admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-01-11T15:00:22.016841+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-01-11 15:03:45 +00:00
parent 32c31ab42b
commit e5af30c7eb
59 changed files with 1846 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
CVE-2024/CVE-2024-411xx/CVE-2024-41149.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-41149",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:19.973",
"lastModified": "2025-01-11T13:15:19.973",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid to reuse `hctx` not removed from cpuhp callback list\n\nIf the 'hctx' isn't removed from cpuhp callback list, we can't reuse it,\notherwise use-after-free may be triggered."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/85672ca9ceeaa1dcf2777a7048af5f4aee3fd02b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b5792c162dcf6197bf3d2de2be6c8169435b73d0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ee18012c80155f6809522804099621070c69ec72",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-419xx/CVE-2024-41932.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-41932",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:20.930",
"lastModified": "2025-01-11T13:15:20.930",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched: fix warning in sched_setaffinity\n\nCommit 8f9ea86fdf99b added some logic to sched_setaffinity that included\na WARN when a per-task affinity assignment races with a cpuset update.\n\nSpecifically, we can have a race where a cpuset update results in the\ntask affinity no longer being a subset of the cpuset. That's fine; we\nhave a fallback to instead use the cpuset mask. However, we have a WARN\nset up that will trigger if the cpuset mask has no overlap at all with\nthe requested task affinity. This shouldn't be a warning condition; its\ntrivial to create this condition.\n\nReproduced the warning by the following setup:\n\n- $PID inside a cpuset cgroup\n- another thread repeatedly switching the cpuset cpus from 1-2 to just 1\n- another thread repeatedly setting the $PID affinity (via taskset) to 2"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/5c3fb75f538cfcb886f6dfeb497d99fc2f263ee6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/70ee7947a29029736a1a06c73a48ff37674a851b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-419xx/CVE-2024-41935.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-41935",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:21.083",
"lastModified": "2025-01-11T13:15:21.083",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to shrink read extent node in batches\n\nWe use rwlock to protect core structure data of extent tree during\nits shrink, however, if there is a huge number of extent nodes in\nextent tree, during shrink of extent tree, it may hold rwlock for\na very long time, which may trigger kernel hang issue.\n\nThis patch fixes to shrink read extent node in batches, so that,\ncritical region of the rwlock can be shrunk to avoid its extreme\nlong time hold."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/295b50e95e900da31ff237e46e04525fa799b2cf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3fc5d5a182f6a1f8bd4dc775feb54c369dd2c343",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/924f7dd1e832e4e4530d14711db223d2803f7b61",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-430xx/CVE-2024-43098.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-43098",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:21.240",
"lastModified": "2025-01-11T13:15:21.240",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock\n\nA deadlock may happen since the i3c_master_register() acquires\n&i3cbus->lock twice. See the log below.\nUse i3cdev->desc->info instead of calling i3c_device_info() to\navoid acquiring the lock twice.\n\nv2:\n - Modified the title and commit message\n\n============================================\nWARNING: possible recursive locking detected\n6.11.0-mainline\n--------------------------------------------\ninit/1 is trying to acquire lock:\nf1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_bus_normaluse_lock\n\nbut task is already holding lock:\nf1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_master_register\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(&i3cbus->lock);\n lock(&i3cbus->lock);\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n2 locks held by init/1:\n #0: fcffff809b6798f8 (&dev->mutex){....}-{3:3}, at: __driver_attach\n #1: f1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_master_register\n\nstack backtrace:\nCPU: 6 UID: 0 PID: 1 Comm: init\nCall trace:\n dump_backtrace+0xfc/0x17c\n show_stack+0x18/0x28\n dump_stack_lvl+0x40/0xc0\n dump_stack+0x18/0x24\n print_deadlock_bug+0x388/0x390\n __lock_acquire+0x18bc/0x32ec\n lock_acquire+0x134/0x2b0\n down_read+0x50/0x19c\n i3c_bus_normaluse_lock+0x14/0x24\n i3c_device_get_info+0x24/0x58\n i3c_device_uevent+0x34/0xa4\n dev_uevent+0x310/0x384\n kobject_uevent_env+0x244/0x414\n kobject_uevent+0x14/0x20\n device_add+0x278/0x460\n device_register+0x20/0x34\n i3c_master_register_new_i3c_devs+0x78/0x154\n i3c_master_register+0x6a0/0x6d4\n mtk_i3c_master_probe+0x3b8/0x4d8\n platform_probe+0xa0/0xe0\n really_probe+0x114/0x454\n __driver_probe_device+0xa0/0x15c\n driver_probe_device+0x3c/0x1ac\n __driver_attach+0xc4/0x1f0\n bus_for_each_dev+0x104/0x160\n driver_attach+0x24/0x34\n bus_add_driver+0x14c/0x294\n driver_register+0x68/0x104\n __platform_driver_register+0x20/0x30\n init_module+0x20/0xfe4\n do_one_initcall+0x184/0x464\n do_init_module+0x58/0x1ec\n load_module+0xefc/0x10c8\n __arm64_sys_finit_module+0x238/0x33c\n invoke_syscall+0x58/0x10c\n el0_svc_common+0xa8/0xdc\n do_el0_svc+0x1c/0x28\n el0_svc+0x50/0xac\n el0t_64_sync_handler+0x70/0xbc\n el0t_64_sync+0x1a8/0x1ac"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1f51ae217d09c361ede900b94735a6d2df6c0344",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2d98fa2a50b8058de52ada168fa5dbabb574711b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5ac1dd51aaa0ce8b5421d1137e857955a4b6f55e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6cf7b65f7029914dc0cd7db86fac9ee5159008c6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/816187b1833908941286e71b0041059a4acd52ed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9a2173660ee53d5699744f02e6ab7bf89fcd0b1a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ffe19e363c6f8b992ba835a361542568dea17409",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-458xx/CVE-2024-45828.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-45828",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:21.450",
"lastModified": "2025-01-11T13:15:21.450",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: mipi-i3c-hci: Mask ring interrupts before ring stop request\n\nBus cleanup path in DMA mode may trigger a RING_OP_STAT interrupt when\nthe ring is being stopped. Depending on timing between ring stop request\ncompletion, interrupt handler removal and code execution this may lead\nto a NULL pointer dereference in hci_dma_irq_handler() if it gets to run\nafter the io_data pointer is set to NULL in hci_dma_cleanup().\n\nPrevent this my masking the ring interrupts before ring stop request."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/19cc5767334bfe980f52421627d0826c0da86721",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6ca2738174e4ee44edb2ab2d86ce74f015a0cc32",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9d745a56aea45e47f4755bc12e6429d6314dbb54",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a6cddf68b3405b272b5a3cad9657be0b02b34bf4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a6dc4b4fda2e147e557050eaae51ff15edeb680b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-468xx/CVE-2024-46896.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-46896",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:21.643",
"lastModified": "2025-01-11T13:15:21.643",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: don't access invalid sched\n\nSince 2320c9e6a768 (\"drm/sched: memset() 'job' in drm_sched_job_init()\")\naccessing job->base.sched can produce unexpected results as the initialisation\nof (*job)->base.sched done in amdgpu_job_alloc is overwritten by the\nmemset.\n\nThis commit fixes an issue when a CS would fail validation and would\nbe rejected after job->num_ibs is incremented. In this case,\namdgpu_ib_free(ring->adev, ...) will be called, which would crash the\nmachine because the ring value is bogus.\n\nTo fix this, pass a NULL pointer to amdgpu_ib_free(): we can do this\nbecause the device is actually not used in this function.\n\nThe next commit will remove the ring argument completely.\n\n(cherry picked from commit 2ae520cb12831d264ceb97c61f72c59d33c0dbd7)"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/65501a4fd84ecdc0af863dbb37759242aab9f2dd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/67291d601f2b032062b1b2f60ffef1b63e10094c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a93b1020eb9386d7da11608477121b10079c076a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/da6b2c626ae73c303378ce9eaf6e3eaf16c9925a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-471xx/CVE-2024-47141.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-47141",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:21.830",
"lastModified": "2025-01-11T13:15:21.830",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npinmux: Use sequential access to access desc->pinmux data\n\nWhen two client of the same gpio call pinctrl_select_state() for the\nsame functionality, we are seeing NULL pointer issue while accessing\ndesc->mux_owner.\n\nLet's say two processes A, B executing in pin_request() for the same pin\nand process A updates the desc->mux_usecount but not yet updated the\ndesc->mux_owner while process B see the desc->mux_usecount which got\nupdated by A path and further executes strcmp and while accessing\ndesc->mux_owner it crashes with NULL pointer.\n\nSerialize the access to mux related setting with a mutex lock.\n\n\tcpu0 (process A)\t\t\tcpu1(process B)\n\npinctrl_select_state() {\t\t pinctrl_select_state() {\n pin_request() {\t\t\t\tpin_request() {\n ...\n\t\t\t\t\t\t ....\n } else {\n desc->mux_usecount++;\n \t\t\t\t\t\tdesc->mux_usecount && strcmp(desc->mux_owner, owner)) {\n\n if (desc->mux_usecount > 1)\n return 0;\n desc->mux_owner = owner;\n\n }\t\t\t\t\t\t}"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2da32aed4a97ca1d70fb8b77926f72f30ce5fb4b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5a3e85c3c397c781393ea5fb2f45b1f60f8a4e6e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c11e2ec9a780f54982a187ee10ffd1b810715c85",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2024/CVE-2024-471xx/CVE-2024-47143.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2024-47143",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:22.007",
"lastModified": "2025-01-11T13:15:22.007",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-debug: fix a possible deadlock on radix_lock\n\nradix_lock() shouldn't be held while holding dma_hash_entry[idx].lock\notherwise, there's a possible deadlock scenario when\ndma debug API is called holding rq_lock():\n\nCPU0 CPU1 CPU2\ndma_free_attrs()\ncheck_unmap() add_dma_entry() __schedule() //out\n (A) rq_lock()\nget_hash_bucket()\n(A) dma_entry_hash\n check_sync()\n (A) radix_lock() (W) dma_entry_hash\ndma_entry_free()\n(W) radix_lock()\n // CPU2's one\n (W) rq_lock()\n\nCPU1 situation can happen when it extending radix tree and\nit tries to wake up kswapd via wake_all_kswapd().\n\nCPU2 situation can happen while perf_event_task_sched_out()\n(i.e. dma sync operation is called while deleting perf_event using\n etm and etr tmc which are Arm Coresight hwtracing driver backends).\n\nTo remove this possible situation, call dma_entry_free() after\nput_hash_bucket() in check_unmap()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3ccce34a5c3f5c9541108a451657ade621524b32",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7543c3e3b9b88212fcd0aaf5cab5588797bdc7de",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8c1b4fea8d62285f5e1a8194889b39661608bd8a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c212d91070beca0d03fef7bf988baf4ff4b3eee4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/efe1b9bbf356357fdff0399af361133d6e3ba18e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f2b95248a16c5186d1c658fc0aeb2f3bd95e5259",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-474xx/CVE-2024-47408.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-47408",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:22.220",
"lastModified": "2025-01-11T13:15:22.220",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check smcd_v2_ext_offset when receiving proposal msg\n\nWhen receiving proposal msg in server, the field smcd_v2_ext_offset in\nproposal msg is from the remote client and can not be fully trusted.\nOnce the value of smcd_v2_ext_offset exceed the max value, there has\nthe chance to access wrong address, and crash may happen.\n\nThis patch checks the value of smcd_v2_ext_offset before using it."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/48d5a8a304a643613dab376a278f29d3e22f7c34",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/935caf324b445fe73d7708fae6f7176fb243f357",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9ab332deb671d8f7e66d82a2ff2b3f715bc3a4ad",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a36364d8d4fabb105001f992fb8ff2d3546203d6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e1cc8be2a785a8f1ce1f597f3e608602c5fccd46",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-477xx/CVE-2024-47794.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-47794",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:22.390",
"lastModified": "2025-01-11T13:15:22.390",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Prevent tailcall infinite loop caused by freplace\n\nThere is a potential infinite loop issue that can occur when using a\ncombination of tail calls and freplace.\n\nIn an upcoming selftest, the attach target for entry_freplace of\ntailcall_freplace.c is subprog_tc of tc_bpf2bpf.c, while the tail call in\nentry_freplace leads to entry_tc. This results in an infinite loop:\n\nentry_tc -> subprog_tc -> entry_freplace --tailcall-> entry_tc.\n\nThe problem arises because the tail_call_cnt in entry_freplace resets to\nzero each time entry_freplace is executed, causing the tail call mechanism\nto never terminate, eventually leading to a kernel panic.\n\nTo fix this issue, the solution is twofold:\n\n1. Prevent updating a program extended by an freplace program to a\n prog_array map.\n2. Prevent extending a program that is already part of a prog_array map\n with an freplace program.\n\nThis ensures that:\n\n* If a program or its subprogram has been extended by an freplace program,\n it can no longer be updated to a prog_array map.\n* If a program has been added to a prog_array map, neither it nor its\n subprograms can be extended by an freplace program.\n\nMoreover, an extension program should not be tailcalled. As such, return\n-EINVAL if the program has a type of BPF_PROG_TYPE_EXT when adding it to a\nprog_array map.\n\nAdditionally, fix a minor code style issue by replacing eight spaces with a\ntab for proper formatting."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/987aa730bad3e1ef66d9f30182294daa78f6387d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d6083f040d5d8f8d748462c77e90547097df936e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-478xx/CVE-2024-47809.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-47809",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:22.583",
"lastModified": "2025-01-11T13:15:22.583",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndlm: fix possible lkb_resource null dereference\n\nThis patch fixes a possible null pointer dereference when this function is\ncalled from request_lock() as lkb->lkb_resource is not assigned yet,\nonly after validate_lock_args() by calling attach_lkb(). Another issue\nis that a resource name could be a non printable bytearray and we cannot\nassume to be ASCII coded.\n\nThe log functionality is probably never being hit when DLM is used in\nnormal way and no debug logging is enabled. The null pointer dereference\ncan only occur on a new created lkb that does not have the resource\nassigned yet, it probably never hits the null pointer dereference but we\nshould be sure that other changes might not change this behaviour and we\nactually can hit the mentioned null pointer dereference.\n\nIn this patch we just drop the printout of the resource name, the lkb id\nis enough to make a possible connection to a resource name if this\nexists."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2db11504ef82a60c1a2063ba7431a5cd013ecfcb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6fbdc3980b70e9c1c86eccea7d5ee68108008fa7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b98333c67daf887c724cd692e88e2db9418c0861",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-488xx/CVE-2024-48873.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-48873",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:22.750",
