79732d9280cd4f630158412943ba361c9a56a2bce352ce,2024-01-11T20:05:45.403000 CVE-2023-52073,0,0,123468189ce68f3cfbeab56f91e9e4c60c12979b9e605872064a295c45e39979,2024-01-11T20:05:37.137000 @@ -237854,7 +237893,7 @@ CVE-2023-6911,0,0,e60f5f34dfc2f467e48316efdd3e3f3dabe3cbdb000a0094576ed3c7945a3a CVE-2023-6912,0,0,6d27b9ffaa85f66eac0058ecbe841883376c17e80f5cbeb4cb4c650bca6a8ec4,2023-12-28T20:21:13.940000 CVE-2023-6913,0,0,d3f21b5758e8702bf2289fbf7ccbf480d8685a2dc08808c8b8d18a35c8d7aa6f,2023-12-28T19:03:17.600000 CVE-2023-6915,0,0,7c06f7ae227b36e1904ce69eaeea1885ac1c612f5733f1dfac30debac477f44c,2024-02-06T19:58:45.947000 -CVE-2023-6916,1,1,c32a1a688b983fc67319945982b7c7e94018ae1e17b0fd6132d9544d6096052b,2024-04-10T16:15:09.190000 +CVE-2023-6916,0,1,506ca081fad9ad2394374425c07440832a4ee51e583bf2ac63a805b332c6f8e2,2024-04-10T19:49:51.183000 CVE-2023-6917,0,0,f766ebb34455a8a891cac2d5f77bf42d773b48367af596942be786133bb5e5ff,2024-02-29T13:49:47.277000 CVE-2023-6918,0,0,8773a1709be466430a4674f24a2851d65044eefae24bb2936f85aa1ce0ba57ba,2024-01-10T16:14:07.393000 CVE-2023-6919,0,0,c5861db2cdf00a205a7573e7dcea32f254a23d6c543064294759efd099a2276c,2024-02-01T19:43:35.653000 @@ -238237,7 +238276,7 @@ CVE-2024-0211,0,0,132c1e68c983ae1726dff7033a7c58b323bdbba6ca03a16f37ef48af56ba99 CVE-2024-0212,0,0,176f1e85021c46b07cf711472e72d7c3933d12fb54e6a141094ead004c90430e,2024-02-02T02:08:12.603000 CVE-2024-0213,0,0,efc1cba36a0709768500695a8bf5cdea216d80feaac8230621431353bab77852,2024-01-12T19:27:52.903000 CVE-2024-0217,0,0,dd01d727db94168ec31074ce4ceda987570c82fa71063e5b71a04f8652b2db98,2024-02-02T15:20:25.843000 -CVE-2024-0218,1,1,cba7628ae6ed44825aa68379e00d90c3d1f1a0b38835aa53bf987f30b4c835ba,2024-04-10T16:15:09.413000 +CVE-2024-0218,0,1,fa1b7e43fdfa87f09c7cfd9423883c7684725567a30c2ca01bd0c2786f62edda,2024-04-10T19:49:51.183000 CVE-2024-0219,0,0,08cd905d8c2f2b5ea06be461dbdf5e387e4da253b37b0a0173de3b73c1ae4883,2024-02-09T17:15:31.870000 CVE-2024-0220,0,0,15de68d9141c62003cd0c8426161f68ed484900f2d08f04a7f9a4d9249132a60,2024-02-22T19:07:27.197000 CVE-2024-0221,0,0,b7b0921f904c804872883d1f1c856fd275b21a5fad0c29910c28c49beef8b159,2024-02-13T18:48:37.837000 @@ -239317,13 +239356,13 @@ CVE-2024-1506,0,0,525c4244184fabe3044ba1a1e3b30212017ce21cc8265debd6bae6126dc827 CVE-2024-1507,0,0,b302af5f3e753bcf2bc91c3865b35fe35f2c3142c05233586fddfe31f00ab12b,2024-03-13T14:28:45.217000 CVE-2024-1508,0,0,f2790b92f642aa742f4cd27b6178d73e22163533abae69f09a759c316ea03691,2024-03-13T14:28:45.217000 CVE-2024-1510,0,0,185d4fd159aa50cf43e7df38b058aa658a6c979b28cef06f25ebaf770e6afed2,2024-02-20T19:50:53.960000 -CVE-2024-1511,1,1,5216f25d32d2150a0d5e55b970def6f20e4130683b47c87103488d9be59a0bfd,2024-04-10T17:15:51.670000 +CVE-2024-1511,0,1,ce2d20b795ae7ca684509a8b73740700980a8c154a8b8857dd6b0c563a954588,2024-04-10T19:49:51.183000 CVE-2024-1512,0,0,3eada062125c2f57449fa1c27f1cb9955352a1beb6c2c5c21fb33758b5d74c36,2024-02-20T19:50:53.960000 CVE-2024-1514,0,0,fef1bbf9c31896eb35c2fdbde7092ebeb4231fb5c41f6c442561a9d46dc94120,2024-02-28T14:06:45.783000 CVE-2024-1515,0,0,10b8f7584c1d46b0c128529ff6f70b319305352d97cad9adba528cb892ba5a73,2024-02-16T18:15:07.820000 CVE-2024-1516,0,0,50bb822e8d066ea0a8046784c688ecc5177d77cc865bfce700f2cb9134b0d335,2024-02-28T14:06:45.783000 CVE-2024-1519,0,0,2349ac13c4eb6bd10a6dccd0fba3669f2785336517a8d1bbbacf8acdcdfa897c,2024-02-29T13:49:29.390000 -CVE-2024-1520,1,1,8004567539a4db1331be3a667f8cb24dce175c374f77aa69b5da9b6c983604fe,2024-04-10T17:15:51.930000 +CVE-2024-1520,0,1,55b303c658ed91ec92ac05246c838f410f74ac6f2e73a8130c99a143059d51f6,2024-04-10T19:49:51.183000 CVE-2024-1521,0,0,e31c834264512a69616436064a77ed46807a9b0fc5577151a1db5822b2ee5d08,2024-03-27T12:29:30.307000 CVE-2024-1522,0,0,8bfca5f3c162d40561c1f9b92ce67330399ab9d09eefc219fd8bb388cf123792,2024-04-02T19:15:46.807000 CVE-2024-1523,0,0,f116f5c7229d6f0f04f439ad6a3d52c1533e55121c04642056dacb383b9d25ea,2024-02-15T06:23:39.303000 @@ -239374,9 +239413,9 @@ CVE-2024-1591,0,0,5be9d5eb37b54abd94768ebbe67eba50cb17a1e413e20ea4b748010438d82a CVE-2024-1592,0,0,965346d0a7ca3e51ca977c4fd26f0e3560a08e1634c83ba1c6c4fb2880b00740,2024-03-04T13:58:23.447000 CVE-2024-1595,0,0,0ac9aed2c4ed6b9e7bc181d6ab55412b8033a5bfcbc541a4a4b602392614e428,2024-03-01T14:04:26.010000 CVE-2024-1597,0,0,0f4f23ec46679606cdd437d4a5995239b95bc335fc96e4908f79b7360e8edf01,2024-03-25T16:42:20.787000 -CVE-2024-1599,1,1,f2b3414de334d44a0eb52b58dee7c6448756245ff3c3edda0f85e3818febaf70,2024-04-10T17:15:52.120000 -CVE-2024-1600,1,1,7d1dcda2a31d6c08aed86a7c47599131659e93c483491411d1ae9fbe0ecba749,2024-04-10T17:15:52.317000 -CVE-2024-1602,1,1,2b1438f36fb6e9e585482335783c151f25d85262309110bfa35f643562e2536f,2024-04-10T17:15:52.537000 +CVE-2024-1599,0,1,b311d4a0dc15f34db1bbc87ad8dd7c897ec570363d8bc742044c2c93d7c9f5bd,2024-04-10T19:49:51.183000 +CVE-2024-1600,0,1,a1cf7c20c4c53ecd0ddc2601c3f6df39efaefde9047db784f0058d6905cd6130,2024-04-10T19:49:51.183000 +CVE-2024-1602,0,1,76aec42ffd2b96054ed086070f4eccb3306dfc781bb48ef20d91a6a2f0a7ff04,2024-04-10T19:49:51.183000 CVE-2024-1603,0,0,5d1338246e7eff570937017899def31d469c1473946b1d3e9d827eb4f9c8131e,2024-03-25T01:51:01.223000 CVE-2024-1604,0,0,5eb6bfa2b690cdc5042b3cd6683eec4697c9011ce1615c69d454ffb962b9e2b0,2024-03-18T12:38:25.490000 CVE-2024-1605,0,0,7074df8750d7a162d5543d10d5434be9d2e408e307c5952acb4cd8e797b0b6be,2024-03-18T12:38:25.490000 @@ -239387,7 +239426,7 @@ CVE-2024-1619,0,0,cfc8445e3935906ad1a507b0c5ffd0fe9724e5ada07fa45f6ddb4dad1e58f6 CVE-2024-1622,0,0,008d271b6bbf0be364def470530167dff53e33fd04b103e731aac594ad8fe316,2024-03-23T03:15:10.947000 CVE-2024-1623,0,0,74336518ba6901cae439374d392edb30e277a62b6b1e25aec45bf5853748bc8f,2024-03-14T14:21:20.217000 CVE-2024-1624,0,0,8ff2a979e4088239466c1acbb0cfaf042208e053724e13d43a230f06f51b582a,2024-03-01T22:22:25.913000 -CVE-2024-1625,1,1,e7d7e1b701d27248989663e3b9639ab4340d4e990a86c2a6cf5c335c3ad747a7,2024-04-10T17:15:52.727000 +CVE-2024-1625,0,1,4ba907aa1a1dd27775e22d4cd9cce968dc8ac08df94b60ca185a9fb1ca383af5,2024-04-10T19:49:51.183000 CVE-2024-1631,0,0,fc2893d5d84aff0551fae290d2fe3cfb3246f815cc3e85e7be8cb7a443e59ea9,2024-02-22T19:07:37.840000 CVE-2024-1632,0,0,6e1c47780d96ad6fcb59ec0ca790b51a445b7ba6bfe735fc687e801fa4e9fa24,2024-02-28T14:06:45.783000 CVE-2024-1633,0,0,38fdaaa081cb72684e8a3a7c24003a4981094738f4cb62580982692842e12368,2024-02-20T19:50:53.960000 @@ -239398,7 +239437,7 @@ CVE-2024-1638,0,0,3d25792f560ad8670a55d542406f093195536acafd656ae4b3cd5fcca03c73 CVE-2024-1640,0,0,3de113a5a2a8fc8c6ec04f102502cb7635248dd1f83ad2ae4c7d82063b072cd9,2024-03-13T18:15:58.530000 CVE-2024-1641,0,0,6a296e5c3b46e563bb680f862a5d819bb1ac5cd1c65594075bb36488207d9350,2024-04-10T13:23:38.787000 CVE-2024-1642,0,0,b56fc714c74323ffc8268da7a782967b97e8e6de1f7a55688041114caad8282d,2024-03-13T18:15:58.530000 -CVE-2024-1643,1,1,bdf6bd5bd076c220a191529191564afedca22d59142ef2dc087e83b8a5d3f3e9,2024-04-10T17:15:52.917000 +CVE-2024-1643,0,1,e3df219e8eb9506e92b2b6e4de208b2b263ce33723b442fcd24ff658bbde2969,2024-04-10T19:49:51.183000 CVE-2024-1644,0,0,258e0c2c60e2ead118c6bf409e3c4e6182303d86b8fb67135f0b03753d76fde4,2024-02-20T19:50:53.960000 CVE-2024-1645,0,0,2619adac1c0f0c116c53be4723992c1a8dff6295e94a2a44bd69bdc264974def,2024-03-12T12:40:13.500000 CVE-2024-1647,0,0,54139a2a2a3a50db142faf8dcea4fe1dc96abdff85a01701062a380d090db1a3,2024-02-20T19:50:53.960000 @@ -239453,14 +239492,14 @@ CVE-2024-1722,0,0,44f76876458eb58496685e90ceedacd781a70fa58f68fffc91c47d3fb5ef02 CVE-2024-1723,0,0,6ede5956ec1f8bc932d476f2c9a22da838daca98409da5821be1a9704022149c,2024-03-13T18:15:58.530000 CVE-2024-1725,0,0,d50733b72e0a7510fad89b9c9b7bf0d2638e14767cb02af892440874a7d9300e,2024-04-03T00:15:08.563000 CVE-2024-1727,0,0,f4e653a98477d638f895ffe05e108bd41757e63f270b3b4944ff32c3013cd3b1,2024-03-22T12:45:36.130000 -CVE-2024-1728,1,1,676bb8bfe2e708744fe98413965e7f6ed3567c9bdf22901848fe0c432e8d8287,2024-04-10T17:15:53.097000 +CVE-2024-1728,0,1,cc77f96c808327822a9f33d38543fe59887a1a70be257d5713ef1082e9fb55b5,2024-04-10T19:49:51.183000 CVE-2024-1729,0,0,b3ca5508bfb083cdea896b92a09e828f2c1fd7bb0ef520936c76664f50b7ea2b,2024-03-29T12:45:02.937000 CVE-2024-1731,0,0,821cb90315cb9f4f7918b214fe3fccab28c34a154536cc83cdd6334afe7fa34e,2024-03-05T13:41:01.900000 CVE-2024-1732,0,0,8ef28be53d93676ca4adde749fa15f7be0c9b44418d87a27465d25f0d08763cf,2024-04-02T12:50:42.233000 CVE-2024-1733,0,0,0a3bd094d039e642acfbaf43d971fa4ffe129283e1d81d79ef06d054dffc1500,2024-03-17T22:38:29.433000 CVE-2024-1735,0,0,61e8c0e981cc6b9050dd9c2e339a7c68bcb1457c500d53fe6d2ab0fd7b1649e2,2024-02-26T16:32:25.577000 -CVE-2024-1740,1,1,10793d2bda441a1a54f44368c5b1327d8f9ecc89cf497e61a919642286dbbeb1,2024-04-10T17:15:53.293000 -CVE-2024-1741,1,1,a07276269491abf5a54d5d140f7be94d20f3057b124f02c05729c4b1222b2eed,2024-04-10T17:15:53.483000 +CVE-2024-1740,0,1,a4727f762c1d1efaf400e2db679e98eaa1364e84183339aff737ffb5d021d54f,2024-04-10T19:49:51.183000 +CVE-2024-1741,0,1,eb28c217a8b258f85b5d4178ee95d4d9308abc69d2f892dcc12da9564ad8b573,2024-04-10T19:49:51.183000 CVE-2024-1742,0,0,4fbf4a0c921fc3a958c91053411502e81c61e37a288f49d83ab6feab91ed6e07,2024-03-22T12:45:36.130000 CVE-2024-1745,0,0,0c0bf770eedd9092e313b5152244a64d67966fb6a4aa7d030150554ac7159289,2024-03-26T12:55:05.010000 CVE-2024-1748,0,0,a1a1f7681d1932e3ea41ce7e8da7520324aed5033ef9de6f1db40d70b550d45e,2024-03-21T02:51:45.040000 @@ -239576,7 +239615,7 @@ CVE-2024-1898,0,0,cd46da23aa9e689b946891d810a24293bd08f970fb7bfbbf6f19e3a7303f1e CVE-2024-1899,0,0,0cc7828b184cee934c2917326a122f6c3f70483a306517df38cc4ef91b9244cb,2024-02-26T22:10:40.463000 CVE-2024-1900,0,0,df3a7e0d7f662e0642af797e67801f5b993e667e914107fd3f604cd2322f2a71,2024-03-06T15:18:08.093000 CVE-2024-1901,0,0,e852d825cede13009c4c827235fab136069de3983ba4df012d62632a4fcd1d38,2024-03-06T15:18:08.093000 -CVE-2024-1902,1,1,32feb0c0616a69ef7c7770e2fcfc475c2ab6d50863d6a0742abf507357ceed84,2024-04-10T17:15:53.680000 +CVE-2024-1902,0,1,5171da92b1abd552ffa4eb9e46deba06c3c70f873c054d3e0ef47494429820b3,2024-04-10T19:49:51.183000 CVE-2024-1904,0,0,55eb8512d2966e4554529d5aa10bb91bfa6ece02d0437b6388263934abcecacb,2024-04-10T13:23:38.787000 CVE-2024-1906,0,0,4a0389164694374915846934d3ecd021a9b146d80ff266286dcad5a6eeb2c849,2024-02-27T14:19:41.650000 CVE-2024-1907,0,0,674a8f990612fbd789e8b29e4f4db555efa2966321d7535d44b4ff9d82432ec5,2024-02-27T14:19:41.650000 @@ -239740,7 +239779,7 @@ CVE-2024-20281,0,0,5c44a2567fab7c521b5a3b118032329cd517823ea550b6c683e413394338f CVE-2024-20282,0,0,44363f9bdaf7c0c7a38a484ed15587472baeb9dc9e557b57c10a05fe83946cfe,2024-04-03T17:24:18.150000 CVE-2024-20283,0,0,b7d404342e9a28fa15db183e7e058b18de8803e67b3e951c3684da4b283cee8f,2024-04-03T17:24:18.150000 CVE-2024-20287,0,0,73801d80b462793a88b2af436ab77ac49555a7cb9634b8a2ccc26dc598e491a1,2024-02-02T16:15:54.887000 -CVE-2024-2029,1,1,d75d33dd3ee3c940e369ea1ea9e576ad6925f1419e37014f1fef5381ac31fe99,2024-04-10T17:15:53.880000 +CVE-2024-2029,0,1,8373bec1763a4514bbbcb69ac2f237a035a9f03f21660a36f059b41030fd51b4,2024-04-10T19:49:51.183000 CVE-2024-20290,0,0,057d5dfa7ca9ea45e2cb423f9faaf6e87f8f428206a3f34ecdd5587406e21147,2024-02-15T15:43:27.240000 CVE-2024-20291,0,0,8b3a799684ad77921390bf93ffe13565898bd7b11a64255da0ed7a22936da619,2024-02-29T13:49:29.390000 CVE-2024-20292,0,0,487f367f547f807e9f94987f5696131d7f2dbcf85eef97db7117ebc922f8f0a8,2024-03-07T13:52:27.110000 @@ -239923,12 +239962,12 @@ CVE-2024-20762,0,0,8843a00223c2fed95a9995841d1e393e5b6f0c74cf9d99f10f5957775ceb5 CVE-2024-20763,0,0,0ccd52aad72f4be4faf0e81e7f3be4b6f3d51f6bb880ef4436de89f24f0b893a,2024-03-18T19:40:00.173000 CVE-2024-20764,0,0,5c1354be3aa65d1ff2ebbfac4bbdfb4b43e77c0fbeb10cfdb9551fe4c099b137,2024-03-18T19:40:00.173000 CVE-2024-20765,0,0,587edfdbeb3ebaced0466ec8843227c839c877e75de542cc1c98abe163bc98be,2024-02-29T18:06:42.010000 -CVE-2024-20766,0,0,77c2522857244a18690af56685599b41e343df965f9afc8a9635ae2dd224756f,2024-04-10T13:51:37.820000 +CVE-2024-20766,0,1,37f2499fb454e7659ff2f42c912c9237b6d3b4b5d751b2f1d0c6c74dbfc596d5,2024-04-10T19:49:51.183000 CVE-2024-20767,0,0,2f9f61b60fd0f122ed1c1348df04236455af6358ddef21fe50e4123b4febd83c,2024-03-18T12:38:25.490000 CVE-2024-20768,0,0,f06963f8fe3df5940e395a67d62309c22b5fac8953d781f176f52d7ddd8209b2,2024-03-18T19:40:00.173000 CVE-2024-2077,0,0,3ba0420d107a9dc4229147c90114c7055226db4c08a0243673b540947c1e3a80,2024-03-21T02:52:29 -CVE-2024-20770,0,0,d7f26d1592602a1066c800e902bc06e750f2bc136dcb6d8b685d434a52ea609e,2024-04-10T13:51:38.157000 -CVE-2024-20772,0,0,15c737f34b72c0303f323d3f1c4c23937e16f76cc85cd7fdc0a7734173a9944a,2024-04-10T13:51:38.357000 +CVE-2024-20770,0,1,b452668d3ae98f217d8bea177e42979a128cbbf212c1a92d6e462904da6b905f,2024-04-10T19:49:51.183000 +CVE-2024-20772,0,1,765cd68ada502af45ff5792f209bebd791f8752b34a494a6319fed3810a8d65a,2024-04-10T19:49:51.183000 CVE-2024-20778,0,0,f0225a43e675af7e7f934f2c69b7291761101d21323c77717441c44569d93b06,2024-04-10T13:23:38.787000 CVE-2024-20779,0,0,8ffadc128ea4002b645f782b512b2fd3a8dcd54ac65b17bd8cd9ee7acf977815,2024-04-10T13:23:38.787000 CVE-2024-2078,0,0,1f3625edc40ce981dfa798326c49d364352417c97edbdeb08f2797c1a0a609b2,2024-03-01T14:04:04.827000 @@ -240477,8 +240516,8 @@ CVE-2024-21919,0,0,d50b4533953fdbcf88a99a35250cfd99c3fdc7de8df5574c1a0ecc14700fc CVE-2024-21920,0,0,66fd5fe6cd4ce44dccbfdebb3836404871a63d7b9da1598b60a39673b0b278cb,2024-03-26T17:09:53.043000 CVE-2024-2193,0,0,4782e603748dd6a48f4c8b9c5ad2c5041afc5c23103695ae981ccc4e7ef95c2a,2024-03-30T04:15:08.650000 CVE-2024-2194,0,0,0000ff116712731a482809b568183b726be1f79dae082b76e9b69fc329482560,2024-03-13T18:15:58.530000 -CVE-2024-2195,1,1,6ec1033dbe142dc37045f1d5e004f555cf6a8732179d87f798b22c27322d9369,2024-04-10T17:15:54.067000 -CVE-2024-2196,1,1,47d90dbbc50b700b8ffe2037aacf7bcb131ea464441635359c553a710ee4dcdf,2024-04-10T17:15:54.257000 +CVE-2024-2195,0,1,a3e1dae4f377e533904ca66f7bd1f0f0fe11e281ad36a18b90b817c693e4caa6,2024-04-10T19:49:51.183000 +CVE-2024-2196,0,1,9e530937eda77e7652f5a6ae126160bf319243bfd91e75e1d1a392f295014fb9,2024-04-10T19:49:51.183000 CVE-2024-2197,0,0,414465715952d5c6949fa149e5daed1e85f3f5623a9c37e112592963e0dbadb6,2024-03-20T13:00:16.367000 CVE-2024-2198,0,0,6badf10cf8f983fe5323b878b9b4680d34ba94cfb69d5451158240ca3ed94bb0,2024-04-10T13:23:38.787000 CVE-2024-21982,0,0,994386f15521161d8cc5450a9cd855c84b7920a60d3a57eb970483fe82fbbf1f,2024-01-18T20:16:20.420000 @@ -240595,7 +240634,7 @@ CVE-2024-22163,0,0,c83e1ba1846b1fce21c84865fbae3a4da5f3738a4cbae342d708ebb4390db CVE-2024-22164,0,0,4dea6ba8f1b0f10f3e8121d8aed37ba56e363e8df8631ec93a1e9db3a5dd3c55,2024-04-10T01:15:17.713000 CVE-2024-22165,0,0,556c59738fa3a69567bd56c76c812950d0a8343ccfbb26557b3cdc60c3bc8d41,2024-04-10T01:15:17.890000 CVE-2024-22167,0,0,66eeaa7802a03d7220e8e4d342cc2b136735ca1b12a8df28a329ae7f7fc30d01,2024-03-14T12:52:21.763000 -CVE-2024-2217,1,1,47c019a3b0981133345767794f43e12b9ead1ce6342908c4a533cae9429b66ec,2024-04-10T17:15:54.440000 +CVE-2024-2217,0,1,07b67ca85e13a2c6962db1475a9d0f8a931b674f51497121f9a33c8078bd4b4f,2024-04-10T19:49:51.183000 CVE-2024-22177,0,0,1ff2297e612a95969b8693bc6a53ecafa7223eba267b1cfe298d3bc1fedfbe99,2024-04-02T12:50:42.233000 CVE-2024-22178,0,0,894383da751aaa1046c611146ada59662a01e512644efee9e31c744bf34674c7,2024-04-03T17:24:18.150000 CVE-2024-22180,0,0,19e9318ece70bb0e88968bad696b07798db0b84c54153f426e33acb6b2d89f93,2024-04-02T12:50:42.233000 @@ -240622,7 +240661,7 @@ CVE-2024-22206,0,0,b497ac803b6c994f45c60dda7bc5988b2f61564e2ddc6fb92d036b06bc06c CVE-2024-22207,0,0,78e9a25b8a349d6f664779fc291742fd1f1915cef44fd43a5fcc8d6a7bded280,2024-02-16T13:15:10.320000 CVE-2024-22208,0,0,15e28dd21c83c5a4c097ee2b86ec7f2b1083ddc42567d8d70303cf1d80d1b330,2024-02-12T21:40:50.080000 CVE-2024-22209,0,0,ebbe7364fa63fc03b6da8210bf0fcb56cd80e38efac9cc142eb8f66d776438e7,2024-01-22T19:20:27.757000 -CVE-2024-2221,1,1,606269de3975b51f019b9087170ef16d1f7b212dd09490d2c609111d6cabb4be,2024-04-10T17:15:54.633000 +CVE-2024-2221,0,1,394bac0c956e0087bfb495f0e883f3d46f07db8724f3371f6e4915f9d702cf0f,2024-04-10T19:49:51.183000 CVE-2024-22211,0,0,0f9574cc03ebb6848610e302a32dfefe91bcba1d51d44ecaff83ff018a0eec81,2024-02-17T02:15:52.253000 CVE-2024-22212,0,0,bf710a06400d8397b49230a1f7b6ca9af7e1bce04b5698107bc2d07d5d224d3b,2024-01-26T14:58:18.877000 CVE-2024-22213,0,0,f5ce0b8d904bc58daba82de23646e101545eb18147e4809cc489e57c95062cf9,2024-01-25T15:10:41.767000 @@ -240763,7 +240802,7 @@ CVE-2024-2242,0,0,39d308e366a51cd5a7be9e3c4a03c92cd8109861f94356873beae64a70ef55 CVE-2024-22420,0,0,dcbfe647d1443cce2b795eae483259c958c0472084bb1bb4ee3374c4670666da,2024-02-10T02:51:45.717000 CVE-2024-22421,0,0,58c7848effa15c2f45cae3a355504d85dac425537d9bac99b99330760ff84e0c,2024-02-10T02:51:03.987000 CVE-2024-22422,0,0,cafc60081059c38b5fbf7c4dc43db8e59eaafdb89fe8cc5c7225f1844e49fce8,2024-01-25T22:19:52.030000 -CVE-2024-22423,0,1,57a364dbbd13dea9c63c13ace111a52c120b123af49ae8b9fecb54bb2435fb96,2024-04-10T16:15:09.793000 +CVE-2024-22423,0,0,57a364dbbd13dea9c63c13ace111a52c120b123af49ae8b9fecb54bb2435fb96,2024-04-10T16:15:09.793000 CVE-2024-22424,0,0,83375ad265e9c43ef3d1aea756c45fddd902a18f6120fe465a11301a71a985ab,2024-01-31T19:51:26.407000 CVE-2024-22425,0,0,58c578ae099965e7b72bc618ad55b6b7844e0f69d2e6cb7594bd7c946eef5a64,2024-02-16T13:37:51.433000 CVE-2024-22426,0,0,a535bca9811983074d0c9cf7a9ad36e777c8164f73ae7ea2a393f049f829d17d,2024-02-16T13:37:51.433000 @@ -240976,13 +241015,14 @@ CVE-2024-23060,0,0,293f3db63669f513fdf6243d872feab4a40014b3abd2eff3b8edca7a0ed1b CVE-2024-23061,0,0,d40b225d92d8f0f0d47201622b24e50bc3550ed3e56a2682a133a8aeae5027e3,2024-01-18T15:18:14.357000 CVE-2024-2307,0,0,4b089dd0281a455952ab30b1c14e2b1725f875efc3e98fe223b3d9160259d255,2024-03-20T13:00:16.367000 CVE-2024-23076,0,0,52c255ca9ab7781385d8e3020a001d7970b1a5ca7171525999c588fa36537326,2024-04-10T13:23:38.787000 +CVE-2024-23077,1,1,4c56b5fddcba18deb13531c7da543e19113d1c46412db123578c47ef01f32139,2024-04-10T19:49:51.183000 CVE-2024-23078,0,0,9d7aaea68d8acb3538ca428049148f2dac206a89706e35d40108cb3eb8be6ee5,2024-04-09T12:48:04.090000 CVE-2024-23079,0,0,c1744d41ef3d7ad1d99296d598f8fcec333fcf26813851f4f429e9678b14abb3,2024-04-09T12:48:04.090000 CVE-2024-2308,0,0,e35ab419c5c511708eb8574821633f88a1168237ea61ded1d7aa5b331f06479a,2024-03-17T22:38:29.433000 -CVE-2024-23080,0,0,1ced1a3763b9e2b3bd01d2971d36a31870aefaccd802bedcd441b80589d868bb,2024-04-10T13:51:38.547000 +CVE-2024-23080,0,1,2d72ee15a636c06d79451cf099c7178af5ef05efb3d159e49bf2c8ed8e66d945,2024-04-10T19:49:51.183000 CVE-2024-23081,0,0,9fa2a613be75462894d464b8e34e68b6da9b9d59d63e22685e547814dd9a5ab9,2024-04-09T12:48:04.090000 CVE-2024-23082,0,0,0a9e38aa01f043532a8be7b3040bd9f24c4cb812cc5c2c38c18325d962369a71,2024-04-08T18:48:40.217000 -CVE-2024-23083,0,0,d5b3b7c17a60e378fdcd41339d9d1dd7105e9bb70d8961c2118f4b98a0acc2d9,2024-04-10T14:15:07.430000 +CVE-2024-23083,0,1,ae8313200a6da4d29d95ed3fd5fa28ce3e6cd133bf222ee1491a75d948506409,2024-04-10T19:49:51.183000 CVE-2024-23084,0,0,82d7094530d5cd6c77dbe215344f65b7328c1ecf1670686e248abcdd712b3b36,2024-04-09T12:48:04.090000 CVE-2024-23085,0,0,f435d93167b9f4a31bec2831629dfa7b34bb533a49bb29329c43fee636db5bac,2024-04-09T12:48:04.090000 CVE-2024-23086,0,0,d8559a198e6f56b9e1a9a9c93fee6add743a34a70b05d723355a013a78276599,2024-04-09T12:48:04.090000 @@ -241332,8 +241372,8 @@ CVE-2024-23727,0,0,b1a69f563c8889160ab60f76942d6b307f2184cfdd20f874b2c6970580c3e CVE-2024-23730,0,0,d92f048ce6391682e60079e47ad5c6180f200f01a67f3ef72f3e5b2c01bc2cc3,2024-01-29T15:22:56.753000 CVE-2024-23731,0,0,204152b9ab32090d3f201504afd34c062c39bfd578f661ea797bbd83dd0dc3fb,2024-01-26T21:11:25.430000 CVE-2024-23732,0,0,042666c99b3635fb407c7af7c818760f4159a23a8e9e6c2822d5ba07aae8999c,2024-01-26T21:11:51.840000 -CVE-2024-23734,1,1,ba6ab5cf2611e029c2a69cf953a04d6cdd83e421d45e32111dde04f26c6e9801,2024-04-10T16:15:09.890000 -CVE-2024-23735,1,1,08a030c5c0a319c1fc5404110d02b462d607c2568639cea256b79fb7aba4b35d,2024-04-10T16:15:09.950000 +CVE-2024-23734,0,1,3ab7c6257ca38ed9d7477d57e04d8b8398661cc4195ecc99bf38a750580483b1,2024-04-10T19:49:51.183000 +CVE-2024-23735,0,1,cc8e5b54f96dbe13960a98eb0656f3844c314b70a551360f5a5c0009603693b8,2024-04-10T19:49:51.183000 CVE-2024-23738,0,0,f517742a7a2c06b7693ee56866bac0194bde9e99f804fd3f2c65a490199b1910,2024-03-21T02:52:08.307000 CVE-2024-23739,0,0,1dc14ca5b2f1048d31e09e11f0d951d9c59e5d8342f40e05e67a4d783040d706,2024-02-16T16:15:57.830000 CVE-2024-23740,0,0,e7626667933f5491d7b60c7c6a242dfc584bd0c007d59100e0888a0ff11676c3,2024-02-16T16:15:57.913000 @@ -241713,7 +241753,7 @@ CVE-2024-24572,0,0,0ef3e838a5a4a27207f9382de8c84c436e270ba7e51f50e14249ab80bf27e