admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-03-11T19:01:11.048910+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-03-11 19:03:58 +00:00
parent 58168b052a
commit e4c09c01db
61 changed files with 1590 additions and 124 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CVE-2023/CVE-2023-28xx/CVE-2023-2861.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2861",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2023-12-06T07:15:41.430",
"lastModified": "2024-01-25T14:15:25.643",
"lastModified": "2024-03-11T18:15:15.687",
"vulnStatus": "Modified",
"descriptions": [
{
@ -114,9 +114,17 @@
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html",
"source": "patrick@puiterwijk.org"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240125-0005/",
"source": "patrick@puiterwijk.org"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240229-0002/",
"source": "patrick@puiterwijk.org"
}
]
}

8
CVE-2023/CVE-2023-33xx/CVE-2023-3354.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3354",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-11T17:15:13.387",
"lastModified": "2023-11-07T14:50:29.993",
"vulnStatus": "Analyzed",
"lastModified": "2024-03-11T18:15:15.843",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -170,6 +170,10 @@
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MURWGXDIF2WTDXV36T6HFJDBL632AO7R/",
"source": "secalert@redhat.com",

20
CVE-2023/CVE-2023-400xx/CVE-2023-40081.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40081",
"sourceIdentifier": "security@android.com",
"published": "2023-12-04T23:15:23.973",
"lastModified": "2024-02-15T20:58:09.707",
"vulnStatus": "Analyzed",
"lastModified": "2024-03-11T17:15:45.170",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -89,20 +89,12 @@
],
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/1a42ae5379269b9e4dac9f5fbf803c6c731c655d",
"source": "security@android.com",
"tags": [
"Mailing List",
"Patch"
]
"url": "https://android.googlesource.com/platform/frameworks/base/+/6fab80f141163de4d0008f7cd081cfc4917c3c68",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-12-01",
"source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://source.android.com/security/bulletin/2024-03-01",
"source": "security@android.com"
}
]
}

8
CVE-2023/CVE-2023-50xx/CVE-2023-5088.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5088",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-03T14:15:08.560",
"lastModified": "2024-03-07T17:46:40.173",
"vulnStatus": "Analyzed",
"lastModified": "2024-03-11T18:15:17.433",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -139,6 +139,10 @@
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html",
"source": "secalert@redhat.com"
},
{
"url": "https://lore.kernel.org/all/20230921160712.99521-1-simon.rowe@nutanix.com/T/",
"source": "secalert@redhat.com",

48
CVE-2023/CVE-2023-524xx/CVE-2023-52486.json Normal file
View File

@ -0,0 +1,48 @@
{
"id": "CVE-2023-52486",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:16.427",
"lastModified": "2024-03-11T18:15:16.427",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: Don't unref the same fb many times by mistake due to deadlock handling\n\nIf we get a deadlock after the fb lookup in drm_mode_page_flip_ioctl()\nwe proceed to unref the fb and then retry the whole thing from the top.\nBut we forget to reset the fb pointer back to NULL, and so if we then\nget another error during the retry, before the fb lookup, we proceed\nthe unref the same fb again without having gotten another reference.\nThe end result is that the fb will (eventually) end up being freed\nwhile it's still in use.\n\nReset fb to NULL once we've unreffed it to avoid doing it again\nuntil we've done another fb lookup.\n\nThis turned out to be pretty easy to hit on a DG2 when doing async\nflips (and CONFIG_DEBUG_WW_MUTEX_SLOWPATH=y). The first symptom I\nsaw that drm_closefb() simply got stuck in a busy loop while walking\nthe framebuffer list. Fortunately I was able to convince it to oops\ninstead, and from there it was easier to track down the culprit."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/376e21a9e4c2c63ee5d8d3aa74be5082c3882229",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/62f2e79cf9f4f47cc9dea9cebdf58d9f7b5695e0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9dd334a8245011ace45e53298175c7b659edb3e7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b4af63da9d94986c529d74499fdfe44289acd551",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bfd0feb1b109cb63b87fdcd00122603787c75a1a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cb4daf271302d71a6b9a7c01bd0b6d76febd8f0c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d7afdf360f4ac142832b098b4de974e867cc063c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f55261469be87c55df13db76dc945f6bcd825105",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2023/CVE-2023-524xx/CVE-2023-52487.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-52487",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:16.520",
"lastModified": "2024-03-11T18:15:16.520",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix peer flow lists handling\n\nThe cited change refactored mlx5e_tc_del_fdb_peer_flow() to only clear DUP\nflag when list of peer flows has become empty. However, if any concurrent\nuser holds a reference to a peer flow (for example, the neighbor update\nworkqueue task is updating peer flow's parent encap entry concurrently),\nthen the flow will not be removed from the peer list and, consecutively,\nDUP flag will remain set. Since mlx5e_tc_del_fdb_peers_flow() calls\nmlx5e_tc_del_fdb_peer_flow() for every possible peer index the algorithm\nwill try to remove the flow from eswitch instances that it has never peered\nwith causing either NULL pointer dereference when trying to remove the flow\npeer list head of peer_index that was never initialized or a warning if the\nlist debug config is enabled[0].\n\nFix the issue by always removing the peer flow from the list even when not\nreleasing the last reference to it.\n\n[0]:\n\n[ 3102.985806] ------------[ cut here ]------------\n[ 3102.986223] list_del corruption, ffff888139110698->next is NULL\n[ 3102.986757] WARNING: CPU: 2 PID: 22109 at lib/list_debug.c:53 __list_del_entry_valid_or_report+0x4f/0xc0\n[ 3102.987561] Modules linked in: act_ct nf_flow_table bonding act_tunnel_key act_mirred act_skbedit vxlan cls_matchall nfnetlink_cttimeout act_gact cls_flower sch_ingress mlx5_vdpa vringh vhost_iotlb vdpa openvswitch nsh xt_MASQUERADE nf_conntrack_netlink nfnetlink iptable_nat xt_addrtype xt_conntrack nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcg\nss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core mlx5_core [last unloaded: bonding]\n[ 3102.991113] CPU: 2 PID: 22109 Comm: revalidator28 Not tainted 6.6.0-rc6+ #3\n[ 3102.991695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[ 3102.992605] RIP: 0010:__list_del_entry_valid_or_report+0x4f/0xc0\n[ 3102.993122] Code: 39 c2 74 56 48 8b 32 48 39 fe 75 62 48 8b 51 08 48 39 f2 75 73 b8 01 00 00 00 c3 48 89 fe 48 c7 c7 48 fd 0a 82 e8 41 0b ad ff <0f> 0b 31 c0 c3 48 89 fe 48 c7 c7 70 fd 0a 82 e8 2d 0b ad ff 0f 0b\n[ 3102.994615] RSP: 0018:ffff8881383e7710 EFLAGS: 00010286\n[ 3102.995078] RAX: 0000000000000000 RBX: 0000000000000002 RCX: 0000000000000000\n[ 3102.995670] RDX: 0000000000000001 RSI: ffff88885f89b640 RDI: ffff88885f89b640\n[ 3102.997188] DEL flow 00000000be367878 on port 0\n[ 3102.998594] RBP: dead000000000122 R08: 0000000000000000 R09: c0000000ffffdfff\n[ 3102.999604] R10: 0000000000000008 R11: ffff8881383e7598 R12: dead000000000100\n[ 3103.000198] R13: 0000000000000002 R14: ffff888139110000 R15: ffff888101901240\n[ 3103.000790] FS: 00007f424cde4700(0000) GS:ffff88885f880000(0000) knlGS:0000000000000000\n[ 3103.001486] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 3103.001986] CR2: 00007fd42e8dcb70 CR3: 000000011e68a003 CR4: 0000000000370ea0\n[ 3103.002596] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 3103.003190] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 3103.003787] Call Trace:\n[ 3103.004055] <TASK>\n[ 3103.004297] ? __warn+0x7d/0x130\n[ 3103.004623] ? __list_del_entry_valid_or_report+0x4f/0xc0\n[ 3103.005094] ? report_bug+0xf1/0x1c0\n[ 3103.005439] ? console_unlock+0x4a/0xd0\n[ 3103.005806] ? handle_bug+0x3f/0x70\n[ 3103.006149] ? exc_invalid_op+0x13/0x60\n[ 3103.006531] ? asm_exc_invalid_op+0x16/0x20\n[ 3103.007430] ? __list_del_entry_valid_or_report+0x4f/0xc0\n[ 3103.007910] mlx5e_tc_del_fdb_peers_flow+0xcf/0x240 [mlx5_core]\n[ 3103.008463] mlx5e_tc_del_flow+0x46/0x270 [mlx5_core]\n[ 3103.008944] mlx5e_flow_put+0x26/0x50 [mlx5_core]\n[ 3103.009401] mlx5e_delete_flower+0x25f/0x380 [mlx5_core]\n[ 3103.009901] tc_setup_cb_destroy+0xab/0x180\n[ 3103.010292] fl_hw_destroy_filter+0x99/0xc0 [cls_flower]\n[ 3103.010779] __fl_delete+0x2d4/0x2f0 [cls_flower]\n[ 3103.0\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/74cec142f89bf85c6c99c5db957da9f663f9f16f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d76fdd31f953ac5046555171620f2562715e9b71",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e24d6f5a7f2d95a98a46257a5a5a5381d572894f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

32
CVE-2023/CVE-2023-524xx/CVE-2023-52488.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-52488",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:16.603",
"lastModified": "2024-03-11T18:15:16.603",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO\n\nThe SC16IS7XX IC supports a burst mode to access the FIFOs where the\ninitial register address is sent ($00), followed by all the FIFO data\nwithout having to resend the register address each time. In this mode, the\nIC doesn't increment the register address for each R/W byte.\n\nThe regmap_raw_read() and regmap_raw_write() are functions which can\nperform IO over multiple registers. They are currently used to read/write\nfrom/to the FIFO, and although they operate correctly in this burst mode on\nthe SPI bus, they would corrupt the regmap cache if it was not disabled\nmanually. The reason is that when the R/W size is more than 1 byte, these\nfunctions assume that the register address is incremented and handle the\ncache accordingly.\n\nConvert FIFO R/W functions to use the regmap _noinc_ versions in order to\nremove the manual cache control which was a workaround when using the\n_raw_ versions. FIFO registers are properly declared as volatile so\ncache will not be used/updated for FIFO accesses."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/084c24e788d9cf29c55564de368bf5284f2bb5db",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/416b10d2817c94db86829fb92ad43ce7d002c573",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/aa7cb4787698add9367b19f7afc667662c9bdb23",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dbf4ab821804df071c8b566d9813083125e6d97b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

40
CVE-2023/CVE-2023-524xx/CVE-2023-52489.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-52489",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:16.673",
"lastModified": "2024-03-11T18:15:16.673",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/sparsemem: fix race in accessing memory_section->usage\n\nThe below race is observed on a PFN which falls into the device memory\nregion with the system memory configuration where PFN's are such that\n[ZONE_NORMAL ZONE_DEVICE ZONE_NORMAL]. Since normal zone start and end\npfn contains the device memory PFN's as well, the compaction triggered\nwill try on the device memory PFN's too though they end up in NOP(because\npfn_to_online_page() returns NULL for ZONE_DEVICE memory sections). When\nfrom other core, the section mappings are being removed for the\nZONE_DEVICE region, that the PFN in question belongs to, on which\ncompaction is currently being operated is resulting into the kernel crash\nwith CONFIG_SPASEMEM_VMEMAP enabled. The crash logs can be seen at [1].\n\ncompact_zone()\t\t\tmemunmap_pages\n-------------\t\t\t---------------\n__pageblock_pfn_to_page\n ......\n (a)pfn_valid():\n valid_section()//return true\n\t\t\t (b)__remove_pages()->\n\t\t\t\t sparse_remove_section()->\n\t\t\t\t section_deactivate():\n\t\t\t\t [Free the array ms->usage and set\n\t\t\t\t ms->usage = NULL]\n pfn_section_valid()\n [Access ms->usage which\n is NULL]\n\nNOTE: From the above it can be said that the race is reduced to between\nthe pfn_valid()/pfn_section_valid() and the section deactivate with\nSPASEMEM_VMEMAP enabled.\n\nThe commit b943f045a9af(\"mm/sparse: fix kernel crash with\npfn_section_valid check\") tried to address the same problem by clearing\nthe SECTION_HAS_MEM_MAP with the expectation of valid_section() returns\nfalse thus ms->usage is not accessed.\n\nFix this issue by the below steps:\n\na) Clear SECTION_HAS_MEM_MAP before freeing the ->usage.\n\nb) RCU protected read side critical section will either return NULL\n when SECTION_HAS_MEM_MAP is cleared or can successfully access ->usage.\n\nc) Free the ->usage with kfree_rcu() and set ms->usage = NULL. No\n attempt will be made to access ->usage after this as the\n SECTION_HAS_MEM_MAP is cleared thus valid_section() return false.\n\nThanks to David/Pavan for their inputs on this patch.\n\n[1] https://lore.kernel.org/linux-mm/994410bb-89aa-d987-1f50-f514903c55aa@quicinc.com/\n\nOn Snapdragon SoC, with the mentioned memory configuration of PFN's as\n[ZONE_NORMAL ZONE_DEVICE ZONE_NORMAL], we are able to see bunch of\nissues daily while testing on a device farm.\n\nFor this particular issue below is the log. Though the below log is\nnot directly pointing to the pfn_section_valid(){ ms->usage;}, when we\nloaded this dump on T32 lauterbach tool, it is pointing.\n\n[ 540.578056] Unable to handle kernel NULL pointer dereference at\nvirtual address 0000000000000000\n[ 540.578068] Mem abort info:\n[ 540.578070] ESR = 0x0000000096000005\n[ 540.578073] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 540.578077] SET = 0, FnV = 0\n[ 540.578080] EA = 0, S1PTW = 0\n[ 540.578082] FSC = 0x05: level 1 translation fault\n[ 540.578085] Data abort info:\n[ 540.578086] ISV = 0, ISS = 0x00000005\n[ 540.578088] CM = 0, WnR = 0\n[ 540.579431] pstate: 82400005 (Nzcv daif +PAN -UAO +TCO -DIT -SSBSBTYPE=--)\n[ 540.579436] pc : __pageblock_pfn_to_page+0x6c/0x14c\n[ 540.579454] lr : compact_zone+0x994/0x1058\n[ 540.579460] sp : ffffffc03579b510\n[ 540.579463] x29: ffffffc03579b510 x28: 0000000000235800 x27:000000000000000c\n[ 540.579470] x26: 0000000000235c00 x25: 0000000000000068 x24:ffffffc03579b640\n[ 540.579477] x23: 0000000000000001 x22: ffffffc03579b660 x21:0000000000000000\n[ 540.579483] x20: 0000000000235bff x19: ffffffdebf7e3940 x18:ffffffdebf66d140\n[ 540.579489] x17: 00000000739ba063 x16: 00000000739ba063 x15:00000000009f4bff\n[ 540.579495] x14: 0000008000000000 x13: 0000000000000000 x12:0000000000000001\n[ 540.579501] x11: 0000000000000000 x10: 0000000000000000 x9 :ffffff897d2cd440\n[ 540.579507] x8 : 0000000000000000 x7 : 0000000000000000 x6 :ffffffc03579b5b4\n[ 540.579512] x5 : 0000000000027f25 x4 : ffffffc03579b5b8 x3 :0000000000000\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3a01daace71b521563c38bbbf874e14c3e58adb7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5ec8e8ea8b7783fab150cf86404fc38cb4db8800",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/68ed9e33324021e9d6b798e9db00ca3093d2012a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/70064241f2229f7ba7b9599a98f68d9142e81a97",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/90ad17575d26874287271127d43ef3c2af876cea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b448de2459b6d62a53892487ab18b7d823ff0529",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2023/CVE-2023-524xx/CVE-2023-52490.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-52490",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:16.750",
"lastModified": "2024-03-11T18:15:16.750",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: migrate: fix getting incorrect page mapping during page migration\n\nWhen running stress-ng testing, we found below kernel crash after a few hours:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\npc : dentry_name+0xd8/0x224\nlr : pointer+0x22c/0x370\nsp : ffff800025f134c0\n......\nCall trace:\n dentry_name+0xd8/0x224\n pointer+0x22c/0x370\n vsnprintf+0x1ec/0x730\n vscnprintf+0x2c/0x60\n vprintk_store+0x70/0x234\n vprintk_emit+0xe0/0x24c\n vprintk_default+0x3c/0x44\n vprintk_func+0x84/0x2d0\n printk+0x64/0x88\n __dump_page+0x52c/0x530\n dump_page+0x14/0x20\n set_migratetype_isolate+0x110/0x224\n start_isolate_page_range+0xc4/0x20c\n offline_pages+0x124/0x474\n memory_block_offline+0x44/0xf4\n memory_subsys_offline+0x3c/0x70\n device_offline+0xf0/0x120\n ......\n\nAfter analyzing the vmcore, I found this issue is caused by page migration.\nThe scenario is that, one thread is doing page migration, and we will use the\ntarget page's ->mapping field to save 'anon_vma' pointer between page unmap and\npage move, and now the target page is locked and refcount is 1.\n\nCurrently, there is another stress-ng thread performing memory hotplug,\nattempting to offline the target page that is being migrated. It discovers that\nthe refcount of this target page is 1, preventing the offline operation, thus\nproceeding to dump the page. However, page_mapping() of the target page may\nreturn an incorrect file mapping to crash the system in dump_mapping(), since\nthe target page->mapping only saves 'anon_vma' pointer without setting\nPAGE_MAPPING_ANON flag.\n\nThere are seveval ways to fix this issue:\n(1) Setting the PAGE_MAPPING_ANON flag for target page's ->mapping when saving\n'anon_vma', but this can confuse PageAnon() for PFN walkers, since the target\npage has not built mappings yet.\n(2) Getting the page lock to call page_mapping() in __dump_page() to avoid crashing\nthe system, however, there are still some PFN walkers that call page_mapping()\nwithout holding the page lock, such as compaction.\n(3) Using target page->private field to save the 'anon_vma' pointer and 2 bits\npage state, just as page->mapping records an anonymous page, which can remove\nthe page_mapping() impact for PFN walkers and also seems a simple way.\n\nSo I choose option 3 to fix this issue, and this can also fix other potential\nissues for PFN walkers, such as compaction."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3889a418b6eb9a1113fb989aaadecf2f64964767",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9128bfbc5c80d8f4874dd0a0424d1f5fb010df1b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d1adb25df7111de83b64655a80b5a135adbded61",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

