From f21df035687a6e29bce8cabf7e83d0a28a4799c1 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 23 Dec 2024 21:03:43 +0000 Subject: [PATCH] Auto-Update: 2024-12-23T21:00:20.486239+00:00 --- CVE-2021/CVE-2021-473xx/CVE-2021-47379.json | 118 ++++++++- CVE-2021/CVE-2021-473xx/CVE-2021-47380.json | 94 ++++++- CVE-2023/CVE-2023-526xx/CVE-2023-52649.json | 114 +++++++- CVE-2024/CVE-2024-269xx/CVE-2024-26981.json | 229 ++++++++++++++-- CVE-2024/CVE-2024-269xx/CVE-2024-26989.json | 151 ++++++++++- CVE-2024/CVE-2024-269xx/CVE-2024-26993.json | 235 +++++++++++++++-- CVE-2024/CVE-2024-269xx/CVE-2024-26995.json | 100 ++++++- CVE-2024/CVE-2024-269xx/CVE-2024-26996.json | 150 ++++++++++- CVE-2024/CVE-2024-269xx/CVE-2024-26998.json | 124 ++++++++- CVE-2024/CVE-2024-270xx/CVE-2024-27002.json | 134 +++++++++- CVE-2024/CVE-2024-270xx/CVE-2024-27003.json | 134 +++++++++- CVE-2024/CVE-2024-270xx/CVE-2024-27024.json | 272 ++++++++++++++++++-- CVE-2024/CVE-2024-270xx/CVE-2024-27025.json | 203 +++++++++++++-- CVE-2024/CVE-2024-270xx/CVE-2024-27029.json | 97 ++++++- CVE-2024/CVE-2024-270xx/CVE-2024-27030.json | 203 +++++++++++++-- CVE-2024/CVE-2024-270xx/CVE-2024-27031.json | 114 +++++++- CVE-2024/CVE-2024-270xx/CVE-2024-27033.json | 114 +++++++- CVE-2024/CVE-2024-270xx/CVE-2024-27042.json | 114 +++++++- CVE-2024/CVE-2024-270xx/CVE-2024-27043.json | 209 +++++++++++++-- CVE-2024/CVE-2024-270xx/CVE-2024-27045.json | 170 ++++++++++-- CVE-2024/CVE-2024-270xx/CVE-2024-27047.json | 170 ++++++++++-- CVE-2024/CVE-2024-270xx/CVE-2024-27048.json | 114 +++++++- CVE-2024/CVE-2024-270xx/CVE-2024-27049.json | 97 ++++++- CVE-2024/CVE-2024-270xx/CVE-2024-27051.json | 170 ++++++++++-- README.md | 49 ++-- _state.csv | 82 +++--- 26 files changed, 3364 insertions(+), 397 deletions(-) diff --git a/CVE-2021/CVE-2021-473xx/CVE-2021-47379.json b/CVE-2021/CVE-2021-473xx/CVE-2021-47379.json index dd9d31f0199..1b291952f06 100644 --- a/CVE-2021/CVE-2021-473xx/CVE-2021-47379.json +++ b/CVE-2021/CVE-2021-473xx/CVE-2021-47379.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47379", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:23.590", - "lastModified": "2024-11-21T06:36:01.397", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-23T20:47:30.867", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,135 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: blk-cgroup: corrige UAF capturando el bloqueo de blkcg antes de destruir blkg pd KASAN informa un informe de use after free al realizar una prueba fuzz: [693354.104835] ======= ==================================================== ========= [693354.105094] ERROR: KASAN: use after free en bfq_io_set_weight_legacy+0xd3/0x160 [693354.105336] Lectura de tama\u00f1o 4 en la direcci\u00f3n ffff888be0a35664 por tarea sh/1453338 [693354.10560 7] CPU: 41 PID: 1453338 Comm: sh Kdump: cargado No contaminado 4.18.0-147 [693354.105610] Nombre de hardware: Huawei 2288H V5/BC11SPSCB0, BIOS 0.81 02/07/2018 [693354.105612] Seguimiento de llamadas: [693354.105621] +0xf1/0x19b [693354.105626] ? show_regs_print_info+0x5/0x5 [693354.105634] ? imprimirk+0x9c/0xc3 [693354.105638] ? cpumask_weight+0x1f/0x1f [693354.105648] print_address_description+0x70/0x360 [693354.105654] kasan_report+0x1b2/0x330 [693354.105659] ? bfq_io_set_weight_legacy+0xd3/0x160 [693354.105665] ? bfq_io_set_weight_legacy+0xd3/0x160 [693354.105670] bfq_io_set_weight_legacy+0xd3/0x160 [693354.105675] ? bfq_cpd_init+0x20/0x20 [693354.105683] cgroup_file_write+0x3aa/0x510 [693354.105693] ? ___slab_alloc+0x507/0x540 [693354.105698] ? cgroup_file_poll+0x60/0x60 [693354.105702] ? 