CVE-2024-24573,0,0,f1d93bff5c6bcd3d059b458503c133493da6cd5465afade6772d6b8918d46177,2024-02-07T17:35:51.680000 CVE-2024-24574,0,0,5c3354df94ed3c3d722a424e9070a4de2494df1de1ab089a157997969d54ce57,2024-02-12T21:41:04.237000 CVE-2024-24575,0,0,c5118ffbdcace809888bdecc6b2d6f4ac84a219f33368ef55d9e1f22d09dbdd6,2024-02-22T04:15:08.973000 -CVE-2024-24576,0,1,f55f824a50daecbf56a057d51320690205e385ffc2c6db05049919a138a86c8d,2024-04-10T16:15:10.010000 +CVE-2024-24576,0,0,f55f824a50daecbf56a057d51320690205e385ffc2c6db05049919a138a86c8d,2024-04-10T16:15:10.010000 CVE-2024-24577,0,0,7ef14d5c8728a47e9875ffb624dc06c6afcf3442302e1966297037a51f00a2ea,2024-02-27T10:15:08.137000 CVE-2024-24578,0,0,62e834482d41eab6204ee6f77e0822c926a00522b8b9c721b6887e6533b1762e,2024-03-19T13:26:46 CVE-2024-24579,0,0,25ba0ad5d2b9fe2e68c29dd6b44a88334c242edef527d576e4dc8319e8e9e7fc,2024-02-09T16:22:53.863000 @@ -241828,7 +241868,7 @@ CVE-2024-24805,0,0,e29e332c74f752c041b199d456a830edbb89b88194c491ad82ada59c027ad CVE-2024-24806,0,0,c22f635b0a8e149aa103df5ec505273138fb224093663def7772242037a61135,2024-03-05T23:15:07.867000 CVE-2024-24807,0,0,2d34e5a71f21b856008e0b8570ab5cdf60822d8a0563980a1edf758417c67389,2024-02-12T21:41:24.647000 CVE-2024-24808,0,0,bdbd983ba6c1a4b09d677aa089f9419ebf22e351f535d11a049fcdc6e3f33540,2024-02-13T22:48:57.290000 -CVE-2024-24809,0,0,4b837f64c03f2736e578f655520c7e5f40d24bc17982032ca32ab22e60f6b87e,2024-04-10T15:16:04.027000 +CVE-2024-24809,0,1,8b1f459f1e82398741621383d387219ba488c3708d360ad27178b205aae38a4d,2024-04-10T19:49:51.183000 CVE-2024-2481,0,0,54d53fb03589b0d88fceda1d4fc7d9b26fdb6faddabbc50d922070ae29e71d7a,2024-03-21T02:52:34.750000 CVE-2024-24810,0,0,9dab4129d1c20588c512bce77a7cc1f7e1b1d517809a86dc2acb61d422d4f488,2024-02-14T20:12:54.643000 CVE-2024-24811,0,0,a42cc7b4d95d752401262af12a58e0c503baff6bc12320ad45002a6cf532b477,2024-02-14T20:26:39.143000 @@ -243045,7 +243085,7 @@ CVE-2024-26812,0,0,a664584a1298bea5471d70ccbf705e6ceec4d310a83d2767afd1b5c2c1bf4 CVE-2024-26813,0,0,4c4f638ce8eee2493d635f8fa9fa2dcfa78bcffda2b95c03bd9897a64272ebf6,2024-04-10T15:16:04.730000 CVE-2024-26814,0,0,be227a06b909e3857d6aa06ff8430a4cb98fc8ed8c299e693a9519701c6ff75a,2024-04-10T15:16:04.777000 CVE-2024-26815,0,0,133c840a93190196251e236a7b756ae7e6a7f81da1230a3aaac98b433b5182c6,2024-04-10T13:23:38.787000 -CVE-2024-26816,0,0,697806a418251387d003904202d63447e70c7db381f96c12e93b25c8f3ef43e2,2024-04-10T14:15:07.490000 +CVE-2024-26816,0,1,38ad8d2b936736e6fe0dcde7d0e9aedff6e9f3f061cfb35587215b4681f05ebb,2024-04-10T19:49:51.183000 CVE-2024-2682,0,0,a085f90f84cb4770a2a70d67fe3862306cc151ef177a765e07fccc3d6343039b,2024-03-21T02:52:42.233000 CVE-2024-2683,0,0,788c441aaf8a379a9ab516c0ce7daee2808d93b02ac7acef8c96a67609395231,2024-03-21T02:52:42.310000 CVE-2024-2684,0,0,5b5a341f7bbb8bdeccb5899b1d3a7c9eda23994ff0a4743b71e098a891662295,2024-03-21T02:52:42.383000 @@ -243184,7 +243224,7 @@ CVE-2024-27296,0,0,901935067cb900aa3d3e5cb66a728219c721e905c9fe9d36e52511f3308a6 CVE-2024-27297,0,0,4adef5b6b344504047ea652a2ba40cd8b6a71ad7086f702d549e1a8bda9ad1af,2024-03-12T12:40:13.500000 CVE-2024-27298,0,0,a8aed3b2e69fefd191b53544430d926c208f222363c2c19dd5ec3e2eaeb94751,2024-03-01T22:22:25.913000 CVE-2024-27299,0,0,8b5bf40e4aad9a36a65492e15bd324c8e360f15aa9f3bf381660f89101851e57,2024-03-26T12:55:05.010000 -CVE-2024-2730,0,0,d02432e4deeb0a937eb8bb28a5dc7fb2acb878f98c1d24459b9d2a9e4942e905,2024-04-10T14:15:07.550000 +CVE-2024-2730,0,1,6537aa9bc204ead443c0d64b2ab37a4e49d99454a6d6f7b3ea69694cf3413832,2024-04-10T19:49:51.183000 CVE-2024-27300,0,0,e09586c3544cbffe3d4251163c79579e1a8196e21b19b2a9e6dc8cfd244b40b0,2024-03-26T12:55:05.010000 CVE-2024-27301,0,0,74c556708d876810af23ae3cffbf459613046c823b0484037e03fc39213cfa63,2024-03-14T20:11:36.180000 CVE-2024-27302,0,0,1d89d4e993b760e97bde0be7bbf0ab174b73b3040fcfa7b093617ace631fac45,2024-03-06T21:42:48.053000 @@ -243193,7 +243233,7 @@ CVE-2024-27304,0,0,155072b4116a6c289f8b0a15c5da71f228ce1e237d59e0438c2b50d864bdf CVE-2024-27305,0,0,b3f2edbf169d953c39bcc940e16d0680bda3e4c24593a205df513ed3ad926817,2024-03-13T12:33:51.697000 CVE-2024-27307,0,0,0637b05d2a36e47d121bc1fe1beac809e09e2be90d0aa4c4cb901114110f37d2,2024-03-06T21:42:48.053000 CVE-2024-27308,0,0,2c1853ceb0d45fb092e9c133d6553571b7b9f8a855fc6b4950edbdaad595214f,2024-03-06T21:42:48.053000 -CVE-2024-2731,0,0,a3942688adaf29d4648c0dd18e03592a065657b137ff6a7b061ef18b460f3b7b,2024-04-10T14:15:07.757000 +CVE-2024-2731,0,1,754dc2f2f31f575b1ee28e214b4a7c1f5c57228efd9a387f90b5f1da191d5789,2024-04-10T19:49:51.183000 CVE-2024-27315,0,0,1b06bd54abb4ee7969c3aca53e6bed402762ed42c4492d0ee8674e3fa0b42312,2024-02-28T15:15:09.670000 CVE-2024-27316,0,0,f74760c26c990a740e0324824f0b675680e5de06987a970f7e8469d8bc15b083,2024-04-05T12:40:52.763000 CVE-2024-27317,0,0,4c274cf3230c0a934555f5c84dc2c211701c44c03ccbc45b4514969783da0dab,2024-03-13T12:33:51.697000 @@ -243247,9 +243287,9 @@ CVE-2024-2745,0,0,21dd83e50808577458b12385abb6a5e6bc2a585cd70ef551295012e31869f5 CVE-2024-27454,0,0,6d3a09532b89ef204254e66da503964dcbafd450b5bdda0990f449d144c8e54b,2024-02-26T16:32:25.577000 CVE-2024-27455,0,0,2d941179924c9f77cb732b35f1b7b9f5792b70ca51de1e84f09167eb77852176,2024-03-26T16:15:12.263000 CVE-2024-27456,0,0,3292722b93148b4ab52923fa8e4498babe5b306f79794afb1b6b9f9d803c4911,2024-02-26T16:32:25.577000 -CVE-2024-27474,0,0,9d7fc8f947297402b3541b17d906e46a308f7f16340027bad050cd49dc555023,2024-04-10T15:16:04.867000 -CVE-2024-27476,0,0,fe16e1c56034e919810db0bfd7dfbce9aab2c044c25bb91e5eba3ccd3d03b352,2024-04-10T15:16:04.923000 -CVE-2024-27477,0,0,3f8a7365014bafb4c49ef6bf78e2c9e6e00a7d9a4022049ca55497aea2bde425,2024-04-10T15:16:04.980000 +CVE-2024-27474,0,1,3f6f80db0b301c204d6b2a1bb5c1d45dd98964f36bca9ba7b8880ce1563183fa,2024-04-10T19:49:51.183000 +CVE-2024-27476,0,1,fc417a689fdcfd8fe1f357b69c3f577b74e8f18417ef31df14a14d2d72652d6f,2024-04-10T19:49:51.183000 +CVE-2024-27477,0,1,21d1441f759f05e7854d20aec973170403321f17a33224baa310af28424db832,2024-04-10T19:49:51.183000 CVE-2024-2748,0,0,cea6a4ab9c8e50f2f7b04d95a9a3a983480b862f6880d1aa4b59ef11a50c4683,2024-03-21T12:58:51.093000 CVE-2024-27488,0,0,a11ec8781330011d7d2c9111350fb429a691d0d011b5b0ec6e5912d62ef9d791,2024-04-08T18:48:40.217000 CVE-2024-27497,0,0,bf2a79c4e0ba614def454bde2dd33c58ed2360c3c6db31ca982c34485458d0c9,2024-03-01T15:23:36.177000 @@ -243618,6 +243658,8 @@ CVE-2024-28338,0,0,3ea1d4c3a66b67172d60399e17da8570aa15fd5d4f0e652ed0ed26bd90bdb CVE-2024-28339,0,0,eb06dcbba6c6b866b3957a0b1f6af1817f1ee37fb8932a4cb080c5ef814ab185,2024-03-12T17:46:17.273000 CVE-2024-2834,0,0,e84fef3bf1f6390f87c0082fe9dff0370895cf3ef7cd902a2802b75627052cd1,2024-04-08T18:48:40.217000 CVE-2024-28340,0,0,b694df29079c0854c0447fab99b606db18330fac912bd90c8918c409f1ded072,2024-03-12T17:46:17.273000 +CVE-2024-28344,1,1,2b2ac48b2e688421c19c48d164ca5213d2597b1ed8640d5c5cbbafb9e6b2d033,2024-04-10T19:49:51.183000 +CVE-2024-28345,1,1,9f53096e64fde0bd9e67c2ba1058971494111a4dba7285ed04f98db5747f24bf,2024-04-10T19:49:51.183000 CVE-2024-28353,0,0,f5d0b12a1e8a931f5519e51563d18b142745d332ff192847a7afb495f17e2dd3,2024-03-15T12:53:06.423000 CVE-2024-28354,0,0,b6680336ce24c3665bbea7456a49c23f2010021d3a256de9fa063452e0cf7d3a,2024-03-15T12:53:06.423000 CVE-2024-28383,0,0,4ebb5b688ac785b11132be45898bb9d7934c49dcd0ae78bf745a27cbe4cf3c09,2024-03-14T14:21:20.217000 @@ -244017,7 +244059,7 @@ CVE-2024-29275,0,0,402f5150501d1ad43199a2c93810407cb4bc9ca968149bb7f55410637d084 CVE-2024-29276,0,0,aca23a437429c144243dafb6e7ab7580683c55fe67f055697aafa1a11e9b270d,2024-04-02T12:50:42.233000 CVE-2024-29278,0,0,68d9b61e6ce874f8948705ce3cdb92754b448114cb863479c2e17e0909039bb0,2024-04-01T01:12:59.077000 CVE-2024-2929,0,0,259a475f54199dd846f57ff088582fd42af9991bb7e5a0933d4c675cb91ec78a,2024-03-26T17:09:53.043000 -CVE-2024-29296,0,0,de2ff32e86db943d3ca44959594172c98fd038bbd822ebea6b99aa67d47df3ca,2024-04-10T15:16:05.033000 +CVE-2024-29296,0,1,5b58dad52a7b2dec666d2978e3f5f4cece57f7bf0cc217fd87e64ea8463739bc,2024-04-10T19:49:51.183000 CVE-2024-2930,0,0,1ad9e8da3d9e338360bae5cfe06f7f2b34c53691a77fd9b2835daafc6357608e,2024-03-27T12:29:30.307000 CVE-2024-29301,0,0,154c6ea8f36ae553114269a1e880d159b7e9b09b869cc177af921f11e043c79a,2024-03-26T12:55:05.010000 CVE-2024-29302,0,0,befca4baa09da55c6ccc652e95ace012df1b1e2aab7ec33ac183ae5971911acf,2024-03-26T12:55:05.010000 @@ -244069,7 +244111,7 @@ CVE-2024-2950,0,0,e07028f6204e1653615da40fab9edc1b22f1b4a28f65125bfe5341d4aac985 CVE-2024-2951,0,0,7025f71f619ebfb5f00b29e3d72fe62bb5f0ea0dbfe92a58b33e63352aa0779c,2024-03-27T12:29:41.530000 CVE-2024-29514,0,0,2d6d3d0a4ae4b5ae40dadfbf4537d707f35bed7e85002b6d4e3d8180d6408f0b,2024-04-02T18:12:16.283000 CVE-2024-29515,0,0,79c9f65757e49bdb19c4dcff88d6ba2d524b1951e790ac90d5ffb4f302abcf45,2024-03-26T12:55:05.010000 -CVE-2024-2952,1,1,ec0723acb59977f90516a04a6c4f7e296d4ad3c148042d06c7113e18fe8e3c0b,2024-04-10T17:15:54.823000 +CVE-2024-2952,0,1,939a970c38c4c38d32f261474303e00aa67a1ba31ee744c3e77cc578544ec28e,2024-04-10T19:49:51.183000 CVE-2024-2954,0,0,297c9bf8798d95f9e2afa5ec16629f7d540183d0c516c52354e99c26b91889b6,2024-03-27T12:29:30.307000 CVE-2024-2955,0,0,7b3584b3085df80313994af4cf3b36fbdc31ed891538537fda101558172f4879,2024-03-27T12:29:30.307000 CVE-2024-2956,0,0,1f998613263914bb93c36fc6850584cdfe450d6dc26811c07d743b16483d0fc7,2024-03-27T12:29:30.307000 @@ -244363,7 +244405,7 @@ CVE-2024-30246,0,0,ef2f9cbdf2157375c2b490b3135678cebbe062ec07ef752831bba7a8dadb1 CVE-2024-30247,0,0,b8cd33ca93898e7e11bf9981fcd02901000e5a3bab8027b365fc72e086e8c4a6,2024-04-01T01:12:59.077000 CVE-2024-30248,0,0,4c43963152883a6062a19090720aa1a677dd64ed7e60fa60f75d3204b7ed0a55,2024-04-02T18:12:16.283000 CVE-2024-30249,0,0,451b2c460cd6450ccb8d45163cd4b39626000415a50759617fe824cc41f1fd54,2024-04-04T19:24:50.670000 -CVE-2024-3025,1,1,7030de8b8417316896bee88f449e0c3310e65121ca0208845aa51ffe4b66bd28,2024-04-10T17:15:55.993000 +CVE-2024-3025,0,1,8f65da18c12ac2b9f0fbdef6115d8c1608e2a0f522d6bb739e0077c2bf373071,2024-04-10T19:49:51.183000 CVE-2024-30250,0,0,7d7190ab371d67395f89de2896d196b17971bd285635e6174ece380a3b4a83b4,2024-04-04T16:33:06.610000 CVE-2024-30252,0,0,59aa59bf0614386f5ce7a2cd6586bb11dd88db615deffea62f6d5f63b8346c78,2024-04-04T19:24:50.670000 CVE-2024-30254,0,0,ca73d473f0415036087aca2c59a68335788468b11a20b2908935567766161388,2024-04-04T19:24:50.670000 @@ -244686,7 +244728,7 @@ CVE-2024-30946,0,0,0dff329aaece035fc82f00595012379643bd5a0edb89ee3a7369d6609e13a CVE-2024-30965,0,0,0e44dd5d951a25ac3e8873a32678a3145da47d1060cb5312576a9c0471b643ad,2024-04-02T18:12:16.283000 CVE-2024-3097,0,0,e69528d6f04fff5e13810e980be56f7c7b2a086aee45771182b437482bff65c2,2024-04-10T13:23:38.787000 CVE-2024-30977,0,0,0a99023cc49f8723c27525ea3fd6d09c0a18e0536fb7ad1e37e70ef0654b9714,2024-04-08T18:49:25.863000 -CVE-2024-3098,1,1,30ede90ed098f415a2d3ce605018705a18bd5422c01f48661096c1c568fd3b08,2024-04-10T17:15:56.213000 +CVE-2024-3098,0,1,6c9612ddcc0eabe1134a3c49c1d4f4b4a8fb99e39689761d9db9b207a4883fdf,2024-04-10T19:49:51.183000 CVE-2024-30998,0,0,179abd0db8095df44a7d1fc224d4f504797395ef6ca242b590dce2e234dbd0de,2024-04-03T12:38:04.840000 CVE-2024-31002,0,0,96e076f675a43d72347dc0c980a987d7f8bd37cac2f635917b77c618d7fb5159,2024-04-02T12:50:42.233000 CVE-2024-31003,0,0,3f0adfc7393f75768ba5f0ff119d336a00244f196f86b1dcc7f91a86901fc5be,2024-04-02T12:50:42.233000 @@ -244694,7 +244736,7 @@ CVE-2024-31004,0,0,f755b2d1295cbba2fb235b141572098c75292e03492bd90218100dd91b46b CVE-2024-31005,0,0,782f5eeda1d450c46424dc60bc6e4a7de1c6ae363a2e211c85f204b9263b919b,2024-04-02T12:50:42.233000 CVE-2024-31008,0,0,fb58f95d5ac3e573901428dcb6b3f88285442daec81b849ad7032a6828042476,2024-04-03T12:38:04.840000 CVE-2024-31009,0,0,4ba716bb3226f0c34bd04f51a3a22402f08a7c166518bbe25119daff68e02eff,2024-04-03T12:38:04.840000 -CVE-2024-3101,1,1,0389ffeda78f329f88bea77abede510a62b48154e06fbaf3a6737270a545420a,2024-04-10T17:15:56.417000 +CVE-2024-3101,0,1,9b3c2c160f2d1bfe69e819647e861314a4fc12690030afc8b742d8e1b3ba69e0,2024-04-10T19:49:51.183000 CVE-2024-31010,0,0,22d3a5a8802df0899a91f29c1da59c9756b041e238b139f6c5446937f944e965,2024-04-03T12:38:04.840000 CVE-2024-31011,0,0,e280dc2325f8c749d256893287e9934a0b438d76a624897891275e16b92e2305,2024-04-03T12:38:04.840000 CVE-2024-31012,0,0,59265fe10316d43a2acb459ea9de60f6a264c8b6d13bc4dae0d363d3b5d71397,2024-04-03T12:38:04.840000 @@ -244766,63 +244808,66 @@ CVE-2024-31210,0,0,0c3a74f1634842d277fcf52471d61be8d27ebe967ace4d479af8f65fffdac CVE-2024-31211,0,0,37f6ef15b9def8ff0d686fae9ad61ad1a082be15bc6a18f70a40cbfe15e962e2,2024-04-05T12:40:52.763000 CVE-2024-31212,0,0,bc73795c68873aacd12eddecc823b76392ffac886146f1dd814e2d43e468bb84,2024-04-05T12:40:52.763000 CVE-2024-31213,0,0,4aff9e2c15103485e15f2d72563e8cf5ff3745458bc3eeef8638c53a238fa724,2024-04-08T18:49:25.863000 +CVE-2024-31214,1,1,6fd2ca8f7b5ff5092bca889a448aa20cbf70a081c1713baee29d50f1f1ef6c72,2024-04-10T19:49:51.183000 CVE-2024-31215,0,0,34a0a231f3970708fb3e5686678c657f48cd1675d27ab51eed18f5cf652dec67,2024-04-04T16:33:06.610000 CVE-2024-31218,0,0,7bde3095db5888b85ce9669e8bb2502e2c0767a6efc1fdc83c6973eaeb264970,2024-04-08T18:49:25.863000 CVE-2024-31220,0,0,5364fec01a2c522837b9bb1f12dd2e109f09573a57ee59445d858fa07dd681f7,2024-04-08T18:49:25.863000 CVE-2024-31221,0,0,093d7a2a638171e5d3f8cc3b06e5a6b3ca8a7674a42c7ed40ef62927f76d1926,2024-04-08T18:48:40.217000 CVE-2024-31224,0,0,2f84ceb3d774709c2492171042eddaeb6b6b98a31b06a1f67434414d962c7206,2024-04-08T18:48:40.217000 +CVE-2024-31230,1,1,52cfa4cc0c105e0f4a014468a390d1fae46fb176c8f9a3fd8a419c5888fe92a6,2024-04-10T19:49:51.183000 CVE-2024-31233,0,0,d489633661459fa8fba7247a4e042c4067793ed99651e43e0cd0674db1c81416,2024-04-08T18:48:40.217000 