40
CVE-2023/CVE-2023-524xx/CVE-2023-52491.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-52491",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:16.807",
"lastModified": "2024-03-11T18:15:16.807",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mtk-jpeg: Fix use after free bug due to error path handling in mtk_jpeg_dec_device_run\n\nIn mtk_jpeg_probe, &jpeg->job_timeout_work is bound with\nmtk_jpeg_job_timeout_work.\n\nIn mtk_jpeg_dec_device_run, if error happens in\nmtk_jpeg_set_dec_dst, it will finally start the worker while\nmark the job as finished by invoking v4l2_m2m_job_finish.\n\nThere are two methods to trigger the bug. If we remove the\nmodule, it which will call mtk_jpeg_remove to make cleanup.\nThe possible sequence is as follows, which will cause a\nuse-after-free bug.\n\nCPU0 CPU1\nmtk_jpeg_dec_... |\n start worker\t |\n |mtk_jpeg_job_timeout_work\nmtk_jpeg_remove |\n v4l2_m2m_release |\n kfree(m2m_dev); |\n |\n | v4l2_m2m_get_curr_priv\n | m2m_dev->curr_ctx //use\n\nIf we close the file descriptor, which will call mtk_jpeg_release,\nit will have a similar sequence.\n\nFix this bug by starting timeout worker only if started jpegdec worker\nsuccessfully. Then v4l2_m2m_job_finish will only be called in\neither mtk_jpeg_job_timeout_work or mtk_jpeg_dec_device_run."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1b1036c60a37a30caf6759a90fe5ecd06ec35590",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/206c857dd17d4d026de85866f1b5f0969f2a109e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/43872f44eee6c6781fea1348b38885d8e78face9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6e2f37022f0fc0893da4d85a0500c9d547fffd4c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8254d54d00eb6cdb8367399c7f912eb8d354ecd7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9fec4db7fff54d9b0306a332bab31eac47eeb5f6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

40
CVE-2023/CVE-2023-524xx/CVE-2023-52492.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-52492",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:16.877",
"lastModified": "2024-03-11T18:15:16.877",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: fix NULL pointer in channel unregistration function\n\n__dma_async_device_channel_register() can fail. In case of failure,\nchan->local is freed (with free_percpu()), and chan->local is nullified.\nWhen dma_async_device_unregister() is called (because of managed API or\nintentionally by DMA controller driver), channels are unconditionally\nunregistered, leading to this NULL pointer:\n[ 1.318693] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000d0\n[...]\n[ 1.484499] Call trace:\n[ 1.486930] device_del+0x40/0x394\n[ 1.490314] device_unregister+0x20/0x7c\n[ 1.494220] __dma_async_device_channel_unregister+0x68/0xc0\n\nLook at dma_async_device_register() function error path, channel device\nunregistration is done only if chan->local is not NULL.\n\nThen add the same condition at the beginning of\n__dma_async_device_channel_unregister() function, to avoid NULL pointer\nissue whatever the API used to reach this function."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/047fce470412ab64cb7345f9ff5d06919078ad79",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2ab32986a0b9e329eb7f8f04dd57cc127f797c08",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7f0ccfad2031eddcc510caf4e57f2d4aa2d8a50b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9263fd2a63487c6d04cbb7b74a48fb12e1e352d0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9de69732dde4e443c1c7f89acbbed2c45a6a8e17",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f5c24d94512f1b288262beda4d3dcb9629222fc7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

40
CVE-2023/CVE-2023-524xx/CVE-2023-52493.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-52493",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:16.940",
"lastModified": "2024-03-11T18:15:16.940",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Drop chan lock before queuing buffers\n\nEnsure read and write locks for the channel are not taken in succession by\ndropping the read lock from parse_xfer_event() such that a callback given\nto client can potentially queue buffers and acquire the write lock in that\nprocess. Any queueing of buffers should be done without channel read lock\nacquired as it can result in multiple locks and a soft lockup.\n\n[mani: added fixes tag and cc'ed stable]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/01bd694ac2f682fb8017e16148b928482bc8fa4b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/20a6dea2d1c68d4e03c6bb50bc12e72e226b5c0e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3c5ec66b4b3f6816f3a6161538672e389e537690",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6e4c84316e2b70709f0d00c33ba3358d9fc8eece",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b8eff20d87092e14cac976d057cb0aea2f1d0830",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/eaefb9464031215d63c0a8a7e2bfaa00736aa17e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

36
CVE-2023/CVE-2023-524xx/CVE-2023-52494.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-52494",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:17.000",
"lastModified": "2024-03-11T18:15:17.000",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Add alignment check for event ring read pointer\n\nThough we do check the event ring read pointer by \"is_valid_ring_ptr\"\nto make sure it is in the buffer range, but there is another risk the\npointer may be not aligned. Since we are expecting event ring elements\nare 128 bits(struct mhi_ring_element) aligned, an unaligned read pointer\ncould lead to multiple issues like DoS or ring buffer memory corruption.\n\nSo add a alignment check for event ring read pointer."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2df39ac8f813860f79782807c3f7acff40b3c551",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/94991728c84f8df54fd9eec9b85855ef9057ea08",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a9ebfc405fe1be145f414eafadcbf09506082010",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ecf8320111822a1ae5d5fc512953eab46d543d0b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/eff9704f5332a13b08fbdbe0f84059c9e7051d5f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2023/CVE-2023-524xx/CVE-2023-52495.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-52495",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:17.060",
"lastModified": "2024-03-11T18:15:17.060",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: pmic_glink_altmode: fix port sanity check\n\nThe PMIC GLINK altmode driver currently supports at most two ports.\n\nFix the incomplete port sanity check on notifications to avoid\naccessing and corrupting memory beyond the port array if we ever get a\nnotification for an unsupported port."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/532a5557da6892a6b2d5793052e1bce1f4c9e177",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c4fb7d2eac9ff9bfc35a2e4d40c7169a332416e0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d26edf4ee3672cc9828f2a3ffae34086a712574d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

40
CVE-2023/CVE-2023-524xx/CVE-2023-52498.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-52498",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:17.130",
"lastModified": "2024-03-11T18:15:17.130",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM: sleep: Fix possible deadlocks in core system-wide PM code\n\nIt is reported that in low-memory situations the system-wide resume core\ncode deadlocks, because async_schedule_dev() executes its argument\nfunction synchronously if it cannot allocate memory (and not only in\nthat case) and that function attempts to acquire a mutex that is already\nheld. Executing the argument function synchronously from within\ndpm_async_fn() may also be problematic for ordering reasons (it may\ncause a consumer device's resume callback to be invoked before a\nrequisite supplier device's one, for example).\n\nAddress this by changing the code in question to use\nasync_schedule_dev_nocall() for scheduling the asynchronous\nexecution of device suspend and resume functions and to directly\nrun them synchronously if async_schedule_dev_nocall() returns false."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/7839d0078e0d5e6cc2fa0b0dfbee71de74f1e557",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9bd3dce27b01c51295b60e1433e1dadfb16649f7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a1d62c775b07213c73f81ae842424c74dd14b5f0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e1c9d32c98309ae764893a481552d3f99d46cb34",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e681e29d1f59a04ef773296e4bebb17b1b79f8fe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f46eb832389f162ad13cb780d0b8cde93641990d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

20
CVE-2023/CVE-2023-64xx/CVE-2023-6444.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-6444",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-11T18:15:17.597",
"lastModified": "2024-03-11T18:15:17.597",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Seriously Simple Podcasting WordPress plugin before 3.0.0 discloses the Podcast owner's email address (which by default is the admin email address) via an unauthenticated crafted request."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/061c59d6-f4a0-4cd1-b945-5e92b9c2b4aa/",
"source": "contact@wpscan.com"
}
]
}

24
CVE-2023/CVE-2023-72xx/CVE-2023-7247.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-7247",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-11T18:15:17.683",
"lastModified": "2024-03-11T18:15:17.683",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Login as User or Customer WordPress plugin through 3.8 does not prevent users to log in as any other user on the site."
}
],
"metrics": {},
"references": [
{
"url": "https://drive.google.com/file/d/1GCOzJ-ZovYij9GIdmsrZrR9g8mlC22hs/view?usp=sharing",
"source": "contact@wpscan.com"
},
{
"url": "https://wpscan.com/vulnerability/96b93253-31d0-4184-94b7-f1e18355d841/",
"source": "contact@wpscan.com"
}
]
}

32
CVE-2024/CVE-2024-00xx/CVE-2024-0039.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2024-0039",
"sourceIdentifier": "security@android.com",
"published": "2024-03-11T17:15:45.350",
"lastModified": "2024-03-11T17:15:45.350",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/015c618a0461def93138173a53daaf27ca0630c9",
"source": "security@android.com"
},
{
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/17044ccf3a2858633cad8f87926e752edfe0d8d8",
"source": "security@android.com"
},
{
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f0f35273101518d1f3a660b151804e90d0249af3",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-03-01",
"source": "security@android.com"
}
]
}

24
CVE-2024/CVE-2024-00xx/CVE-2024-0044.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-0044",
"sourceIdentifier": "security@android.com",
"published": "2024-03-11T17:15:45.450",
"lastModified": "2024-03-11T17:15:45.450",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/65bd134b0a82c51a143b89821d5cdd00ddc31792",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-03-01",
"source": "security@android.com"
}
]
}

24
CVE-2024/CVE-2024-00xx/CVE-2024-0045.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-0045",
"sourceIdentifier": "security@android.com",
"published": "2024-03-11T17:15:45.507",
"lastModified": "2024-03-11T17:15:45.507",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In smp_proc_sec_req of smp_act.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/7d0f696f450241d8ba7a168ba14fa7b75032f0c9",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-03-01",
"source": "security@android.com"
}
]
}

24
CVE-2024/CVE-2024-00xx/CVE-2024-0046.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-0046",
"sourceIdentifier": "security@android.com",
"published": "2024-03-11T17:15:45.563",
"lastModified": "2024-03-11T17:15:45.563",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/d68cab5ac1aa294ec4d0419bc0803a5577e4e43c",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-03-01",
"source": "security@android.com"
}
]
}

32
CVE-2024/CVE-2024-00xx/CVE-2024-0047.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2024-0047",
"sourceIdentifier": "security@android.com",
"published": "2024-03-11T17:15:45.620",
"lastModified": "2024-03-11T17:15:45.620",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In writeUserLP of UserManagerService.java, device policies are serialized with an incorrect tag due to a logic error in the code. This could lead to local denial of service when policies are deserialized on reboot with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/3cd8a2c783fc736627b38f639fe4e239abcf6af1",
"source": "security@android.com"
},
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/bd5cc7f03256b328438b9bc3791c6b811a2f1f17",
"source": "security@android.com"
},
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/f516739398746fef7e0cf1437d9a40e2ad3c10bb",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-03-01",
"source": "security@android.com"
}
]
}

24
CVE-2024/CVE-2024-00xx/CVE-2024-0048.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-0048",
"sourceIdentifier": "security@android.com",
"published": "2024-03-11T17:15:45.673",
"lastModified": "2024-03-11T17:15:45.673",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In Session of AccountManagerService.java, there is a possible method to retain foreground service privileges due to incorrect handling of null responses. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/2c236cde5505ee0e88cf1e3d073e2f1a53f0eede",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-03-01",
"source": "security@android.com"
}
]
}

24
CVE-2024/CVE-2024-00xx/CVE-2024-0049.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-0049",
"sourceIdentifier": "security@android.com",
"published": "2024-03-11T17:15:45.727",
"lastModified": "2024-03-11T17:15:45.727",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In multiple locations, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/av/+/462689f06fd5e72ac63cd87b43ee52554ddf953e",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-03-01",
"source": "security@android.com"
}
]
}

24
CVE-2024/CVE-2024-00xx/CVE-2024-0050.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-0050",
"sourceIdentifier": "security@android.com",
"published": "2024-03-11T17:15:45.783",
"lastModified": "2024-03-11T17:15:45.783",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a missing validation check. This could lead to a local non-security issue with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/av/+/8f3bc8be16480367bac36effa25706133a0dc22d",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-03-01",
"source": "security@android.com"
}
]
}

24
CVE-2024/CVE-2024-00xx/CVE-2024-0051.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-0051",
"sourceIdentifier": "security@android.com",
"published": "2024-03-11T17:15:45.840",
"lastModified": "2024-03-11T17:15:45.840",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In onQueueFilled of SoftMPEG4.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/av/+/a52c14a5b49f26efafa581dea653b4179d66909e",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-03-01",
"source": "security@android.com"
}
]
}

24
CVE-2024/CVE-2024-00xx/CVE-2024-0052.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-0052",
"sourceIdentifier": "security@android.com",
"published": "2024-03-11T17:15:45.897",
"lastModified": "2024-03-11T17:15:45.897",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In multiple functions of healthconnect, there is a possible leakage of exercise route data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/HealthFitness/+/178f4824574fdf33ed4ac584d092240d1c771b04",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-03-01",
"source": "security@android.com"
}
]
}