"lastModified": "2025-01-11T13:15:22.750",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: check return value of ieee80211_probereq_get() for RNR\n\nThe return value of ieee80211_probereq_get() might be NULL, so check it\nbefore using to avoid NULL pointer access.\n\nAddresses-Coverity-ID: 1529805 (\"Dereference null return value\")"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1a0f54cb3fea5d087440b2bae03202c445156a8d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/630d5d8f2bf6b340202b6bc2c05d794bbd8e4c1c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7296e5611adb2c619bd7bd3817ddde7ba865ef17",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-488xx/CVE-2024-48875.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-48875",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:22.933",
"lastModified": "2025-01-11T13:15:22.933",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: don't take dev_replace rwsem on task already holding it\n\nRunning fstests btrfs/011 with MKFS_OPTIONS=\"-O rst\" to force the usage of\nthe RAID stripe-tree, we get the following splat from lockdep:\n\n BTRFS info (device sdd): dev_replace from /dev/sdd (devid 1) to /dev/sdb started\n\n ============================================\n WARNING: possible recursive locking detected\n 6.11.0-rc3-btrfs-for-next #599 Not tainted\n --------------------------------------------\n btrfs/2326 is trying to acquire lock:\n ffff88810f215c98 (&fs_info->dev_replace.rwsem){++++}-{3:3}, at: btrfs_map_block+0x39f/0x2250\n\n but task is already holding lock:\n ffff88810f215c98 (&fs_info->dev_replace.rwsem){++++}-{3:3}, at: btrfs_map_block+0x39f/0x2250\n\n other info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(&fs_info->dev_replace.rwsem);\n lock(&fs_info->dev_replace.rwsem);\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n 1 lock held by btrfs/2326:\n #0: ffff88810f215c98 (&fs_info->dev_replace.rwsem){++++}-{3:3}, at: btrfs_map_block+0x39f/0x2250\n\n stack backtrace:\n CPU: 1 UID: 0 PID: 2326 Comm: btrfs Not tainted 6.11.0-rc3-btrfs-for-next #599\n Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011\n Call Trace:\n <TASK>\n dump_stack_lvl+0x5b/0x80\n __lock_acquire+0x2798/0x69d0\n ? __pfx___lock_acquire+0x10/0x10\n ? __pfx___lock_acquire+0x10/0x10\n lock_acquire+0x19d/0x4a0\n ? btrfs_map_block+0x39f/0x2250\n ? __pfx_lock_acquire+0x10/0x10\n ? find_held_lock+0x2d/0x110\n ? lock_is_held_type+0x8f/0x100\n down_read+0x8e/0x440\n ? btrfs_map_block+0x39f/0x2250\n ? __pfx_down_read+0x10/0x10\n ? do_raw_read_unlock+0x44/0x70\n ? _raw_read_unlock+0x23/0x40\n btrfs_map_block+0x39f/0x2250\n ? btrfs_dev_replace_by_ioctl+0xd69/0x1d00\n ? btrfs_bio_counter_inc_blocked+0xd9/0x2e0\n ? __kasan_slab_alloc+0x6e/0x70\n ? __pfx_btrfs_map_block+0x10/0x10\n ? __pfx_btrfs_bio_counter_inc_blocked+0x10/0x10\n ? kmem_cache_alloc_noprof+0x1f2/0x300\n ? mempool_alloc_noprof+0xed/0x2b0\n btrfs_submit_chunk+0x28d/0x17e0\n ? __pfx_btrfs_submit_chunk+0x10/0x10\n ? bvec_alloc+0xd7/0x1b0\n ? bio_add_folio+0x171/0x270\n ? __pfx_bio_add_folio+0x10/0x10\n ? __kasan_check_read+0x20/0x20\n btrfs_submit_bio+0x37/0x80\n read_extent_buffer_pages+0x3df/0x6c0\n btrfs_read_extent_buffer+0x13e/0x5f0\n read_tree_block+0x81/0xe0\n read_block_for_search+0x4bd/0x7a0\n ? __pfx_read_block_for_search+0x10/0x10\n btrfs_search_slot+0x78d/0x2720\n ? __pfx_btrfs_search_slot+0x10/0x10\n ? lock_is_held_type+0x8f/0x100\n ? kasan_save_track+0x14/0x30\n ? __kasan_slab_alloc+0x6e/0x70\n ? kmem_cache_alloc_noprof+0x1f2/0x300\n btrfs_get_raid_extent_offset+0x181/0x820\n ? __pfx_lock_acquire+0x10/0x10\n ? __pfx_btrfs_get_raid_extent_offset+0x10/0x10\n ? down_read+0x194/0x440\n ? __pfx_down_read+0x10/0x10\n ? do_raw_read_unlock+0x44/0x70\n ? _raw_read_unlock+0x23/0x40\n btrfs_map_block+0x5b5/0x2250\n ? __pfx_btrfs_map_block+0x10/0x10\n scrub_submit_initial_read+0x8fe/0x11b0\n ? __pfx_scrub_submit_initial_read+0x10/0x10\n submit_initial_group_read+0x161/0x3a0\n ? lock_release+0x20e/0x710\n ? __pfx_submit_initial_group_read+0x10/0x10\n ? __pfx_lock_release+0x10/0x10\n scrub_simple_mirror.isra.0+0x3eb/0x580\n scrub_stripe+0xe4d/0x1440\n ? lock_release+0x20e/0x710\n ? __pfx_scrub_stripe+0x10/0x10\n ? __pfx_lock_release+0x10/0x10\n ? do_raw_read_unlock+0x44/0x70\n ? _raw_read_unlock+0x23/0x40\n scrub_chunk+0x257/0x4a0\n scrub_enumerate_chunks+0x64c/0xf70\n ? __mutex_unlock_slowpath+0x147/0x5f0\n ? __pfx_scrub_enumerate_chunks+0x10/0x10\n ? bit_wait_timeout+0xb0/0x170\n ? __up_read+0x189/0x700\n ? scrub_workers_get+0x231/0x300\n ? up_write+0x490/0x4f0\n btrfs_scrub_dev+0x52e/0xcd0\n ? create_pending_snapshots+0x230/0x250\n ? __pfx_btrfs_scrub_dev+0x10/0x10\n btrfs_dev_replace_by_ioctl+0xd69/0x1d00\n ? lock_acquire+0x19d/0x4a0\n ? __pfx_btrfs_dev_replace_by_ioctl+0x10/0x10\n ?\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/8cca35cb29f81eba3e96ec44dad8696c8a2f9138",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a2e99dcd7aafa9d474f7d9b0740b8f93c4e156c2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a5bc4e030f50fdbb1fbc69acc1e0c5f57c79d044",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-488xx/CVE-2024-48876.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-48876",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:23.263",
"lastModified": "2025-01-11T13:15:23.263",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nstackdepot: fix stack_depot_save_flags() in NMI context\n\nPer documentation, stack_depot_save_flags() was meant to be usable from\nNMI context if STACK_DEPOT_FLAG_CAN_ALLOC is unset. However, it still\nwould try to take the pool_lock in an attempt to save a stack trace in the\ncurrent pool (if space is available).\n\nThis could result in deadlock if an NMI is handled while pool_lock is\nalready held. To avoid deadlock, only try to take the lock in NMI context\nand give up if unsuccessful.\n\nThe documentation is fixed to clearly convey this."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/031e04bdc834cda3b054ef6b698503b2b97e8186",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9bfeeeff2c92b9dd261198b601b45bde4c529841",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-488xx/CVE-2024-48881.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-48881",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:23.437",
"lastModified": "2025-01-11T13:15:23.437",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbcache: revert replacing IS_ERR_OR_NULL with IS_ERR again\n\nCommit 028ddcac477b (\"bcache: Remove unnecessary NULL point check in\nnode allocations\") leads a NULL pointer deference in cache_set_flush().\n\n1721 if (!IS_ERR_OR_NULL(c->root))\n1722 list_add(&c->root->list, &c->btree_cache);\n\n>From the above code in cache_set_flush(), if previous registration code\nfails before allocating c->root, it is possible c->root is NULL as what\nit is initialized. __bch_btree_node_alloc() never returns NULL but\nc->root is possible to be NULL at above line 1721.\n\nThis patch replaces IS_ERR() by IS_ERR_OR_NULL() to fix this."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/336e30f32ae7c043fde0f6fa21586ff30bea9fe2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4379c5828492a4c2a651c8f826a01453bd2b80b0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5202391970ffbf81975251b3526b890ba027b715",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5e0e913624bcd24f3de414475018d3023f060ee1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b2e382ae12a63560fca35050498e19e760adf8c0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cc05aa2c0117e20fa25a3c0d915f98b8f2e78667",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fb5fee35bdd18316a84b5f30881a24e1415e1464",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-495xx/CVE-2024-49568.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-49568",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:23.637",
"lastModified": "2025-01-11T13:15:23.637",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the fields v2_ext_offset/\neid_cnt/ism_gid_cnt in proposal msg are from the remote client\nand can not be fully trusted. Especially the field v2_ext_offset,\nonce exceed the max value, there has the chance to access wrong\naddress, and crash may happen.\n\nThis patch checks the fields v2_ext_offset/eid_cnt/ism_gid_cnt\nbefore using them."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/295a92e3df32e72aff0f4bc25c310e349d07ffbf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/42f6beb2d5779429417b5f8115a4e3fa695d2a6c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7863c9f3d24ba49dbead7e03dfbe40deb5888fdf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-495xx/CVE-2024-49569.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-49569",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:23.840",
"lastModified": "2025-01-11T13:15:23.840",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-rdma: unquiesce admin_q before destroy it\n\nKernel will hang on destroy admin_q while we create ctrl failed, such\nas following calltrace:\n\nPID: 23644 TASK: ff2d52b40f439fc0 CPU: 2 COMMAND: \"nvme\"\n #0 [ff61d23de260fb78] __schedule at ffffffff8323bc15\n #1 [ff61d23de260fc08] schedule at ffffffff8323c014\n #2 [ff61d23de260fc28] blk_mq_freeze_queue_wait at ffffffff82a3dba1\n #3 [ff61d23de260fc78] blk_freeze_queue at ffffffff82a4113a\n #4 [ff61d23de260fc90] blk_cleanup_queue at ffffffff82a33006\n #5 [ff61d23de260fcb0] nvme_rdma_destroy_admin_queue at ffffffffc12686ce\n #6 [ff61d23de260fcc8] nvme_rdma_setup_ctrl at ffffffffc1268ced\n #7 [ff61d23de260fd28] nvme_rdma_create_ctrl at ffffffffc126919b\n #8 [ff61d23de260fd68] nvmf_dev_write at ffffffffc024f362\n #9 [ff61d23de260fe38] vfs_write at ffffffff827d5f25\n RIP: 00007fda7891d574 RSP: 00007ffe2ef06958 RFLAGS: 00000202\n RAX: ffffffffffffffda RBX: 000055e8122a4d90 RCX: 00007fda7891d574\n RDX: 000000000000012b RSI: 000055e8122a4d90 RDI: 0000000000000004\n RBP: 00007ffe2ef079c0 R8: 000000000000012b R9: 000055e8122a4d90\n R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000004\n R13: 000055e8122923c0 R14: 000000000000012b R15: 00007fda78a54500\n ORIG_RAX: 0000000000000001 CS: 0033 SS: 002b\n\nThis due to we have quiesced admi_q before cancel requests, but forgot\nto unquiesce before destroy it, as a result we fail to drain the\npending requests, and hang on blk_mq_freeze_queue_wait() forever. Here\ntry to reuse nvme_rdma_teardown_admin_queue() to fix this issue and\nsimplify the code."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/05b436f3cf65c957eff86c5ea5ddfa2604b32c63",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5858b687559809f05393af745cbadf06dee61295",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2024/CVE-2024-495xx/CVE-2024-49571.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2024-49571",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:24.027",
"lastModified": "2025-01-11T13:15:24.027",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the field iparea_offset\nand the field ipv6_prefixes_cnt in proposal msg are from the\nremote client and can not be fully trusted. Especially the\nfield iparea_offset, once exceed the max value, there has the\nchance to access wrong address, and crash may happen.\n\nThis patch checks iparea_offset and ipv6_prefixes_cnt before using them."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/47ce46349672a7e0c361bfe39ed0b22e824ef4fb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/62056d1592e63d85e82357ee2ae6a6a294f440b0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/846bada23bfcdeb83621b045ed85dc06c7833ff0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/91a7c27c1444ed4677b83fd5308d2cf03f5f0851",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a29e220d3c8edbf0e1beb0f028878a4a85966556",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f10635268a0a49ee902a3b63b5dbb76f4fed498e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-495xx/CVE-2024-49573.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-49573",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:24.223",
"lastModified": "2025-01-11T13:15:24.223",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Fix NEXT_BUDDY\n\nAdam reports that enabling NEXT_BUDDY insta triggers a WARN in\npick_next_entity().\n\nMoving clear_buddies() up before the delayed dequeue bits ensures\nno ->next buddy becomes delayed. Further ensure no new ->next buddy\never starts as delayed."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/493afbd187c4c9cc1642792c0d9ba400c3d6d90d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5dbe6816c49197677a5ecce749bd99929da147da",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-500xx/CVE-2024-50051.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-50051",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:24.427",
"lastModified": "2025-01-11T13:15:24.427",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: mpc52xx: Add cancel_work_sync before module remove\n\nIf we remove the module which will call mpc52xx_spi_remove\nit will free 'ms' through spi_unregister_controller.\nwhile the work ms->work will be used. The sequence of operations\nthat may lead to a UAF bug.\n\nFix it by ensuring that the work is canceled before proceeding with\nthe cleanup in mpc52xx_spi_remove."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/373d55a47dc662e5e30d12ad5d334312f757c1f1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/90b72189de2cddacb26250579da0510b29a8b82b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/984836621aad98802d92c4a3047114cf518074c8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cd5106c77d6d6828aa82449f01f4eb436d602a21",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d0cde3911cf24e1bcdd4caa1d1b9ef57589db5a1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e0c6ce8424095c2da32a063d3fc027494c689817",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f65d85bc1ffd8a2c194bb2cd65e35ed3648ddd59",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-517xx/CVE-2024-51729.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-51729",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:24.650",
"lastModified": "2025-01-11T13:15:24.650",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: use aligned address in copy_user_gigantic_page()\n\nIn current kernel, hugetlb_wp() calls copy_user_large_folio() with the\nfault address. Where the fault address may be not aligned with the huge\npage size. Then, copy_user_large_folio() may call\ncopy_user_gigantic_page() with the address, while\ncopy_user_gigantic_page() requires the address to be huge page size\naligned. So, this may cause memory corruption or information leak,\naddtional, use more obvious naming 'addr_hint' instead of 'addr' for\ncopy_user_gigantic_page()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/cb12d61361ce769672c7c7bd32107252598cdd8b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f5d09de9f1bf9674c6418ff10d0a40cfe29268e1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-523xx/CVE-2024-52319.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-52319",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:24.843",
"lastModified": "2025-01-11T13:15:24.843",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: use aligned address in clear_gigantic_page()\n\nIn current kernel, hugetlb_no_page() calls folio_zero_user() with the\nfault address. Where the fault address may be not aligned with the huge\npage size. Then, folio_zero_user() may call clear_gigantic_page() with\nthe address, while clear_gigantic_page() requires the address to be huge\npage size aligned. So, this may cause memory corruption or information\nleak, addtional, use more obvious naming 'addr_hint' instead of 'addr' for\nclear_gigantic_page()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/8aca2bc96c833ba695ede7a45ad7784c836a262e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b79b6fe0737f233f0be1465052b7f0e75f324735",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-523xx/CVE-2024-52332.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-52332",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:25.070",