CVE-2024-31234,0,0,e2afc7f2f1012ca63d202c441d893de0eb7415294dc8692e4b069bf731411329,2024-04-08T18:48:40.217000 CVE-2024-31236,0,0,4b0cdd02fafdfde515330764d02c46af5491731224a8f9b9bb3d6752fb30357a,2024-04-08T18:48:40.217000 CVE-2024-3124,0,0,0636ee928c0356d73e2effbc159ce59d850c83e7a22c6ba92b3f50b98c28bb80,2024-04-01T15:53:18.060000 -CVE-2024-31240,1,1,73ee6653ef96203aaeb5ce16a938895add2c1d8f35e3beca0818e58eb3cc4d27,2024-04-10T16:15:12.047000 +CVE-2024-31240,0,1,9f07781697aa759fcc59082b4c6f556aee9b7696b0665c6342bdd8006b526b59,2024-04-10T19:49:51.183000 CVE-2024-31241,0,0,a7d99fde72ef29ff1cfd0fe2a269999470568d058381f56a307f35a902159e4c,2024-04-08T18:48:40.217000 -CVE-2024-31245,1,1,b51cffa03f731754ff889f49566da8a1a4606935ea063feb7a97ec4b80de0cda,2024-04-10T16:15:12.257000 -CVE-2024-31247,1,1,ee8916fe160ca528fa459428bb5db35b2390b319b29902e767b78f3130655041,2024-04-10T16:15:12.470000 -CVE-2024-31249,1,1,b492b4a5447eb39dd7d04e908eee5f71274610aca600b0232a3d49da9ed555a6,2024-04-10T16:15:12.670000 +CVE-2024-31242,1,1,9ee974fc6556a5b879b5916c73230ef7487ed734210b932a96111b95d6ab825e,2024-04-10T19:49:51.183000 +CVE-2024-31245,0,1,a6748783471098ea606b7da1fa492f255051d20d67b4ea874b20f32f5f6c40b9,2024-04-10T19:49:51.183000 +CVE-2024-31247,0,1,77f99349b5ee73d1d46417701c14587b13c4fc026bae1e1e3dcacdb5020e8602,2024-04-10T19:49:51.183000 +CVE-2024-31249,0,1,dc567d0b773bf4b13e4b74ab8b32236d97624056231327aa00701fee632c0a46,2024-04-10T19:49:51.183000 CVE-2024-3125,0,0,7c2049f0f2088c1a2b8c1e4ee00a5f848a0ae8a9d91f54f3eb97b0a3f7d4e8d6,2024-04-01T15:53:18.060000 -CVE-2024-31253,1,1,6afacf75f2b8c43ffe01fbd86edaf010d1e335e7bcda11d9d47e2f06b14a4f7f,2024-04-10T16:15:12.867000 -CVE-2024-31254,1,1,f68c99cf3d3f34c7100811d6520496d8b8d62f6dc945b0b2e962a9fbe70fd130,2024-04-10T16:15:13.073000 +CVE-2024-31253,0,1,78f0b6a54f0c137e32ddb0cd7f6c5988b22601c8feeeff05dae9f273679d012f,2024-04-10T19:49:51.183000 +CVE-2024-31254,0,1,2cf6b97b82b7ca685133f615cf170b585f46cbb63cda146b7e9e2f45b8c4412c,2024-04-10T19:49:51.183000 CVE-2024-31255,0,0,0d883aec778765163539ebaeed6f6c23502d8d98d69421df131277b74161aced,2024-04-08T18:48:40.217000 CVE-2024-31256,0,0,e48b38259a099cbb76cf911e6af5cabc5863a73c22401e27fabcfed8f4418dda,2024-04-08T18:48:40.217000 CVE-2024-31257,0,0,fa456292adcc4270e79a5301f489c6e165d5b1b11341822d1fab40735b36b372,2024-04-08T18:48:40.217000 CVE-2024-31258,0,0,70ba64c3e0672c516aea184bf9b51e94fe678827f2f5693d4b3dbfedfe55d45c,2024-04-08T18:48:40.217000 -CVE-2024-31259,1,1,14e0447256466ccfdebbc5714dcbb936b2bfdf592e005ee265398aabe8e2f086,2024-04-10T16:15:13.283000 +CVE-2024-31259,0,1,efdb49628f40b67578a55906f9ed71383df344a163aa9aaab9057d7f21783b9d,2024-04-10T19:49:51.183000 CVE-2024-31260,0,0,7e6454e18ac0aac4dfbd56f1964329148e3fb0d2e57f0c69ea3f924848606c06,2024-04-08T18:48:40.217000 CVE-2024-31277,0,0,6d9f95169e2f33c46b0cc3384ba6f4f8c5335f74523b1231fd7b9d9c4e3271a9,2024-04-08T18:48:40.217000 -CVE-2024-31278,1,1,838e1f741471dc3b2c6ca30e799c67859fb30a72b81619e740e86b31b6ecec4e,2024-04-10T16:15:13.483000 +CVE-2024-31278,0,1,5fca286ba4fb85e19d6f2aa20a43535dfb21ddcf27d77966f9785126691400ad,2024-04-10T19:49:51.183000 CVE-2024-3128,0,0,99e446b9358b3359d41455e79f935e7a2346ef504383103b90e3f03b87e0b1be,2024-04-01T15:53:18.060000 CVE-2024-31280,0,0,9e9b815bd712cdeca69ca5173415a6797e0b892c1fe0c623b9d101db7359150a,2024-04-08T18:48:40.217000 -CVE-2024-31282,1,1,c1edd9982366a1d9520445f4302a622f3594dbc3b5520249462aa357136c9439,2024-04-10T16:15:13.693000 +CVE-2024-31282,0,1,5936d2319178c50c30843c7ee4db925608db08d53e49d6aed7a5d5b8f4adeca5,2024-04-10T19:49:51.183000 CVE-2024-31286,0,0,e1da10ca58ecb94e30ee69cf28bc9450f2f10eb7f9a84a3b3e2823a17dee6482,2024-04-08T18:48:40.217000 -CVE-2024-31287,1,1,885356198f51cb0574ab3ef937c43e9f3c3c42c548cf12acab7c9732b52f481e,2024-04-10T16:15:13.910000 +CVE-2024-31287,0,1,d3b9f66c99b69110f7dd9854d4eaa18fbf3158907931625a02e30c57de0c45d1,2024-04-10T19:49:51.183000 CVE-2024-31288,0,0,13535f8dee937d7662ab695698374962ab0e6755720cafc69b6c10df5e8fa97c,2024-04-08T18:48:40.217000 CVE-2024-3129,0,0,27905c678ccde6c6c34478a63dd1fa6ed5863639c794da268ac6a9e07ad3aaf4,2024-04-02T12:50:42.233000 CVE-2024-31291,0,0,0650af4fe4b6cc0120edec2cb58310f5b2a57c0e765ec2df7495db5e8150ac38,2024-04-08T18:48:40.217000 CVE-2024-31292,0,0,c70d462af6bc2404bf991c897ce5371715c148323bb7e37fc83e7d154cd03a36,2024-04-08T18:48:40.217000 CVE-2024-31296,0,0,47134b63bac7f8af797ca504db1cf6e76dc826da8fa665ee8c7ed1c27292df1b,2024-04-08T18:48:40.217000 -CVE-2024-31297,1,1,d7711503d4f68a600ed6ab44f6bbb8f6f7460623d8cb77c73b04cd6a228c200e,2024-04-10T16:15:14.137000 -CVE-2024-31298,1,1,cdc530720b0d5d96952b3e0972b3de8bc631e99456c351000afb1800b9352453,2024-04-10T16:15:14.353000 -CVE-2024-31299,1,1,f48d8db87d5a65725e74c617b1f561fe42ddc75ea95b7173db5e342458f806f7,2024-04-10T17:15:55.013000 +CVE-2024-31297,0,1,88f6848587565ccdefc9d08a51c388afa534b4f0ce7911a5a1799f7110c82c1d,2024-04-10T19:49:51.183000 +CVE-2024-31298,0,1,75f0543a46ec047f4866e7cbe527aff341f7aebbe53d7e9c6d154aad7568ac61,2024-04-10T19:49:51.183000 +CVE-2024-31299,0,1,3cd097454f2af8d7dbd4b37b7e30458e12157596eadc5450d37a4ce6cc09ad60,2024-04-10T19:49:51.183000 CVE-2024-3130,0,0,f68ffdb025359112b42b29b07959a49895dfaeeef79aecb0f7981acd1536b04b,2024-04-01T12:49:00.877000 -CVE-2024-31302,1,1,a5f7ea6d41fe38770bf03b298592e55b5137afd8316d55b389839e731a54cc76,2024-04-10T16:15:14.563000 +CVE-2024-31302,0,1,f0642b2cb338c07dbec34f8e2d8ddeed605927fa281b7a4cbd0d9d6a5f17a693,2024-04-10T19:49:51.183000 CVE-2024-31306,0,0,8b51fcbcc9a456d52c739540d0a41682a94a82657203d9841ed70dd111575cfa,2024-04-08T18:48:40.217000 CVE-2024-31308,0,0,5e2ae5593f1ea9760ae6e8cbc575821053a6196641c6e6bb427e79b97acb4828,2024-04-08T18:48:40.217000 CVE-2024-31309,0,0,a6ebded9b79c4b9b0e7c42ff6a32d3df2921def7de8590e06e811867b3839991,2024-04-10T13:23:38.787000 CVE-2024-3131,0,0,2b79afbaf014f4ade09eea20b1cd97cb73297f40c06110081e5ce6e7cfad71a4,2024-04-02T12:50:42.233000 -CVE-2024-31342,1,1,1f3af3fdd84ae008987d71360202a1bec9984f251dbf446e4083f2e858de98ae,2024-04-10T17:15:55.217000 -CVE-2024-31343,1,1,040be01e2bb750cf356cf6154217a55f442049ff4b95b611a3f0be8cb43d4dc4,2024-04-10T17:15:55.417000 +CVE-2024-31342,0,1,3dcf837177f2ee22dd479f7dc441eb8e323a27e9d61f77326ada203aab00e68b,2024-04-10T19:49:51.183000 +CVE-2024-31343,0,1,07130367d283f095e3c4a097fcb374b7f0ee04a0481c3dc18f14571141420df5,2024-04-10T19:49:51.183000 CVE-2024-31344,0,0,e0ca2da61833234a90b054de95f2f160bbebd4a497bc87a3e17ec60ef242d468,2024-04-08T18:48:40.217000 CVE-2024-31345,0,0,c859189c3b3107b07d10bea32bcd00363efe87690798f404d3b6d54b355ed2ba,2024-04-08T18:48:40.217000 CVE-2024-31346,0,0,2d1e98ecfdeadb3523494e02b9eb42f9bcc66ecdd22c3cc2efc458ade5b5c930,2024-04-08T18:48:40.217000 CVE-2024-31348,0,0,cfc095c1fc0e4b141af08e05231276cb08ae09886eb38442cb07d948f68e6eab,2024-04-08T18:48:40.217000 CVE-2024-31349,0,0,8d1bd13d7c4f34f460e790c462e1e7791a20313dfd6a20b06dc021131d4e0db2,2024-04-08T18:48:40.217000 