0xffffffff89600000 [693354.105708] ? usercopy_abort+0x90/0x90 [693354.105716] ? mutex_lock+0xef/0x180 [693354.105726] kernfs_fop_write+0x1ab/0x280 [693354.105732] ? cgroup_file_poll+0x60/0x60 [693354.105738] vfs_write+0xe7/0x230 [693354.105744] ksys_write+0xb0/0x140 [693354.105749] ? __ia32_sys_read+0x50/0x50 [693354.105760] do_syscall_64+0x112/0x370 [693354.105766] ? syscall_return_slowpath+0x260/0x260 [693354.105772]? do_page_fault+0x9b/0x270 [693354.105779] ? prepare_exit_to_usermode+0xf9/0x1a0 [693354.105784] ? enter_from_user_mode+0x30/0x30 [693354.105793] Entry_SYSCALL_64_after_hwframe+0x65/0xca [693354.105875] Asignado por la tarea 1453337: [693354.106001] kasan_kmalloc+0xa0/0xd0 [693354. 106006] kmem_cache_alloc_node_trace+0x108/0x220 [693354.106010] bfq_pd_alloc+0x96/0x120 [693354.106015] blkcg_activate_policy+ 0x1b7/0x2b0 [693354.106020] bfq_create_group_hierarchy+0x1e/0x80 [693354.106026] bfq_init_queue+0x678/0x8c0 [693354.106031] blk_mq_init_sched+0x1f8/0x460 [693354.106037] elevator_switch_mq+0xe1/0x240 [693354.106041] elevator_switch+0x25/0x40 [693354.106045] elv_iosched_store+0x1a1/ 0x230 [693354.106049] queue_attr_store+0x78/0xb0 [693354.106053] kernfs_fop_write+0x1ab/0x280 [693354.106056] vfs_write+0xe7/0x230 [693354.106060] s_write+0xb0/0x140 [693354.106064] do_syscall_64+0x112/0x370 [693354.106069] Entry_SYSCALL_64_after_hwframe+0x65/0xca [ 693354.106114] Liberado por la tarea 1453336: [693354.106225] __kasan_slab_free+0x130/0x180 [693354.106229] kfree+0x90/0x1b0 [693354.106233] blkcg_deactivate_policy+0x12 c/0x220 [693354.106238] bfq_exit_queue+0xf5/0x110 [693354.106241] blk_mq_exit_sched+0x104/0x130 [693354.106245] __elevator_exit+0x45/0x60 [693354.106249] elevator_switch_mq+0xd6/0x240 [693354.106253] interruptor_elevador+0x25/0x40 [693354.106257] elv_iosched_store+0x1a1/0x230 .106261] queue_attr_store+0x78/0xb0 [693354.106264] kernfs_fop_write+0x1ab/0x280 [693354.106268] vfs_write+ 0xe7/0x230 [693354.106271] ksys_write+0xb0/0x140 [693354.106275] do_syscall_64+0x112/0x370 [693354.106280] Entry_SYSCALL_64_after_hwframe+0x65/0xca [69335 4.106329] La direcci\u00f3n con errores pertenece al objeto en ffff888be0a35580 que pertenece al cach\u00e9 kmalloc-1k de tama\u00f1o 1024 [693354.106736] La direcci\u00f3n con errores se encuentra a 228 bytes dentro de la regi\u00f3n de 1024 bytes [ffff888be0a35580, ffff888be0a35980) [693354.107114] La direcci\u00f3n con errores pertenece a la p\u00e1gina: [693354.107273] p\u00e1gina:ffffea002f828c00 1 recuento de mapas: 0 mapeo: ffff888107c17080 \u00edndice: 0x0 Compound_mapcount: 0 [693354.107606] banderas: 0x17ffffc0008100(slab|head) [693354.107760] raw: 0017ffffc0008100 ffffea002fcbc808 ffffea0030bd3a08 ffff888107c17080 3354.108020] r ---truncado---" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.4.150", + "matchCriteriaId": "F6EBA6BC-0594-4920-B410-5DDA60229E8E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.70", + "matchCriteriaId": "A2A50090-4483-4F44-9147-BF0B012FBF7E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.14.9", + "matchCriteriaId": "1B31D6C1-A751-438D-906B-0C56B789D498" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/7c2c69e010431b0157c9454adcdd2305809bf9fb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/858560b27645e7e97aca37ee8f232cccd658fbd2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d12ddd843f1877de1f7dd2aeea4907cf9ff3ac08", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f58d305887ad7b24986d58e881f6806bb81b2bdf", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7c2c69e010431b0157c9454adcdd2305809bf9fb", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/858560b27645e7e97aca37ee8f232cccd658fbd2", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d12ddd843f1877de1f7dd2aeea4907cf9ff3ac08", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f58d305887ad7b24986d58e881f6806bb81b2bdf", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-473xx/CVE-2021-47380.json b/CVE-2021/CVE-2021-473xx/CVE-2021-47380.json index 0ad04355e25..f7ca6cc9439 100644 --- a/CVE-2021/CVE-2021-473xx/CVE-2021-47380.json +++ b/CVE-2021/CVE-2021-473xx/CVE-2021-47380.