"lastModified": "2025-01-11T13:15:25.070",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Fix potential invalid memory access in igb_init_module()\n\nThe pci_register_driver() can fail and when this happened, the dca_notifier\nneeds to be unregistered, otherwise the dca_notifier can be called when\nigb fails to install, resulting to invalid memory access."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0566f83d206c7a864abcd741fe39d6e0ae5eef29",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4458046617dfadc351162dbaea1945c57eebdf36",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4fe517643f529e805bb6b890a4331c100e8f2484",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8009cdcc493fa30d4572016daf2d6999da4d6c54",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/992fd34122de377b45cb75b64fc7f17fc1e6ed2f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e0155b1b1509d0ef4799bd1cd73309ca466df3f3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f309733a8c9da7d4266a8a3755020b738a570cae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

6
CVE-2024/CVE-2024-531xx/CVE-2024-53143.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-53143",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-07T07:15:03.780",
"lastModified": "2024-12-13T14:15:22.443",
"lastModified": "2025-01-11T13:15:25.250",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -63,6 +63,10 @@
{
"url": "https://git.kernel.org/stable/c/83af1cfa10d9aafdabd06b3655e07727f373b434",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://project-zero.issues.chromium.org/issues/379667898",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-536xx/CVE-2024-53680.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-53680",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:25.710",
"lastModified": "2025-01-11T13:15:25.710",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()\n\nUnder certain kernel configurations when building with Clang/LLVM, the\ncompiler does not generate a return or jump as the terminator\ninstruction for ip_vs_protocol_init(), triggering the following objtool\nwarning during build time:\n\n vmlinux.o: warning: objtool: ip_vs_protocol_init() falls through to next function __initstub__kmod_ip_vs_rr__935_123_ip_vs_rr_init6()\n\nAt runtime, this either causes an oops when trying to load the ipvs\nmodule or a boot-time panic if ipvs is built-in. This same issue has\nbeen reported by the Intel kernel test robot previously.\n\nDigging deeper into both LLVM and the kernel code reveals this to be a\nundefined behavior problem. ip_vs_protocol_init() uses a on-stack buffer\nof 64 chars to store the registered protocol names and leaves it\nuninitialized after definition. The function calls strnlen() when\nconcatenating protocol names into the buffer. With CONFIG_FORTIFY_SOURCE\nstrnlen() performs an extra step to check whether the last byte of the\ninput char buffer is a null character (commit 3009f891bb9f (\"fortify:\nAllow strlen() and strnlen() to pass compile-time known lengths\")).\nThis, together with possibly other configurations, cause the following\nIR to be generated:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #5 section \".init.text\" align 16 !kcfi_type !29 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 14: ; preds = %11\n %15 = getelementptr inbounds i8, ptr %1, i64 63\n %16 = load i8, ptr %15, align 1\n %17 = tail call i1 @llvm.is.constant.i8(i8 %16)\n %18 = icmp eq i8 %16, 0\n %19 = select i1 %17, i1 %18, i1 false\n br i1 %19, label %20, label %23\n\n 20: ; preds = %14\n %21 = call i64 @strlen(ptr noundef nonnull dereferenceable(1) %1) #23\n ...\n\n 23: ; preds = %14, %11, %20\n %24 = call i64 @strnlen(ptr noundef nonnull dereferenceable(1) %1, i64 noundef 64) #24\n ...\n }\n\nThe above code calculates the address of the last char in the buffer\n(value %15) and then loads from it (value %16). Because the buffer is\nnever initialized, the LLVM GVN pass marks value %16 as undefined:\n\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n br i1 undef, label %14, label %17\n\nThis gives later passes (SCCP, in particular) more DCE opportunities by\npropagating the undef value further, and eventually removes everything\nafter the load on the uninitialized stack location:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #0 section \".init.text\" align 16 !kcfi_type !11 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 12: ; preds = %11\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n unreachable\n }\n\nIn this way, the generated native code will just fall through to the\nnext function, as LLVM does not generate any code for the unreachable IR\ninstruction and leaves the function without a terminator.\n\nZero the on-stack buffer to avoid this possible UB."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0b2cbed82b7c6504a8a0fbd181f92dd56b432c12",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/124834133b32f9386bb2d8581d9ab92f65e951e4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/146b6f1112eb30a19776d6c323c994e9d67790db",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/31d1ddc1ce8e8d3f101a679243abb42a313ee88a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/48130002e64fd191b7d18efeb4d253fcc23e4688",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/664d0feab92495b6a27edc3d1119e232c0fe8b2b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d6e1776f51c95827142f1d7064118e255e2deec1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-536xx/CVE-2024-53682.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-53682",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:25.860",
"lastModified": "2025-01-11T13:15:25.860",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: axp20x: AXP717: set ramp_delay\n\nAXP717 datasheet says that regulator ramp delay is 15.625 us/step,\nwhich is 10mV in our case.\n\nAdd a AXP_DESC_RANGES_DELAY macro and update AXP_DESC_RANGES macro to\nexpand to AXP_DESC_RANGES_DELAY with ramp_delay = 0\n\nFor DCDC4, steps is 100mv\n\nAdd a AXP_DESC_DELAY macro and update AXP_DESC macro to\nexpand to AXP_DESC_DELAY with ramp_delay = 0\n\nThis patch fix crashes when using CPU DVFS."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/10eb845a87193ef922cd002e0ff4f4759c1e918d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f07ae52f5cf6a5584fdf7c8c652f027d90bc8b74",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-536xx/CVE-2024-53685.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-53685",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:25.997",
"lastModified": "2025-01-11T13:15:25.997",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: give up on paths longer than PATH_MAX\n\nIf the full path to be built by ceph_mdsc_build_path() happens to be\nlonger than PATH_MAX, then this function will enter an endless (retry)\nloop, effectively blocking the whole task. Most of the machine\nbecomes unusable, making this a very simple and effective DoS\nvulnerability.\n\nI cannot imagine why this retry was ever implemented, but it seems\nrather useless and harmful to me. Let's remove it and fail with\nENAMETOOLONG instead."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/550f7ca98ee028a606aa75705a7e77b1bd11720f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/99a37ab76a315c8307eb5b0dc095d8ad9d8efeaa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c47ed91156daf328601d02b58d52d9804da54108",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-536xx/CVE-2024-53687.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-53687",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:26.120",
"lastModified": "2025-01-11T13:15:26.120",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: Fix IPIs usage in kfence_protect_page()\n\nflush_tlb_kernel_range() may use IPIs to flush the TLBs of all the\ncores, which triggers the following warning when the irqs are disabled:\n\n[ 3.455330] WARNING: CPU: 1 PID: 0 at kernel/smp.c:815 smp_call_function_many_cond+0x452/0x520\n[ 3.456647] Modules linked in:\n[ 3.457218] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.12.0-rc7-00010-g91d3de7240b8 #1\n[ 3.457416] Hardware name: QEMU QEMU Virtual Machine, BIOS\n[ 3.457633] epc : smp_call_function_many_cond+0x452/0x520\n[ 3.457736] ra : on_each_cpu_cond_mask+0x1e/0x30\n[ 3.457786] epc : ffffffff800b669a ra : ffffffff800b67c2 sp : ff2000000000bb50\n[ 3.457824] gp : ffffffff815212b8 tp : ff6000008014f080 t0 : 000000000000003f\n[ 3.457859] t1 : ffffffff815221e0 t2 : 000000000000000f s0 : ff2000000000bc10\n[ 3.457920] s1 : 0000000000000040 a0 : ffffffff815221e0 a1 : 0000000000000001\n[ 3.457953] a2 : 0000000000010000 a3 : 0000000000000003 a4 : 0000000000000000\n[ 3.458006] a5 : 0000000000000000 a6 : ffffffffffffffff a7 : 0000000000000000\n[ 3.458042] s2 : ffffffff815223be s3 : 00fffffffffff000 s4 : ff600001ffe38fc0\n[ 3.458076] s5 : ff600001ff950d00 s6 : 0000000200000120 s7 : 0000000000000001\n[ 3.458109] s8 : 0000000000000001 s9 : ff60000080841ef0 s10: 0000000000000001\n[ 3.458141] s11: ffffffff81524812 t3 : 0000000000000001 t4 : ff60000080092bc0\n[ 3.458172] t5 : 0000000000000000 t6 : ff200000000236d0\n[ 3.458203] status: 0000000200000100 badaddr: ffffffff800b669a cause: 0000000000000003\n[ 3.458373] [<ffffffff800b669a>] smp_call_function_many_cond+0x452/0x520\n[ 3.458593] [<ffffffff800b67c2>] on_each_cpu_cond_mask+0x1e/0x30\n[ 3.458625] [<ffffffff8000e4ca>] __flush_tlb_range+0x118/0x1ca\n[ 3.458656] [<ffffffff8000e6b2>] flush_tlb_kernel_range+0x1e/0x26\n[ 3.458683] [<ffffffff801ea56a>] kfence_protect+0xc0/0xce\n[ 3.458717] [<ffffffff801e9456>] kfence_guarded_free+0xc6/0x1c0\n[ 3.458742] [<ffffffff801e9d6c>] __kfence_free+0x62/0xc6\n[ 3.458764] [<ffffffff801c57d8>] kfree+0x106/0x32c\n[ 3.458786] [<ffffffff80588cf2>] detach_buf_split+0x188/0x1a8\n[ 3.458816] [<ffffffff8058708c>] virtqueue_get_buf_ctx+0xb6/0x1f6\n[ 3.458839] [<ffffffff805871da>] virtqueue_get_buf+0xe/0x16\n[ 3.458880] [<ffffffff80613d6a>] virtblk_done+0x5c/0xe2\n[ 3.458908] [<ffffffff8058766e>] vring_interrupt+0x6a/0x74\n[ 3.458930] [<ffffffff800747d8>] __handle_irq_event_percpu+0x7c/0xe2\n[ 3.458956] [<ffffffff800748f0>] handle_irq_event+0x3c/0x86\n[ 3.458978] [<ffffffff800786cc>] handle_simple_irq+0x9e/0xbe\n[ 3.459004] [<ffffffff80073934>] generic_handle_domain_irq+0x1c/0x2a\n[ 3.459027] [<ffffffff804bf87c>] imsic_handle_irq+0xba/0x120\n[ 3.459056] [<ffffffff80073934>] generic_handle_domain_irq+0x1c/0x2a\n[ 3.459080] [<ffffffff804bdb76>] riscv_intc_aia_irq+0x24/0x34\n[ 3.459103] [<ffffffff809d0452>] handle_riscv_irq+0x2e/0x4c\n[ 3.459133] [<ffffffff809d923e>] call_on_irq_stack+0x32/0x40\n\nSo only flush the local TLB and let the lazy kfence page fault handling\ndeal with the faults which could happen when a core has an old protected\npte version cached in its TLB. That leads to potential inaccuracies which\ncan be tolerated when using kfence."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3abfc4130c4222099c69d023fed97f1180a8ad7b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6f796a6a396d6f963f2cc8f5edd7dfba2cca097f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b3431a8bb336cece8adc452437befa7d4534b2fd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-536xx/CVE-2024-53689.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-53689",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:26.313",
"lastModified": "2025-01-11T13:15:26.313",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix potential deadlock while freezing queue and acquiring sysfs_lock\n\nFor storing a value to a queue attribute, the queue_attr_store function\nfirst freezes the queue (->q_usage_counter(io)) and then acquire\n->sysfs_lock. This seems not correct as the usual ordering should be to\nacquire ->sysfs_lock before freezing the queue. This incorrect ordering\ncauses the following lockdep splat which we are able to reproduce always\nsimply by accessing /sys/kernel/debug file using ls command:\n\n[ 57.597146] WARNING: possible circular locking dependency detected\n[ 57.597154] 6.12.0-10553-gb86545e02e8c #20 Tainted: G W\n[ 57.597162] ------------------------------------------------------\n[ 57.597168] ls/4605 is trying to acquire lock:\n[ 57.597176] c00000003eb56710 (&mm->mmap_lock){++++}-{4:4}, at: __might_fault+0x58/0xc0\n[ 57.597200]\n but task is already holding lock:\n[ 57.597207] c0000018e27c6810 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: iterate_dir+0x94/0x1d4\n[ 57.597226]\n which lock already depends on the new lock.\n\n[ 57.597233]\n the existing dependency chain (in reverse order) is:\n[ 57.597241]\n -> #5 (&sb->s_type->i_mutex_key#3){++++}-{4:4}:\n[ 57.597255] down_write+0x6c/0x18c\n[ 57.597264] start_creating+0xb4/0x24c\n[ 57.597274] debugfs_create_dir+0x2c/0x1e8\n[ 57.597283] blk_register_queue+0xec/0x294\n[ 57.597292] add_disk_fwnode+0x2e4/0x548\n[ 57.597302] brd_alloc+0x2c8/0x338\n[ 57.597309] brd_init+0x100/0x178\n[ 57.597317] do_one_initcall+0x88/0x3e4\n[ 57.597326] kernel_init_freeable+0x3cc/0x6e0\n[ 57.597334] kernel_init+0x34/0x1cc\n[ 57.597342] ret_from_kernel_user_thread+0x14/0x1c\n[ 57.597350]\n -> #4 (&q->debugfs_mutex){+.+.}-{4:4}:\n[ 57.597362] __mutex_lock+0xfc/0x12a0\n[ 57.597370] blk_register_queue+0xd4/0x294\n[ 57.597379] add_disk_fwnode+0x2e4/0x548\n[ 57.597388] brd_alloc+0x2c8/0x338\n[ 57.597395] brd_init+0x100/0x178\n[ 57.597402] do_one_initcall+0x88/0x3e4\n[ 57.597410] kernel_init_freeable+0x3cc/0x6e0\n[ 57.597418] kernel_init+0x34/0x1cc\n[ 57.597426] ret_from_kernel_user_thread+0x14/0x1c\n[ 57.597434]\n -> #3 (&q->sysfs_lock){+.+.}-{4:4}:\n[ 57.597446] __mutex_lock+0xfc/0x12a0\n[ 57.597454] queue_attr_store+0x9c/0x110\n[ 57.597462] sysfs_kf_write+0x70/0xb0\n[ 57.597471] kernfs_fop_write_iter+0x1b0/0x2ac\n[ 57.597480] vfs_write+0x3dc/0x6e8\n[ 57.597488] ksys_write+0x84/0x140\n[ 57.597495] system_call_exception+0x130/0x360\n[ 57.597504] system_call_common+0x160/0x2c4\n[ 57.597516]\n -> #2 (&q->q_usage_counter(io)#21){++++}-{0:0}:\n[ 57.597530] __submit_bio+0x5ec/0x828\n[ 57.597538] submit_bio_noacct_nocheck+0x1e4/0x4f0\n[ 57.597547] iomap_readahead+0x2a0/0x448\n[ 57.597556] xfs_vm_readahead+0x28/0x3c\n[ 57.597564] read_pages+0x88/0x41c\n[ 57.597571] page_cache_ra_unbounded+0x1ac/0x2d8\n[ 57.597580] filemap_get_pages+0x188/0x984\n[ 57.597588] filemap_read+0x13c/0x4bc\n[ 57.597596] xfs_file_buffered_read+0x88/0x17c\n[ 57.597605] xfs_file_read_iter+0xac/0x158\n[ 57.597614] vfs_read+0x2d4/0x3b4\n[ 57.597622] ksys_read+0x84/0x144\n[ 57.597629] system_call_exception+0x130/0x360\n[ 57.597637] system_call_common+0x160/0x2c4\n[ 57.597647]\n -> #1 (mapping.invalidate_lock#2){++++}-{4:4}:\n[ 57.597661] down_read+0x6c/0x220\n[ 57.597669] filemap_fault+0x870/0x100c\n[ 57.597677] xfs_filemap_fault+0xc4/0x18c\n[ 57.597684] __do_fault+0x64/0x164\n[ 57.597693] __handle_mm_fault+0x1274/0x1dac\n[ 57.597702] handle_mm_fault+0x248/0x48\n---truncated---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/be26ba96421ab0a8fa2055ccf7db7832a13c44d2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f1a494df8350da2e673618627cb392a8669825dd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-536xx/CVE-2024-53690.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-53690",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:26.470",
"lastModified": "2025-01-11T13:15:26.470",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: prevent use of deleted inode\n\nsyzbot reported a WARNING in nilfs_rmdir. [1]\n\nBecause the inode bitmap is corrupted, an inode with an inode number that\nshould exist as a \".nilfs\" file was reassigned by nilfs_mkdir for \"file0\",\ncausing an inode duplication during execution. And this causes an\nunderflow of i_nlink in rmdir operations.\n\nThe inode is used twice by the same task to unmount and remove directories\n\".nilfs\" and \"file0\", it trigger warning in nilfs_rmdir.\n\nAvoid to this issue, check i_nlink in nilfs_iget(), if it is 0, it means\nthat this inode has been deleted, and iput is executed to reclaim it.\n\n[1]\nWARNING: CPU: 1 PID: 5824 at fs/inode.c:407 drop_nlink+0xc4/0x110 fs/inode.c:407\n...\nCall Trace:\n <TASK>\n nilfs_rmdir+0x1b0/0x250 fs/nilfs2/namei.c:342\n vfs_rmdir+0x3a3/0x510 fs/namei.c:4394\n do_rmdir+0x3b5/0x580 fs/namei.c:4453\n __do_sys_rmdir fs/namei.c:4472 [inline]\n __se_sys_rmdir fs/namei.c:4470 [inline]\n __x64_sys_rmdir+0x47/0x50 fs/namei.c:4470\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/284760b320a0bac411b18108316939707dccb12b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/55e4baa0d32f0530ddc64c26620e1f2f8fa2724c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5d4ed71327b0b5f3b179a19dc3c06be9509ab3db",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/901ce9705fbb9f330ff1f19600e5daf9770b0175",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/912188316a8c9e41b8c1603c2276a05043b14f96",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ef942d233643777f7b2a5deef620e82942983143",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ff561987ff12b6a3233431ff659b5d332e22f153",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-541xx/CVE-2024-54191.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-54191",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:26.667",