CVE-2024-3135,0,0,91954ab6e8bf3cb2f93a640035369c46334c6e185515d1b835de2161b0fd8f69,2024-04-02T12:50:42.233000 -CVE-2024-31353,1,1,6231a485ce12e3f4e3a9bf77b5999e638f90b45a85731af6ad5366486cbab892,2024-04-10T16:15:14.777000 -CVE-2024-31355,1,1,ff40a91efdfe9898aa87adeb71374ef3b05acd3032ba6a368c94eda71753115d,2024-04-10T17:15:55.617000 -CVE-2024-31356,1,1,896d5c9fb2b4e92aae068162cebd3c20e31f89b178348df0b14e27ccac3b619e,2024-04-10T17:15:55.807000 +CVE-2024-31353,0,1,aade8ea974e91d3ae50650294acb50b66beb284df0b61f73187afa65e397e66d,2024-04-10T19:49:51.183000 +CVE-2024-31355,0,1,a5dea31bb77e2304134bdb1d51afef23705a4ddfdf5cc895a42a4a0b3df4a7e3,2024-04-10T19:49:51.183000 +CVE-2024-31356,0,1,d1fb89c74ef35b55d35626ff0b96164cf14f53f3d140d53e498a9c6cfdf37218,2024-04-10T19:49:51.183000 CVE-2024-31357,0,0,6d1a7933989bbcdba28fa02b8be4705197f66c46746bd7fe377d13c6e2cc0304,2024-04-08T18:48:40.217000 -CVE-2024-31358,1,1,3046cf5dd7006fa9fdf87aea855b3a1384e34d5d1d76aca1ae109e0113bd763e,2024-04-10T16:15:14.980000 +CVE-2024-31358,0,1,6558c715d0691fb109d69acf906c307579e6fb555e946d8884919d7438b5b765,2024-04-10T19:49:51.183000 CVE-2024-3136,0,0,16e180c3a4e8380e294a04323e77ae11557d2687dddc06a943019ed361c6cee2,2024-04-10T13:23:38.787000 CVE-2024-31365,0,0,c940557b1d8090d7c4b40b91442276e3021286d8a5d5418b8ff9252921cde6e4,2024-04-09T12:48:04.090000 CVE-2024-31366,0,0,75b2b689edca4c4fe2cdb7df1b8ed82e64c11b89b9b73cbce127601f1ecfacae,2024-04-09T12:48:04.090000 @@ -244834,6 +244879,7 @@ CVE-2024-31370,0,0,6f6e1dfc72d0841ebaadb7bdc4bbf124cf6313a520f59380c092d9365f2d4 CVE-2024-31375,0,0,b0ef1f22f63ca31cfb2164ca0bddec7fc53a5ee9672cb520fcd2e704c7c6fdab,2024-04-08T18:48:40.217000 CVE-2024-3138,0,0,b2250a42d544b358de2555f1c668a77223939f10414766861d02ac21eac35bc6,2024-04-02T12:50:42.233000 CVE-2024-31380,0,0,d044c4c41af2f67b9e10a84372a0da5aeb36e8aa53f4901f4d0660af26a33358,2024-04-05T14:15:10.487000 +CVE-2024-31386,1,1,15fec49971ff13003aab552d95c7df7a6744ee4763b24dacb4b183ffe115ea40,2024-04-10T19:49:51.183000 CVE-2024-3139,0,0,ea53ec9a6dc1c2a719d7c48bab67da65c2ac8a1d444e99171b341666ca5377cf,2024-04-02T12:50:42.233000 CVE-2024-31390,0,0,0875d8345a5b76d413fbbf2495b8c73d39cfd6ca77e21422f3300e66fa9097ad,2024-04-05T14:15:10.590000 CVE-2024-31392,0,0,e47fa59932bfeb069e43bdeea717668f4f8eb0beb6cf866b3eeac98c4b5a7755,2024-04-03T17:24:18.150000 @@ -244853,16 +244899,19 @@ CVE-2024-31454,0,0,8db2bbe4132702219bc03641a810be94dad7efac0e2e91debb24c46ce5d5b CVE-2024-31455,0,0,b40b7111c3a48ebfbdcdf983ca30b058e509485964899acad9986b778f0be984,2024-04-10T13:24:00.070000 CVE-2024-31457,0,0,2a3df56afd0a6a9934427214a76e8de40165fd02e6f2532ac344e6e6c96b32d7,2024-04-10T13:24:00.070000 CVE-2024-3146,0,0,c53d63ca526f35fd2250cfdb239f061e8b52186457f5fd4f6bc18a291d69a364,2024-04-02T12:50:42.233000 +CVE-2024-31461,1,1,78d12ab3381b5c3fda69b1f5421edfe2ff30f397a9794d52b313ced0ec0ec1d3,2024-04-10T19:49:51.183000 +CVE-2024-31464,1,1,0e334e051a2f53edc57cbce800fcc17540fa9d746f3833bb6b1e894dc6dae023,2024-04-10T19:49:51.183000 CVE-2024-3147,0,0,02625b405a9656dc1928c253c58a24946e5b9cb50ef47acb30b3a3a470e8efd5,2024-04-02T12:50:42.233000 CVE-2024-3148,0,0,da83dea91bd5fed523ca15df13db4100d62650319dcc492fed6d52171a819a8a,2024-04-02T12:50:42.233000 CVE-2024-31487,0,0,4f24e6db0f56a97932d1fcb48db397a06c0f937b932a453b76d90975be251d2c,2024-04-10T13:24:22.187000 -CVE-2024-31492,0,0,10a1a161e562d7d14db28d123cdacfd10d37db3d35e5efa1d3efb0bb6bde37de,2024-04-10T13:51:38.607000 +CVE-2024-31492,0,1,0fd2d64bb6a585b3de44def7ab6d30c061e7d16403fa2c6b10d1070ad75aaa41,2024-04-10T19:49:51.183000 CVE-2024-31498,0,0,db3c4e2337e3fccc66e084ef6016d8532925f451bef4124b0c2782f0c54d90b6,2024-04-08T00:15:08 CVE-2024-31506,0,0,f0c0ad036c0ec10b51b27d4f80333d06dd18714e702e791b36fead3cfeecf942,2024-04-10T13:24:00.070000 CVE-2024-31507,0,0,7d44cb6bde5519ce1d24c40e1677aaa1b97fbc6767c1c209aa289332648eef75,2024-04-10T13:24:00.070000 CVE-2024-3151,0,0,dbc1fd34b22356e776c12a200bc45c40de5eea60ac1974d151d7c1d279b32bb4,2024-04-02T18:12:16.283000 CVE-2024-31544,0,0,66684c110e179f1773e7d3dfaef94b79d6587a52feb2f517dadcce12d45cb7ec,2024-04-10T13:24:22.187000 CVE-2024-3156,0,0,672d7786ba8482c7e78ab9597c9f5a6e717f264787edb700157c849ff3c9f687,2024-04-08T18:48:40.217000 +CVE-2024-3157,1,1,a48d898411742b6ba02e4eb44f80f58b23802453a93303af5f3aaf05d034570d,2024-04-10T19:49:51.183000 CVE-2024-3158,0,0,d2414412e299d1c6c6fd5c25934ca9d016ec38ac6210ea884f5d6eabc2220b22,2024-04-08T18:48:40.217000 CVE-2024-3159,0,0,ab3d3fc3f58ff99c2f10e23574a75e665f3343c344ecfe71138e927973febb6e,2024-04-08T18:48:40.217000 CVE-2024-3160,0,0,f3860e2f9070e5e070adb0fe8ff153c3f84611a0ac253de8db1847a3b6990614,2024-04-02T12:50:42.233000 @@ -244899,11 +244948,13 @@ CVE-2024-31865,0,0,04dfdf035e493f88bce65903e65f84e8599efae6e3af89abc0575aef7d503 CVE-2024-31866,0,0,bda197220172d5ac79fa5cdeff3a9ea320c7e12dbdccfabc3aa60eaf4bac8cc3,2024-04-10T13:24:22.187000 CVE-2024-31867,0,0,a22bc2594272931d6311310ff7d8ee01a53e68438a4bb9f26b277ce07bc2d2c2,2024-04-10T13:24:00.070000 CVE-2024-31868,0,0,fd424b6565f5ee96626749670c0de5218db966efe0621eaf47ff0a7c6e63316c,2024-04-10T13:24:22.187000 -CVE-2024-31871,1,1,164df281b6774b9813cae791f9dbd90f67673706b93b7e36880c26c30e103151,2024-04-10T16:15:15.183000 -CVE-2024-31872,1,1,7e4d2a7d34e0717e84e3027d41fce3ad7627404012f43716d9cb96b8b647798a,2024-04-10T16:15:15.413000 -CVE-2024-31873,1,1,0edd6508ed32706c0fe9fb666a00f9b880f207ac8ebbcfaca3892c33e6b7bd6f,2024-04-10T16:15:15.670000 -CVE-2024-31874,1,1,5617c13ecaaeffc823a32bbba80664168c4c85cdc6ccce1d5073099e07361a12,2024-04-10T16:15:15.890000 -CVE-2024-31924,0,0,a498c57c94d122cdca3f87d5c7b399d30c0cc7252b2f77d29c917bca35ed5730,2024-04-10T13:51:38.793000 +CVE-2024-31871,0,1,2e9cb20a8839296f42d6bc6aa4eee6ec286fed065eef42e4971f116c0f81a135,2024-04-10T19:49:51.183000 +CVE-2024-31872,0,1,7d09da772d85c1598253bebf81c543077ef995af0f84d1cf088132605a2400f9,2024-04-10T19:49:51.183000 +CVE-2024-31873,0,1,30397559953deb34a9ae192149473632dc6b2334245e920787a4c5e14fc76375,2024-04-10T19:49:51.183000 +CVE-2024-31874,0,1,1770e58d0ae5591eb931a8cdfdb054fb4d854f81849d14af250c71db6caf553c,2024-04-10T19:49:51.183000 +CVE-2024-31924,0,1,f6b9db9f53cdffb6f393ef618d7b0bada6f867ced301e91b9a83cccba162e103,2024-04-10T19:49:51.183000 +CVE-2024-31943,1,1,d050ed16bd2fd56e0b74cc5712c1eb7ef94538d6cfa9c00022a6cfa048bd2dcc,2024-04-10T19:49:51.183000 +CVE-2024-31944,1,1,d1cf01bee95ac2d1b4f198f30f665ce7f3dae041b6378dd5d37f86b95341e18f,2024-04-10T19:49:51.183000 CVE-2024-31948,0,0,b8fd3eda997fc89b9e55a498d2068e6465c743165b4060fd79003e8bed0e6076,2024-04-08T18:48:40.217000 CVE-2024-31949,0,0,e7ba39ada062d71e6dcc57a3b21fdc31258fde0372c873d76cfd22b57d87a6fc,2024-04-08T18:48:40.217000 CVE-2024-31950,0,0,6cefb0ca8246a802eee33ecaeabf30a3794c53c92173f69e19945e3bf38104d7,2024-04-08T18:48:40.217000 @@ -244952,7 +245003,7 @@ CVE-2024-3272,0,0,32d3ad93a54dc7dcb0170715c810c40dd0605ff3f1d2f7f8a6ff5917823744 CVE-2024-3273,0,0,ccbb6a5c5c4c4b06e891e32f07239c6503baf5145f7bfada1cdbd5f43ea6ab91,2024-04-07T14:15:07.753000 CVE-2024-3274,0,0,64bfe86321ec1e05b957bdddb515317b23c7b94e70b2d69aa950c222026c2d4b,2024-04-05T05:15:07.843000 CVE-2024-3281,0,0,25e1b157d3d06febc113760b0b676264898985898c3206c1611026e4fe7c0d04,2024-04-10T13:24:22.187000 -CVE-2024-3283,1,1,a06ba9ce2f8f9c366dd911ac60a7d886556792ba6046c4b094f091d432ab0893,2024-04-10T17:15:56.600000 +CVE-2024-3283,0,1,8b1939d21df3d4399a3bf874e70470053c1a0ae20421841ad51c79aca5727c56,2024-04-10T19:49:51.183000 CVE-2024-3296,0,0,bcc39314c1e9f6d53aa0ccc8e7e7cac7c279f7f6ee5a27f19287b128ea2ed6c7,2024-04-05T12:15:37.777000 CVE-2024-3298,0,0,35145d829af4d19541380a93e6723503e514b69e11aa4b007b05099610c37f21,2024-04-04T16:33:06.610000 CVE-2024-3299,0,0,f60f2a80accdd6f345a6a9cd66637eda180121596f90c2e7d75707c9fce20eb6,2024-04-04T16:33:06.610000 @@ -244988,13 +245039,13 @@ CVE-2024-3369,0,0,e3c099d97f4615fd0bf35e293e8afc71fb6636d75a6e8857803e7363f586c2 CVE-2024-3376,0,0,a44606f0e0f52265c967a23d1996957121644dd3e16f349273355b41a733a952,2024-04-08T18:48:40.217000 CVE-2024-3377,0,0,b9c26f39121bc5b3f33e843b7dc4f79656f85d5d7e06d317a6f580e23e2f2d21,2024-04-08T18:48:40.217000 CVE-2024-3378,0,0,441d38ccdf0bfa51595190b439b3af8b6e823452b73c1d9ce2fa153fecaa7bf8,2024-04-08T18:48:40.217000 -CVE-2024-3382,1,1,6250b9ac0178b4a1d0808a96e38a62490e9a13f504f156ed2d1f638cb9026dac,2024-04-10T17:15:56.793000 -CVE-2024-3383,1,1,2a000a4d16b7a0f045f7c1b32394a4a0a57d7e2dc260a8977bd95aac8d45828d,2024-04-10T17:15:57 -CVE-2024-3384,1,1,4bc7afa5bb8e4be54b4a46f33c8daed6177832968c9f83cf112c317536362282,2024-04-10T17:15:57.217000 -CVE-2024-3385,1,1,6a0eca6cba318320064881c37bd29625bfa7cb66c991ff6103a2bfa53abafffc,2024-04-10T17:15:57.410000 -CVE-2024-3386,1,1,89c3f50902cd1c2761850eedd79aaf1fbee247641be1a15f01aa871c8ef832cb,2024-04-10T17:15:57.593000 -CVE-2024-3387,1,1,bc04687dcbef136eb4011f7e0b73b6f57370ddb06e2f9bfd0ae8cc7939c92574,2024-04-10T17:15:57.787000 -CVE-2024-3388,1,1,043320c1e5f9ac093e7d4fac716596174beb1e84f09df0f6cd4c2d37e1ee4b9b,2024-04-10T17:15:57.970000 +CVE-2024-3382,0,1,359ee56c09e0a2a64315ebc823efc4b55ab60390ccbf48a0550f896cf550e0d4,2024-04-10T19:49:51.183000 +CVE-2024-3383,0,1,23294a2c02d282067f57807e610d19ad62151e7737eff1a2dbce91b2ce33a939,2024-04-10T19:49:51.183000 +CVE-2024-3384,0,1,f1db02aa38b819888be52a421a922174001b5f3c9e0abe3ab9082a168503f129,2024-04-10T19:49:51.183000 +CVE-2024-3385,0,1,dafd55987e5738b5d6ec37d523526a7e0269d60d96cd780933abafbc800645a8,2024-04-10T19:49:51.183000 +CVE-2024-3386,0,1,d08d523d066834a85bfe06023f05a033d8631a6197479f66bfb86438af143c6d,2024-04-10T19:49:51.183000 +CVE-2024-3387,0,1,59a783d7f5a632f1312dc02ccd745e7c758f93e478c4554a0dbc9aba27d256c0,2024-04-10T19:49:51.183000 +CVE-2024-3388,0,1,9a13547aa29d2171bfe252870fb3dde44261a463a11a31d9062dc130e0f3c4f3,2024-04-10T19:49:51.183000 CVE-2024-3413,0,0,aced399778e327cee5cf198081d9bdf3455bb8b4f6f07ab63a363d1f2f176f60,2024-04-08T18:48:40.217000 CVE-2024-3414,0,0,feaabddfa202ebce2051b076a69d208b6e00c54c45204aa16ad4c562d422a4df,2024-04-08T18:48:40.217000 CVE-2024-3415,0,0,69b4f2d326454d708c758e1e5e8e0973ef414882bdc69e5338500c9bfa15c9b2,2024-04-08T18:48:40.217000 @@ -245027,7 +245078,7 @@ CVE-2024-3443,0,0,dcf7a7ac83ec19a2b51ff8dd3498e04b939833362cfa3466fc10f3b29ee252 CVE-2024-3444,0,0,3812a13b863162fe5dbf533015356ab08cbad26558f272ffa75e86c4cdebee6f,2024-04-08T18:48:40.217000 CVE-2024-3445,0,0,ef7aa6f0864c9aad341730cd7a41ad7e7c88a45dd8e870617cb046d9fe7cc940,2024-04-08T18:48:40.217000 CVE-2024-3446,0,0,9cc1a5df3a128fed250330ab35c2459b0a539ef5faab034b1ec88e40f4c9e7ad,2024-04-10T13:23:38.787000 -CVE-2024-3448,0,0,fd85cdfaf49420878fbde6ba8e26768c4457c23f32a0da22644048241b681498,2024-04-10T14:15:07.937000 +CVE-2024-3448,0,1,021c30870d8f8b1098b5af9846caa6063210970f245b043a7cdabf189d7ad22d,2024-04-10T19:49:51.183000 CVE-2024-3455,0,0,2a79458511cc023c776f69dd26438ba48a54ecc3ce4715cf5a2dbcf735d2bfae,2024-04-08T18:48:40.217000 CVE-2024-3456,0,0,1163b826cb31daaf8e489647ff09bfd19b3fb113321ed6ccdf58236f2b7e5e1b,2024-04-08T18:48:40.217000 CVE-2024-3457,0,0,11a1e136160c0247fcf615183184cef87c2f9a8ed0a4cc454a1baf664c38c18a,2024-04-08T18:48:40.217000 @@ -245038,6 +245089,8 @@ CVE-2024-3465,0,0,2c147ebdab1a9c2f236be45a5e3f17abf5dd87162f7d74a530cad5ba9d863b CVE-2024-3466,0,0,4cdee9397ccb0cc6b86df3dd4a626bfe2bd945ea650bd37ea0096866891b044c,2024-04-09T12:48:04.090000 CVE-2024-3512,0,0,9fab09521defa3b929d660a9496a4af1fa0a4b7726e2f53df4217da43374507a,2024-04-10T13:23:38.787000 CVE-2024-3514,0,0,54bd45bb35a78ed15c2c093fdd8b5ff049bcac91bf070aed86da588bcb0ce8d4,2024-04-10T13:23:38.787000 +CVE-2024-3515,1,1,e00618d71e1a083ddf0ca66b0d361b3d55577664b06455c8b00d0ef44e577e59,2024-04-10T19:49:51.183000 +CVE-2024-3516,1,1,069f623e5dc9f62dfe7d0e2f8f12ef959f91df26982d5aa8df2384f36735ef9d,2024-04-10T19:49:51.183000 CVE-2024-3521,0,0,acf1a76945d56ff20a99a310fbd7c47b507ec009f42354f0b211be32857be000,2024-04-10T13:23:38.787000 CVE-2024-3522,0,0,7dfacae357bc103f897fa7eb83c22d3b96e70f04184ba05d85493745fc4ec1f5,2024-04-10T13:23:38.787000 CVE-2024-3523,0,0,29eca20764dccdb36e6bc99e2a21a8a3d515bf7ce75bb8c7881696e03b51b56c,2024-04-10T13:23:38.787000 @@ -245061,8 +245114,8 @@ CVE-2024-3541,0,0,1d866f54ff8b6e7e2869293997ab47cecd33cacf97a0203bba1e57652d9ca4 CVE-2024-3542,0,0,0d21c4060f858012d49deeae87a2fe049fa60602ca45cc7181250e2f714fcc8f,2024-04-10T15:01:40.130000 CVE-2024-3545,0,0,e7befd85f678d936dfb5f44e5042228a61683aa4e34c39075402d6d0e1f187da,2024-04-10T13:23:38.787000 CVE-2024-3556,0,0,3585ee5c92a9c3d529b040dd670fbfee3d6182484f87bd29638348adaae5ce9a,2024-04-09T22:15:07.470000 -CVE-2024-3566,1,1,deeb75cf7529197321a3cd5b93d61adc75c33c03716b5d4e6b342939ab0d1243,2024-04-10T16:15:16.083000 -CVE-2024-3567,0,0,299fad287027d7b41630f36485981ea8b9389f4d07917b886d0e8ba31a59b9a3,2024-04-10T15:16:05.097000 -CVE-2024-3568,1,1,fb11f16548f36552a36eb9dcb853137fe7ad85ad75eb5d28205705d760314599,2024-04-10T17:15:58.160000 -CVE-2024-3569,1,1,5edce081433b4b04a780b727d9d1884416cc228d8f35a426da03389b1b4bad14,2024-04-10T17:15:58.350000 -CVE-2024-3570,1,1,8f5254675863fafd5eec67f84fdf3613d5bea7ad381d8b9c0302ea9c646dd593,2024-04-10T17:15:58.543000 +CVE-2024-3566,0,1,e417ef1ceca67d3a9a8ba800520d4a9974bcf4eba2e3e6325dafdfbfe6af8d6b,2024-04-10T19:49:51.183000 +CVE-2024-3567,0,1,1af258b632f5894f7acbe467a6e60fcd03c7c24b1a6d5af3526bc195f6d9c620,2024-04-10T19:49:51.183000 +CVE-2024-3568,0,1,573133d2a7191a46b0975280ef7162f7787321191e0ad33f2c4c70c7e8d9c3f5,2024-04-10T19:49:51.183000 +CVE-2024-3569,0,1,1713859ca5226d02b2325e4195882c2c405d5fa4ce56952eae5e58bc3dad6bde,2024-04-10T19:49:51.183000 +CVE-2024-3570,0,1,df44050a6262c2969e286478660750960763247b24187b06070fe7dd6b9e3002,2024-04-10T19:49:51.183000