diff --git a/CVE-2024/CVE-2024-05xx/CVE-2024-0562.json b/CVE-2024/CVE-2024-05xx/CVE-2024-0562.json new file mode 100644 index 00000000000..f9826f4f73b --- /dev/null +++ b/CVE-2024/CVE-2024-05xx/CVE-2024-0562.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2024-0562", + "sourceIdentifier": "secalert@redhat.com", + "published": "2024-01-15T19:15:08.120", + "lastModified": "2024-01-15T19:15:08.120", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdi_unregister is called to stop further write-back and waits for associated delayed work to complete. However, wb_inode_writeback_end() may schedule bandwidth estimation work after this has completed, which can result in the timer attempting to access the recently freed bdi_writeback." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-0562", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258475", + "source": "secalert@redhat.com" + }, + { + "url": "https://patchwork.kernel.org/project/linux-mm/patch/20220801155034.3772543-1-khazhy@google.com/", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-05xx/CVE-2024-0565.json b/CVE-2024/CVE-2024-05xx/CVE-2024-0565.json new file mode 100644 index 00000000000..2dccfcdc10d --- /dev/null +++ b/CVE-2024/CVE-2024-05xx/CVE-2024-0565.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2024-0565", + "sourceIdentifier": "secalert@redhat.com", + "published": "2024-01-15T20:15:43.630", + "lastModified": "2024-01-15T20:15:43.630", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-191" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-0565", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258518", + "source": "secalert@redhat.com" + }, + { + "url": "https://www.spinics.net/lists/stable-commits/msg328851.html", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index d29d506b1a3..394c446ae9a 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-01-15T19:00:25.226464+00:00 +2024-01-15T21:00:24.921794+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-01-15T17:15:10.023000+00:00 +2024-01-15T20:15:43.630000+00:00 ``` ### Last Data Feed Release @@ -29,32 +29,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -235933 +235935 ``` ### CVEs added in the last Commit -Recently added CVEs: `6` +Recently added CVEs: `2` -* [CVE-2024-0317](CVE-2024/CVE-2024-03xx/CVE-2024-0317.json) (`2024-01-15T17:15:08.850`) -* [CVE-2024-0318](CVE-2024/CVE-2024-03xx/CVE-2024-0318.json) (`2024-01-15T17:15:09.060`) -* [CVE-2024-0319](CVE-2024/CVE-2024-03xx/CVE-2024-0319.json) (`2024-01-15T17:15:09.280`) -* [CVE-2024-0320](CVE-2024/CVE-2024-03xx/CVE-2024-0320.json) (`2024-01-15T17:15:09.557`) -* [CVE-2024-0557](CVE-2024/CVE-2024-05xx/CVE-2024-0557.json) (`2024-01-15T17:15:09.753`) -* [CVE-2024-0558](CVE-2024/CVE-2024-05xx/CVE-2024-0558.json) (`2024-01-15T17:15:10.023`) +* [CVE-2024-0562](CVE-2024/CVE-2024-05xx/CVE-2024-0562.json) (`2024-01-15T19:15:08.120`) +* [CVE-2024-0565](CVE-2024/CVE-2024-05xx/CVE-2024-0565.json) (`2024-01-15T20:15:43.630`) ### CVEs modified in the last Commit -Recently modified CVEs: `7` +Recently modified CVEs: `0` -* [CVE-2021-20314](CVE-2021/CVE-2021-203xx/CVE-2021-20314.json) (`2024-01-15T17:15:08.033`) -* [CVE-2021-33912](CVE-2021/CVE-2021-339xx/CVE-2021-33912.json) (`2024-01-15T17:15:08.160`) -* [CVE-2021-33913](CVE-2021/CVE-2021-339xx/CVE-2021-33913.json) (`2024-01-15T17:15:08.263`) -* [CVE-2021-3532](CVE-2021/CVE-2021-35xx/CVE-2021-3532.json) (`2024-01-15T17:15:08.337`) -* [CVE-2021-3533](CVE-2021/CVE-2021-35xx/CVE-2021-3533.json) (`2024-01-15T17:15:08.377`) -* [CVE-2022-23853](CVE-2022/CVE-2022-238xx/CVE-2022-23853.json) (`2024-01-15T17:15:08.480`) -* [CVE-2023-5178](CVE-2023/CVE-2023-51xx/CVE-2023-5178.json) (`2024-01-15T17:15:08.590`) ## Download and Usage