"lastModified": "2025-01-11T13:15:26.667",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: iso: Fix circular lock in iso_conn_big_sync\n\nThis fixes the circular locking dependency warning below, by reworking\niso_sock_recvmsg, to ensure that the socket lock is always released\nbefore calling a function that locks hdev.\n\n[ 561.670344] ======================================================\n[ 561.670346] WARNING: possible circular locking dependency detected\n[ 561.670349] 6.12.0-rc6+ #26 Not tainted\n[ 561.670351] ------------------------------------------------------\n[ 561.670353] iso-tester/3289 is trying to acquire lock:\n[ 561.670355] ffff88811f600078 (&hdev->lock){+.+.}-{3:3},\n at: iso_conn_big_sync+0x73/0x260 [bluetooth]\n[ 561.670405]\n but task is already holding lock:\n[ 561.670407] ffff88815af58258 (sk_lock-AF_BLUETOOTH){+.+.}-{0:0},\n at: iso_sock_recvmsg+0xbf/0x500 [bluetooth]\n[ 561.670450]\n which lock already depends on the new lock.\n\n[ 561.670452]\n the existing dependency chain (in reverse order) is:\n[ 561.670453]\n -> #2 (sk_lock-AF_BLUETOOTH){+.+.}-{0:0}:\n[ 561.670458] lock_acquire+0x7c/0xc0\n[ 561.670463] lock_sock_nested+0x3b/0xf0\n[ 561.670467] bt_accept_dequeue+0x1a5/0x4d0 [bluetooth]\n[ 561.670510] iso_sock_accept+0x271/0x830 [bluetooth]\n[ 561.670547] do_accept+0x3dd/0x610\n[ 561.670550] __sys_accept4+0xd8/0x170\n[ 561.670553] __x64_sys_accept+0x74/0xc0\n[ 561.670556] x64_sys_call+0x17d6/0x25f0\n[ 561.670559] do_syscall_64+0x87/0x150\n[ 561.670563] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 561.670567]\n -> #1 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO){+.+.}-{0:0}:\n[ 561.670571] lock_acquire+0x7c/0xc0\n[ 561.670574] lock_sock_nested+0x3b/0xf0\n[ 561.670577] iso_sock_listen+0x2de/0xf30 [bluetooth]\n[ 561.670617] __sys_listen_socket+0xef/0x130\n[ 561.670620] __x64_sys_listen+0xe1/0x190\n[ 561.670623] x64_sys_call+0x2517/0x25f0\n[ 561.670626] do_syscall_64+0x87/0x150\n[ 561.670629] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 561.670632]\n -> #0 (&hdev->lock){+.+.}-{3:3}:\n[ 561.670636] __lock_acquire+0x32ad/0x6ab0\n[ 561.670639] lock_acquire.part.0+0x118/0x360\n[ 561.670642] lock_acquire+0x7c/0xc0\n[ 561.670644] __mutex_lock+0x18d/0x12f0\n[ 561.670647] mutex_lock_nested+0x1b/0x30\n[ 561.670651] iso_conn_big_sync+0x73/0x260 [bluetooth]\n[ 561.670687] iso_sock_recvmsg+0x3e9/0x500 [bluetooth]\n[ 561.670722] sock_recvmsg+0x1d5/0x240\n[ 561.670725] sock_read_iter+0x27d/0x470\n[ 561.670727] vfs_read+0x9a0/0xd30\n[ 561.670731] ksys_read+0x1a8/0x250\n[ 561.670733] __x64_sys_read+0x72/0xc0\n[ 561.670736] x64_sys_call+0x1b12/0x25f0\n[ 561.670738] do_syscall_64+0x87/0x150\n[ 561.670741] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 561.670744]\n other info that might help us debug this:\n\n[ 561.670745] Chain exists of:\n&hdev->lock --> sk_lock-AF_BLUETOOTH-BTPROTO_ISO --> sk_lock-AF_BLUETOOTH\n\n[ 561.670751] Possible unsafe locking scenario:\n\n[ 561.670753] CPU0 CPU1\n[ 561.670754] ---- ----\n[ 561.670756] lock(sk_lock-AF_BLUETOOTH);\n[ 561.670758] lock(sk_lock\n AF_BLUETOOTH-BTPROTO_ISO);\n[ 561.670761] lock(sk_lock-AF_BLUETOOTH);\n[ 561.670764] lock(&hdev->lock);\n[ 561.670767]\n *** DEADLOCK ***"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/7a17308c17880d259105f6e591eb1bc77b9612f0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cbe640d6cae590b9a7d81ce86fe9a90e83eec1d5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-541xx/CVE-2024-54193.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-54193",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:26.840",
"lastModified": "2025-01-11T13:15:26.840",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix WARN in ivpu_ipc_send_receive_internal()\n\nMove pm_runtime_set_active() to ivpu_pm_init() so when\nivpu_ipc_send_receive_internal() is executed before ivpu_pm_enable()\nit already has correct runtime state, even if last resume was\nnot successful."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0f6482caa6acdfdfc744db7430771fe7e6c4e787",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/578874b2bb947e047708f4df286e4ff1ba6be3ad",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-544xx/CVE-2024-54455.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-54455",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:26.970",
"lastModified": "2025-01-11T13:15:26.970",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix general protection fault in ivpu_bo_list()\n\nCheck if ctx is not NULL before accessing its fields."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/4b2efb9db0c22a130bbd1275e489b42c02d08050",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a1e597ee5920a6aabdf4dfc3bf76e55e1b115e23",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-544xx/CVE-2024-54460.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-54460",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:27.157",
"lastModified": "2025-01-11T13:15:27.157",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: iso: Fix circular lock in iso_listen_bis\n\nThis fixes the circular locking dependency warning below, by\nreleasing the socket lock before enterning iso_listen_bis, to\navoid any potential deadlock with hdev lock.\n\n[ 75.307983] ======================================================\n[ 75.307984] WARNING: possible circular locking dependency detected\n[ 75.307985] 6.12.0-rc6+ #22 Not tainted\n[ 75.307987] ------------------------------------------------------\n[ 75.307987] kworker/u81:2/2623 is trying to acquire lock:\n[ 75.307988] ffff8fde1769da58 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO)\n at: iso_connect_cfm+0x253/0x840 [bluetooth]\n[ 75.308021]\n but task is already holding lock:\n[ 75.308022] ffff8fdd61a10078 (&hdev->lock)\n at: hci_le_per_adv_report_evt+0x47/0x2f0 [bluetooth]\n[ 75.308053]\n which lock already depends on the new lock.\n\n[ 75.308054]\n the existing dependency chain (in reverse order) is:\n[ 75.308055]\n -> #1 (&hdev->lock){+.+.}-{3:3}:\n[ 75.308057] __mutex_lock+0xad/0xc50\n[ 75.308061] mutex_lock_nested+0x1b/0x30\n[ 75.308063] iso_sock_listen+0x143/0x5c0 [bluetooth]\n[ 75.308085] __sys_listen_socket+0x49/0x60\n[ 75.308088] __x64_sys_listen+0x4c/0x90\n[ 75.308090] x64_sys_call+0x2517/0x25f0\n[ 75.308092] do_syscall_64+0x87/0x150\n[ 75.308095] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 75.308098]\n -> #0 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO){+.+.}-{0:0}:\n[ 75.308100] __lock_acquire+0x155e/0x25f0\n[ 75.308103] lock_acquire+0xc9/0x300\n[ 75.308105] lock_sock_nested+0x32/0x90\n[ 75.308107] iso_connect_cfm+0x253/0x840 [bluetooth]\n[ 75.308128] hci_connect_cfm+0x6c/0x190 [bluetooth]\n[ 75.308155] hci_le_per_adv_report_evt+0x27b/0x2f0 [bluetooth]\n[ 75.308180] hci_le_meta_evt+0xe7/0x200 [bluetooth]\n[ 75.308206] hci_event_packet+0x21f/0x5c0 [bluetooth]\n[ 75.308230] hci_rx_work+0x3ae/0xb10 [bluetooth]\n[ 75.308254] process_one_work+0x212/0x740\n[ 75.308256] worker_thread+0x1bd/0x3a0\n[ 75.308258] kthread+0xe4/0x120\n[ 75.308259] ret_from_fork+0x44/0x70\n[ 75.308261] ret_from_fork_asm+0x1a/0x30\n[ 75.308263]\n other info that might help us debug this:\n\n[ 75.308264] Possible unsafe locking scenario:\n\n[ 75.308264] CPU0 CPU1\n[ 75.308265] ---- ----\n[ 75.308265] lock(&hdev->lock);\n[ 75.308267] lock(sk_lock-\n AF_BLUETOOTH-BTPROTO_ISO);\n[ 75.308268] lock(&hdev->lock);\n[ 75.308269] lock(sk_lock-AF_BLUETOOTH-BTPROTO_ISO);\n[ 75.308270]\n *** DEADLOCK ***\n\n[ 75.308271] 4 locks held by kworker/u81:2/2623:\n[ 75.308272] #0: ffff8fdd66e52148 ((wq_completion)hci0#2){+.+.}-{0:0},\n at: process_one_work+0x443/0x740\n[ 75.308276] #1: ffffafb488b7fe48 ((work_completion)(&hdev->rx_work)),\n at: process_one_work+0x1ce/0x740\n[ 75.308280] #2: ffff8fdd61a10078 (&hdev->lock){+.+.}-{3:3}\n at: hci_le_per_adv_report_evt+0x47/0x2f0 [bluetooth]\n[ 75.308304] #3: ffffffffb6ba4900 (rcu_read_lock){....}-{1:2},\n at: hci_connect_cfm+0x29/0x190 [bluetooth]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/168e28305b871d8ec604a8f51f35467b8d7ba05b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c541d7b5e17987ed330798b07d4ad508859c1c93",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-546xx/CVE-2024-54680.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-54680",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:27.340",
"lastModified": "2025-01-11T13:15:27.340",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix TCP timers deadlock after rmmod\n\nCommit ef7134c7fc48 (\"smb: client: Fix use-after-free of network namespace.\")\nfixed a netns UAF by manually enabled socket refcounting\n(sk->sk_net_refcnt=1 and sock_inuse_add(net, 1)).\n\nThe reason the patch worked for that bug was because we now hold\nreferences to the netns (get_net_track() gets a ref internally)\nand they're properly released (internally, on __sk_destruct()),\nbut only because sk->sk_net_refcnt was set.\n\nProblem:\n(this happens regardless of CONFIG_NET_NS_REFCNT_TRACKER and regardless\nif init_net or other)\n\nSetting sk->sk_net_refcnt=1 *manually* and *after* socket creation is not\nonly out of cifs scope, but also technically wrong -- it's set conditionally\nbased on user (=1) vs kernel (=0) sockets. And net/ implementations\nseem to base their user vs kernel space operations on it.\n\ne.g. upon TCP socket close, the TCP timers are not cleared because\nsk->sk_net_refcnt=1:\n(cf. commit 151c9c724d05 (\"tcp: properly terminate timers for kernel sockets\"))\n\nnet/ipv4/tcp.c:\n void tcp_close(struct sock *sk, long timeout)\n {\n \tlock_sock(sk);\n \t__tcp_close(sk, timeout);\n \trelease_sock(sk);\n \tif (!sk->sk_net_refcnt)\n \t\tinet_csk_clear_xmit_timers_sync(sk);\n \tsock_put(sk);\n }\n\nWhich will throw a lockdep warning and then, as expected, deadlock on\ntcp_write_timer().\n\nA way to reproduce this is by running the reproducer from ef7134c7fc48\nand then 'rmmod cifs'. A few seconds later, the deadlock/lockdep\nwarning shows up.\n\nFix:\nWe shouldn't mess with socket internals ourselves, so do not set\nsk_net_refcnt manually.\n\nAlso change __sock_create() to sock_create_kern() for explicitness.\n\nAs for non-init_net network namespaces, we deal with it the best way\nwe can -- hold an extra netns reference for server->ssocket and drop it\nwhen it's released. This ensures that the netns still exists whenever\nwe need to create/destroy server->ssocket, but is not directly tied to\nit."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/127e907e11ccd54b59bb78fc22c43ccb76c71079",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/906807c734ed219dcb2e7bbfde5c4168ed72a3d0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e9f2517a3e18a54a3943c098d2226b245d488801",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-546xx/CVE-2024-54683.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-54683",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:27.490",
"lastModified": "2025-01-11T13:15:27.490",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: IDLETIMER: Fix for possible ABBA deadlock\n\nDeletion of the last rule referencing a given idletimer may happen at\nthe same time as a read of its file in sysfs:\n\n| ======================================================\n| WARNING: possible circular locking dependency detected\n| 6.12.0-rc7-01692-g5e9a28f41134-dirty #594 Not tainted\n| ------------------------------------------------------\n| iptables/3303 is trying to acquire lock:\n| ffff8881057e04b8 (kn->active#48){++++}-{0:0}, at: __kernfs_remove+0x20\n|\n| but task is already holding lock:\n| ffffffffa0249068 (list_mutex){+.+.}-{3:3}, at: idletimer_tg_destroy_v]\n|\n| which lock already depends on the new lock.\n\nA simple reproducer is:\n\n| #!/bin/bash\n|\n| while true; do\n| iptables -A INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| iptables -D INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| done &\n| while true; do\n| cat /sys/class/xt_idletimer/timers/testme >/dev/null\n| done\n\nAvoid this by freeing list_mutex right after deleting the element from\nthe list, then continuing with the teardown."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/45fe76573a2557f632e248cc141342233f422b9a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8c2c8445cda8f59c38dec7dc10509bcb23ae26a0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f36b01994d68ffc253c8296e2228dfe6e6431c03",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-556xx/CVE-2024-55639.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-55639",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:27.663",
"lastModified": "2025-01-11T13:15:27.663",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: renesas: rswitch: avoid use-after-put for a device tree node\n\nThe device tree node saved in the rswitch_device structure is used at\nseveral driver locations. So passing this node to of_node_put() after\nthe first use is wrong.\n\nMove of_node_put() for this node to exit paths."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/66b7e9f85b8459c823b11e9af69dbf4be5eb6be8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/92007a28f95413058a7268dc84e5f44b700165d1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bf8c6755f02029d1eddc3ff19b870240f054afc7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-556xx/CVE-2024-55641.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-55641",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:27.847",
"lastModified": "2025-01-11T13:15:27.847",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: unlock inodes when erroring out of xfs_trans_alloc_dir\n\nDebugging a filesystem patch with generic/475 caused the system to hang\nafter observing the following sequences in dmesg:\n\n XFS (dm-0): metadata I/O error in \"xfs_imap_to_bp+0x61/0xe0 [xfs]\" at daddr 0x491520 len 32 error 5\n XFS (dm-0): metadata I/O error in \"xfs_btree_read_buf_block+0xba/0x160 [xfs]\" at daddr 0x3445608 len 8 error 5\n XFS (dm-0): metadata I/O error in \"xfs_imap_to_bp+0x61/0xe0 [xfs]\" at daddr 0x138e1c0 len 32 error 5\n XFS (dm-0): log I/O error -5\n XFS (dm-0): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x1ea/0x4b0 [xfs] (fs/xfs/xfs_trans_buf.c:311). Shutting down filesystem.\n XFS (dm-0): Please unmount the filesystem and rectify the problem(s)\n XFS (dm-0): Internal error dqp->q_ino.reserved < dqp->q_ino.count at line 869 of file fs/xfs/xfs_trans_dquot.c. Caller xfs_trans_dqresv+0x236/0x440 [xfs]\n XFS (dm-0): Corruption detected. Unmount and run xfs_repair\n XFS (dm-0): Unmounting Filesystem be6bcbcc-9921-4deb-8d16-7cc94e335fa7\n\nThe system is stuck in unmount trying to lock a couple of inodes so that\nthey can be purged. The dquot corruption notice above is a clue to what\nhappened -- a link() call tried to set up a transaction to link a child\ninto a directory. Quota reservation for the transaction failed after IO\nerrors shut down the filesystem, but then we forgot to unlock the inodes\non our way out. Fix that."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/53b001a21c9dff73b64e8c909c41991f01d5d00f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6aefe5d97ae57b1343dc60d8bb6a4ed070e5bcea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-556xx/CVE-2024-55642.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-55642",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:27.990",