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47380", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:23.663", - "lastModified": "2024-11-21T06:36:01.517", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-23T20:48:01.910", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,103 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: HID: amd_sfh: corrige una posible desreferencia del puntero NULL devm_add_action_or_reset() puede invocar repentinamente amd_mp2_pci_remove() en el registro, lo que provocar\u00e1 una desreferencia del puntero NULL ya que los datos correspondientes a\u00fan no se han inicializado. El parche mueve la inicializaci\u00f3n de los datos antes de devm_add_action_or_reset(). Encontrado por el proyecto de verificaci\u00f3n de controladores de Linux (linuxtesting.org). [jkosina@suse.cz: rebase] " } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.14.10", + "matchCriteriaId": "D59E06FA-93F0-4A27-BD8C-6FDC6AEFE4B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*", + "matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*", + "matchCriteriaId": "0460DA88-8FE1-46A2-9DDA-1F1ABA552E71" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/283e4bee701dfcd409dd293f19a268bb2bc8ff38", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d46ef750ed58cbeeba2d9a55c99231c30a172764", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/283e4bee701dfcd409dd293f19a268bb2bc8ff38", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d46ef750ed58cbeeba2d9a55c99231c30a172764", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-526xx/CVE-2023-52649.json b/CVE-2023/CVE-2023-526xx/CVE-2023-52649.json index abf5526fef7..7e778a7ad74 100644 --- a/CVE-2023/CVE-2023-526xx/CVE-2023-52649.json +++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52649.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52649", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T13:15:48.280", - "lastModified": "2024-11-21T08:40:17.107", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T19:14:57.980", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,131 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/vkms: Evite leer m\u00e1s all\u00e1 de la matriz LUT Cuando el \u00edndice LUT de piso (drm_fixp2int(lut_index) es el \u00faltimo \u00edndice de la matriz, el \u00edndice LUT de techo apuntar\u00e1 a una entrada m\u00e1s all\u00e1 de la matriz Aseg\u00farese de protegernos contra esto y usar el valor del \u00edndice LUT de piso v3: - Elimine los bits de la descripci\u00f3n de confirmaci\u00f3n que no contribuyeron con nada de valor." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-129" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6", + "versionEndExcluding": "6.6.23", + "matchCriteriaId": "5B28A88F-F85F-4008-8F7C-44FC9152916E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.11", + "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.2", + "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/046c1184ce60b0a37d48134f17ddbc1f32ce02bd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2fee84030d12d9fddfa874e4562d71761a129277", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/92800aaeff51b8358d1e0a7eb74daf8aa2d7ce9d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9556c167673057d48ce4a0da675026fe046654c1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/046c1184ce60b0a37d48134f17ddbc1f32ce02bd", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2fee84030d12d9fddfa874e4562d71761a129277", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/92800aaeff51b8358d1e0a7eb74daf8aa2d7ce9d", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9556c167673057d48ce4a0da675026fe046654c1", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-269xx/CVE-2024-26981.json