24
CVE-2024/CVE-2024-00xx/CVE-2024-0053.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-0053",
"sourceIdentifier": "security@android.com",
"published": "2024-03-11T17:15:45.950",
"lastModified": "2024-03-11T17:15:45.950",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In getCustomPrinterIcon of PrintManagerService.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/74b03835a7fac15e854d08159922418c99e27e77",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-03-01",
"source": "security@android.com"
}
]
}

24
CVE-2024/CVE-2024-05xx/CVE-2024-0559.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-0559",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-11T18:15:17.743",
"lastModified": "2024-03-11T18:15:17.743",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Enhanced Text Widget WordPress plugin before 1.6.6 does not validate and escape some of its Widget options before outputting them back in attributes, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"references": [
{
"url": "https://research.cleantalk.org/cve-2024-0559/",
"source": "contact@wpscan.com"
},
{
"url": "https://wpscan.com/vulnerability/b257daf2-9540-4a0f-a560-54b47d2b913f/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-05xx/CVE-2024-0561.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-0561",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-11T18:15:17.797",
"lastModified": "2024-03-11T18:15:17.797",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Ultimate Posts Widget WordPress plugin before 2.3.1 does not validate and escape some of its Widget options before outputting them back in attributes, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/99b6aa8b-deb9-48f8-8896-f3c8118a4f70/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-10xx/CVE-2024-1068.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-1068",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-11T18:15:17.847",
"lastModified": "2024-03-11T18:15:17.847",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The 404 Solution WordPress plugin before 2.35.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admins."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/25e3c1a1-3c45-41df-ae50-0e20d86c5484/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-12xx/CVE-2024-1273.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-1273",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-11T18:15:17.900",
"lastModified": "2024-03-11T18:15:17.900",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Starbox WordPress plugin before 3.5.0 does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/9784d7c8-e3aa-42af-ace8-5b2b37ebc9cb/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-12xx/CVE-2024-1279.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-1279",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-11T18:15:17.950",
"lastModified": "2024-03-11T18:15:17.950",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Paid Memberships Pro WordPress plugin before 2.12.9 does not prevent user with at least the contributor role from leaking other users' sensitive metadata."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/4c537264-0c23-428e-9a11-7a9e74fb6b69/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-12xx/CVE-2024-1290.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-1290",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-11T18:15:18.003",
"lastModified": "2024-03-11T18:15:18.003",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The User Registration WordPress plugin before 2.12 does not prevent users with at least the contributor role from rendering sensitive shortcodes, allowing them to generate, and leak, valid password reset URLs, which they can use to take over any accounts."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/a60187d4-9491-435a-bc36-8dd348a1ffa3/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-14xx/CVE-2024-1487.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-1487",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-11T18:15:18.057",
"lastModified": "2024-03-11T18:15:18.057",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Photos and Files Contest Gallery WordPress plugin before 21.3.1 does not sanitize and escape some parameters, which could allow users with a role as low as author to perform Cross-Site Scripting attacks."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/c028cd73-f30a-4c8b-870f-3071055f0496/",
"source": "contact@wpscan.com"
}
]
}

55
CVE-2024/CVE-2024-16xx/CVE-2024-1696.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-1696",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-03-11T17:15:46.007",
"lastModified": "2024-03-11T17:15:46.007",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In Santesoft Sante FFT Imaging versions 1.4.1 and prior once a user opens a malicious DCM file on affected FFT Imaging installations, a local attacker could perform an out-of-bounds write, which could allow for arbitrary code execution.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-065-01",
"source": "ics-cert@hq.dhs.gov"
}
]
}

30
CVE-2024/CVE-2024-222xx/CVE-2024-22256.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-22256",
"sourceIdentifier": "security@vmware.com",
"published": "2024-03-07T10:15:07.260",
"lastModified": "2024-03-07T13:52:27.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-03-11T18:15:18.117",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "VMware Cloud Director contains a partial information disclosure vulnerability.\u00a0A malicious actor can potentially gather information about organization names based on the behavior of the instance.\n"
"value": "VMware Cloud Director contains a partial information disclosure vulnerability.\u00a0A malicious actor can potentially gather information about organization names based on the behavior of the instance."
},
{
"lang": "es",
"value": "VMware Cloud Director contiene una vulnerabilidad de divulgaci\u00f3n parcial de informaci\u00f3n. Un actor malintencionado puede potencialmente recopilar informaci\u00f3n sobre los nombres de las organizaciones en funci\u00f3n del comportamiento de la instancia."
}
],
"metrics": {
@ -17,20 +21,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},

24
CVE-2024/CVE-2024-237xx/CVE-2024-23717.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-23717",
"sourceIdentifier": "security@android.com",
"published": "2024-03-11T17:15:46.253",
"lastModified": "2024-03-11T17:15:46.253",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In access_secure_service_from_temp_bond of btm_sec.cc, there is a possible way to achieve keystroke injection due to improper input validation. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5c528beb6e1cfed3ec93a3a264084df32ce83c2",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-03-01",
"source": "security@android.com"
}
]
}

10
CVE-2024/CVE-2024-265xx/CVE-2024-26582.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26582",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-21T15:15:09.327",
"lastModified": "2024-02-28T03:15:08.227",
"lastModified": "2024-03-11T18:15:18.377",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -31,14 +31,6 @@
{
"url": "https://git.kernel.org/stable/c/d684763534b969cca1022e2a28645c7cc91f7fa5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZOU3745CWCDZ7EMKMXB2OEEIB5Q3IWM/",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OX4EWCYDZRTOEMC2C6OF7ZACAP23SUB5/",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

10
CVE-2024/CVE-2024-265xx/CVE-2024-26583.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26583",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-21T15:15:09.373",
"lastModified": "2024-02-28T03:15:08.287",
"lastModified": "2024-03-11T18:15:18.453",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -31,14 +31,6 @@
{
"url": "https://git.kernel.org/stable/c/aec7961916f3f9e88766e2688992da6980f11b8d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZOU3745CWCDZ7EMKMXB2OEEIB5Q3IWM/",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OX4EWCYDZRTOEMC2C6OF7ZACAP23SUB5/",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

10
CVE-2024/CVE-2024-265xx/CVE-2024-26584.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26584",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-21T15:15:09.420",
"lastModified": "2024-02-28T03:15:08.390",
"lastModified": "2024-03-11T18:15:18.503",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -27,14 +27,6 @@
{
"url": "https://git.kernel.org/stable/c/ab6397f072e5097f267abf5cb08a8004e6b17694",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZOU3745CWCDZ7EMKMXB2OEEIB5Q3IWM/",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OX4EWCYDZRTOEMC2C6OF7ZACAP23SUB5/",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

10
CVE-2024/CVE-2024-265xx/CVE-2024-26585.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26585",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-21T15:15:09.467",
"lastModified": "2024-02-28T03:15:08.490",
"lastModified": "2024-03-11T18:15:18.553",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -27,14 +27,6 @@
{
"url": "https://git.kernel.org/stable/c/e327ed60bff4a991cd7a709c47c4f0c5b4a4fd57",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZOU3745CWCDZ7EMKMXB2OEEIB5Q3IWM/",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OX4EWCYDZRTOEMC2C6OF7ZACAP23SUB5/",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

10
CVE-2024/CVE-2024-265xx/CVE-2024-26593.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26593",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T10:15:07.943",
"lastModified": "2024-02-28T03:15:08.580",
"lastModified": "2024-03-11T18:15:18.673",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -43,14 +43,6 @@
{
"url": "https://git.kernel.org/stable/c/d074d5ff5ae77b18300e5079c6bda6342a4d44b7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZOU3745CWCDZ7EMKMXB2OEEIB5Q3IWM/",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OX4EWCYDZRTOEMC2C6OF7ZACAP23SUB5/",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

6
CVE-2024/CVE-2024-266xx/CVE-2024-26604.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26604",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-26T16:28:00.150",
"lastModified": "2024-02-28T03:15:08.690",
"lastModified": "2024-03-11T18:15:18.830",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -27,10 +27,6 @@
{
"url": "https://git.kernel.org/stable/c/b746d52ce7bcac325a2fa264216ead85b7fbbfaa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZOU3745CWCDZ7EMKMXB2OEEIB5Q3IWM/",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

6
CVE-2024/CVE-2024-266xx/CVE-2024-26606.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26606",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-26T16:28:00.260",
"lastModified": "2024-02-28T03:15:08.737",
"lastModified": "2024-03-11T18:15:18.890",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -47,10 +47,6 @@
{
"url": "https://git.kernel.org/stable/c/dd64bb8329ce0ea27bc557e4160c2688835402ac",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZOU3745CWCDZ7EMKMXB2OEEIB5Q3IWM/",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

36
CVE-2024/CVE-2024-266xx/CVE-2024-26608.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2024-26608",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:18.953",
"lastModified": "2024-03-11T18:15:18.953",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix global oob in ksmbd_nl_policy\n\nSimilar to a reported issue (check the commit b33fb5b801c6 (\"net:\nqualcomm: rmnet: fix global oob in rmnet_policy\"), my local fuzzer finds\nanother global out-of-bounds read for policy ksmbd_nl_policy. See bug\ntrace below:\n\n==================================================================\nBUG: KASAN: global-out-of-bounds in validate_nla lib/nlattr.c:386 [inline]\nBUG: KASAN: global-out-of-bounds in __nla_validate_parse+0x24af/0x2750 lib/nlattr.c:600\nRead of size 1 at addr ffffffff8f24b100 by task syz-executor.1/62810\n\nCPU: 0 PID: 62810 Comm: syz-executor.1 Tainted: G N 6.1.0 #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x8b/0xb3 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:284 [inline]\n print_report+0x172/0x475 mm/kasan/report.c:395\n kasan_report+0xbb/0x1c0 mm/kasan/report.c:495\n validate_nla lib/nlattr.c:386 [inline]\n __nla_validate_parse+0x24af/0x2750 lib/nlattr.c:600\n __nla_parse+0x3e/0x50 lib/nlattr.c:697\n __nlmsg_parse include/net/netlink.h:748 [inline]\n genl_family_rcv_msg_attrs_parse.constprop.0+0x1b0/0x290 net/netlink/genetlink.c:565\n genl_family_rcv_msg_doit+0xda/0x330 net/netlink/genetlink.c:734\n genl_family_rcv_msg net/netlink/genetlink.c:833 [inline]\n genl_rcv_msg+0x441/0x780 net/netlink/genetlink.c:850\n netlink_rcv_skb+0x14f/0x410 net/netlink/af_netlink.c:2540\n genl_rcv+0x24/0x40 net/netlink/genetlink.c:861\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x54e/0x800 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x930/0xe50 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg+0x154/0x190 net/socket.c:734\n ____sys_sendmsg+0x6df/0x840 net/socket.c:2482\n ___sys_sendmsg+0x110/0x1b0 net/socket.c:2536\n __sys_sendmsg+0xf3/0x1c0 net/socket.c:2565\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3b/0x90 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7fdd66a8f359\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fdd65e00168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007fdd66bbcf80 RCX: 00007fdd66a8f359\nRDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000003\nRBP: 00007fdd66ada493 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007ffc84b81aff R14: 00007fdd65e00300 R15: 0000000000022000\n </TASK>\n\nThe buggy address belongs to the variable:\n ksmbd_nl_policy+0x100/0xa80\n\nThe buggy address belongs to the physical page:\npage:0000000034f47940 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1ccc4b\nflags: 0x200000000001000(reserved|node=0|zone=2)\nraw: 0200000000001000 ffffea00073312c8 ffffea00073312c8 0000000000000000\nraw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffffffff8f24b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffffffff8f24b080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n>ffffffff8f24b100: f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9 00 00 07 f9\n ^\n ffffffff8f24b180: f9 f9 f9 f9 00 05 f9 f9 f9 f9 f9 f9 00 00 00 05\n ffffffff8f24b200: f9 f9 f9 f9 00 00 03 f9 f9 f9 f9 f9 00 00 04 f9\n==================================================================\n\nTo fix it, add a placeholder named __KSMBD_EVENT_MAX and let\nKSMBD_EVENT_MAX to be its original value - 1 according to what other\nnetlink families do. Also change two sites that refer the\nKSMBD_EVENT_MAX to correct value."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2c939c74ef0b74e99b92e32edc2a59f9b9ca3d5a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6993328a4cd62a24df254b587c0796a4a1eecc95",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9863a53100f47652755545c2bd43e14a1855104d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/aaa1f1a2ee80888c12ae2783f3a0be10e14067c5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ebeae8adf89d9a82359f6659b1663d09beec2faa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

48
CVE-2024/CVE-2024-266xx/CVE-2024-26609.json Normal file
View File

@ -0,0 +1,48 @@
{
"id": "CVE-2024-26609",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:19.010",
"lastModified": "2024-03-11T18:15:19.010",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject QUEUE/DROP verdict parameters\n\nThis reverts commit e0abdadcc6e1.\n\ncore.c:nf_hook_slow assumes that the upper 16 bits of NF_DROP\nverdicts contain a valid errno, i.e. -EPERM, -EHOSTUNREACH or similar,\nor 0.\n\nDue to the reverted commit, its possible to provide a positive\nvalue, e.g. NF_ACCEPT (1), which results in use-after-free.\n\nIts not clear to me why this commit was made.\n\nNF_QUEUE is not used by nftables; \"queue\" rules in nftables\nwill result in use of \"nft_queue\" expression.\n\nIf we later need to allow specifiying errno values from userspace\n(do not know why), this has to call NF_DROP_GETERR and check that\n\"err <= 0\" holds true."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/4e66422f1b56149761dc76030e6345d1cca6f869",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/55a60251fa50d4e68175e36666b536a602ce4f6c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6653118b176a00915125521c6572ae8e507621db",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8365e9d92b85fda975a5ece7a3a139cb964018c8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8e34430e33b8a80bc014f3efe29cac76bc30a4b4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/960cf4f812530f01f6acc6878ceaa5404c06af7b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f05a497e7bc8851eeeb3a58da180ba469efebb05",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f342de4e2f33e0e39165d8639387aa6c19dff660",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