"lastModified": "2025-01-11T13:15:27.990",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Prevent potential deadlocks in zone write plug error recovery\n\nZone write plugging for handling writes to zones of a zoned block\ndevice always execute a zone report whenever a write BIO to a zone\nfails. The intent of this is to ensure that the tracking of a zone write\npointer is always correct to ensure that the alignment to a zone write\npointer of write BIOs can be checked on submission and that we can\nalways correctly emulate zone append operations using regular write\nBIOs.\n\nHowever, this error recovery scheme introduces a potential deadlock if a\ndevice queue freeze is initiated while BIOs are still plugged in a zone\nwrite plug and one of these write operation fails. In such case, the\ndisk zone write plug error recovery work is scheduled and executes a\nreport zone. This in turn can result in a request allocation in the\nunderlying driver to issue the report zones command to the device. But\nwith the device queue freeze already started, this allocation will\nblock, preventing the report zone execution and the continuation of the\nprocessing of the plugged BIOs. As plugged BIOs hold a queue usage\nreference, the queue freeze itself will never complete, resulting in a\ndeadlock.\n\nAvoid this problem by completely removing from the zone write plugging\ncode the use of report zones operations after a failed write operation,\ninstead relying on the device user to either execute a report zones,\nreset the zone, finish the zone, or give up writing to the device (which\nis a fairly common pattern for file systems which degrade to read-only\nafter write failures). This is not an unreasonnable requirement as all\nwell-behaved applications, FSes and device mapper already use report\nzones to recover from write errors whenever possible by comparing the\ncurrent position of a zone write pointer with what their assumption\nabout the position is.\n\nThe changes to remove the automatic error recovery are as follows:\n - Completely remove the error recovery work and its associated\n resources (zone write plug list head, disk error list, and disk\n zone_wplugs_work work struct). This also removes the functions\n disk_zone_wplug_set_error() and disk_zone_wplug_clear_error().\n\n - Change the BLK_ZONE_WPLUG_ERROR zone write plug flag into\n BLK_ZONE_WPLUG_NEED_WP_UPDATE. This new flag is set for a zone write\n plug whenever a write opration targetting the zone of the zone write\n plug fails. This flag indicates that the zone write pointer offset is\n not reliable and that it must be updated when the next report zone,\n reset zone, finish zone or disk revalidation is executed.\n\n - Modify blk_zone_write_plug_bio_endio() to set the\n BLK_ZONE_WPLUG_NEED_WP_UPDATE flag for the target zone of a failed\n write BIO.\n\n - Modify the function disk_zone_wplug_set_wp_offset() to clear this\n new flag, thus implementing recovery of a correct write pointer\n offset with the reset (all) zone and finish zone operations.\n\n - Modify blkdev_report_zones() to always use the disk_report_zones_cb()\n callback so that disk_zone_wplug_sync_wp_offset() can be called for\n any zone marked with the BLK_ZONE_WPLUG_NEED_WP_UPDATE flag.\n This implements recovery of a correct write pointer offset for zone\n write plugs marked with BLK_ZONE_WPLUG_NEED_WP_UPDATE and within\n the range of the report zones operation executed by the user.\n\n - Modify blk_revalidate_seq_zone() to call\n disk_zone_wplug_sync_wp_offset() for all sequential write required\n zones when a zoned block device is revalidated, thus always resolving\n any inconsistency between the write pointer offset of zone write\n plugs and the actual write pointer position of sequential zones."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/7fa80134cf266325fa61139320091001c9b3c477",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fe0418eb9bd69a19a948b297c8de815e05f3cde1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-558xx/CVE-2024-55881.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-55881",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:28.197",
"lastModified": "2025-01-11T13:15:28.197",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Play nice with protected guests in complete_hypercall_exit()\n\nUse is_64_bit_hypercall() instead of is_64_bit_mode() to detect a 64-bit\nhypercall when completing said hypercall. For guests with protected state,\ne.g. SEV-ES and SEV-SNP, KVM must assume the hypercall was made in 64-bit\nmode as the vCPU state needed to detect 64-bit mode is unavailable.\n\nHacking the sev_smoke_test selftest to generate a KVM_HC_MAP_GPA_RANGE\nhypercall via VMGEXIT trips the WARN:\n\n ------------[ cut here ]------------\n WARNING: CPU: 273 PID: 326626 at arch/x86/kvm/x86.h:180 complete_hypercall_exit+0x44/0xe0 [kvm]\n Modules linked in: kvm_amd kvm ... [last unloaded: kvm]\n CPU: 273 UID: 0 PID: 326626 Comm: sev_smoke_test Not tainted 6.12.0-smp--392e932fa0f3-feat #470\n Hardware name: Google Astoria/astoria, BIOS 0.20240617.0-0 06/17/2024\n RIP: 0010:complete_hypercall_exit+0x44/0xe0 [kvm]\n Call Trace:\n <TASK>\n kvm_arch_vcpu_ioctl_run+0x2400/0x2720 [kvm]\n kvm_vcpu_ioctl+0x54f/0x630 [kvm]\n __se_sys_ioctl+0x6b/0xc0\n do_syscall_64+0x83/0x160\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n </TASK>\n ---[ end trace 0000000000000000 ]---"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0840d360a8909c722fb62459f42836afe32ededb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/22b5c2acd65dbe949032f619d4758a35a82fffc3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3d2634ec0d1dbe8f4b511cf5261f327c6a76f4b6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7ed4db315094963de0678a8adfd43c46471b9349",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9b42d1e8e4fe9dc631162c04caa69b0d1860b0f0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-559xx/CVE-2024-55916.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-55916",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:28.353",
"lastModified": "2025-01-11T13:15:28.353",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: util: Avoid accessing a ringbuffer not initialized yet\n\nIf the KVP (or VSS) daemon starts before the VMBus channel's ringbuffer is\nfully initialized, we can hit the panic below:\n\nhv_utils: Registering HyperV Utility Driver\nhv_vmbus: registering driver hv_utils\n...\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nCPU: 44 UID: 0 PID: 2552 Comm: hv_kvp_daemon Tainted: G E 6.11.0-rc3+ #1\nRIP: 0010:hv_pkt_iter_first+0x12/0xd0\nCall Trace:\n...\n vmbus_recvpacket\n hv_kvp_onchannelcallback\n vmbus_on_event\n tasklet_action_common\n tasklet_action\n handle_softirqs\n irq_exit_rcu\n sysvec_hyperv_stimer0\n </IRQ>\n <TASK>\n asm_sysvec_hyperv_stimer0\n...\n kvp_register_done\n hvt_op_read\n vfs_read\n ksys_read\n __x64_sys_read\n\nThis can happen because the KVP/VSS channel callback can be invoked\neven before the channel is fully opened:\n1) as soon as hv_kvp_init() -> hvutil_transport_init() creates\n/dev/vmbus/hv_kvp, the kvp daemon can open the device file immediately and\nregister itself to the driver by writing a message KVP_OP_REGISTER1 to the\nfile (which is handled by kvp_on_msg() ->kvp_handle_handshake()) and\nreading the file for the driver's response, which is handled by\nhvt_op_read(), which calls hvt->on_read(), i.e. kvp_register_done().\n\n2) the problem with kvp_register_done() is that it can cause the\nchannel callback to be called even before the channel is fully opened,\nand when the channel callback is starting to run, util_probe()->\nvmbus_open() may have not initialized the ringbuffer yet, so the\ncallback can hit the panic of NULL pointer dereference.\n\nTo reproduce the panic consistently, we can add a \"ssleep(10)\" for KVP in\n__vmbus_open(), just before the first hv_ringbuffer_init(), and then we\nunload and reload the driver hv_utils, and run the daemon manually within\nthe 10 seconds.\n\nFix the panic by reordering the steps in util_probe() so the char dev\nentry used by the KVP or VSS daemon is not created until after\nvmbus_open() has completed. This reordering prevents the race condition\nfrom happening."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/042253c57be901bfd19f15b68267442b70f510d5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/07a756a49f4b4290b49ea46e089cbe6f79ff8d26",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3dd7a30c6d7f90afcf19e9b072f572ba524d7ec6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/718fe694a334be9d1a89eed22602369ac18d6583",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/89fcec5e466b3ac9b376e0d621c71effa1a7983f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d81f4e73aff9b861671df60e5100ad25cc16fbf8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f091a224a2c82f1e302b1768d73bb6332f687321",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-563xx/CVE-2024-56368.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-56368",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:28.530",
"lastModified": "2025-01-11T13:15:28.530",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Fix overflow in __rb_map_vma\n\nAn overflow occurred when performing the following calculation:\n\n nr_pages = ((nr_subbufs + 1) << subbuf_order) - pgoff;\n\nAdd a check before the calculation to avoid this problem.\n\nsyzbot reported this as a slab-out-of-bounds in __rb_map_vma:\n\nBUG: KASAN: slab-out-of-bounds in __rb_map_vma+0x9ab/0xae0 kernel/trace/ring_buffer.c:7058\nRead of size 8 at addr ffff8880767dd2b8 by task syz-executor187/5836\n\nCPU: 0 UID: 0 PID: 5836 Comm: syz-executor187 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:489\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n __rb_map_vma+0x9ab/0xae0 kernel/trace/ring_buffer.c:7058\n ring_buffer_map+0x56e/0x9b0 kernel/trace/ring_buffer.c:7138\n tracing_buffers_mmap+0xa6/0x120 kernel/trace/trace.c:8482\n call_mmap include/linux/fs.h:2183 [inline]\n mmap_file mm/internal.h:124 [inline]\n __mmap_new_file_vma mm/vma.c:2291 [inline]\n __mmap_new_vma mm/vma.c:2355 [inline]\n __mmap_region+0x1786/0x2670 mm/vma.c:2456\n mmap_region+0x127/0x320 mm/mmap.c:1348\n do_mmap+0xc00/0xfc0 mm/mmap.c:496\n vm_mmap_pgoff+0x1ba/0x360 mm/util.c:580\n ksys_mmap_pgoff+0x32c/0x5c0 mm/mmap.c:542\n __do_sys_mmap arch/x86/kernel/sys_x86_64.c:89 [inline]\n __se_sys_mmap arch/x86/kernel/sys_x86_64.c:82 [inline]\n __x64_sys_mmap+0x125/0x190 arch/x86/kernel/sys_x86_64.c:82\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe reproducer for this bug is:\n\n------------------------8<-------------------------\n #include <fcntl.h>\n #include <stdlib.h>\n #include <unistd.h>\n #include <asm/types.h>\n #include <sys/mman.h>\n\n int main(int argc, char **argv)\n {\n\tint page_size = getpagesize();\n\tint fd;\n\tvoid *meta;\n\n\tsystem(\"echo 1 > /sys/kernel/tracing/buffer_size_kb\");\n\tfd = open(\"/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\", O_RDONLY);\n\n\tmeta = mmap(NULL, page_size, PROT_READ, MAP_SHARED, fd, page_size * 5);\n }\n------------------------>8-------------------------"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/c58a812c8e49ad688f94f4b050ad5c5b388fc5d2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ec12f30fe54234dd40ffee50dda8d2df10bd0871",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-563xx/CVE-2024-56369.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-56369",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:28.700",
"lastModified": "2025-01-11T13:15:28.700",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/modes: Avoid divide by zero harder in drm_mode_vrefresh()\n\ndrm_mode_vrefresh() is trying to avoid divide by zero\nby checking whether htotal or vtotal are zero. But we may\nstill end up with a div-by-zero of vtotal*htotal*..."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/47c8b6cf1d08f0ad40d7ea7b025442e51b35ee1f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/69fbb01e891701e6d04db1ddb5ad49e42c4dd963",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9398332f23fab10c5ec57c168b44e72997d6318e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b39de5a71bac5641d0fda33d1cf5682d82cf1ae5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e7c7b48a0fc5ed83baae400a1b15e33978c25d7f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-563xx/CVE-2024-56372.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-56372",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:28.873",
"lastModified": "2025-01-11T13:15:28.873",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tun: fix tun_napi_alloc_frags()\n\nsyzbot reported the following crash [1]\n\nIssue came with the blamed commit. Instead of going through\nall the iov components, we keep using the first one\nand end up with a malformed skb.\n\n[1]\n\nkernel BUG at net/core/skbuff.c:2849 !\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 0 UID: 0 PID: 6230 Comm: syz-executor132 Not tainted 6.13.0-rc1-syzkaller-00407-g96b6fcc0ee41 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024\n RIP: 0010:__pskb_pull_tail+0x1568/0x1570 net/core/skbuff.c:2848\nCode: 38 c1 0f 8c 32 f1 ff ff 4c 89 f7 e8 92 96 74 f8 e9 25 f1 ff ff e8 e8 ae 09 f8 48 8b 5c 24 08 e9 eb fb ff ff e8 d9 ae 09 f8 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90\nRSP: 0018:ffffc90004cbef30 EFLAGS: 00010293\nRAX: ffffffff8995c347 RBX: 00000000fffffff2 RCX: ffff88802cf45a00\nRDX: 0000000000000000 RSI: 00000000fffffff2 RDI: 0000000000000000\nRBP: ffff88807df0c06a R08: ffffffff8995b084 R09: 1ffff1100fbe185c\nR10: dffffc0000000000 R11: ffffed100fbe185d R12: ffff888076e85d50\nR13: ffff888076e85c80 R14: ffff888076e85cf4 R15: ffff888076e85c80\nFS: 00007f0dca6ea6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f0dca6ead58 CR3: 00000000119da000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n <TASK>\n skb_cow_data+0x2da/0xcb0 net/core/skbuff.c:5284\n tipc_aead_decrypt net/tipc/crypto.c:894 [inline]\n tipc_crypto_rcv+0x402/0x24e0 net/tipc/crypto.c:1844\n tipc_rcv+0x57e/0x12a0 net/tipc/node.c:2109\n tipc_l2_rcv_msg+0x2bd/0x450 net/tipc/bearer.c:668\n __netif_receive_skb_list_ptype net/core/dev.c:5720 [inline]\n __netif_receive_skb_list_core+0x8b7/0x980 net/core/dev.c:5762\n __netif_receive_skb_list net/core/dev.c:5814 [inline]\n netif_receive_skb_list_internal+0xa51/0xe30 net/core/dev.c:5905\n gro_normal_list include/net/gro.h:515 [inline]\n napi_complete_done+0x2b5/0x870 net/core/dev.c:6256\n napi_complete include/linux/netdevice.h:567 [inline]\n tun_get_user+0x2ea0/0x4890 drivers/net/tun.c:1982\n tun_chr_write_iter+0x10d/0x1f0 drivers/net/tun.c:2057\n do_iter_readv_writev+0x600/0x880\n vfs_writev+0x376/0xba0 fs/read_write.c:1050\n do_writev+0x1b6/0x360 fs/read_write.c:1096\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/429fde2d81bcef0ebab002215358955704586457",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4f393ea1e2f9c3b646d00572dd92c48b1869c65f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/efe74dd58a72bd987b158142c904b7ef2ad132e2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-567xx/CVE-2024-56788.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-56788",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:29.090",
"lastModified": "2025-01-11T13:15:29.090",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: oa_tc6: fix tx skb race condition between reference pointers\n\nThere are two skb pointers to manage tx skb's enqueued from n/w stack.\nwaiting_tx_skb pointer points to the tx skb which needs to be processed\nand ongoing_tx_skb pointer points to the tx skb which is being processed.\n\nSPI thread prepares the tx data chunks from the tx skb pointed by the\nongoing_tx_skb pointer. When the tx skb pointed by the ongoing_tx_skb is\nprocessed, the tx skb pointed by the waiting_tx_skb is assigned to\nongoing_tx_skb and the waiting_tx_skb pointer is assigned with NULL.\nWhenever there is a new tx skb from n/w stack, it will be assigned to\nwaiting_tx_skb pointer if it is NULL. Enqueuing and processing of a tx skb\nhandled in two different threads.\n\nConsider a scenario where the SPI thread processed an ongoing_tx_skb and\nit moves next tx skb from waiting_tx_skb pointer to ongoing_tx_skb pointer\nwithout doing any NULL check. At this time, if the waiting_tx_skb pointer\nis NULL then ongoing_tx_skb pointer is also assigned with NULL. After\nthat, if a new tx skb is assigned to waiting_tx_skb pointer by the n/w\nstack and there is a chance to overwrite the tx skb pointer with NULL in\nthe SPI thread. Finally one of the tx skb will be left as unhandled,\nresulting packet missing and memory leak.\n\n- Consider the below scenario where the TXC reported from the previous\ntransfer is 10 and ongoing_tx_skb holds an tx ethernet frame which can be\ntransported in 20 TXCs and waiting_tx_skb is still NULL.\n\ttx_credits = 10; /* 21 are filled in the previous transfer */\n\tongoing_tx_skb = 20;\n\twaiting_tx_skb = NULL; /* Still NULL */\n- So, (tc6->ongoing_tx_skb || tc6->waiting_tx_skb) becomes true.\n- After oa_tc6_prepare_spi_tx_buf_for_tx_skbs()\n\tongoing_tx_skb = 10;\n\twaiting_tx_skb = NULL; /* Still NULL */\n- Perform SPI transfer.\n- Process SPI rx buffer to get the TXC from footers.\n- Now let's assume previously filled 21 TXCs are freed so we are good to\ntransport the next remaining 10 tx chunks from ongoing_tx_skb.\n\ttx_credits = 21;\n\tongoing_tx_skb = 10;\n\twaiting_tx_skb = NULL;\n- So, (tc6->ongoing_tx_skb || tc6->waiting_tx_skb) becomes true again.\n- In the oa_tc6_prepare_spi_tx_buf_for_tx_skbs()\n\tongoing_tx_skb = NULL;\n\twaiting_tx_skb = NULL;\n\n- Now the below bad case might happen,\n\nThread1 (oa_tc6_start_xmit)\tThread2 (oa_tc6_spi_thread_handler)\n---------------------------\t-----------------------------------\n- if waiting_tx_skb is NULL\n\t\t\t\t- if ongoing_tx_skb is NULL\n\t\t\t\t- ongoing_tx_skb = waiting_tx_skb\n- waiting_tx_skb = skb\n\t\t\t\t- waiting_tx_skb = NULL\n\t\t\t\t...\n\t\t\t\t- ongoing_tx_skb = NULL\n- if waiting_tx_skb is NULL\n- waiting_tx_skb = skb\n\nTo overcome the above issue, protect the moving of tx skb reference from\nwaiting_tx_skb pointer to ongoing_tx_skb pointer and assigning new tx skb\nto waiting_tx_skb pointer, so that the other thread can't access the\nwaiting_tx_skb pointer until the current thread completes moving the tx\nskb reference safely."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1f2eb6c32bae04b375bb7a0aedbeefb6dbbcb775",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e592b5110b3e9393881b0a019d86832bbf71a47f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2024/CVE-2024-577xx/CVE-2024-57791.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2024-57791",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:29.253",