b/CVE-2024/CVE-2024-269xx/CVE-2024-26981.json index 72fa457bb13..4625053f757 100644 --- a/CVE-2024/CVE-2024-269xx/CVE-2024-26981.json +++ b/CVE-2024/CVE-2024-269xx/CVE-2024-26981.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26981", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T06:15:15.517", - "lastModified": "2024-11-21T09:03:32.790", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T20:42:57.277", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,79 +15,266 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nilfs2: corrige OOB en nilfs_set_de_type El tama\u00f1o de la matriz nilfs_type_by_mode en el archivo fs/nilfs2/dir.c se define como \"S_IFMT >> S_SHIFT\", pero la funci\u00f3n nilfs_set_de_type() , que utiliza esta matriz, especifica el \u00edndice a leer de la matriz de la misma manera que \"(mode & S_IFMT) >> S_SHIFT\". static void nilfs_set_de_type(struct nilfs_dir_entry *de, struct inode *inode) { umode_t modo = inodo->i_mode; de->tipo_archivo = nilfs_type_by_mode[(modo & S_IFMT)>>S_SHIFT]; // oob } Sin embargo, cuando el \u00edndice se determina de esta manera, se produce un error fuera de los l\u00edmites (OOB) al hacer referencia a un \u00edndice que es 1 mayor que el tama\u00f1o de la matriz cuando la condici\u00f3n \"modo & S_IFMT == S_IFMT\" es satisfecho. Por lo tanto, se debe aplicar un parche para cambiar el tama\u00f1o de la matriz nilfs_type_by_mode para evitar errores OOB." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-129" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.6.30", + "versionEndExcluding": "4.19.313", + "matchCriteriaId": "33566938-5491-4E5B-9204-67340B262E27" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.275", + "matchCriteriaId": "5FF6D8DE-C559-4586-86C8-2C6B4420A2C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.216", + "matchCriteriaId": "A44ABF89-F1BD-4C9A-895D-7596650DCD27" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.157", + "matchCriteriaId": "C67E2ABA-9F30-4CE6-A840-B1051D07E0CF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.88", + "matchCriteriaId": "B665F958-644E-434D-A78D-CCD1628D1774" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.29", + "matchCriteriaId": "0999E154-1E68-41FA-8DE3-9A735E382224" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.8.8", + "matchCriteriaId": "673B3328-389D-41A4-9617-669298635262" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*", + "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*", + "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*", + "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*", + "matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/054f29e9ca05be3906544c5f2a2c7321c30a4243", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2382eae66b196c31893984a538908c3eb7506ff9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7061c7efbb9e8f11ce92d6b4646405ea2b0b4de1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/897ac5306bbeb83e90c437326f7044c79a17c611", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/90823f8d9ecca3d5fa6b102c8e464c62f416975f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/90f43980ea6be4ad903e389be9a27a