40
CVE-2024/CVE-2024-266xx/CVE-2024-26610.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2024-26610",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:19.067",
"lastModified": "2024-03-11T18:15:19.067",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: fix a memory corruption\n\niwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that\nif we copy to iwl_fw_ini_trigger_tlv::data + offset while offset is in\nbytes, we'll write past the buffer."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/05dd9facfb9a1e056752c0901c6e86416037d15a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/870171899d75d43e3d14360f3a4850e90a9c289b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/99a23462fe1a6f709f0fda3ebbe8b6b193ac75bd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/aa2cc9363926991ba74411e3aa0a0ea82c1ffe32",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cf4a0d840ecc72fcf16198d5e9c505ab7d5a5e4d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f32a81999d0b8e5ce60afb5f6a3dd7241c17dd67",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2024/CVE-2024-266xx/CVE-2024-26611.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2024-26611",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:19.123",
"lastModified": "2024-03-11T18:15:19.123",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: fix usage of multi-buffer BPF helpers for ZC XDP\n\nCurrently when packet is shrunk via bpf_xdp_adjust_tail() and memory\ntype is set to MEM_TYPE_XSK_BUFF_POOL, null ptr dereference happens:\n\n[1136314.192256] BUG: kernel NULL pointer dereference, address:\n0000000000000034\n[1136314.203943] #PF: supervisor read access in kernel mode\n[1136314.213768] #PF: error_code(0x0000) - not-present page\n[1136314.223550] PGD 0 P4D 0\n[1136314.230684] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[1136314.239621] CPU: 8 PID: 54203 Comm: xdpsock Not tainted 6.6.0+ #257\n[1136314.250469] Hardware name: Intel Corporation S2600WFT/S2600WFT,\nBIOS SE5C620.86B.02.01.0008.031920191559 03/19/2019\n[1136314.265615] RIP: 0010:__xdp_return+0x6c/0x210\n[1136314.274653] Code: ad 00 48 8b 47 08 49 89 f8 a8 01 0f 85 9b 01 00 00 0f 1f 44 00 00 f0 41 ff 48 34 75 32 4c 89 c7 e9 79 cd 80 ff 83 fe 03 75 17 <f6> 41 34 01 0f 85 02 01 00 00 48 89 cf e9 22 cc 1e 00 e9 3d d2 86\n[1136314.302907] RSP: 0018:ffffc900089f8db0 EFLAGS: 00010246\n[1136314.312967] RAX: ffffc9003168aed0 RBX: ffff8881c3300000 RCX:\n0000000000000000\n[1136314.324953] RDX: 0000000000000000 RSI: 0000000000000003 RDI:\nffffc9003168c000\n[1136314.336929] RBP: 0000000000000ae0 R08: 0000000000000002 R09:\n0000000000010000\n[1136314.348844] R10: ffffc9000e495000 R11: 0000000000000040 R12:\n0000000000000001\n[1136314.360706] R13: 0000000000000524 R14: ffffc9003168aec0 R15:\n0000000000000001\n[1136314.373298] FS: 00007f8df8bbcb80(0000) GS:ffff8897e0e00000(0000)\nknlGS:0000000000000000\n[1136314.386105] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[1136314.396532] CR2: 0000000000000034 CR3: 00000001aa912002 CR4:\n00000000007706f0\n[1136314.408377] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[1136314.420173] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[1136314.431890] PKRU: 55555554\n[1136314.439143] Call Trace:\n[1136314.446058] <IRQ>\n[1136314.452465] ? __die+0x20/0x70\n[1136314.459881] ? page_fault_oops+0x15b/0x440\n[1136314.468305] ? exc_page_fault+0x6a/0x150\n[1136314.476491] ? asm_exc_page_fault+0x22/0x30\n[1136314.484927] ? __xdp_return+0x6c/0x210\n[1136314.492863] bpf_xdp_adjust_tail+0x155/0x1d0\n[1136314.501269] bpf_prog_ccc47ae29d3b6570_xdp_sock_prog+0x15/0x60\n[1136314.511263] ice_clean_rx_irq_zc+0x206/0xc60 [ice]\n[1136314.520222] ? ice_xmit_zc+0x6e/0x150 [ice]\n[1136314.528506] ice_napi_poll+0x467/0x670 [ice]\n[1136314.536858] ? ttwu_do_activate.constprop.0+0x8f/0x1a0\n[1136314.546010] __napi_poll+0x29/0x1b0\n[1136314.553462] net_rx_action+0x133/0x270\n[1136314.561619] __do_softirq+0xbe/0x28e\n[1136314.569303] do_softirq+0x3f/0x60\n\nThis comes from __xdp_return() call with xdp_buff argument passed as\nNULL which is supposed to be consumed by xsk_buff_free() call.\n\nTo address this properly, in ZC case, a node that represents the frag\nbeing removed has to be pulled out of xskb_list. Introduce\nappropriate xsk helpers to do such node operation and use them\naccordingly within bpf_xdp_adjust_tail()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/5cd781f7216f980207af09c5e0e1bb1eda284540",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/82ee4781b8200e44669a354140d5c6bd966b8768",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c5114710c8ce86b8317e9b448f4fd15c711c2a82",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

32
CVE-2024/CVE-2024-266xx/CVE-2024-26612.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2024-26612",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:19.170",
"lastModified": "2024-03-11T18:15:19.170",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfs, fscache: Prevent Oops in fscache_put_cache()\n\nThis function dereferences \"cache\" and then checks if it's\nIS_ERR_OR_NULL(). Check first, then dereference."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1c45256e599061021e2c848952e50f406457e448",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3be0b3ed1d76c6703b9ee482b55f7e01c369cc68",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4200ad3e46ce50f410fdda302745489441bc70f0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/82a9bc343ba019665d3ddc1d9a180bf0e0390cf3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

48
CVE-2024/CVE-2024-266xx/CVE-2024-26613.json Normal file
View File

@ -0,0 +1,48 @@
{
"id": "CVE-2024-26613",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:19.223",
"lastModified": "2024-03-11T18:15:19.223",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv\n\nSyzcaller UBSAN crash occurs in rds_cmsg_recv(),\nwhich reads inc->i_rx_lat_trace[j + 1] with index 4 (3 + 1),\nbut with array size of 4 (RDS_RX_MAX_TRACES).\nHere 'j' is assigned from rs->rs_rx_trace[i] and in-turn from\ntrace.rx_trace_pos[i] in rds_recv_track_latency(),\nwith both arrays sized 3 (RDS_MSG_RX_DGRAM_TRACE_MAX). So fix the\noff-by-one bounds check in rds_recv_track_latency() to prevent\na potential crash in rds_cmsg_recv().\n\nFound by syzcaller:\n=================================================================\nUBSAN: array-index-out-of-bounds in net/rds/recv.c:585:39\nindex 4 is out of range for type 'u64 [4]'\nCPU: 1 PID: 8058 Comm: syz-executor228 Not tainted 6.6.0-gd2f51b3516da #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996),\nBIOS 1.15.0-1 04/01/2014\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x136/0x150 lib/dump_stack.c:106\n ubsan_epilogue lib/ubsan.c:217 [inline]\n __ubsan_handle_out_of_bounds+0xd5/0x130 lib/ubsan.c:348\n rds_cmsg_recv+0x60d/0x700 net/rds/recv.c:585\n rds_recvmsg+0x3fb/0x1610 net/rds/recv.c:716\n sock_recvmsg_nosec net/socket.c:1044 [inline]\n sock_recvmsg+0xe2/0x160 net/socket.c:1066\n __sys_recvfrom+0x1b6/0x2f0 net/socket.c:2246\n __do_sys_recvfrom net/socket.c:2264 [inline]\n __se_sys_recvfrom net/socket.c:2260 [inline]\n __x64_sys_recvfrom+0xe0/0x1b0 net/socket.c:2260\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x40/0x110 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n=================================================================="
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/00d1ee8e1d02194f7b7b433e904e04bbcd2cc0dc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0b787c2dea15e7a2828fa3a74a5447df4ed57711",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/13e788deb7348cc88df34bed736c3b3b9927ea52",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/344350bfa3b4b37d7c3d5a00536e6fbf0e953fbf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5ae8d50044633306ff160fcf7faa24994175efe1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/71024928b3f71ce4529426f8692943205c58d30b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7a73190ea557e7f26914b0fe04c1f57a96cb771f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a37ae111db5e0f7e3d6b692056c30e3e0f6f79cd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

40
CVE-2024/CVE-2024-266xx/CVE-2024-26614.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2024-26614",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:19.280",
"lastModified": "2024-03-11T18:15:19.280",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: make sure init the accept_queue's spinlocks once\n\nWhen I run syz's reproduction C program locally, it causes the following\nissue:\npvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0!\nWARNING: CPU: 19 PID: 21160 at __pv_queued_spin_unlock_slowpath (kernel/locking/qspinlock_paravirt.h:508)\nHardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011\nRIP: 0010:__pv_queued_spin_unlock_slowpath (kernel/locking/qspinlock_paravirt.h:508)\nCode: 73 56 3a ff 90 c3 cc cc cc cc 8b 05 bb 1f 48 01 85 c0 74 05 c3 cc cc cc cc 8b 17 48 89 fe 48 c7 c7\n30 20 ce 8f e8 ad 56 42 ff <0f> 0b c3 cc cc cc cc 0f 0b 0f 1f 40 00 90 90 90 90 90 90 90 90 90\nRSP: 0018:ffffa8d200604cb8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff9d1ef60e0908\nRDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffff9d1ef60e0900\nRBP: ffff9d181cd5c280 R08: 0000000000000000 R09: 00000000ffff7fff\nR10: ffffa8d200604b68 R11: ffffffff907dcdc8 R12: 0000000000000000\nR13: ffff9d181cd5c660 R14: ffff9d1813a3f330 R15: 0000000000001000\nFS: 00007fa110184640(0000) GS:ffff9d1ef60c0000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020000000 CR3: 000000011f65e000 CR4: 00000000000006f0\nCall Trace:\n<IRQ>\n _raw_spin_unlock (kernel/locking/spinlock.c:186)\n inet_csk_reqsk_queue_add (net/ipv4/inet_connection_sock.c:1321)\n inet_csk_complete_hashdance (net/ipv4/inet_connection_sock.c:1358)\n tcp_check_req (net/ipv4/tcp_minisocks.c:868)\n tcp_v4_rcv (net/ipv4/tcp_ipv4.c:2260)\n ip_protocol_deliver_rcu (net/ipv4/ip_input.c:205)\n ip_local_deliver_finish (net/ipv4/ip_input.c:234)\n __netif_receive_skb_one_core (net/core/dev.c:5529)\n process_backlog (./include/linux/rcupdate.h:779)\n __napi_poll (net/core/dev.c:6533)\n net_rx_action (net/core/dev.c:6604)\n __do_softirq (./arch/x86/include/asm/jump_label.h:27)\n do_softirq (kernel/softirq.c:454 kernel/softirq.c:441)\n</IRQ>\n<TASK>\n __local_bh_enable_ip (kernel/softirq.c:381)\n __dev_queue_xmit (net/core/dev.c:4374)\n ip_finish_output2 (./include/net/neighbour.h:540 net/ipv4/ip_output.c:235)\n __ip_queue_xmit (net/ipv4/ip_output.c:535)\n __tcp_transmit_skb (net/ipv4/tcp_output.c:1462)\n tcp_rcv_synsent_state_process (net/ipv4/tcp_input.c:6469)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6657)\n tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1929)\n __release_sock (./include/net/sock.h:1121 net/core/sock.c:2968)\n release_sock (net/core/sock.c:3536)\n inet_wait_for_connect (net/ipv4/af_inet.c:609)\n __inet_stream_connect (net/ipv4/af_inet.c:702)\n inet_stream_connect (net/ipv4/af_inet.c:748)\n __sys_connect (./include/linux/file.h:45 net/socket.c:2064)\n __x64_sys_connect (net/socket.c:2073 net/socket.c:2070 net/socket.c:2070)\n do_syscall_64 (arch/x86/entry/common.c:51 arch/x86/entry/common.c:82)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129)\n RIP: 0033:0x7fa10ff05a3d\n Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89\n c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d ab a3 0e 00 f7 d8 64 89 01 48\n RSP: 002b:00007fa110183de8 EFLAGS: 00000202 ORIG_RAX: 000000000000002a\n RAX: ffffffffffffffda RBX: 0000000020000054 RCX: 00007fa10ff05a3d\n RDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000003\n RBP: 00007fa110183e20 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000202 R12: 00007fa110184640\n R13: 0000000000000000 R14: 00007fa10fe8b060 R15: 00007fff73e23b20\n</TASK>\n\nThe issue triggering process is analyzed as follows:\nThread A Thread B\ntcp_v4_rcv\t//receive ack TCP packet inet_shutdown\n tcp_check_req tcp_disconnect //disconnect sock\n ... tcp_set_state(sk, TCP_CLOSE)\n inet_csk_complete_hashdance ...\n inet_csk_reqsk_queue_add \n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/168e7e599860654876c2a1102a82610285c02f02",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/198bc90e0e734e5f98c3d2833e8390cac3df61b2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3982fe726a63fb3de6005e534e2ac8ca7e0aca2a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b1e0a68a0cd2a83259c444f638b417a8fffc6855",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bc99dcedd2f422d602516762b96c8ef1ae6b2882",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d86cc6ab33b085eaef27ea88b78fc8e2375c0ef3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

48
CVE-2024/CVE-2024-266xx/CVE-2024-26615.json Normal file
View File

@ -0,0 +1,48 @@
{
"id": "CVE-2024-26615",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:19.337",
"lastModified": "2024-03-11T18:15:19.337",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix illegal rmb_desc access in SMC-D connection dump\n\nA crash was found when dumping SMC-D connections. It can be reproduced\nby following steps:\n\n- run nginx/wrk test:\n smc_run nginx\n smc_run wrk -t 16 -c 1000 -d <duration> -H 'Connection: Close' <URL>\n\n- continuously dump SMC-D connections in parallel:\n watch -n 1 'smcss -D'\n\n BUG: kernel NULL pointer dereference, address: 0000000000000030\n CPU: 2 PID: 7204 Comm: smcss Kdump: loaded Tainted: G\tE 6.7.0+ #55\n RIP: 0010:__smc_diag_dump.constprop.0+0x5e5/0x620 [smc_diag]\n Call Trace:\n <TASK>\n ? __die+0x24/0x70\n ? page_fault_oops+0x66/0x150\n ? exc_page_fault+0x69/0x140\n ? asm_exc_page_fault+0x26/0x30\n ? __smc_diag_dump.constprop.0+0x5e5/0x620 [smc_diag]\n ? __kmalloc_node_track_caller+0x35d/0x430\n ? __alloc_skb+0x77/0x170\n smc_diag_dump_proto+0xd0/0xf0 [smc_diag]\n smc_diag_dump+0x26/0x60 [smc_diag]\n netlink_dump+0x19f/0x320\n __netlink_dump_start+0x1dc/0x300\n smc_diag_handler_dump+0x6a/0x80 [smc_diag]\n ? __pfx_smc_diag_dump+0x10/0x10 [smc_diag]\n sock_diag_rcv_msg+0x121/0x140\n ? __pfx_sock_diag_rcv_msg+0x10/0x10\n netlink_rcv_skb+0x5a/0x110\n sock_diag_rcv+0x28/0x40\n netlink_unicast+0x22a/0x330\n netlink_sendmsg+0x1f8/0x420\n __sock_sendmsg+0xb0/0xc0\n ____sys_sendmsg+0x24e/0x300\n ? copy_msghdr_from_user+0x62/0x80\n ___sys_sendmsg+0x7c/0xd0\n ? __do_fault+0x34/0x160\n ? do_read_fault+0x5f/0x100\n ? do_fault+0xb0/0x110\n ? __handle_mm_fault+0x2b0/0x6c0\n __sys_sendmsg+0x4d/0x80\n do_syscall_64+0x69/0x180\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nIt is possible that the connection is in process of being established\nwhen we dump it. Assumed that the connection has been registered in a\nlink group by smc_conn_create() but the rmb_desc has not yet been\ninitialized by smc_buf_create(), thus causing the illegal access to\nconn->rmb_desc. So fix it by checking before dump."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1fea9969b81c67d0cb1611d1b8b7d19049d937be",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/27aea64838914c6122db5b8bd4bed865c9736f22",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5fed92ca32eafbfae8b6bee8ca34cca71c6a8b6d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/68b888d51ac82f2b96bf5e077a31d76afcdef25a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6994dba06321e3c48fdad0ba796a063d9d82183a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8f3f9186e5bb96a9c9654c41653210e3ea7e48a6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a164c2922675d7051805cdaf2b07daffe44f20d9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dbc153fd3c142909e564bb256da087e13fbf239c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2024/CVE-2024-266xx/CVE-2024-26616.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2024-26616",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:19.400",
"lastModified": "2024-03-11T18:15:19.400",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: scrub: avoid use-after-free when chunk length is not 64K aligned\n\n[BUG]\nThere is a bug report that, on a ext4-converted btrfs, scrub leads to\nvarious problems, including:\n\n- \"unable to find chunk map\" errors\n BTRFS info (device vdb): scrub: started on devid 1\n BTRFS critical (device vdb): unable to find chunk map for logical 2214744064 length 4096\n BTRFS critical (device vdb): unable to find chunk map for logical 2214744064 length 45056\n\n This would lead to unrepariable errors.\n\n- Use-after-free KASAN reports:\n ==================================================================\n BUG: KASAN: slab-use-after-free in __blk_rq_map_sg+0x18f/0x7c0\n Read of size 8 at addr ffff8881013c9040 by task btrfs/909\n CPU: 0 PID: 909 Comm: btrfs Not tainted 6.7.0-x64v3-dbg #11 c50636e9419a8354555555245df535e380563b2b\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 2023.11-2 12/24/2023\n Call Trace:\n <TASK>\n dump_stack_lvl+0x43/0x60\n print_report+0xcf/0x640\n kasan_report+0xa6/0xd0\n __blk_rq_map_sg+0x18f/0x7c0\n virtblk_prep_rq.isra.0+0x215/0x6a0 [virtio_blk 19a65eeee9ae6fcf02edfad39bb9ddee07dcdaff]\n virtio_queue_rqs+0xc4/0x310 [virtio_blk 19a65eeee9ae6fcf02edfad39bb9ddee07dcdaff]\n blk_mq_flush_plug_list.part.0+0x780/0x860\n __blk_flush_plug+0x1ba/0x220\n blk_finish_plug+0x3b/0x60\n submit_initial_group_read+0x10a/0x290 [btrfs e57987a360bed82fe8756dcd3e0de5406ccfe965]\n flush_scrub_stripes+0x38e/0x430 [btrfs e57987a360bed82fe8756dcd3e0de5406ccfe965]\n scrub_stripe+0x82a/0xae0 [btrfs e57987a360bed82fe8756dcd3e0de5406ccfe965]\n scrub_chunk+0x178/0x200 [btrfs e57987a360bed82fe8756dcd3e0de5406ccfe965]\n scrub_enumerate_chunks+0x4bc/0xa30 [btrfs e57987a360bed82fe8756dcd3e0de5406ccfe965]\n btrfs_scrub_dev+0x398/0x810 [btrfs e57987a360bed82fe8756dcd3e0de5406ccfe965]\n btrfs_ioctl+0x4b9/0x3020 [btrfs e57987a360bed82fe8756dcd3e0de5406ccfe965]\n __x64_sys_ioctl+0xbd/0x100\n do_syscall_64+0x5d/0xe0\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n RIP: 0033:0x7f47e5e0952b\n\n- Crash, mostly due to above use-after-free\n\n[CAUSE]\nThe converted fs has the following data chunk layout:\n\n item 2 key (FIRST_CHUNK_TREE CHUNK_ITEM 2214658048) itemoff 16025 itemsize 80\n length 86016 owner 2 stripe_len 65536 type DATA|single\n\nFor above logical bytenr 2214744064, it's at the chunk end\n(2214658048 + 86016 = 2214744064).\n\nThis means btrfs_submit_bio() would split the bio, and trigger endio\nfunction for both of the two halves.\n\nHowever scrub_submit_initial_read() would only expect the endio function\nto be called once, not any more.\nThis means the first endio function would already free the bbio::bio,\nleaving the bvec freed, thus the 2nd endio call would lead to\nuse-after-free.\n\n[FIX]\n- Make sure scrub_read_endio() only updates bits in its range\n Since we may read less than 64K at the end of the chunk, we should not\n touch the bits beyond chunk boundary.\n\n- Make sure scrub_submit_initial_read() only to read the chunk range\n This is done by calculating the real number of sectors we need to\n read, and add sector-by-sector to the bio.\n\nThankfully the scrub read repair path won't need extra fixes:\n\n- scrub_stripe_submit_repair_read()\n With above fixes, we won't update error bit for range beyond chunk,\n thus scrub_stripe_submit_repair_read() should never submit any read\n beyond the chunk."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/34de0f04684ec00c093a0455648be055f0e8e24f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/642b9c520ef2f104277ad1f902f8526edbe087fb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f546c4282673497a06ecb6190b50ae7f6c85b02f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