"lastModified": "2025-01-11T13:15:29.253",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check return value of sock_recvmsg when draining clc data\n\nWhen receiving clc msg, the field length in smc_clc_msg_hdr indicates the\nlength of msg should be received from network and the value should not be\nfully trusted as it is from the network. Once the value of length exceeds\nthe value of buflen in function smc_clc_wait_msg it may run into deadloop\nwhen trying to drain the remaining data exceeding buflen.\n\nThis patch checks the return value of sock_recvmsg when draining data in\ncase of deadloop in draining."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/6b80924af6216277892d5f091f5bfc7d1265fa28",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7a6927814b4256d603e202ae7c5e38db3b338896",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/82c7ad9ca09975aae737abffd66d1ad98874c13d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c5b8ee5022a19464783058dc6042e8eefa34e8cd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d7d1f986ebb284b1db8dafca7d1bdb6dd2445cf6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/df3dfe1a93c6298d8c09a18e4fba19ef5b17763b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2024/CVE-2024-577xx/CVE-2024-57792.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2024-57792",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:29.420",
"lastModified": "2025-01-11T13:15:29.420",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npower: supply: gpio-charger: Fix set charge current limits\n\nFix set charge current limits for devices which allow to set the lowest\ncharge current limit to be greater zero. If requested charge current limit\nis below lowest limit, the index equals current_limit_map_size which leads\nto accessing memory beyond allocated memory."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/13eb3cae1d8e23cce96c095abe34da8028c09ac5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6abbbd8286b6f944eecf3c74444c138590135211",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/afc6e39e824ad0e44b2af50a97885caec8d213d1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b29c7783ac1fe36d639c089cf471ac7a46df05f0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c3703d9340ca2820e1ac63256f4b423ea8559831",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f6279a98db132da0cfff18712a1b06478c32007f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-577xx/CVE-2024-57793.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-57793",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:29.593",
"lastModified": "2025-01-11T13:15:29.593",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirt: tdx-guest: Just leak decrypted memory on unrecoverable errors\n\nIn CoCo VMs it is possible for the untrusted host to cause\nset_memory_decrypted() to fail such that an error is returned\nand the resulting memory is shared. Callers need to take care\nto handle these errors to avoid returning decrypted (shared)\nmemory to the page allocator, which could lead to functional\nor security issues.\n\nLeak the decrypted memory when set_memory_decrypted() fails,\nand don't need to print an error since set_memory_decrypted()\nwill call WARN_ONCE()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1429ae7b7d4759a1e362456b8911c701bae655b4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/27834971f616c5e154423c578fa95e0444444ce1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-577xx/CVE-2024-57798.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-57798",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:29.743",
"lastModified": "2025-01-11T13:15:29.743",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req()\n\nWhile receiving an MST up request message from one thread in\ndrm_dp_mst_handle_up_req(), the MST topology could be removed from\nanother thread via drm_dp_mst_topology_mgr_set_mst(false), freeing\nmst_primary and setting drm_dp_mst_topology_mgr::mst_primary to NULL.\nThis could lead to a NULL deref/use-after-free of mst_primary in\ndrm_dp_mst_handle_up_req().\n\nAvoid the above by holding a reference for mst_primary in\ndrm_dp_mst_handle_up_req() while it's used.\n\nv2: Fix kfreeing the request if getting an mst_primary reference fails."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/9735d40f5fde9970aa46e828ecc85c32571d58a2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ce55818b2d3a999f886af91679589e4644ff1dc8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e54b00086f7473dbda1a7d6fc47720ced157c6a8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f61b2e5e7821f868d6afc22382a66a30ee780ba0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-577xx/CVE-2024-57799.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-57799",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:29.910",
"lastModified": "2025-01-11T13:15:29.910",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: rockchip: samsung-hdptx: Set drvdata before enabling runtime PM\n\nIn some cases, rk_hdptx_phy_runtime_resume() may be invoked before\nplatform_set_drvdata() is executed in ->probe(), leading to a NULL\npointer dereference when using the return of dev_get_drvdata().\n\nEnsure platform_set_drvdata() is called before devm_pm_runtime_enable()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/7061849a4a1752a06944a819dd1f7bfd58df7383",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9d23e48654620fdccfcc74cc2cef04eaf7353d07",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-578xx/CVE-2024-57800.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-57800",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:30.073",
"lastModified": "2025-01-11T13:15:30.073",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: memalloc: prefer dma_mapping_error() over explicit address checking\n\nWith CONFIG_DMA_API_DEBUG enabled, the following warning is observed:\n\nDMA-API: snd_hda_intel 0000:03:00.1: device driver failed to check map error[device address=0x00000000ffff0000] [size=20480 bytes] [mapped as single]\nWARNING: CPU: 28 PID: 2255 at kernel/dma/debug.c:1036 check_unmap+0x1408/0x2430\nCPU: 28 UID: 42 PID: 2255 Comm: wireplumber Tainted: G W L 6.12.0-10-133577cad6bf48e5a7848c4338124081393bfe8a+ #759\ndebug_dma_unmap_page+0xe9/0xf0\nsnd_dma_wc_free+0x85/0x130 [snd_pcm]\nsnd_pcm_lib_free_pages+0x1e3/0x440 [snd_pcm]\nsnd_pcm_common_ioctl+0x1c9a/0x2960 [snd_pcm]\nsnd_pcm_ioctl+0x6a/0xc0 [snd_pcm]\n...\n\nCheck for returned DMA addresses using specialized dma_mapping_error()\nhelper which is generally recommended for this purpose by\nDocumentation/core-api/dma-api.rst."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/c180c3f42d340e8dcb9094bb8ea7d477d37081a8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fa0308134d26dbbeb209a1581eea46df663866b6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-578xx/CVE-2024-57804.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-57804",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:30.233",
"lastModified": "2025-01-11T13:15:30.233",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs\n\nThe driver, through the SAS transport, exposes a sysfs interface to\nenable/disable PHYs in a controller/expander setup. When multiple PHYs\nare disabled and enabled in rapid succession, the persistent and current\nconfig pages related to SAS IO unit/SAS Expander pages could get\ncorrupted.\n\nUse separate memory for each config request."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/711201a8b8334a397440ac0b859df0054e174bc9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/869fdc6f0606060301aef648231e186c7c542f5a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-578xx/CVE-2024-57805.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-57805",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:30.420",
"lastModified": "2025-01-11T13:15:30.420",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Intel: hda-dai: Do not release the link DMA on STOP\n\nThe linkDMA should not be released on stop trigger since a stream re-start\nmight happen without closing of the stream. This leaves a short time for\nother streams to 'steal' the linkDMA since it has been released.\n\nThis issue is not easy to reproduce under normal conditions as usually\nafter stop the stream is closed, or the same stream is restarted, but if\nanother stream got in between the stop and start, like this:\naplay -Dhw:0,3 -c2 -r48000 -fS32_LE /dev/zero -d 120\nCTRL+z\naplay -Dhw:0,0 -c2 -r48000 -fS32_LE /dev/zero -d 120\n\nthen the link DMA channels will be mixed up, resulting firmware error or\ncrash."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/909ecf15cb70f78cdb5c930f58df01db039a0ff8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e8d0ba147d901022bcb69da8d8fd817f84e9f3ca",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-578xx/CVE-2024-57806.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-57806",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:30.597",
"lastModified": "2025-01-11T13:15:30.597",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix transaction atomicity bug when enabling simple quotas\n\nSet squota incompat bit before committing the transaction that enables\nthe feature.\n\nWith the config CONFIG_BTRFS_ASSERT enabled, an assertion\nfailure occurs regarding the simple quota feature.\n\n [5.596534] assertion failed: btrfs_fs_incompat(fs_info, SIMPLE_QUOTA), in fs/btrfs/qgroup.c:365\n [5.597098] ------------[ cut here ]------------\n [5.597371] kernel BUG at fs/btrfs/qgroup.c:365!\n [5.597946] CPU: 1 UID: 0 PID: 268 Comm: mount Not tainted 6.13.0-rc2-00031-gf92f4749861b #146\n [5.598450] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\n [5.599008] RIP: 0010:btrfs_read_qgroup_config+0x74d/0x7a0\n [5.604303] <TASK>\n [5.605230] ? btrfs_read_qgroup_config+0x74d/0x7a0\n [5.605538] ? exc_invalid_op+0x56/0x70\n [5.605775] ? btrfs_read_qgroup_config+0x74d/0x7a0\n [5.606066] ? asm_exc_invalid_op+0x1f/0x30\n [5.606441] ? btrfs_read_qgroup_config+0x74d/0x7a0\n [5.606741] ? btrfs_read_qgroup_config+0x74d/0x7a0\n [5.607038] ? try_to_wake_up+0x317/0x760\n [5.607286] open_ctree+0xd9c/0x1710\n [5.607509] btrfs_get_tree+0x58a/0x7e0\n [5.608002] vfs_get_tree+0x2e/0x100\n [5.608224] fc_mount+0x16/0x60\n [5.608420] btrfs_get_tree+0x2f8/0x7e0\n [5.608897] vfs_get_tree+0x2e/0x100\n [5.609121] path_mount+0x4c8/0xbc0\n [5.609538] __x64_sys_mount+0x10d/0x150\n\nThe issue can be easily reproduced using the following reproducer:\n\n root@q:linux# cat repro.sh\n set -e\n\n mkfs.btrfs -q -f /dev/sdb\n mount /dev/sdb /mnt/btrfs\n btrfs quota enable -s /mnt/btrfs\n umount /mnt/btrfs\n mount /dev/sdb /mnt/btrfs\n\nThe issue is that when enabling quotas, at btrfs_quota_enable(), we set\nBTRFS_QGROUP_STATUS_FLAG_SIMPLE_MODE at fs_info->qgroup_flags and persist\nit in the quota root in the item with the key BTRFS_QGROUP_STATUS_KEY, but\nwe only set the incompat bit BTRFS_FEATURE_INCOMPAT_SIMPLE_QUOTA after we\ncommit the transaction used to enable simple quotas.\n\nThis means that if after that transaction commit we unmount the filesystem\nwithout starting and committing any other transaction, or we have a power\nfailure, the next time we mount the filesystem we will find the flag\nBTRFS_QGROUP_STATUS_FLAG_SIMPLE_MODE set in the item with the key\nBTRFS_QGROUP_STATUS_KEY but we will not find the incompat bit\nBTRFS_FEATURE_INCOMPAT_SIMPLE_QUOTA set in the superblock, triggering an\nassertion failure at:\n\n btrfs_read_qgroup_config() -> qgroup_read_enable_gen()\n\nTo fix this issue, set the BTRFS_FEATURE_INCOMPAT_SIMPLE_QUOTA flag\nimmediately after setting the BTRFS_QGROUP_STATUS_FLAG_SIMPLE_MODE.\nThis ensures that both flags are flushed to disk within the same\ntransaction."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/b87c9b9ba05ba6e8e2ee9ecd29a8c930b35648ed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f2363e6fcc7938c5f0f6ac066fad0dd247598b51",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-578xx/CVE-2024-57807.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-57807",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:30.790",
"lastModified": "2025-01-11T13:15:30.790",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: megaraid_sas: Fix for a potential deadlock\n\nThis fixes a 'possible circular locking dependency detected' warning\n CPU0 CPU1\n ---- ----\n lock(&instance->reset_mutex);\n lock(&shost->scan_mutex);\n lock(&instance->reset_mutex);\n lock(&shost->scan_mutex);\n\nFix this by temporarily releasing the reset_mutex."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3c654998a3e8167a58b6c6fede545fe400a4b554",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/466ca39dbf5d0ba71c16b15c27478a9c7d4022a8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/50740f4dc78b41dec7c8e39772619d5ba841ddd7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/78afb9bfad00c4aa58a424111d7edbcab9452f2b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/edadc693bfcc0f1ea08b8fa041c9361fd042410d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f36d024bd15ed356a80dda3ddc46d0a62aa55815",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f50783148ec98a1d38b87422e2ceaf2380b7b606",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-578xx/CVE-2024-57809.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-57809",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T14:15:25.080",
"lastModified": "2025-01-11T14:15:25.080",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: imx6: Fix suspend/resume support on i.MX6QDL\n\nThe suspend/resume functionality is currently broken on the i.MX6QDL\nplatform, as documented in the NXP errata (ERR005723):\n\n https://www.nxp.com/docs/en/errata/IMX6DQCE.pdf\n\nThis patch addresses the issue by sharing most of the suspend/resume\nsequences used by other i.MX devices, while avoiding modifications to\ncritical registers that disrupt the PCIe functionality. It targets the\nsame problem as the following downstream commit:\n\n https://github.com/nxp-imx/linux-imx/commit/4e92355e1f79d225ea842511fcfd42b343b32995\n\nUnlike the downstream commit, this patch also resets the connected PCIe\ndevice if possible. Without this reset, certain drivers, such as ath10k\nor iwlwifi, will crash on resume. The device reset is also done by the\ndriver on other i.MX platforms, making this patch consistent with\nexisting practices.\n\nUpon resuming, the kernel will hang and display an error. Here's an\nexample of the error encountered with the ath10k driver:\n\n ath10k_pci 0000:01:00.0: Unable to change power state from D3hot to D0, device inaccessible\n Unhandled fault: imprecise external abort (0x1406) at 0x0106f944\n\nWithout this patch, suspend/resume will fail on i.MX6QDL devices if a\nPCIe device is connected.\n\n[kwilczynski: commit log, added tag for stable releases]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0a726f542d7c8cc0f9c5ed7df5a4bd4b59ac21b3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ac43ea3d27a8f9beadf3af66c9ea4a566ebfff1f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-578xx/CVE-2024-57838.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-57838",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T14:15:25.940",