24
CVE-2024/CVE-2024-266xx/CVE-2024-26617.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-26617",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:19.457",
"lastModified": "2024-03-11T18:15:19.457",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/proc/task_mmu: move mmu notification mechanism inside mm lock\n\nMove mmu notification mechanism inside mm lock to prevent race condition\nin other components which depend on it. The notifier will invalidate\nmemory range. Depending upon the number of iterations, different memory\nranges would be invalidated.\n\nThe following warning would be removed by this patch:\nWARNING: CPU: 0 PID: 5067 at arch/x86/kvm/../../../virt/kvm/kvm_main.c:734 kvm_mmu_notifier_change_pte+0x860/0x960 arch/x86/kvm/../../../virt/kvm/kvm_main.c:734\n\nThere is no behavioural and performance change with this patch when\nthere is no component registered with the mmu notifier.\n\n[akpm@linux-foundation.org: narrow the scope of `range', per Sean]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/05509adf297924f51e1493aa86f9fcde1433ed80",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4cccb6221cae6d020270606b9e52b1678fc8b71a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2024/CVE-2024-266xx/CVE-2024-26618.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2024-26618",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:19.510",
"lastModified": "2024-03-11T18:15:19.510",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64/sme: Always exit sme_alloc() early with existing storage\n\nWhen sme_alloc() is called with existing storage and we are not flushing we\nwill always allocate new storage, both leaking the existing storage and\ncorrupting the state. Fix this by separating the checks for flushing and\nfor existing storage as we do for SVE.\n\nCallers that reallocate (eg, due to changing the vector length) should\ncall sme_free() themselves."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/569156e4fa347237f8fa2a7e935d860109c55ac4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/814af6b4e6000e574e74d92197190edf07cc3680",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dc7eb8755797ed41a0d1b5c0c39df3c8f401b3d9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

24
CVE-2024/CVE-2024-266xx/CVE-2024-26619.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-26619",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:19.563",
"lastModified": "2024-03-11T18:15:19.563",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: Fix module loading free order\n\nReverse order of kfree calls to resolve use-after-free error."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2fa79badf4bfeffda6b5032cf62b828486ec9a99",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/78996eee79ebdfe8b6f0e54cb6dcc792d5129291",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

32
CVE-2024/CVE-2024-266xx/CVE-2024-26620.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2024-26620",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-11T18:15:19.613",
"lastModified": "2024-03-11T18:15:19.613",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/vfio-ap: always filter entire AP matrix\n\nThe vfio_ap_mdev_filter_matrix function is called whenever a new adapter or\ndomain is assigned to the mdev. The purpose of the function is to update\nthe guest's AP configuration by filtering the matrix of adapters and\ndomains assigned to the mdev. When an adapter or domain is assigned, only\nthe APQNs associated with the APID of the new adapter or APQI of the new\ndomain are inspected. If an APQN does not reference a queue device bound to\nthe vfio_ap device driver, then it's APID will be filtered from the mdev's\nmatrix when updating the guest's AP configuration.\n\nInspecting only the APID of the new adapter or APQI of the new domain will\nresult in passing AP queues through to a guest that are not bound to the\nvfio_ap device driver under certain circumstances. Consider the following:\n\nguest's AP configuration (all also assigned to the mdev's matrix):\n14.0004\n14.0005\n14.0006\n16.0004\n16.0005\n16.0006\n\nunassign domain 4\nunbind queue 16.0005\nassign domain 4\n\nWhen domain 4 is re-assigned, since only domain 4 will be inspected, the\nAPQNs that will be examined will be:\n14.0004\n16.0004\n\nSince both of those APQNs reference queue devices that are bound to the\nvfio_ap device driver, nothing will get filtered from the mdev's matrix\nwhen updating the guest's AP configuration. Consequently, queue 16.0005\nwill get passed through despite not being bound to the driver. This\nviolates the linux device model requirement that a guest shall only be\ngiven access to devices bound to the device driver facilitating their\npass-through.\n\nTo resolve this problem, every adapter and domain assigned to the mdev will\nbe inspected when filtering the mdev's matrix."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/850fb7fa8c684a4c6bf0e4b6978f4ddcc5d43d11",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c69d821197611678533fb3eb784fc823b921349a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cdd134d56138302976685e6c7bc4755450b3880e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d6b8d034b576f406af920a7bee81606c027b24c6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

26
CVE-2024/CVE-2024-266xx/CVE-2024-26622.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2024-26622",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-04T07:15:11.063",
"lastModified": "2024-03-04T13:58:23.447",
"lastModified": "2024-03-11T18:15:19.673",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntomoyo: fix UAF write bug in tomoyo_write_control()\n\nSince tomoyo_write_control() updates head->write_buf when write()\nof long lines is requested, we need to fetch head->write_buf after\nhead->io_sem is held. Otherwise, concurrent write() requests can\ncause use-after-free-write and double-free problems."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tomoyo: corrige el error de escritura UAF en tomoyo_write_control() Dado que tomoyo_write_control() actualiza head-&gt;write_buf cuando se solicita write() de l\u00edneas largas, necesitamos recuperar head-&gt;write_buf despu\u00e9s head-&gt;io_sem se mantiene. De lo contrario, las solicitudes de escritura () simult\u00e1neas pueden causar problemas de use-after-free-write y de doble liberaci\u00f3n."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2caa605079488da9601099fbda460cfc1702839f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2f03fc340cac9ea1dc63cbf8c93dd2eb0f227815",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3bfe04c1273d30b866f4c7c238331ed3b08e5824",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6edefe1b6c29a9932f558a898968a9fcbeec5711",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7d930a4da17958f869ef679ee0e4a8729337affc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a23ac1788e2c828c097119e9a3178f0b7e503fee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

57
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-03-11T17:00:53.042690+00:00
2024-03-11T19:01:11.048910+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-03-11T16:15:08.743000+00:00
2024-03-11T18:15:19.673000+00:00
```
### Last Data Feed Release
@ -29,28 +29,57 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
240962
241008
```
### CVEs added in the last Commit
Recently added CVEs: `6`
Recently added CVEs: `46`
* [CVE-2024-0670](CVE-2024/CVE-2024-06xx/CVE-2024-0670.json) (`2024-03-11T15:15:47.267`)
* [CVE-2024-23608](CVE-2024/CVE-2024-236xx/CVE-2024-23608.json) (`2024-03-11T16:15:07.897`)
* [CVE-2024-23609](CVE-2024/CVE-2024-236xx/CVE-2024-23609.json) (`2024-03-11T16:15:08.157`)
* [CVE-2024-23610](CVE-2024/CVE-2024-236xx/CVE-2024-23610.json) (`2024-03-11T16:15:08.370`)
* [CVE-2024-23611](CVE-2024/CVE-2024-236xx/CVE-2024-23611.json) (`2024-03-11T16:15:08.557`)
* [CVE-2024-23612](CVE-2024/CVE-2024-236xx/CVE-2024-23612.json) (`2024-03-11T16:15:08.743`)
* [CVE-2024-0051](CVE-2024/CVE-2024-00xx/CVE-2024-0051.json) (`2024-03-11T17:15:45.840`)
* [CVE-2024-0052](CVE-2024/CVE-2024-00xx/CVE-2024-0052.json) (`2024-03-11T17:15:45.897`)
* [CVE-2024-0053](CVE-2024/CVE-2024-00xx/CVE-2024-0053.json) (`2024-03-11T17:15:45.950`)
* [CVE-2024-0559](CVE-2024/CVE-2024-05xx/CVE-2024-0559.json) (`2024-03-11T18:15:17.743`)
* [CVE-2024-0561](CVE-2024/CVE-2024-05xx/CVE-2024-0561.json) (`2024-03-11T18:15:17.797`)
* [CVE-2024-1068](CVE-2024/CVE-2024-10xx/CVE-2024-1068.json) (`2024-03-11T18:15:17.847`)
* [CVE-2024-1273](CVE-2024/CVE-2024-12xx/CVE-2024-1273.json) (`2024-03-11T18:15:17.900`)
* [CVE-2024-1279](CVE-2024/CVE-2024-12xx/CVE-2024-1279.json) (`2024-03-11T18:15:17.950`)
* [CVE-2024-1290](CVE-2024/CVE-2024-12xx/CVE-2024-1290.json) (`2024-03-11T18:15:18.003`)
* [CVE-2024-1487](CVE-2024/CVE-2024-14xx/CVE-2024-1487.json) (`2024-03-11T18:15:18.057`)
* [CVE-2024-1696](CVE-2024/CVE-2024-16xx/CVE-2024-1696.json) (`2024-03-11T17:15:46.007`)
* [CVE-2024-23717](CVE-2024/CVE-2024-237xx/CVE-2024-23717.json) (`2024-03-11T17:15:46.253`)
* [CVE-2024-26608](CVE-2024/CVE-2024-266xx/CVE-2024-26608.json) (`2024-03-11T18:15:18.953`)
* [CVE-2024-26609](CVE-2024/CVE-2024-266xx/CVE-2024-26609.json) (`2024-03-11T18:15:19.010`)
* [CVE-2024-26610](CVE-2024/CVE-2024-266xx/CVE-2024-26610.json) (`2024-03-11T18:15:19.067`)
* [CVE-2024-26611](CVE-2024/CVE-2024-266xx/CVE-2024-26611.json) (`2024-03-11T18:15:19.123`)
* [CVE-2024-26612](CVE-2024/CVE-2024-266xx/CVE-2024-26612.json) (`2024-03-11T18:15:19.170`)
* [CVE-2024-26613](CVE-2024/CVE-2024-266xx/CVE-2024-26613.json) (`2024-03-11T18:15:19.223`)
* [CVE-2024-26614](CVE-2024/CVE-2024-266xx/CVE-2024-26614.json) (`2024-03-11T18:15:19.280`)
* [CVE-2024-26615](CVE-2024/CVE-2024-266xx/CVE-2024-26615.json) (`2024-03-11T18:15:19.337`)
* [CVE-2024-26616](CVE-2024/CVE-2024-266xx/CVE-2024-26616.json) (`2024-03-11T18:15:19.400`)
* [CVE-2024-26617](CVE-2024/CVE-2024-266xx/CVE-2024-26617.json) (`2024-03-11T18:15:19.457`)
* [CVE-2024-26618](CVE-2024/CVE-2024-266xx/CVE-2024-26618.json) (`2024-03-11T18:15:19.510`)
* [CVE-2024-26619](CVE-2024/CVE-2024-266xx/CVE-2024-26619.json) (`2024-03-11T18:15:19.563`)
* [CVE-2024-26620](CVE-2024/CVE-2024-266xx/CVE-2024-26620.json) (`2024-03-11T18:15:19.613`)
### CVEs modified in the last Commit
Recently modified CVEs: `3`
Recently modified CVEs: `13`
* [CVE-2023-52514](CVE-2023/CVE-2023-525xx/CVE-2023-52514.json) (`2024-03-11T16:15:07.720`)
* [CVE-2024-27198](CVE-2024/CVE-2024-271xx/CVE-2024-27198.json) (`2024-03-11T15:15:47.483`)
* [CVE-2024-27199](CVE-2024/CVE-2024-271xx/CVE-2024-27199.json) (`2024-03-11T15:15:47.663`)
* [CVE-2023-2861](CVE-2023/CVE-2023-28xx/CVE-2023-2861.json) (`2024-03-11T18:15:15.687`)
* [CVE-2023-3354](CVE-2023/CVE-2023-33xx/CVE-2023-3354.json) (`2024-03-11T18:15:15.843`)
* [CVE-2023-40081](CVE-2023/CVE-2023-400xx/CVE-2023-40081.json) (`2024-03-11T17:15:45.170`)
* [CVE-2023-5088](CVE-2023/CVE-2023-50xx/CVE-2023-5088.json) (`2024-03-11T18:15:17.433`)
* [CVE-2024-22256](CVE-2024/CVE-2024-222xx/CVE-2024-22256.json) (`2024-03-11T18:15:18.117`)
* [CVE-2024-26582](CVE-2024/CVE-2024-265xx/CVE-2024-26582.json) (`2024-03-11T18:15:18.377`)
* [CVE-2024-26583](CVE-2024/CVE-2024-265xx/CVE-2024-26583.json) (`2024-03-11T18:15:18.453`)
* [CVE-2024-26584](CVE-2024/CVE-2024-265xx/CVE-2024-26584.json) (`2024-03-11T18:15:18.503`)
* [CVE-2024-26585](CVE-2024/CVE-2024-265xx/CVE-2024-26585.json) (`2024-03-11T18:15:18.553`)
* [CVE-2024-26593](CVE-2024/CVE-2024-265xx/CVE-2024-26593.json) (`2024-03-11T18:15:18.673`)
* [CVE-2024-26604](CVE-2024/CVE-2024-266xx/CVE-2024-26604.json) (`2024-03-11T18:15:18.830`)
* [CVE-2024-26606](CVE-2024/CVE-2024-266xx/CVE-2024-26606.json) (`2024-03-11T18:15:18.890`)
* [CVE-2024-26622](CVE-2024/CVE-2024-266xx/CVE-2024-26622.json) (`2024-03-11T18:15:19.673`)
## Download and Usage

90
_state.csv
View File

@ -220242,7 +220242,7 @@ CVE-2023-28604,0,0,c6559c097ec626e43787044cec38c13b17d68d1f9b3657891d42f8e1f3924
CVE-2023-28606,0,0,afea44256d91ae493d29e5575fe29a5d4dae2297e425394b062134a6d6b8a666,2023-03-24T18:28:30.927000
CVE-2023-28607,0,0,1887519c23c8e18632489087b9046a21950bbe3be4abd80650e9ddf4d535d88f,2023-03-24T18:28:05.027000
CVE-2023-28609,0,0,c0523c367091c1d2bafb694806a08bb2d09c31525bed757a3007705c3fef01ca,2023-03-23T14:04:55.057000
CVE-2023-2861,0,0,e888251ab650cfe3882120367e79e530aed578c472adf42eac524bc422d4f319,2024-01-25T14:15:25.643000
CVE-2023-2861,0,1,b737086d2bb8a9f4c32f33c2471a27cdf6db1fcf65c78ee9493477668df666df,2024-03-11T18:15:15.687000
CVE-2023-28610,0,0,ff73bc88e4e112c751a6807df7a5c3cd548cdeb5b28df077e6a290d98976284b,2023-03-27T22:28:17.970000
CVE-2023-28611,0,0,cb937533e9d8b6a9e73d15224e99c46a35dc9acf6cf019168bddf336dafd8eac,2023-03-28T20:29:28.217000
CVE-2023-28613,0,0,3c865ac40b94bd9bf0ece28bee3e72fa11a7402e86c7a0f751330d4149022721,2023-05-05T19:15:15.513000
@ -223880,7 +223880,7 @@ CVE-2023-33534,0,0,0e5e71e14d9e377477a2da4c620a2ccacae3e5fc34f050a0eca1ec60fd63d
CVE-2023-33536,0,0,6bd1f215c9284d310f88c9350e303b6e0f4506877bbcc97b821c359cd5c1a5a5,2023-06-13T18:53:24.247000
CVE-2023-33537,0,0,61ef3b22598cf6c40d6fda0c92768b46f4f0fafa6810fbb0a28caa3d2acc019f,2023-06-13T18:53:45.007000
CVE-2023-33538,0,0,0b4fd8c21e2d660710ef2a7384987739ad3eb61f96e16b9227f955ca263460fa,2023-06-13T18:53:52.230000
CVE-2023-3354,0,0,744d3e340d2c22d10f30acddf25f47c694f429f0e4f9dc98e59876e84a6e3fa6,2023-11-07T14:50:29.993000
CVE-2023-3354,0,1,862bc4cd5fd3240c4a7eadd35341de2f97dd88cae29299dc7d0f3119dc347a60,2024-03-11T18:15:15.843000
CVE-2023-33544,0,0,9e6d80f78e40db4298dd7cf1f4fe3f60783706a7c64a6d079cdc96127578517b,2023-06-08T02:30:24.810000
CVE-2023-33546,0,0,88a12dcfe511ffefb371ada1943ad06d47636dd166bf92118712b2b36a498565,2023-11-07T04:14:58.153000
CVE-2023-3355,0,0,38bf40fc948e375cc046be46e9870a986ee0b470b1aadf8a39d88ac90c85aac2,2023-11-07T04:18:35.013000
@ -228301,7 +228301,7 @@ CVE-2023-40078,0,0,89be79df6539688ff8502a43a86bfe9e77c4bc931067eb48b14d10f67aa75
CVE-2023-40079,0,0,724a66aa36156fdc913180d4ad6f6247c6f6b8c8e8c35d075a8f4e3fef304eb3,2024-02-15T20:53:24.200000
CVE-2023-4008,0,0,50581515caa840d26411fcceaa477ffcb3af4e9d4eaf65f144121c09bfcb2282,2023-08-07T19:29:10.320000
CVE-2023-40080,0,0,932f6e6343622e81850d6011e1e7b9a883944e19e87dc309d552124c28b416a7,2024-02-15T20:53:30.253000
CVE-2023-40081,0,0,20ad6d60a2f84be80fe0682f4637e342156d6ee1bfbf0d0d49e43e2dcfbc6826,2024-02-15T20:58:09.707000
CVE-2023-40081,0,1,0a5f7c3de84b752122f848b162a75f3e7cd20f9498619d97a48e17765c2a8497,2024-03-11T17:15:45.170000
CVE-2023-40082,0,0,b723f7b901b3c90ab8d208b823103b55e4b7c35a50c97ddeb37c42df398d7978,2024-02-15T20:46:11.673000
CVE-2023-40083,0,0,4938471f53679f03bc49f4bfe400c4c02be4a104e3522541fa57b719f359b343,2024-02-15T20:25:39.540000
CVE-2023-40084,0,0,19663f7feb94d73b21976d747ddf39ab58482bd6e748aa533218e7073d9ca0fe,2024-02-09T00:24:31.993000
@ -234958,7 +234958,7 @@ CVE-2023-50874,0,0,bcacd6fc18a6a7384f9e3410fc219a27fd51425023bb3ea76f15234acd5bd
CVE-2023-50875,0,0,1106938097fb18960ed1f89813982d05ff2f39c25d4530bc17f1d69fd9b36d68,2024-02-16T19:28:59.943000
CVE-2023-50878,0,0,09d9775c521beb2bdbe6a10e9cce75ea90abd897c23ddc9c0ed036fdb98e2785,2024-01-05T16:21:46.253000
CVE-2023-50879,0,0,e7f635ec835f8af6e68324c638f96c217e373f3a3af9c80d6a7d36cc1662f020,2024-01-05T17:35:04.347000
CVE-2023-5088,0,0,568d51164c9264fd994fc3b9ec65036bce17134420ca04c5ab028845c9aa43d8,2024-03-07T17:46:40.173000
CVE-2023-5088,0,1,939ef66299af3edb362a7d2c74b0e49564a48ba289fd555d0389350188c0dc0b,2024-03-11T18:15:17.433000
CVE-2023-50880,0,0,45dfc20edf873b6f54c033b90d8b745bc998db6f75a866db44cd1e8a384e14b7,2024-01-05T17:36:02.743000
CVE-2023-50881,0,0,21fc9e5f06f2216fa2395fe2689d924b63b36b0b4cdf8b0f9c5260d788c328af,2024-01-05T17:37:29.017000
CVE-2023-50889,0,0,c1ad7d35b6d5afc074175b11fcf31e66a1f88510cc63a735f12500e424605271,2024-01-05T17:39:22.253000
@ -235821,9 +235821,20 @@ CVE-2023-52482,0,0,d9db5f8b040cf022e5cde81df037e8b3728670f3ad42e773d11b877171a46
CVE-2023-52483,0,0,2a4ebb0c9b1f8206c0612e11bb23dd9226ede2d27e2d0d82dac525d0a27fbaad,2024-02-29T13:49:29.390000
CVE-2023-52484,0,0,d5ee2bf5164023741424c58784b9debb4274eef9f1dfe6d2acf7ec42fe245e94,2024-02-29T13:49:29.390000
CVE-2023-52485,0,0,ae3dd674dee8a38cfbc69456682c1f7bd46ba3e6d68ca90e6c460ee76310aa9e,2024-02-29T18:06:42.010000
CVE-2023-52486,1,1,045ee6ef7e215e4a345e93b7237f0aebb5339aa3abadd35e5b36a3dd2b6c443e,2024-03-11T18:15:16.427000
CVE-2023-52487,1,1,5a6325f86b19101d49b6f2d4f724773cbff8bbe64a9f67f4b103215b22fac680,2024-03-11T18:15:16.520000
CVE-2023-52488,1,1,899cbffd20c67d4712c8a5f674b7f5efa0a423de9d8dbfd1578e873ed1475011,2024-03-11T18:15:16.603000
CVE-2023-52489,1,1,5251267afac0a6a388007e244d7c2e6a9b0bdc518403e77d6f2356f642c918a7,2024-03-11T18:15:16.673000
CVE-2023-5249,0,0,c9a9a73292b795eaae901259118258ec7b799bf56b78d4d6d33ce623b44e08f3,2024-02-13T00:37:35.327000
CVE-2023-52490,1,1,c57450011b01d5625d5a5b8f7eee5e539d2840fa4950699db5a4e71b8c9b6325,2024-03-11T18:15:16.750000
CVE-2023-52491,1,1,0e97992a6d8c6300bf905f6c941d21e7bc0c5ef548488c6e54052904b79e3813,2024-03-11T18:15:16.807000
CVE-2023-52492,1,1,152a2d50b491303beb1c1ceced8682b7b78fa9077bc0ab413a8d9791542fa13a,2024-03-11T18:15:16.877000
CVE-2023-52493,1,1,d335b7d5f20146c75bdb78fb30d320eb9a4d9f057a7f2a7d72050bb839538081,2024-03-11T18:15:16.940000
CVE-2023-52494,1,1,f630f580902d22d9b3f6e659d692a970db0b5520ff0744ddbd27210ea03ec124,2024-03-11T18:15:17
CVE-2023-52495,1,1,f7c5898435ce0b2235df48d6df719a3ea79ffa0fc0b4f1fc2a4700e65e6253c1,2024-03-11T18:15:17.060000
CVE-2023-52496,0,0,6411677fed7ada25ff10068f244bd8aa86c2d95284a00baca2abac4b8980ac07,2024-03-08T11:15:06.913000
CVE-2023-52497,0,0,d28fd3926c478e680ff44081e6bd3760f5583d68da3e361284fa001d65ca8f2f,2024-03-01T15:23:36.177000
CVE-2023-52498,1,1,975572cc0010b93628521808eb6d4a29cea04b7ba38b919056af49d8c0f081e7,2024-03-11T18:15:17.130000
CVE-2023-52499,0,0,07030abfd5b506eab489f023dd77f8aa7198bca2ea28ee40b86a1fca0cb00fb1,2024-03-04T13:58:23.447000
CVE-2023-5250,0,0,48043cf3cbd3fbd96b9a651598feb1069aa97381890f81165811ba98d5069b0c,2023-11-08T02:30:14.437000
CVE-2023-52500,0,0,c1d1ae19eb6a2caab665d0d3a91da971e3474d1439691687a1bf320b35fbcad4,2024-03-04T13:58:23.447000
@ -235841,7 +235852,7 @@ CVE-2023-52510,0,0,39bb20f902ce77c6c2cc24fdd471414543682dc6368dd71901ad66ceeb858
CVE-2023-52511,0,0,96ad6a250685bb1f1b043d2d9629c3703274f2a26b2172e6f2f583cb342aa7f7,2024-03-04T13:58:23.447000
CVE-2023-52512,0,0,6b0934a2f05e016672719445c73a46d1beddc36452fb6794d32bde3c681e15b5,2024-03-04T13:58:23.447000
CVE-2023-52513,0,0,c3f6403d0bd91c1256183cc63f5a42ed5e32a237d5cc51f6ef463aa0f44f6a2a,2024-03-04T13:58:23.447000
CVE-2023-52514,0,1,2a9bbaa87d5c1eab9d9277a12e928b1961b3fc1968dd1c401d6d2c797142906a,2024-03-11T16:15:07.720000
CVE-2023-52514,0,0,2a9bbaa87d5c1eab9d9277a12e928b1961b3fc1968dd1c401d6d2c797142906a,2024-03-11T16:15:07.720000
CVE-2023-52515,0,0,7ed1681a7c6a3267a3342d453126aab09b934cffe5e0a5e93e54c0492dd6af3d,2024-03-04T13:58:23.447000
CVE-2023-52516,0,0,a2d74778820fd67a3143b965286178ba729cfdcbf87ce7c74d33fa89175e0a71,2024-03-04T13:58:23.447000
CVE-2023-52517,0,0,43af2c38c9abb65135989190406e737cf4a1757d3e820b8a9ce0cd8ea74c6d05,2024-03-04T13:58:23.447000
@ -236936,6 +236947,7 @@ CVE-2023-6439,0,0,65d4d1c2474ad19431eab167350b7faccee8537a0fb42fdd4ef1a447133b79
CVE-2023-6440,0,0,9305e200ceffef3af490c27133520d02952574fab8daa376a559ac8661ffdc4d,2024-02-29T01:42:37.890000
CVE-2023-6441,0,0,fe710f816513ef9673a873adeda26070cb375379bf40d3899b1aac24c15b7670,2024-02-14T15:01:46.050000
CVE-2023-6442,0,0,2e0840a6de8ca284b12ef15d0cb8c20957b6aace2cc5da0313d9b23496d44112,2024-02-29T01:42:37.993000
CVE-2023-6444,1,1,5a01a5f8114067102abd768f57694bd722e31a0e8333f1f47e1dd72c5eae7896,2024-03-11T18:15:17.597000
CVE-2023-6446,0,0,5229fa2f6d92dd63a023fa3def255ac613d4d8ffac05ce30bd931ed5ad8b45ab,2024-01-16T23:56:41.727000
CVE-2023-6447,0,0,8df239bf83c13b494930c95fc233360f5499e9cd2a9d09de8bc09add0f18bcf9,2024-01-26T19:43:45.243000
CVE-2023-6448,0,0,1380208b840aaf01150c7a611e98756b4f8e90080a51c1592db0923f6cb6d481,2023-12-19T14:15:07.183000
@ -237527,6 +237539,7 @@ CVE-2023-7242,0,0,db2d6d5cc91868613ca46292b47ef3b5a3c4ae96f4def2aa8c9c1271db71c4
CVE-2023-7243,0,0,c43192a066d4b9535821b574845a0af87800cbe78fe61a46f4663ee5807e93c6,2024-03-07T17:51:08.413000
CVE-2023-7244,0,0,ba207e3262e0671e0b0b028bd6f1a9cad89868b7212853a50edc68e0c8b30845,2024-03-07T17:51:19
CVE-2023-7245,0,0,c2b129587df81b933ff7a681e47b41470d61b90df3071adf7be4cf4925974850,2024-02-20T19:50:53.960000
CVE-2023-7247,1,1,dd33ecd8c1cdd828f209b069abb733c207b519e496da645cd25783954367d794,2024-03-11T18:15:17.683000
CVE-2024-0007,0,0,1173dcf63e36e77ef1ebddafdf32fafcec606695fbc0816f54b661f0aac88aac,2024-02-15T06:23:39.303000
CVE-2024-0008,0,0,9c41805289fe313f8323749103b11eb8b3211483db37513fd0baf5ed76da3178,2024-02-15T06:23:39.303000
CVE-2024-0009,0,0,23e936b7b54a2f1e04c46b6a36886ee0c71ffa20e63d224ee54049120613eeaa,2024-02-15T06:23:39.303000
@ -237551,8 +237564,19 @@ CVE-2024-0035,0,0,0ce68de325f665dc3a7256a6d6e996a44f3867b847d236e5a22859f4ee4f57
CVE-2024-0036,0,0,7868a185fd5849c33467b89370b636910924de958410200fc0dfaff7e1e7d3fd,2024-02-16T13:37:51.433000
CVE-2024-0037,0,0,03fd1ee7c1131f52c59788582a866a4c9728695479267f3e85c151a2644ca135,2024-02-16T13:37:51.433000
CVE-2024-0038,0,0,8798af074e75acf30506472783c98fe3ca6f9989b456036fb13460ce3a0660ea,2024-02-16T13:37:51.433000
CVE-2024-0039,1,1,9e84be39a63f0f91014710413bca763613558ae8c08fc1d6e3f4fd2369495ffb,2024-03-11T17:15:45.350000