"lastModified": "2025-01-11T14:15:25.940",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/entry: Mark IRQ entries to fix stack depot warnings\n\nThe stack depot filters out everything outside of the top interrupt\ncontext as an uninteresting or irrelevant part of the stack traces. This\nhelps with stack trace de-duplication, avoiding an explosion of saved\nstack traces that share the same IRQ context code path but originate\nfrom different randomly interrupted points, eventually exhausting the\nstack depot.\n\nFiltering uses in_irqentry_text() to identify functions within the\n.irqentry.text and .softirqentry.text sections, which then become the\nlast stack trace entries being saved.\n\nWhile __do_softirq() is placed into the .softirqentry.text section by\ncommon code, populating .irqentry.text is architecture-specific.\n\nCurrently, the .irqentry.text section on s390 is empty, which prevents\nstack depot filtering and de-duplication and could result in warnings\nlike:\n\nStack depot reached limit capacity\nWARNING: CPU: 0 PID: 286113 at lib/stackdepot.c:252 depot_alloc_stack+0x39a/0x3c8\n\nwith PREEMPT and KASAN enabled.\n\nFix this by moving the IO/EXT interrupt handlers from .kprobes.text into\nthe .irqentry.text section and updating the kprobes blacklist to include\nthe .irqentry.text section.\n\nThis is done only for asynchronous interrupts and explicitly not for\nprogram checks, which are synchronous and where the context beyond the\nprogram check is important to preserve. Despite machine checks being\nsomewhat in between, they are extremely rare, and preserving context\nwhen possible is also of value.\n\nSVCs and Restart Interrupts are not relevant, one being always at the\nboundary to user space and the other being a one-time thing.\n\nIRQ entries filtering is also optionally used in ftrace function graph,\nwhere the same logic applies."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1af22528fee8072b7adc007b8ca49cc4ea62689e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/45c9f2b856a075a34873d00788d2e8a250c1effd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/473ffae3030188f1c6b80e1b3631a26b4adf7b32",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5bb7a2c3afcf8732dc65ea49c09147b07da1d993",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ca687fdce5b95f84d91d6e36ac77047771eb3dfc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-01-11T13:00:20.357816+00:00
2025-01-11T15:00:22.016841+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-01-11T11:15:06.657000+00:00
2025-01-11T14:15:25.940000+00:00
```
### Last Data Feed Release
@ -33,20 +33,45 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
276724
276780
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `56`
- [CVE-2025-0392](CVE-2025/CVE-2025-03xx/CVE-2025-0392.json) (`2025-01-11T11:15:06.657`)
- [CVE-2024-54455](CVE-2024/CVE-2024-544xx/CVE-2024-54455.json) (`2025-01-11T13:15:26.970`)
- [CVE-2024-54460](CVE-2024/CVE-2024-544xx/CVE-2024-54460.json) (`2025-01-11T13:15:27.157`)
- [CVE-2024-54680](CVE-2024/CVE-2024-546xx/CVE-2024-54680.json) (`2025-01-11T13:15:27.340`)
- [CVE-2024-54683](CVE-2024/CVE-2024-546xx/CVE-2024-54683.json) (`2025-01-11T13:15:27.490`)
- [CVE-2024-55639](CVE-2024/CVE-2024-556xx/CVE-2024-55639.json) (`2025-01-11T13:15:27.663`)
- [CVE-2024-55641](CVE-2024/CVE-2024-556xx/CVE-2024-55641.json) (`2025-01-11T13:15:27.847`)
- [CVE-2024-55642](CVE-2024/CVE-2024-556xx/CVE-2024-55642.json) (`2025-01-11T13:15:27.990`)
- [CVE-2024-55881](CVE-2024/CVE-2024-558xx/CVE-2024-55881.json) (`2025-01-11T13:15:28.197`)
- [CVE-2024-55916](CVE-2024/CVE-2024-559xx/CVE-2024-55916.json) (`2025-01-11T13:15:28.353`)
- [CVE-2024-56368](CVE-2024/CVE-2024-563xx/CVE-2024-56368.json) (`2025-01-11T13:15:28.530`)
- [CVE-2024-56369](CVE-2024/CVE-2024-563xx/CVE-2024-56369.json) (`2025-01-11T13:15:28.700`)
- [CVE-2024-56372](CVE-2024/CVE-2024-563xx/CVE-2024-56372.json) (`2025-01-11T13:15:28.873`)
- [CVE-2024-56788](CVE-2024/CVE-2024-567xx/CVE-2024-56788.json) (`2025-01-11T13:15:29.090`)
- [CVE-2024-57791](CVE-2024/CVE-2024-577xx/CVE-2024-57791.json) (`2025-01-11T13:15:29.253`)
- [CVE-2024-57792](CVE-2024/CVE-2024-577xx/CVE-2024-57792.json) (`2025-01-11T13:15:29.420`)
- [CVE-2024-57793](CVE-2024/CVE-2024-577xx/CVE-2024-57793.json) (`2025-01-11T13:15:29.593`)
- [CVE-2024-57798](CVE-2024/CVE-2024-577xx/CVE-2024-57798.json) (`2025-01-11T13:15:29.743`)
- [CVE-2024-57799](CVE-2024/CVE-2024-577xx/CVE-2024-57799.json) (`2025-01-11T13:15:29.910`)
- [CVE-2024-57800](CVE-2024/CVE-2024-578xx/CVE-2024-57800.json) (`2025-01-11T13:15:30.073`)
- [CVE-2024-57804](CVE-2024/CVE-2024-578xx/CVE-2024-57804.json) (`2025-01-11T13:15:30.233`)
- [CVE-2024-57805](CVE-2024/CVE-2024-578xx/CVE-2024-57805.json) (`2025-01-11T13:15:30.420`)
- [CVE-2024-57806](CVE-2024/CVE-2024-578xx/CVE-2024-57806.json) (`2025-01-11T13:15:30.597`)
- [CVE-2024-57807](CVE-2024/CVE-2024-578xx/CVE-2024-57807.json) (`2025-01-11T13:15:30.790`)
- [CVE-2024-57809](CVE-2024/CVE-2024-578xx/CVE-2024-57809.json) (`2025-01-11T14:15:25.080`)
- [CVE-2024-57838](CVE-2024/CVE-2024-578xx/CVE-2024-57838.json) (`2025-01-11T14:15:25.940`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `1`
- [CVE-2024-53143](CVE-2024/CVE-2024-531xx/CVE-2024-53143.json) (`2025-01-11T13:15:25.250`)
## Download and Usage

60
_state.csv
View File

@ -262507,6 +262507,7 @@ CVE-2024-41143,0,0,8799e9b8f93d667e7053f384d3b50025554822f122dd37c394e433231808c
CVE-2024-41144,0,0,d705e4f77b5a2c06974e9e65f896eaf4fba04d31882cccffe75db10bb34113df,2024-09-04T17:25:48.123000
CVE-2024-41145,0,0,e583948039235f072af443025bc0ea6bb5630b5a84bc37fad1ee2b5dbca5d3b0,2024-12-18T23:15:07.970000
CVE-2024-41146,0,0,b94819261ed093bad14667a8628fb4c8e2f7195a09c74edaba0fc803a2fc4bd7,2024-12-12T02:15:22.880000
CVE-2024-41149,1,1,cfc94f9062da856b3bcd11d798ac2b78a748ee2600229b4b923a283a290da8d8,2025-01-11T13:15:19.973000
CVE-2024-4115,0,0,b57267cb8e1bb6187223c6763b432c2e47371c5db7fb3c6e57e19714f114293c,2024-11-21T09:42:12.977000
CVE-2024-41150,0,0,b3fa487187a6e523624f7e09b49e1bcf30bc22e86ed50f81eb7ef85655bb3043,2024-08-27T14:35:09.013000
CVE-2024-41151,0,0,00f13e1e96fa8ce3e2849a0ecdb2937bd23efcaa80a1d6b9e409fd228363f8f4,2024-11-21T09:32:19.073000
@ -262987,6 +262988,8 @@ CVE-2024-41929,0,0,cf6dbcb46e9c567ed50803e8bc7c5ed670d63483d59ac3786e92707bae89c
CVE-2024-4193,0,0,2c348f7f2f87544d588812c852bddbfbf63c657e73a923d4b668c311de4e3919,2024-11-21T09:42:21.860000
CVE-2024-41930,0,0,9970243747a2426495d5267f7aec4e4ab9cce4ad5c0b5449a838d166e239dacb,2024-11-04T22:35:07.177000
CVE-2024-41931,0,0,8055ba2b4f57b9b2835ae4697ec8b13da4a3ea06ed170c08866a5fcbc2836aec,2024-10-17T17:15:11.773000
CVE-2024-41932,1,1,1babd8ab5d2e518e92818cfec109bb4b2009572048e4065a0946f05f927aca2f,2025-01-11T13:15:20.930000
CVE-2024-41935,1,1,4831f0e3ccf585077e6d1e3a4b423f325a5789c5e410c8cfa2504851d6b0e3ab,2025-01-11T13:15:21.083000
CVE-2024-41936,0,0,bc5263d793837e387ee98a53d893cb418781f457dbe691d4096c5aa745312359,2024-08-20T16:26:54.663000
CVE-2024-41937,0,0,908baea8d6075c024574b677758230bec5903572013c4b3c9a48a3ee7bf5b699,2024-11-21T09:33:18.477000
CVE-2024-41938,0,0,719214fd73b2e6d8794a5aa93ae558a501490a215679ae53d51ef85d7234584b,2024-08-14T18:08:42.777000
@ -263836,6 +263839,7 @@ CVE-2024-43090,0,0,bfb455ba3b27b8e5f909736d7638aa4c244eafab69b7641e19b79e78332f1
CVE-2024-43091,0,0,18a7813067907079929e1aa7a03c2ea14a6eb858fe26b9c9489160580668468c,2024-12-17T20:35:58.717000
CVE-2024-43093,0,0,3f092629a0cce74f6f59bab52d6247e2ce3f3aaa2972aab5920268e0f2acfa91,2024-11-14T21:42:34.923000
CVE-2024-43097,0,0,004c4d6e0d21742822f66f64708df4b2724897f8929303b830f9e30aebcf9183,2025-01-03T22:15:07.503000
CVE-2024-43098,1,1,6dea91d88e70f70fbde066d9faad9bb804edfb35642461a2bacc1953af4dd634,2025-01-11T13:15:21.240000
CVE-2024-43099,0,0,dd4c6171d90425754eb8c361c1c6555117a95d6bcad5f992f28ec42a1deec5f9,2024-09-14T11:47:14.677000
CVE-2024-4310,0,0,dd5cf151edf7d2cd055572eb00e97620ec8e8024a5783f50f0a1b0ae59db4b35,2024-11-21T09:42:35.913000
CVE-2024-43102,0,0,b6aa6225bd8ed19c424a914e97c361ac2900c128d3e8c90742dfa8fa3a85a13f,2024-11-21T09:35:00.713000
@ -265895,6 +265899,7 @@ CVE-2024-45824,0,0,052af77f2938c71d885f8780c684340b3e8def2ae196f2e001be1da99675d
CVE-2024-45825,0,0,7653756adacf41b9d7b029d50745cbdaf6bd0929fdac78c43ff0f70e0ec9f043,2024-10-02T14:43:08.720000
CVE-2024-45826,0,0,06ae7370defd3736a6cd9f71c444134a6d1e5c46af980777be7a5f7aaf7f4fb6,2024-10-02T14:35:38.017000
CVE-2024-45827,0,0,14b2e3c223bee3e57f3f499ba2a6632d8d5cb7e001c1dd0d7aff42ddb6920805,2024-11-12T13:55:21.227000
CVE-2024-45828,1,1,73bbe0dd60535323b4b9452d4adddfba7eb9c9fe8494d20ce8a68ff41c4895cf,2025-01-11T13:15:21.450000
CVE-2024-45829,0,0,ab7f0021bb7a93beaac116d04129f4163df742a680ddbc4de2302713f584254c,2024-11-05T19:38:57.827000
CVE-2024-4583,0,0,785a5bb3a36957836b7a383b7765b0b67cf9852b800aeb286c820ff0407ffb78,2024-11-21T09:43:09.317000
CVE-2024-45833,0,0,ae7b140338ecffbe1ee920d82db8b77234d8b98166b6071308a3a15f45eb4089,2024-09-23T13:43:42.073000
@ -266473,6 +266478,7 @@ CVE-2024-46890,0,0,07cfdc47c5e4f8b02ff64259dc69d0e812ad8e9965921da811fdf8e6a8318
CVE-2024-46891,0,0,88e2de50d7edff3f506b079a19451bc4dc625969dca215e8c5443db8d50f25be,2024-11-12T15:35:11.240000
CVE-2024-46892,0,0,c694a76e168de1f34027babae1b9b99dacd3ebaeb91d91eb4252126ca4da7892,2024-11-13T23:13:06.400000
CVE-2024-46894,0,0,660a6a786100344b5f43ffde9caf0642aadcc1bde7c503739d45a779b89d91da,2024-11-12T15:35:12.310000
CVE-2024-46896,1,1,7ab825ab54108601285c4c09dc9cd9b16f7b4a94c0a368a18a42080b49a5033a,2025-01-11T13:15:21.643000
CVE-2024-46897,0,0,9eec647173e555f13f51f2e584fda49a1d135ce40040a9da0ee91e1e29d63bf6,2024-10-22T14:09:46.913000
CVE-2024-46898,0,0,74a42c689ae857f92ce7afe6487c46863603ab1bd0de02bba2a7de3bdb05fd52,2024-10-17T17:52:00.700000
CVE-2024-4690,0,0,bb8f79ed0583008c6d1a8b7baa189bdee4f903e95decde129ba88c5ca1cc909d,2024-10-21T15:51:10.467000
@ -266663,7 +266669,9 @@ CVE-2024-47137,0,0,fb6ebe05a92e5137fc180626cc4ef25cc14bad5ee91ece2d54c1a034c8819
CVE-2024-47138,0,0,1291f6ab98e2f2d151d85489bfaa9f1ed1f5f441939346bb1ef897ae0399d6ba,2024-11-22T23:15:05.213000
CVE-2024-47139,0,0,2ea80937ea44c41ff081df285d143843d8800649d52ee529467323c945f04da9,2024-10-16T16:38:14.557000
CVE-2024-4714,0,0,0d524d117aabf03780c7be3f44074976485dfc4d101c0f965f441387c1ce48e4,2024-11-21T09:43:26.100000
CVE-2024-47141,1,1,13c4663231989b42a0fcfb01f4cd3fdface6997ec6c1904a02f6927d45654069,2025-01-11T13:15:21.830000
CVE-2024-47142,0,0,3b160aeed892b3de0fae2f0bd942190d42286dfc37500bd913fc0a3b0770ad8c,2024-11-22T02:15:21.280000
CVE-2024-47143,1,1,c92830750dd0bd567e882eb6aa3b547d64184ff004388ec8f2ca35297e6e3b0c,2025-01-11T13:15:22.007000
CVE-2024-47145,0,0,060f9bb9a43b25110359917405fc9bc4bfa91006f8a71471b803c37bd9f0df18,2024-09-26T18:42:33.550000
CVE-2024-47146,0,0,4c1ec2fd77a55fc12a380140e8b75abce8b99c7554038e5bb49a8e56f7893728,2024-12-10T19:45:51.023000
CVE-2024-47148,0,0,8840019318d9e07f6140b0cc4c3b9fe87436c939db4a6a112a622ddb22cd20c7,2024-12-26T17:15:07.687000
@ -266874,6 +266882,7 @@ CVE-2024-47402,0,0,5294b67f23b6e0be377ef33c2041b98bab989a32ba18cd1f6c0f3e64e0167
CVE-2024-47404,0,0,5fb36c58410057a64b74691188c0177ad91c01400e20d71d3a6f6e3e74e73b21,2024-11-06T15:25:24.887000
CVE-2024-47406,0,0,b743d902911ab614308b81c9703ec038605a1361241dc79745f12d5875a7ef9f,2024-11-05T19:36:13.840000
CVE-2024-47407,0,0,bafcbef053ce99a8e3169a4c7e5eb00bc517cd7b8d7c61a77da14e9be287bece,2024-11-22T23:15:05.347000
CVE-2024-47408,1,1,df311c244fdc6c9e625965beb6efa17641030deae968489d811667c25df9dfb9,2025-01-11T13:15:22.220000
CVE-2024-4741,0,0,12b19bd4141c3e2d0569c4a8736650cced57250db541761df40f516d23dde63f,2024-11-13T17:01:16.850000
CVE-2024-47410,0,0,508b839c6437920b3e8550e9af906a7efb9133c78124a4dd321673a1687ad75f,2024-10-10T18:26:44.857000
CVE-2024-47411,0,0,4122ca5688cb791277921b8b82e0a1587012c755d1af9ab500a251affe2c7be7,2024-10-10T18:26:54.153000
@ -267244,6 +267253,7 @@ CVE-2024-4779,0,0,2e1aaf861b56995420e2ecd41fb05fbeff0136f0ff02e8684e6cad712f3005
CVE-2024-47790,0,0,0033caa01d3b380ade4380efa296858b7b158eabdc29e84feb2d5832c0b983fa,2024-10-14T11:15:11.930000
CVE-2024-47791,0,0,15000555053c296919902f42e8781945f23bfee06473820c84acf5fc428f2c99,2024-12-10T19:44:43.937000
CVE-2024-47793,0,0,882b9f21365001a1bbe1427d7ecd7686f09cb53c26df041c802a57c5badf616d,2024-10-21T21:25:36.697000
CVE-2024-47794,1,1,00349888bce735f0346b17f602a8ec90547a4f0e70d9b1cb746c8dcb5c6e42b7,2025-01-11T13:15:22.390000
CVE-2024-47797,0,0,1db7c191d78a0c4eb63d4cdd8fe193396dc3e7794237bd9d846daea68af0e9f7,2024-11-06T15:24:53.210000
CVE-2024-47799,0,0,c3938335baae6d700a63faf82e2306985214819a9aa9e9a31818efb7cbeda4db,2024-11-12T13:55:21.227000
CVE-2024-4780,0,0,d587053157d7c17d807fe8569feada4a245f1bae752836389b387fd0d926bac1,2024-11-21T09:43:35.980000
@ -267254,6 +267264,7 @@ CVE-2024-47805,0,0,9aae18c3e11f3b637f36e4cabe651a10fdb7c11e5af31eeff611154acf1e6
CVE-2024-47806,0,0,a9d6e69f147db55a9010517fe181b09bdf0c723cafc8fe156a8def4f62dbfd52,2024-10-04T13:50:43.727000
CVE-2024-47807,0,0,78bd319435174254d649de27630a1f69840809df78c607ab539f6fa82f612f73,2024-10-04T13:50:43.727000
CVE-2024-47808,0,0,3924b9cefe20472af8979aed441ac27dc70244fae40103f8f689b3bed484611f,2024-11-13T23:14:07.650000
CVE-2024-47809,1,1,8a0558b7b21c57df5e63a342d2595f6fb4fd3de4f140ff4bc1c09f7e2d345d76,2025-01-11T13:15:22.583000
CVE-2024-4781,0,0,dca04dc1498213ba1a1a197fab3ce11b94dddd311dde0315913f82a2ac38840b,2024-08-19T13:00:23.117000
CVE-2024-47810,0,0,2dbef77a35b034493c61fa5f819a30575fd00397f7c437d175379a2c7bb4f840,2024-12-18T18:15:07.310000
CVE-2024-47812,0,0,897aae376a8f43996b3658ca9867b5f6dd4a27027999c91348ce8bcd7002ac09,2024-10-10T12:51:56.987000
@ -267765,9 +267776,13 @@ CVE-2024-4887,0,0,a0d0f9a8fb046d1d64dccc572def5193a849cd711291225c860f9ae76aeae9
CVE-2024-48870,0,0,18a307d8f6128cb29a6984af9c786b2a3f86ad0eb48edcca47ed5bd77f7947c8,2024-11-05T19:34:38.287000
CVE-2024-48871,0,0,5d5a01d36a9cf590d21015dc1fb8d88b484f6420693898fd35b4436407272623,2024-12-06T18:15:25.267000
CVE-2024-48872,0,0,9ea5d88bb50af02969b7b4651959f337e12bb8e36a3a9117d9c1214c7bd8e05c,2024-12-16T08:15:04.950000
CVE-2024-48873,1,1,711e1aefde960448ac451f493eb79f40f7b17f68beeb2e35b15d3cbb0f347eca,2025-01-11T13:15:22.750000
CVE-2024-48874,0,0,d4dab0701d320c08fdb5c4d13166c7fa76f47b4f8118adcdce9e1ede30e7393e,2024-12-10T19:44:16.093000
CVE-2024-48875,1,1,529b4233fbe080d3015386f334cf03ec25771cdf417a53f7668f41f574dca9b1,2025-01-11T13:15:22.933000
CVE-2024-48876,1,1,e956412c9e67ebab3643a6f85503effdcaec15b67887a62803f066802d153792,2025-01-11T13:15:23.263000
CVE-2024-48878,0,0,61df8c716ea1a9423d8f98d007fe741d86381fb579c3442ef6d827deee3b213c,2024-11-05T19:44:58.650000
CVE-2024-4888,0,0,133d57bae18b01966145fd4e4ce13e18e7959193dbb6b4323cb9d35593035efb,2024-11-21T09:43:47.830000
CVE-2024-48881,1,1,ebc6f1728ddca45a5c4c77e921d1ab1f076b9c09394d13101391d66674a8d76b,2025-01-11T13:15:23.437000
CVE-2024-48889,0,0,8e1bac12eb50f3243e5ec10f0474e909f75dc6516eb6b1b6cee870377808ea68,2024-12-18T15:15:11.713000
CVE-2024-4889,0,0,54e41cd985dde0162870a1a62b42a9fd40bf90446677bc64ce2d3dd7fe90e1b1,2024-11-21T09:43:47.970000
CVE-2024-48895,0,0,2619cbfc056db229022c601c361879a86e8ef7297a78db8864167658fcd89d44,2024-11-21T13:57:24.187000
@ -268270,7 +268285,11 @@ CVE-2024-49557,0,0,6601a96c4bc210f01d32593bfa488dfcd4eaf5855ed8b64d0dab8c422cb09
CVE-2024-49558,0,0,d6190c4fa083ad35fb776a8089e14895ccaced89c942fbc8e925117ea666e076,2024-11-15T17:35:54.480000
CVE-2024-4956,0,0,b59f0fa653d583ff50139b3494916619d3242eed1a7ae59aab01da9b6e8c6c91,2024-11-21T09:43:56.520000
CVE-2024-49560,0,0,3f26500c4dded44eae4dc46589e64362e416f55913f19fef12f4ea5a50ab24a4,2024-11-15T17:35:25.407000
CVE-2024-49568,1,1,6cd769aeef33534f830381540ccb636754fe194484a9a97ab667dacac6ab4059,2025-01-11T13:15:23.637000
CVE-2024-49569,1,1,a73477b42ad4d6e56f1fabdec44c2c84a430fc659968da971cc617074d0702a8,2025-01-11T13:15:23.840000
CVE-2024-4957,0,0,faf1bb90e1dc631958a9f6c5494539e38e22b9c3203a1f9393f289eefc9d7e39,2024-11-21T09:43:56.650000
CVE-2024-49571,1,1,a5ba64c9f611935e55dba2e2fe218c99a27a9f25b92ccc25a48e782e6aa13b83,2025-01-11T13:15:24.027000
CVE-2024-49573,1,1,9ff47dd83005fc3216bfeb97407e2b86def924b25ed8b57ddfe1e521adce785e,2025-01-11T13:15:24.223000
CVE-2024-49574,0,0,285edf65c7736387bb1f5e69a3d9da68a65cb104e57ac1234838e33c6baad7dd,2024-11-20T16:32:37.770000
CVE-2024-49576,0,0,a0e80c457192d468c296ffda93b2ec5817da69e683704223c66d9a1d2b684a3f,2024-12-18T18:15:07.417000
CVE-2024-49579,0,0,9abb18443d506ce310fd7f4e6167b121033f3a0e20d401bce4799bb038c96994,2024-11-14T19:24:45.603000
@ -268660,6 +268679,7 @@ CVE-2024-50048,0,0,734ee607259cb5de03c0e5e88ee5124013128422086f99044b8deb2b4900e
CVE-2024-50049,0,0,4fb7eccc061b9b39e10ac3d579d4120a6cd306ebb79ccd76e3060d58e8f56f0d,2024-10-23T21:45:43.657000
CVE-2024-5005,0,0,edffdae445ed03271277a1d7da4f3ef9e99a78c0f49c5b3d66f4f5e15bfe563a,2024-12-12T19:55:10.777000
CVE-2024-50050,0,0,c772e99e0a240315b1aee2595b338c31c22eacc00e5698e6c99fc85138563b84,2024-10-24T19:35:08.107000
CVE-2024-50051,1,1,24f88de74c7ddb8f3910b3a7fbc210ed0c9f2ac5c709c76bda47a757934fa549,2025-01-11T13:15:24.427000
CVE-2024-50052,0,0,8e1166b11b73a0cbc906f464db8f67520364e38f19292f66596c205740cd9ead,2024-10-29T14:34:04.427000
CVE-2024-50054,0,0,9bfacafee7f112f8a3ee836f0ef82f61f8cbc6f904998593af4cbbd6eb17eab9,2024-11-22T23:15:05.510000
CVE-2024-50055,0,0,e65a6f579f8baea0a13da4d9d71d9507bacf2344b02707cb8898d92a373544ea,2024-12-14T21:15:33.437000
@ -269823,6 +269843,7 @@ CVE-2024-51721,0,0,487de257feea8dbdb8bd4c444162acda8f2a0d6c27209aa175498249c3ced
CVE-2024-51722,0,0,a82de8fcd7e90f6f41d39ca36a19feb39e82af6ac9b0df93c6d217f42c922560,2024-11-13T17:01:16.850000
CVE-2024-51723,0,0,405dcadcdbf00249437ac8a26372209fb3d01c194653eab79c47481a1ec06a48,2024-11-25T19:15:11.050000
CVE-2024-51727,0,0,8858c32e9c05ed142d6035368629a58d5f5511d07aca54fdd69ef146c2c5ebd8,2024-12-10T19:51:08.360000