CVE-2024-0040,0,0,4afedb45d19d9a2df9a3ecdcf577c422a3b0751bcf061eb077253f060c2e8e31,2024-02-16T13:37:51.433000
CVE-2024-0041,0,0,4dc5cf8202a81389ba1711e9ab4229bb6c315c100ad135fbbcb3e9e75477a4a9,2024-02-16T13:37:51.433000
CVE-2024-0044,1,1,a3b4a1fd24c5000edbfd4e9441186433eec58b8833a8821111fdd7f83affa768,2024-03-11T17:15:45.450000
CVE-2024-0045,1,1,b5427e1b1ecb43d830d7e5879c1f92d8e36900171c479d0f99373a9386bbbfd9,2024-03-11T17:15:45.507000
CVE-2024-0046,1,1,6752863c545295b4052a1f7c46a91dbe89f7fc17b8d8a3b1879c46ffc814f051,2024-03-11T17:15:45.563000
CVE-2024-0047,1,1,39a78aee213787bb91e2396e347bc624fe05c7e42cc60c8ab44af8e96371285b,2024-03-11T17:15:45.620000
CVE-2024-0048,1,1,77b0c5aaee09f32e4a8554d129ba43e0cfff198a0b27d1b7c6c4f927fc171afb,2024-03-11T17:15:45.673000
CVE-2024-0049,1,1,cbcd23da47c7af4bbee775eacef64924dfff44feba91affcd10604ca15179f47,2024-03-11T17:15:45.727000
CVE-2024-0050,1,1,ee7360ac373d2d07758e05abb8ae63d9342f89f97096e96b8d0c40dab16f66d9,2024-03-11T17:15:45.783000
CVE-2024-0051,1,1,b694ce79fabec03ca0da4a7ffc54a86cd5cadb0768d45f99de90513d073014e3,2024-03-11T17:15:45.840000
CVE-2024-0052,1,1,ca6b219e98a35117b8672fccb2de31e9ded8558c54b65c2400492d72543032ae,2024-03-11T17:15:45.897000
CVE-2024-0053,1,1,7eda16fa9d5d93a6d6450af76ecaf2880decd278a612d92fb28ae7acf15a389f,2024-03-11T17:15:45.950000
CVE-2024-0056,0,0,8e4c5bb83a29ac8333eedaa800b8f7cbc24d65d51285a7605c7436e724c22f27,2024-02-27T20:42:01.233000
CVE-2024-0057,0,0,e4dc663a42ac696d9f4ea85b4eec7c26c470f055092858eb6ffdd99343f4d6bf,2024-02-27T20:41:51.863000
CVE-2024-0068,0,0,29054351872f671ffd0afada76da136d48518b88acaefb639ccc6c169ead07a3,2024-03-01T14:04:26.010000
@ -237879,7 +237903,9 @@ CVE-2024-0555,0,0,e27068c658ab2fe0ade46b360f75382aad49de171a45cc11ac1210a0674260
CVE-2024-0556,0,0,58e51148ac56dc3dc5f63a5ecb0eb821e6a1130d50e3147308ecd24775c94ea7,2024-01-23T19:44:47.387000
CVE-2024-0557,0,0,dc1a9ec952bfd9769d13f6bf3eeac74887defab64a6380c2224947222dade884,2024-02-29T01:43:21.170000
CVE-2024-0558,0,0,682106b853839113151cc6960313522eeca5a08fb2d136881ee7bb3a9e6ecc04,2024-02-29T01:43:21.240000
CVE-2024-0559,1,1,655a8f6cf9cadece8e0d8546b4909819418c42016f205db5aeaa25b2caf7f6d1,2024-03-11T18:15:17.743000
CVE-2024-0560,0,0,14d68f71b9716e2e50b8e60cfacc63b081c0859f96401fdcd1a15fe7914d4b2f,2024-02-29T13:49:47.277000
CVE-2024-0561,1,1,6739c9e72751a3020de0688072146097f3104b2a7c091fae2f45aa5d55682e12,2024-03-11T18:15:17.797000
CVE-2024-0562,0,0,ed47443cd929d7814f11d99ba9bb79fcc79e3e65687a5137f73cbe072b2edbfb,2024-01-25T20:15:40.210000
CVE-2024-0563,0,0,0bf4472860925ed3661b4122ec1942a93e652e3291878b51071ea3e4cbbc7ec9,2024-02-23T16:14:43.447000
CVE-2024-0564,0,0,2ea7d9789fe2bf2c5202f04a8796f5e81286b91703a6d170c1fa28f2224224c4,2024-02-08T16:36:48.837000
@ -237959,7 +237985,7 @@ CVE-2024-0665,0,0,4f11c74d31ee400b4dead80ad52f0a187a0b330f44c457216c2744da6f3597
CVE-2024-0667,0,0,2681b7becac6d5374ec2219687491519adea78bdc5162cd2d7253f0786abc5ef,2024-02-01T04:15:17.817000
CVE-2024-0668,0,0,3db9a5de6e4dca9e79ecb9554115ef410935372b559bc145d7ca0c6d374ebafc,2024-02-13T16:24:26.927000
CVE-2024-0669,0,0,476d8f93fcd7134fc732a1bd0cd06cc03563cad47067b8fa5ebf76f58a942cc6,2024-01-26T18:52:05.550000
CVE-2024-0670,1,1,96f0c0f86d7d60e941c6ad942ddc9516bfeba336a67759b22368dff441aebf7b,2024-03-11T15:15:47.267000
CVE-2024-0670,0,0,96f0c0f86d7d60e941c6ad942ddc9516bfeba336a67759b22368dff441aebf7b,2024-03-11T15:15:47.267000
CVE-2024-0674,0,0,9139aa9ed68295af11e7b8aed5b715e6e747bd34139c805f237fd0a45d0b36ba,2024-02-08T16:39:59.450000
CVE-2024-0675,0,0,8bea4fa993c9477b8fb58d2ccef75bd1eb1d23abf07c79567a0ddce8b0191850,2024-02-08T16:39:42.950000
CVE-2024-0676,0,0,8035a70d9b2fb746a1bd04ffd363a65316fee85917c37a6970742638f1f2186e,2024-02-08T16:39:00.907000
@ -238237,6 +238263,7 @@ CVE-2024-1062,0,0,e8ea8cd895eea05dff27bd99771338599b895b0c48f569d882a6d4cd9d894f
CVE-2024-1063,0,0,9f783a34601f62d19b147f2fe9fbb48179f2e91e414b112cc308b0e641d38b87,2024-02-05T18:25:57.167000
CVE-2024-1064,0,0,54ebccd3b0484c776a35abc0a579ad4dfe5016d375ba9d7ccf7a7253f76d1013,2024-02-12T18:42:14.777000
CVE-2024-1066,0,0,dee5d81e7a0b9b9fb8a137a3449558003e1ae30b794977ba6cb78edfb4b822d2,2024-03-04T21:00:15.267000
CVE-2024-1068,1,1,39bf902d592035d34d3bba6fbcf85d31e025efcb5626c106f67bda0f76bd62fc,2024-03-11T18:15:17.847000
CVE-2024-1069,0,0,0ebc319d571e78332ab4eff9b8d2044317e8f13e0a6fe2abded578b1be7998e0,2024-02-06T20:11:52.587000
CVE-2024-1070,0,0,0fe9fc048ecfd5e5b18e56b806bd86c817a733e0960c330bc7eea079d9a31fba,2024-02-29T13:49:29.390000
CVE-2024-1072,0,0,32fe471ba00a9e765c56a143079ee3e98644ebc38ce83029c2cc4a8bc2496463,2024-02-13T19:44:28.620000
@ -238365,13 +238392,16 @@ CVE-2024-1266,0,0,d8048f344ae1bca20edbbb90e0700136203c25ee816ee845880e494608b501
CVE-2024-1267,0,0,289a905845e3ba73685d4399f3f69b3f9fff29fc465eee2f683e030178461502,2024-02-29T01:43:46.250000
CVE-2024-1268,0,0,b624ee33fa2463d3d689c7b55a3ade25cccc1ca20e5b56fe6d99da5cadfd4ee3,2024-02-29T01:43:46.330000
CVE-2024-1269,0,0,7dab1bb6db27c0c655345b89727871ef96a6851a6eab8ad5166f167825dd5c99,2024-02-29T01:43:46.410000
CVE-2024-1273,1,1,b6acf030a17ec2caa99da7a61fc799b5d72b30662d09e0440aaeeef758eb3242,2024-03-11T18:15:17.900000
CVE-2024-1276,0,0,9294f8a377c8e1f7ed8104516871f7782c82bb26b0241c65c90c5ba833233d8d,2024-02-29T13:49:29.390000
CVE-2024-1277,0,0,5b5a051d3575b993b787b1190a083d88018da5bc66d607156fcb40063c55cec4,2024-02-29T13:49:29.390000
CVE-2024-1279,1,1,b8ebff7c26572a9909c3d6a417b5eeb4c7dbfa7306c914d7603550dfd97b60f1,2024-03-11T18:15:17.950000
CVE-2024-1282,0,0,a371f7e20f84cb1dea4de324bfddc9eab836889de678add919c7c1e69ad7cb0e,2024-02-29T13:49:29.390000
CVE-2024-1283,0,0,95516cccfd3330b62eba366e128fd4e30c7541dad3dfc25f8801e64cf1671db9,2024-02-14T18:19:42.423000
CVE-2024-1284,0,0,a542ed7ad2fc69d5fc164ea1e42af4493449dbb177723d14d8b566e116471710,2024-02-14T18:19:17.177000
CVE-2024-1285,0,0,28973f93f478182e90f48ce4a0ab09f79299ff357ec1bba187e439c23a074432,2024-03-05T13:41:01.900000
CVE-2024-1288,0,0,e4429f5c87e8d5c2c8ae36fb4d938db187d89d635ebd489625ff72646c839fc3,2024-02-29T13:49:29.390000
CVE-2024-1290,1,1,2f951497b05d5a78cbde42a8b1fb2bd38f28d69a82490eb06120f7aab461e4e1,2024-03-11T18:15:18.003000
CVE-2024-1294,0,0,9641429abe5a940a43824ce0a1ebfc70cc6e8bb9d03222022ce919558da2baa7,2024-02-29T13:49:29.390000
CVE-2024-1297,0,0,1fc219bb038ab422185a999365115aff94759fe3e5ff94e3dc4180f1d6bc82d0,2024-02-20T19:50:53.960000
CVE-2024-1299,0,0,952d3e1978bc9a123968ee45cc4c039cf2f6a96c36b8ac699d5424c827f802f2,2024-03-07T13:52:27.110000
@ -238466,6 +238496,7 @@ CVE-2024-1476,0,0,d0730689614c6c4e0529f40c4f2bd5c19c1d139902825e56e4e732d35ae7af
CVE-2024-1478,0,0,40cbce0cae33ffa26f31fcfbd9f18bad1281854428c8fee3920e07dab050464f,2024-03-05T13:41:01.900000
CVE-2024-1482,0,0,4004dc294092456d033ab8b20599d970ac1a724515bbd4c4f198331d64cbdb99,2024-02-15T06:23:39.303000
CVE-2024-1485,0,0,b9f4145834ee9d538c2d6e8caecb301f8f2dde5a282a13e80f59671c5263bb0b,2024-02-22T01:15:07.980000
CVE-2024-1487,1,1,92f5ba3bf6384051ea73ccb336e83460221d0e9340e906c9e0266ccb8fa6d81f,2024-03-11T18:15:18.057000
CVE-2024-1488,0,0,279192e2f81dcccd45cc434d6eccb30e7b02e02b175a7c5c859669b551700228,2024-02-15T06:23:39.303000
CVE-2024-1492,0,0,bd2975db15d23bf6ccb04f9bbcf2cde248dc3c55e86248e7f4d78edff1274431,2024-02-29T13:49:29.390000
CVE-2024-1496,0,0,6fa952c12eca34adb02683b8b330ee432853a078218cc9eaec1fae21364cc413,2024-02-29T13:49:29.390000
@ -238537,6 +238568,7 @@ CVE-2024-1676,0,0,75a25dbf1da186d6f531373499511171b06f00b3a04068d4f734276fb08847
CVE-2024-1683,0,0,f25ae2f9a9595608d9c0ca7fa909b61084cd30e6bc54195e29b2d6a4f1fe18f2,2024-02-23T02:42:54.547000
CVE-2024-1686,0,0,513b8933def64d694b65e22b1395645ba43c1774153040be97c24d03679a5263,2024-02-27T14:20:06.637000
CVE-2024-1687,0,0,2c139dd7a4cd5eb96b19cf20743fdcf2a4372838670ad53c30ef28a6668ce9e0,2024-02-27T14:20:06.637000
CVE-2024-1696,1,1,d81f629816fab619a609d1b4319249a15062187c3a95365404d526ae2b992a12,2024-03-11T17:15:46.007000
CVE-2024-1698,0,0,75dca8418f9d56ec0cfe8b6a5fe8dbac72155e2590b7f1e80f716b71405b9b9b,2024-02-27T14:20:06.637000
CVE-2024-1700,0,0,c51c2bf467ed3c973111c6298956b10138cd5b50099766c5a1386818675492b6,2024-02-29T01:43:53.363000
CVE-2024-1701,0,0,b4ba5cedc2d7f0d7323b5eeb493b9b0acc03e1aac9dcfdeddf7c8742ba12eae6,2024-02-29T01:43:53.440000
@ -239361,7 +239393,7 @@ CVE-2024-22252,0,0,821ff3109896701ec8ca90959d2c3687cab66c92b6f06dd5ac6f254173748
CVE-2024-22253,0,0,869a690eac81b8d366a7dcd03c915afe771001839314866b2e3833a0cd4435ba,2024-03-05T18:50:18.333000
CVE-2024-22254,0,0,9459758feef8c3482a3dd931fe9afae6322b6e4fd3a58270d8e8b4bdfbbbb85a,2024-03-05T18:50:18.333000
CVE-2024-22255,0,0,745f4cbb4a69bb6c39368bc0a0102e1bbca6746f7bd70b66d5b81a5c3e0b1eea,2024-03-05T18:50:18.333000
CVE-2024-22256,0,0,f2619a0a9dc59843b5cd94a19dea8090b0500bccc7b0cf9741ab0ad0bde15360,2024-03-07T13:52:27.110000
CVE-2024-22256,0,1,6443c3ae549d5b05ec5aa1e3620029237460fff1af05365d13f54e81aa770eef,2024-03-11T18:15:18.117000
CVE-2024-22282,0,0,53d62e993d25bddde67f64a9b7b05dfd45a21e7eb7c9bf0be8fb90ec2911d888,2024-02-06T16:55:19.983000
CVE-2024-22283,0,0,f9f0bb31955cdc5efe0fe68bd93a1968461b937d4826bd6ada9de29ff0f15691,2024-02-01T04:13:41.033000
CVE-2024-22284,0,0,6bdde6ee668a94e34697b63e60243d3bba5e1198be225d5e35c53bee953243fe,2024-01-30T17:43:02.180000
@ -239824,11 +239856,11 @@ CVE-2024-23603,0,0,fa877b171423c355baa3228ce2c605e41edbf822a3508567d7754cb447355
CVE-2024-23605,0,0,6357ef47a85c4e22049db0926cbddeb8bbc82cdf2a1a81b5a28ca15d9cbb7aa0,2024-02-26T18:15:07.673000
CVE-2024-23606,0,0,598e3aff4ae1bfd2aada0c773944509bbb201f8071a41b1a5b9e3c7372eb5aae,2024-02-20T19:50:53.960000