CVE-2024-51729,1,1,1141d54b399461fc0ac337bc8d07bf7bec711ba479efeb2df93c61cbc5158c69,2025-01-11T13:15:24.650000
CVE-2024-5173,0,0,090e48f75343bb69589a840e25ae60a8ac00187572b68cf38125a567b358b84e,2024-11-21T09:47:07.830000
CVE-2024-51734,0,0,c7b97e928c8850d54c2fdbd4124a5548ebb3a9718f17988908d6f3c7921c071a,2024-11-05T20:35:26.167000
CVE-2024-51735,0,0,48473e5db4cd5ecc77914f0341bc3fe19cd3b449987f541b0b758a8a1a3f060f,2024-11-06T18:17:17.287000
@ -270175,12 +270196,14 @@ CVE-2024-52314,0,0,2bc5f0f4e54107738b2581026358de8cab0a15c42911fbb686ea5cbcd385d
CVE-2024-52316,0,0,ebf0d6b51f9b3de5678fe00136918cce85b2bdc4db5d96ec21388d145ce9f4b8,2024-11-21T09:46:16.433000
CVE-2024-52317,0,0,ce73efcf7b1c232dccd668d6afadee9ebc191724bbb215d2a3cde41432512716,2024-11-21T09:46:16.630000
CVE-2024-52318,0,0,9990c8ea56e7da2a0fb5af64141a1eeb644a507e2c6f41d3a96bd75739255ee9,2024-11-21T09:46:16.813000
CVE-2024-52319,1,1,44955fed4c9fb208eaef4ac5aad05bb25e55915b8e575998cf1a57680f70b51d,2025-01-11T13:15:24.843000
CVE-2024-5232,0,0,9c659ab55a0398d626d6da1c09e82340b1fec2662d16e1eca07d5817bed41493,2024-11-21T09:47:14.200000
CVE-2024-52320,0,0,fbfaa1883239695b0007c9764a43ac2cebac69eb763863afcec1548f7df5c2dd,2024-12-06T18:15:25.737000
CVE-2024-52321,0,0,58349402fe5df3092273b7344f7d995ad64537d59a580bb31bc25ef4220d89e0,2024-12-23T01:15:07.700000
CVE-2024-52323,0,0,57617b6f1b94228bad139ee211c36bd4ec7e4706388ebf89e10500861eceb01c,2024-11-27T15:15:26.377000
CVE-2024-52324,0,0,1b82757393c4b121efeb2aca56c501ac2b568f66f0e838324b89dea8626b5590,2024-12-10T19:42:56.737000
CVE-2024-5233,0,0,f7aceb9f589abd3e3127e7bdc682ef20b7c3a1e0d748898af38a399a8a8c2229,2024-11-21T09:47:14.357000
CVE-2024-52332,1,1,af74adb12488f71127ab8b372db4933520d8b9b1a04d45a629e928fac8569104,2025-01-11T13:15:25.070000
CVE-2024-52335,0,0,e1e5dff8245ade7d0df486779ba826bca2b65cb6a4f443a05cb574ac0185e48c,2024-12-06T14:15:21.230000
CVE-2024-52336,0,0,160e4fdf3c9ddd8c08bcb01e538c5c08889e84ce5825eea53a2a7d6fc852d283,2024-12-05T14:15:21.663000
CVE-2024-52337,0,0,2f176d611c76ed2c70dfbd95e56604f633499376027c37a803684cca5d8e25a6,2025-01-09T15:15:18.487000
@ -270763,7 +270786,7 @@ CVE-2024-5314,0,0,3f9bafe97657efc7f668c5d897662a9659297ed1c2230826ab18be8ba9a634
CVE-2024-53140,0,0,278cbdb637af028f369abd9e56d14ef405930db6ac1e94694d5107009c64dd48,2024-12-14T21:15:38.317000
CVE-2024-53141,0,0,c4eea5c2fe51a3898acccfa414620e41964aab3e73f12af77b5d7bb35ff9fbc7,2024-12-14T21:15:38.550000
CVE-2024-53142,0,0,fc23c3e378fb46ab5615da6a919ab3136de551312d5d21e741724005200e92a7,2024-12-14T21:15:38.707000
CVE-2024-53143,0,0,4f295a131c4b62067b8322b7a004cec43cd0b859ae5d1b6a73813cfd9519c39f,2024-12-13T14:15:22.443000
CVE-2024-53143,0,1,3d05d89fbdb82be75f55517328a8e993f568939897b6d96aaa41e7d63754fa4c,2025-01-11T13:15:25.250000
CVE-2024-53144,0,0,9d107c35ff0dca61e5b14e7d0131ac8dad4f8c1aeabd45b2baa64b7fc7411808,2024-12-18T08:15:05.687000
CVE-2024-53145,0,0,845c82eecd5000228acfbd771e22e0fcec976590e482e5c078720e730bd428d5,2025-01-07T16:14:57.543000
CVE-2024-53146,0,0,143a6857f7adc5fe799b8f016794e004afe724691ccaf56befb27f641c543479,2025-01-07T17:15:25.477000
@ -271013,8 +271036,14 @@ CVE-2024-53675,0,0,1183b1bd94841ad73311a268c8a0b2c37f3657514fc74825a9481690ca681
CVE-2024-53676,0,0,9e5335d7636e62fb7cc2e79040736f3f5e3856b52ef7bfb0006141b3e5724acd,2024-12-11T16:49:45.783000
CVE-2024-53677,0,0,0343757ac9b8af9a79c282863db1b88cd9095ebb57012e3687a2e517e71e0a02,2025-01-03T12:15:26.673000
CVE-2024-5368,0,0,0267b73ce86fd5c42a4c0cf503f4bdead8427924f402a3554f435c1bc916f416,2024-11-21T09:47:30.877000
CVE-2024-53680,1,1,8f6a0e7e0ab328aba846c45a5169e8953dc6dbfca85d9cca37f56439e3715008,2025-01-11T13:15:25.710000
CVE-2024-53682,1,1,8fff7fe6ed56d7be9465617e7f5434428ac8e26e2cf3262f7b6c754f477833c1,2025-01-11T13:15:25.860000
CVE-2024-53685,1,1,68992113a27d5e9eac07bc18b4ba67474d35de3ffa32c10bc10229e9401bd594,2025-01-11T13:15:25.997000
CVE-2024-53687,1,1,db69b3a3aa7d0b6527150d997ca94f951ff7fdd68c92c6f81dd6f27f46185a16,2025-01-11T13:15:26.120000
CVE-2024-53688,0,0,19e807e9f218b9a73099ef1ac03cb800eed5ec697cf2f5b2b26094211e5b9782,2024-12-18T07:15:08.233000
CVE-2024-53689,1,1,d27d45f206745a3b0c13a83bbd5ecfa4fe3e518aa6ddbf44c097ef0438e36105,2025-01-11T13:15:26.313000
CVE-2024-5369,0,0,14abdfed4d5003ff16a96b2708e00658833baa1f8166ee56f5ba2dba896b20f5,2024-11-21T09:47:31.020000
CVE-2024-53690,1,1,95f18b7f80f7b65f49ec8c6ba80e039b538a1b86261631e7cd401a89d8976dc6,2025-01-11T13:15:26.470000
CVE-2024-53691,0,0,09846e368cf7a07a1d919202728e77d0589572ed56c2c2f1bb03db07c3ec7fb0,2024-12-06T17:15:10.520000
CVE-2024-5370,0,0,118bbc3bfc68a5a364fa8038fafc7682a10bb0308a5e5da229e35dbd880721b0,2024-11-21T09:47:31.160000
CVE-2024-53701,0,0,1a2bc4566eec18c70c1090c86f62c17b18dd370d9f36bbeea87f735f0b867519,2024-11-29T06:15:07.327000
@ -271379,6 +271408,8 @@ CVE-2024-5417,0,0,2c092c55b8a1a8c8890a1e4546beb75d8fbd37f20d02cbd8444692608bc255
CVE-2024-5418,0,0,c3b6dacc234cf8a9c6de6913d07caa1810e24ada600d2b1f8edeb26c6b62184b,2024-11-21T09:47:36.970000
CVE-2024-54181,0,0,45bad33d373e7dca4c705e8d7f190d9cc110f08937ef6a2be63d00cdd251ea54,2024-12-30T14:15:05.867000
CVE-2024-5419,0,0,bf78f58706f13dc16fbd00574fc12a2ad63186889150404f7c80cf6aaa4041da,2024-11-21T09:47:37.083000
CVE-2024-54191,1,1,271005cfb2e7a4adab33c646edcb7d054749fc0a4ec08505685de109af323c72,2025-01-11T13:15:26.667000
CVE-2024-54193,1,1,f4cea4758637cbed747248dd7ad4abdf58c30081d62575de71f8dd6b91bb9c23,2025-01-11T13:15:26.840000
CVE-2024-54197,0,0,603709103f05bc7a97f6cde13218f652b68a22f4a935ac881648bcc5cc0bfd99,2024-12-10T01:15:06.573000
CVE-2024-54198,0,0,91bef3f33cfc40b2dc583ea6ba9db99e021097c6399c70366353fc13f33f4ef0,2024-12-10T01:15:06.713000
CVE-2024-5420,0,0,dbefceaecf14c94a5632c30e286eaf19c84cd096f95c11f7fef61c799e73a7ec,2024-11-21T09:47:37.207000
@ -271643,7 +271674,9 @@ CVE-2024-54451,0,0,62bfea464680a36276017f91bb5ae11f8712be2380f4e61a47de985084800
CVE-2024-54452,0,0,30db43977a4bb0060f4301184eef5e7e4316f5a66e91aba57b8474d2cdaf07d1,2024-12-28T19:15:07.570000
CVE-2024-54453,0,0,4b38818ec57830d6d15331deb8fc6306f0e91d48c89fb133c6569d5b7d3ea04e,2024-12-31T19:15:47.147000
CVE-2024-54454,0,0,d67e1bf29a3aaa483b825ac163d62022e2785b5de9b64863f3bc27235cd67fc7,2024-12-31T19:15:47.310000
CVE-2024-54455,1,1,7b3e247c6f8ee1ab7e460d8d2f79a861df979228217b3f4fff81a5b338b425f7,2025-01-11T13:15:26.970000
CVE-2024-54457,0,0,da0353a7ec7d859fd477580e7c54e31a24aeea86ab2c2ac2e00b7a1eda59c2cf,2024-12-18T07:15:08.377000
CVE-2024-54460,1,1,4ac93df62b811ec1eda8d55b6ad4df0cd01ba031f49040b335381137847e470d,2025-01-11T13:15:27.157000
CVE-2024-54465,0,0,3f87a539a20fcac13fcbeaaced058bbe0bd71776e4b4a361d00304853bb61a99,2024-12-16T18:15:11.023000
CVE-2024-54466,0,0,cde2c633b064403c3330cf4e329fab2afdda24c70189b50f9e401743db80aa51,2024-12-18T17:59:28.667000
CVE-2024-5447,0,0,b60e0535b73a6be4da90a7fc1432b0141afa78596c3a5ade6408fe521639c5d0,2024-11-21T09:47:42.057000
@ -271710,7 +271743,9 @@ CVE-2024-54676,0,0,d9af28a4f387189e5c5dfdaf98a85794f0c7f28ae70cc213f62a58f0a1221
CVE-2024-54677,0,0,7738db23e6dfe0ca7bf4e6721884297e1312bf0f9f87462addf38007bea25d53,2024-12-18T17:15:14.130000
CVE-2024-54679,0,0,381ad7e6890c67d9b6c47b47a43cd175dd5b1319ea7d6b78a90445a532dafd14,2024-12-06T15:15:09.693000
CVE-2024-5468,0,0,83f1a353a5b95b83c36aafd7fb0e880d8454855ef6bbd816a181cff50dcb4279,2024-11-21T09:47:44.527000
CVE-2024-54680,1,1,ad61972708bbee5067cb0b02bfec2bac37188f1bcb38ae431510ae7b381f3add,2025-01-11T13:15:27.340000
CVE-2024-54682,0,0,014e168d2df7708ff5f91a3c7e1142a04001293f3734328797e32d8f370d3481,2024-12-16T08:15:05.513000
CVE-2024-54683,1,1,df238e349e4378311580023a0609c980670d89d3758a7a6c6e3c8f96b5a489e6,2025-01-11T13:15:27.490000
CVE-2024-54687,0,0,4843463d24c47ae2aeb1e26301a5b9502ddc0257784ca9617fcdea7b0634c0f2,2025-01-10T18:15:22.630000
CVE-2024-5469,0,0,0593227e51e97383649ced684c68d7aaf013a250af5a8e55d437662843299556,2024-11-21T09:47:44.633000
CVE-2024-5470,0,0,b70339f8a022f56de8d4eb030bd8f5d3563ba0fc9c1634fd55ea697aee92ede9,2024-11-21T09:47:44.787000
@ -271960,7 +271995,10 @@ CVE-2024-55635,0,0,392082c131c01336e2210c07f5a3e2fcbd7cb3b3f9054eec0bafd4ca472aa
CVE-2024-55636,0,0,e49650b1673b5336fe0733d223e8fc2e472caad48f40b65ffc4ecff5eab92986,2024-12-16T18:15:11.463000
CVE-2024-55637,0,0,418fc59eaddba6292c7ca9a157c9abc724d8230c1bf6179e0194990ea93fb105,2024-12-16T18:15:11.673000
CVE-2024-55638,0,0,27d92259e0a78066bb2529c55e1965f2134ea587303667a5ef98e650405575d4,2024-12-16T18:15:11.840000
CVE-2024-55639,1,1,d8888938126e4da74faedefaa4a3bbb465a3e002a6734fe4824599c8bc95bb7f,2025-01-11T13:15:27.663000
CVE-2024-5564,0,0,3aa73f6c6404c243b9f6f394613afc94e063551efa8746acdefa8554437d3ac7,2024-11-21T09:47:56.340000
CVE-2024-55641,1,1,77d9ffc4c02e5ee034bb45f1260529b5a07f960192ca09455d8126eb71569411,2025-01-11T13:15:27.847000
CVE-2024-55642,1,1,705214fbd15b79938a0a84950cda3db0eb9f3d98b0ff99d6e7f0069c91bfce62,2025-01-11T13:15:27.990000
CVE-2024-5565,0,0,d611550f5bcf5e6c3db2413f5bd8aaf6eb30fde2563331d26a9ad58249b7304a,2024-11-25T13:15:07.310000
CVE-2024-55652,0,0,4e4448d6da8b16d3811a29eb55a690e8e4ef0fe299bd552eafd44d61141bd125,2024-12-12T17:15:11.360000
CVE-2024-55653,0,0,6adab931e15ac490e0ece82122d6e070bb38c705c58b8befc0c0aa90aa8fe483,2024-12-10T23:15:06.410000
@ -272000,6 +272038,7 @@ CVE-2024-55877,0,0,435be389e0076431a46ab8708ee411347fd84e481635e037befe4e5e1cca4
CVE-2024-55878,0,0,ddf93675a87b982771a83dcbe0c7d650fbaf40d82f129cfcd23293bff68215eb,2024-12-12T20:15:21.493000
CVE-2024-55879,0,0,c7d9e69254b07c65dcce66e329164fffcf9c6aa4a735e46f7047582ee960442c,2024-12-13T15:15:43.170000
CVE-2024-5588,0,0,cd4fd6a3070fd76f99f64f98fe5c8858877cfc8403e9efe0eba9cc6fe8e6a080,2024-11-21T09:47:58.750000
CVE-2024-55881,1,1,7ea9aad4570cc1d363d8611ee3efe58f7dddd9b7684e20d4f0f9cdc6e12462fd,2025-01-11T13:15:28.197000
CVE-2024-55884,0,0,5d6da0d32263735a14f387d6018828f5961d5e83d83c540231cd267e671abff9,2024-12-12T17:15:11.710000
CVE-2024-55885,0,0,9e3ddad49418cc28301222751644c0a1957b0cd7a0b086b55392509dea2c9c50,2024-12-12T20:15:21.760000
CVE-2024-55886,0,0,b364e38b57c8224b068cc87c9ee99447948b262b8408afc9444bbbe5b3713fac,2024-12-12T20:15:21.890000
@ -272012,6 +272051,7 @@ CVE-2024-55896,0,0,58f855d897602f0ddd25272da3b6accb2a00ce40a285c9003204ef42399d7
CVE-2024-55897,0,0,965b449aed633549369e65253663c8ef0d14436fec1119cd03952115edc2e4cf,2025-01-03T23:15:08.573000
CVE-2024-5590,0,0,61c18480efc672e6d99b43c679013d2693f79c71f53844282e3c898145206740,2024-11-21T09:47:59.020000
CVE-2024-5591,0,0,e2235dc9118cc79b3ae0a586a8dc702d3b6ecde665fe3ab616de0261ded7cef3,2025-01-03T15:15:10.813000
CVE-2024-55916,1,1,9872d6f0409f9ff4e328d02ac5245f11d6fb899ab88da03bf403c4e0d625bc2b,2025-01-11T13:15:28.353000
CVE-2024-55917,0,0,a2dca5ced3d5dcd8acfac3cb6ea6554a4664068c0ef8ff9f8ad449c34b6bc417,2024-12-31T17:15:09.140000
CVE-2024-55918,0,0,bbfbb68501d5d412b5390769769529160437a59c66144983bc4b57777cd87c8a,2024-12-17T20:15:23.140000
CVE-2024-5594,0,0,940fea6f22909b147125fe747964120391a812b447143a313922817b777157c5,2025-01-06T17:15:44.383000
@ -272327,7 +272367,10 @@ CVE-2024-56363,0,0,7b130d481442d6564973e2a7227b43f5a030ae8a41341bb70189f5abec825
CVE-2024-56364,0,0,6115dedb84ebd874c4c0a6694d1fb784d8502b3a627aacf7ea4fc74186ea1ff2,2024-12-23T16:15:07.770000
CVE-2024-56365,0,0,c5b2dbd1a5c652a33591aa7ae09b57eedaa2b08f679f5493d59f5f8c048bc0d1,2025-01-03T19:15:12.340000
CVE-2024-56366,0,0,48479ea8f55db434c5c7ac53217ddf9dfe727218e3e7377f3d536e1c0f97ca5d,2025-01-03T19:15:12.443000
CVE-2024-56368,1,1,83130770495e059f53d1ccc77eeeea04285810e00c87d0c45bcc66175a524ebf,2025-01-11T13:15:28.530000
CVE-2024-56369,1,1,c1e9261ae5b789a6873649b97707862a8b8aa38092e40c703dedc5d515d05eb3,2025-01-11T13:15:28.700000
CVE-2024-5637,0,0,a5e32b0dfdcc3b00fa1c534a6efa8caef39b80f083f1c956c246ad8a83c6df00,2024-11-21T09:48:04.030000
CVE-2024-56372,1,1,63a64a6c0142715c4ddc6ec56300de4db39119137bfcc0781143b559cb029ca1,2025-01-11T13:15:28.873000
CVE-2024-56375,0,0,1aeae50409e14309fb31af7dcf320eae7189e473177b68d63698866c2c62cd0b,2024-12-26T06:15:06.203000
CVE-2024-56376,0,0,78193d4d04d76f4de46c79dbff8296a0eda078607f3d954520ea11bc0d6b10dc,2025-01-09T23:15:07.827000
CVE-2024-56377,0,0,6e436e28932511f54e7bb6ea1ef2d3d7a415c2597b99deec8ebba40ac125e9b4,2025-01-09T23:15:08.173000
@ -272672,6 +272715,7 @@ CVE-2024-56784,0,0,246e46b18d01297182b84d0eeedb7f89be5b067468d07e5fbcd2a4701c7c5
CVE-2024-56785,0,0,8f5cb98439d0416d3248c986cf648022357f0a09f9da0115702bc78871254399,2025-01-09T21:27:27.500000
CVE-2024-56786,0,0,ea16236b0070d1ee086d935f00ebc5682fd5b368b3f0ac1efe1f4df73b3ea78c,2025-01-10T18:53:06.473000
CVE-2024-56787,0,0,77f49900ebe1e38ab8e44c5b5372eb9d15671b545bb90d2215966dec4b8fe2e1,2025-01-09T21:28:12.873000
CVE-2024-56788,1,1,b461a5013e707fb38d8dd4945a129ee1f12c7aa7e33bf50d3d5b26fb8ac4cb3b,2025-01-11T13:15:29.090000
CVE-2024-5679,0,0,dc654eef86d673e662acc6dfc1ecb27b2f541880d76227d1d93861f825adc641,2024-11-21T09:48:08.710000
CVE-2024-56799,0,0,7c81f75b0fadc031d3c3a69969ffb946d254b09a307c8ed595c44ee135ddd7a5,2024-12-30T19:15:08.160000
CVE-2024-5680,0,0,926c5c2f45d297ec0fa81be8768753266fc85d73f972d4984111118e8fceffa2,2024-11-21T09:48:08.837000
@ -272787,12 +272831,24 @@ CVE-2024-5776,0,0,86888fe7b4b003fb18d3d2ba32b739edbd6c9d68a474b51eae89ea9740b7db
CVE-2024-5777,0,0,36540573098e4e57e2480cda4540050e04f465dce04feabfdc311a1dd5bf4bae,2024-06-12T08:15:51.113000
CVE-2024-5778,0,0,44ca5dca3141a6d37f6826ebacfa9246d365e941b7c28662690166013bb5bd71,2024-06-12T08:15:51.173000
CVE-2024-5779,0,0,2a86c05c31e595b12ded5db682c98a0bf6f259741199a426f00c627efee46fc9,2024-06-12T08:15:51.240000
CVE-2024-57791,1,1,83661499662923b8e594bd3c5dc0a8d681b527e42b69f986563d1222446c0028,2025-01-11T13:15:29.253000
CVE-2024-57792,1,1,6e269b164ed4b92d7ee67a16ce4bb2b798116be1f2f74c49e5fe7106cf774365,2025-01-11T13:15:29.420000
CVE-2024-57793,1,1,ddff963b18d692955008250e9218f73e3d5ef63f700adbda8c83ad04b140649d,2025-01-11T13:15:29.593000
CVE-2024-57798,1,1,c0ed58e8d48adaf3dc7d7b1d21c34c9a829d25d23c734c3cd4da62041dc5e18f,2025-01-11T13:15:29.743000
CVE-2024-57799,1,1,806bc1a2725b73c5cb209c3231145868e8823776f6ca2780abd38b713e26a618,2025-01-11T13:15:29.910000
CVE-2024-5780,0,0,8f257920278f73ebde8da2f9da9c11fb9d019685aae47ae6d2026dc053194989,2024-06-12T08:15:51.300000
CVE-2024-57800,1,1,c5c42b2c1b3842383a35b5f8d69b8ba4f954a1a479092b7d8b0ba19a17185b1c,2025-01-11T13:15:30.073000
CVE-2024-57804,1,1,03a655c7bbcb3c9fd29c388335cd9c43ce0dad312096483bb7f62c252b182ba1,2025-01-11T13:15:30.233000
CVE-2024-57805,1,1,c0fa1218e16605062717599d97c87173c53c7e6ec913d615ebb3e2b0e18c8587,2025-01-11T13:15:30.420000
CVE-2024-57806,1,1,019cc1f303b977f37ee697aea77eacdcb7c64dccefa2a11f2e9b2f2ac1ba30eb,2025-01-11T13:15:30.597000
CVE-2024-57807,1,1,3fc22681d87d16c2f19292446ad4881acc5df9d656db30c12de7c2ccac921519,2025-01-11T13:15:30.790000
CVE-2024-57809,1,1,de2e3d10a38eb17297e0b63db428739f373043b7a0a3a88c9dcbf5bb2a5c6fb9,2025-01-11T14:15:25.080000
CVE-2024-5781,0,0,69395241527fa89308022b467956bfc8d570e92d8c337ad970260c71cef498ec,2024-06-12T08:15:51.363000
CVE-2024-5782,0,0,3007fa9c37260ea7caeb87e42b238e099fb02a0dcdaea4137ab796f4ff5698b0,2024-06-12T08:15:51.423000
CVE-2024-57822,0,0,728779986122bf377df0708440f7a4e3a11314ae8b64fec754f17faeca944b11,2025-01-10T15:15:16.337000
CVE-2024-57823,0,0,21afd0eacab6b7e7ef4135daf3a3b6cb51e2cd31ed278b77a73ef52eb6b04624,2025-01-10T14:15:29.583000
CVE-2024-5783,0,0,457a67b18c53addb8fb271e75294a5e3a7e25c57923089dcfbdfc7dbab590f38,2024-06-12T08:15:51.480000
CVE-2024-57838,1,1,f85a499de384339de4a4a71cb75bd53b174dba57e86a4be11bb2c2c6c084d3f9,2025-01-11T14:15:25.940000
CVE-2024-5784,0,0,79d7c651de1735758dc5225e9f9f2125237472cf1705bb9d1ed95eddc5ac5820,2024-09-03T14:48:19.570000
CVE-2024-5785,0,0,0e9b551c455c61638ce3e7d2f5874ca2c1cf14d589c0a4025501beedb178de88,2024-11-21T09:48:19.780000
CVE-2024-5786,0,0,8f234ab6daf42312db402cec6a9780e6a0a03ed9070824749daf6f62affc4884,2024-11-21T09:48:19.897000
@ -276482,7 +276538,7 @@ CVE-2025-0348,0,0,331eb1ff4b382b4fa4cded2d4eff33d4e1224a2775f1380fa27191f50e86e0
CVE-2025-0349,0,0,113bd719c64af64e563d3b7f6bc64a9c5a1e1f5ad7d7591de270b2e445c8d15a,2025-01-09T11:15:16.547000
CVE-2025-0390,0,0,e8680a8850f5f93c327358a0bafb5800686853499fcfad6c845505a58dd62509,2025-01-11T08:15:26.527000
CVE-2025-0391,0,0,92a57f196719fdf887816695b3a83526079e0969236a36b3dfc45b775c9f93d0,2025-01-11T09:15:05.937000
CVE-2025-0392,1,1,aa9606366d99278451746d2e901d7f278b325bf8d4482ec56713b1565fb0cf2e,2025-01-11T11:15:06.657000
CVE-2025-0392,0,0,aa9606366d99278451746d2e901d7f278b325bf8d4482ec56713b1565fb0cf2e,2025-01-11T11:15:06.657000
CVE-2025-20033,0,0,6018e09e60bc36da724018ac20bc63bc1922bb37746fdb9e10624cea7c137ebf,2025-01-09T07:15:28.450000
CVE-2025-20123,0,0,7f3b728d3f9cbfa875df0a45e50a08c953f805f15b1141475f4e31dfbed0e1d1,2025-01-08T16:15:38.150000
CVE-2025-20126,0,0,1585188395ef0aa5a894bbea6d526bdf238d58865dbcb187ac89434fb8c590b9,2025-01-08T19:15:38.553000

Can't render this file because it is too large.