CVE-2024-23607,0,0,8fbc2564c100ed17fa897212d565c049df0409466e1eb4358411ecb3ce547801,2024-02-14T18:04:45.380000
CVE-2024-23608,1,1,c98de50f4e8b973dad8f1d54c5df75c409c8b04702a613e588947dbe5d7e1073,2024-03-11T16:15:07.897000
CVE-2024-23609,1,1,19a21d0e98904f29c5d0adf7e8c9ed6e794486d28b167a48186898accac1dd49,2024-03-11T16:15:08.157000
CVE-2024-23610,1,1,27c772e96c2f354c984e3aa4b85ca26a8e6005fd4d4dd2fc8250a636b5c8e2a7,2024-03-11T16:15:08.370000
CVE-2024-23611,1,1,c03fa71964a3d81dc6f1eb12a354aa4c86e804a5415aadd4646c131e3c8dc6b0,2024-03-11T16:15:08.557000
CVE-2024-23612,1,1,0875aa7379f496dc1516588cb14ef4d3721dd4c67c8e3b96216bd2de56c83a6b,2024-03-11T16:15:08.743000
CVE-2024-23608,0,0,c98de50f4e8b973dad8f1d54c5df75c409c8b04702a613e588947dbe5d7e1073,2024-03-11T16:15:07.897000
CVE-2024-23609,0,0,19a21d0e98904f29c5d0adf7e8c9ed6e794486d28b167a48186898accac1dd49,2024-03-11T16:15:08.157000
CVE-2024-23610,0,0,27c772e96c2f354c984e3aa4b85ca26a8e6005fd4d4dd2fc8250a636b5c8e2a7,2024-03-11T16:15:08.370000
CVE-2024-23611,0,0,c03fa71964a3d81dc6f1eb12a354aa4c86e804a5415aadd4646c131e3c8dc6b0,2024-03-11T16:15:08.557000
CVE-2024-23612,0,0,0875aa7379f496dc1516588cb14ef4d3721dd4c67c8e3b96216bd2de56c83a6b,2024-03-11T16:15:08.743000
CVE-2024-23613,0,0,a6caa42c068605a90eb5a5d2a146a2e76fb38281e14d3e07f037d267becbaa2b,2024-01-31T19:22:48.627000
CVE-2024-23614,0,0,64dd22961f50564212ca1f64f5062c8108f1d059ef6d673b05a943850d4463e6,2024-01-31T19:54:08.847000
CVE-2024-23615,0,0,eafd7ffa6180e2fc03ed45df24f769fecb2bae7a56932300e20ffd987e061483,2024-01-31T23:46:44.913000
@ -239889,6 +239921,7 @@ CVE-2024-23687,0,0,888c703c13765b4aadeca06043a7e3dd693e14ab5fbf0ceb683a371be24cf
CVE-2024-23688,0,0,07f47d429f26f5d25558115321368745a1af1492969a475a8855a8882844f455,2024-01-26T15:53:31.397000
CVE-2024-23689,0,0,d7d4e018343e45ab929852f091e2e71006911f05a5c0cdd59769a6f5a80fdcee,2024-01-26T14:50:45.023000
CVE-2024-2370,0,0,16f988ff46fdfe91c440b55eb7c64364d5f6cdcb167f09fe7bf66f636001f14e,2024-03-11T13:15:52.920000
CVE-2024-23717,1,1,e5762642d1295dc4bc5805e342a4ae5e79cf5013fab3e5f9aa1b5c04ba6cf901,2024-03-11T17:15:46.253000
CVE-2024-23724,0,0,ce25237b1b8be392e772c83f957fdb1e42b10b520f1a3f65fb6dea0241ad88c3,2024-02-11T22:29:15.837000
CVE-2024-23725,0,0,e7109aa5ed154918326c3254d584acf7e8190c7c6acd985ea1145474ef362350,2024-01-29T15:25:48.110000
CVE-2024-23726,0,0,1e6b5838c3bbe1bdea4cff85e0dab09275e17fdbeddbc74981e476f308132713,2024-01-29T15:25:36.090000
@ -240772,10 +240805,10 @@ CVE-2024-26566,0,0,c84607e263dfbb2bafdffa5f1605a228a50fe6eb3d5c21b9f493cf56aab5c
CVE-2024-26578,0,0,631d617cd0985d9923eed32b0cb4b9e9025809830b6a3ca2ef1a468d4f2a7124,2024-02-22T19:07:27.197000
CVE-2024-26580,0,0,716bfe9e7477c84eaf394c6917d0ce79d82ccdb90bad82d0c89b019a7d1ce425,2024-03-06T15:18:08.093000
CVE-2024-26581,0,0,353f24559890ac7b3597bd26d99362ecbfd523a3ec7e2aa7e9d65e75d894e5ee,2024-02-23T09:15:22.563000
CVE-2024-26582,0,0,18fd509a25b5e6356b24694b05977bd6f760ea38d12d2c9416b437e5d922ed09,2024-02-28T03:15:08.227000
CVE-2024-26583,0,0,8662b149020eb69f091caf4bdb5860b2470fecdf04889635d6608d4fa583029a,2024-02-28T03:15:08.287000
CVE-2024-26584,0,0,90506f99edb83728b928eef0f3c59d0002586ac5264e5c00a56ce932bf9ce00a,2024-02-28T03:15:08.390000
CVE-2024-26585,0,0,362ab54f4e5a8b07a56a091446e0dc16ac3850e27b7a065c8e3d1bdaab09e468,2024-02-28T03:15:08.490000
CVE-2024-26582,0,1,6cdcf6843f79a1ddc4c2cd0c26ad431557beeca360692c49f2a0f6c51a1d288c,2024-03-11T18:15:18.377000
CVE-2024-26583,0,1,4a300c2895f7117869a919f3cccacc96bcc2b42fd06fde7e43015d0dc24ee87c,2024-03-11T18:15:18.453000
CVE-2024-26584,0,1,628c83749212390e734524e43d20fa678834b7ea9755141f8a3b9cd3762087b8,2024-03-11T18:15:18.503000
CVE-2024-26585,0,1,9130e18bfb73c5c548fc7b8110539811cc500726789e8b328cc5ff9f8ae3ddfa,2024-03-11T18:15:18.553000
CVE-2024-26586,0,0,6adf6fee4513357dce3d48353704f433902e35e2bc7d0ba0f94b639c08b43cd1,2024-02-23T09:15:22.820000
CVE-2024-26587,0,0,0efd83186b44039bd1d35d69a1b607d8dbb0ddf97a28b08dcc63546dbb9a7ecb,2024-02-22T19:07:27.197000
CVE-2024-26588,0,0,e28b875fe4ce5483682023926fd2826eb3774745f3f93324b0685c84e6aab78b,2024-02-22T19:07:27.197000
@ -240783,7 +240816,7 @@ CVE-2024-26589,0,0,42e136f93acd10e22f7c3d67af2cfcd20d4ebf71d94eb7cc40de5fe92a934
CVE-2024-26590,0,0,9ff04c19e794835aab57db3e10b9174cbd6bbe9812e82c1acaeca22167d4035b,2024-03-01T14:15:54.007000
CVE-2024-26591,0,0,7ccf9d5618db71e68002f32674d2b39b8435f1f951bb3df30f75265e867763c7,2024-02-22T19:07:27.197000
CVE-2024-26592,0,0,556177ef9bce57733c98f0cedf03d66e717ab99ebdf503a3e045e5e8a919cba1,2024-02-23T09:15:22.877000
CVE-2024-26593,0,0,c4daa26c0fb1c63a3e389280a6d67e3b81d4887e8f49f1cfa76de745f941550b,2024-02-28T03:15:08.580000
CVE-2024-26593,0,1,cd2e95ac01546387c9c0e4472acf1544d866afb8a59c1a7d17619ef886560aab,2024-03-11T18:15:18.673000
CVE-2024-26594,0,0,cacb0aacad0dc9173a9c73dcd1b17719173fea736c335f4c98e01736e2cbd170,2024-02-23T16:14:43.447000
CVE-2024-26595,0,0,e5fd6a73b40c075944adefaf44aa4e787e5af9603751759c8fd2c20f0e3dcf8f,2024-02-23T16:14:43.447000
CVE-2024-26596,0,0,19241de3146e2e3d1c3691a3a7dea15472ce5477fd7da99f834e717bab1c6191,2024-02-23T16:14:43.447000
@ -240794,12 +240827,25 @@ CVE-2024-26600,0,0,fba310115e389a0a65219e9845d83a24ae1669d9ba2d19ae1977bbc677c45
CVE-2024-26601,0,0,d1f2880c84770148fac928bc914c5e3e1e77054a6615fd508dea9c472726a343,2024-03-01T14:15:54.050000
CVE-2024-26602,0,0,a33ff66f1d9a6c91268a8f67cfbb053afa4f86cda976c89df434a467a7ea7f91,2024-02-26T16:32:25.577000
CVE-2024-26603,0,0,310135b19aa343ad8f122ae3de335e2951866d9efd4a5be6db0362ef749bcf7d,2024-03-01T14:15:54.097000
CVE-2024-26604,0,0,e0f623494eae782bb53370eaae311aa89b4c1c53db6391c680c0963cf251e3f5,2024-02-28T03:15:08.690000
CVE-2024-26604,0,1,9ac74be28974ad0b6cacf865aee48ec771430720d721be3ed86217b87f579060,2024-03-11T18:15:18.830000
CVE-2024-26605,0,0,e05b1bce50a73fc2e4dc7ff327f42f6259e6a48652bd3e37fa6d78c518e1732d,2024-02-26T16:32:25.577000
CVE-2024-26606,0,0,a5164dee4a81be7c9d5f5b6576e6422a586d53a880ce71fedd4cb83db45b6d72,2024-02-28T03:15:08.737000
CVE-2024-26606,0,1,20fa425762db9f3f8661f6a0d75963b997124489c62106fe03a6af0cc1a2a171,2024-03-11T18:15:18.890000
CVE-2024-26607,0,0,e7fd96eef289c77fd773a24454d38a76fd6b196cc2106426c9f3e8e507f21aa1,2024-02-29T13:49:29.390000
CVE-2024-26608,1,1,fd5b8d093036c104b0be036f540b30a2e8d42249a8300763c5bff887616b5aa2,2024-03-11T18:15:18.953000
CVE-2024-26609,1,1,5edb2d5589592a688951c418c6518b7a4581adff62f9111e7d8d6df666381da6,2024-03-11T18:15:19.010000
CVE-2024-26610,1,1,84dbeab32c720e4975ed7bc823c87836bb692015019b80ce0a13cd51071c5a16,2024-03-11T18:15:19.067000
CVE-2024-26611,1,1,55a4fad2c65012420d5e4f24fd81e9c9f1aff61728b14757b17f252a7e3dc379,2024-03-11T18:15:19.123000
CVE-2024-26612,1,1,59ef74c840f5e78573ba31fe5d7edaafb89b883b58653b8bbfd04d3a87d50cf4,2024-03-11T18:15:19.170000
CVE-2024-26613,1,1,fb23f604053865066a3c9d8982f50e4de8613caa38e417e2b338604def7e7d8a,2024-03-11T18:15:19.223000
CVE-2024-26614,1,1,daf122eb760ecf6185a607ccc39ddb83c052c90dddd9b7c14620e57ecdc9bdcb,2024-03-11T18:15:19.280000
CVE-2024-26615,1,1,e2714f167806f871c82c656fc4a4ad69cacc55b7d9ac60c0615860d6230d497b,2024-03-11T18:15:19.337000
CVE-2024-26616,1,1,c20f4a5df1579867318b9677239d5c2a37e9bb60d885a474f2417c0c9adcddb3,2024-03-11T18:15:19.400000
CVE-2024-26617,1,1,c7363c0492533ec6009828d2bb60712339bb0c62cc86b447d83e1408fc8071f4,2024-03-11T18:15:19.457000
CVE-2024-26618,1,1,0a87a6bf272e7c9d9cac3b2ca577337cddbed85104d999ac433e414e0aa2ebcf,2024-03-11T18:15:19.510000
CVE-2024-26619,1,1,c377d640c384437eb85cc6c65468d766cb060205965c207673e61805cdc71835,2024-03-11T18:15:19.563000
CVE-2024-26620,1,1,cbc945e86b2361436d14323c20dc1e4355a2351287d13a1249ef8f6a554fde37,2024-03-11T18:15:19.613000
CVE-2024-26621,0,0,eba0c21ed3ef4cfa6360555e22a44f48e6f6b17a1f446df92f554dd254f62ab7,2024-03-06T23:15:07.297000
CVE-2024-26622,0,0,e90bbde812824a204a0820618a1c03808a657d63052af5985f814037fa9fbaf5,2024-03-04T13:58:23.447000
CVE-2024-26622,0,1,0a20ab4397987085009b8061821a95b61d2693e95e945ba93e14b50217e13eb7,2024-03-11T18:15:19.673000
CVE-2024-26623,0,0,5692b1c30d07fd10d73a2d8d099143935e519ebf33db10f9328fbf12228012a8,2024-03-06T15:18:08.093000
CVE-2024-26624,0,0,82cf220baccdfd65eda3a6ccb02db7e03f66b3c3c4d80fe72e86ea4753067c0b,2024-03-06T15:18:08.093000
CVE-2024-26625,0,0,29adc757db465c6ac28ab5a88b8651fe2f2af6ed70ecfb37d6743e85b92b5481,2024-03-06T15:18:08.093000
@ -240822,8 +240868,8 @@ CVE-2024-27133,0,0,1abfe171f722b9df6ead5b24935068c395a52a06c146ec300701d2b7e8652
CVE-2024-27138,0,0,1ec0ded3b41c12b07651e921188be783731716c54fb55c30f65f5b3e8197e8cc,2024-03-01T22:22:25.913000
CVE-2024-27139,0,0,66ddd9efc34252e5e972ac0e5a31e042faa3995b86c5ae6f0f108c10e1d7b562,2024-03-01T22:22:25.913000
CVE-2024-27140,0,0,34daddef6e0d13f2bea16bc1184887cdd01053137a36a3bc5699d2875c449127,2024-03-01T22:22:25.913000
CVE-2024-27198,0,1,e4259fe3d4611134ab5dfb0d4f88f5b563c21b8238f30b4253811838ad004753,2024-03-11T15:15:47.483000
CVE-2024-27199,0,1,3dd3bfb58b796a8c7735f0a6f342852f32998fc13795786d35eb3d4375df0417,2024-03-11T15:15:47.663000
CVE-2024-27198,0,0,e4259fe3d4611134ab5dfb0d4f88f5b563c21b8238f30b4253811838ad004753,2024-03-11T15:15:47.483000
CVE-2024-27199,0,0,3dd3bfb58b796a8c7735f0a6f342852f32998fc13795786d35eb3d4375df0417,2024-03-11T15:15:47.663000
CVE-2024-27215,0,0,651ced2c4948681508a9ad090546fd018840608eea0c7482bdd7848315ac417f,2024-02-21T18:15:52.060000
CVE-2024-27255,0,0,07d4523d50b3b6ceec1ed85c31e8859376bfd63a9732f2f4d2cf6e5b4c34b76b,2024-03-04T13:58:23.447000
CVE-2024-27278,0,0,2ef9546b6eb3a76ad70be700186038d995dd630654759ed72b9b3d10968f6d39,2024-03-06T15:18:08.093000

Can't render this file because it is too large.