2a0018f1c8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bdbe483da21f852c93b22557b146bc4d989260f0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c4a7dc9523b59b3e73fd522c73e95e072f876b16", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/054f29e9ca05be3906544c5f2a2c7321c30a4243", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2382eae66b196c31893984a538908c3eb7506ff9", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7061c7efbb9e8f11ce92d6b4646405ea2b0b4de1", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/897ac5306bbeb83e90c437326f7044c79a17c611", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/90823f8d9ecca3d5fa6b102c8e464c62f416975f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/90f43980ea6be4ad903e389be9a27a2a0018f1c8", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bdbe483da21f852c93b22557b146bc4d989260f0", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c4a7dc9523b59b3e73fd522c73e95e072f876b16", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-269xx/CVE-2024-26989.json b/CVE-2024/CVE-2024-269xx/CVE-2024-26989.json index 5fcad794cf6..1f15af275c0 100644 --- a/CVE-2024/CVE-2024-269xx/CVE-2024-26989.json +++ b/CVE-2024/CVE-2024-269xx/CVE-2024-26989.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26989", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T06:15:16.577", - "lastModified": "2024-11-21T09:03:33.953", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T20:43:38.437", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,47 +15,172 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: arm64: hibernaci\u00f3n: corrige el error de traducci\u00f3n de nivel 3 en swsusp_save() En m\u00e1quinas arm64, swsusp_save() falla si intenta acceder a los rangos de memoria MEMBLOCK_NOMAP. Esto se puede reproducir en QEMU usando UEFI al arrancar con rodata=off debug_pagealloc=off y CONFIG_KFENCE=n: No se puede manejar la solicitud de paginaci\u00f3n del kernel en la direcci\u00f3n virtual ffffff8000000000 Informaci\u00f3n de cancelaci\u00f3n de memoria: ESR = 0x0000000096000007 EC = 0x25: DABT (EL actual), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x07: fallo de traducci\u00f3n de nivel 3 Informaci\u00f3n de cancelaci\u00f3n de datos: ISV = 0, ISS = 0x00000007, ISS2 = 0x00000000 CM = 0, WnR = 0, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 pgtable de intercambio: p\u00e1ginas de 4k, VA de 39 bits, pgdp=00000000eeb0b000 [ffffff8000000000] pgd=180000217fff9803, p4d=180000217fff 9803, pud=180000217fff9803, pmd =180000217fff8803, pte=0000000000000000 Error interno: Ups: 0000000096000007 [#1] Error interno de SMP: Ups: 0000000096000007 [#1] M\u00f3dulos SMP vinculados en: xt_multiport ipt_REJECT nf_reject_ipv4 x t_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c iptable_filter bpfilter rfkill at803x snd_hda_codec_hdmi snd_hda_intel snd_intel_dspcfg dwmac_generic stmmac_platform snd_hda_codec stmmac joydev pcs_xpcs snd_hda_core phylink ppdev lp parport ramoops reed_solomon ip_tables x_tables nls_iso8859_1 vfat multipath lineal amdgpu amdxcp drm_exec gpu_sched drm_buddy hid_generic usbhid hid radeon video drm_suballoc_helper drm_ttm_helper ttm algo_bit drm_display_helper cec drm_kms_helper drm CPU: 0 PID: 3663 Comm: systemd-sleep No contaminado 6.6.2 + #76 Versi\u00f3n de origen: 4e22ed63a0a48e7a7cff9b98b7806d8d4add7dc0 Nombre del hardware: Greatwall GW-XXXXXX-XXX/GW-XXXXXX-XXX, BIOS KunLun BIOS V4.0 19/01/2021 pstate: 600003c5 (nZCv DAIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc: swsusp_save+0x280/0x538 lr: swsusp_save+0x280/0x538 sp: ffffffa034a3fa40 x29: ffffffa034a3fa40 x28: ffffff8000001000 x27: 0000000000000000 x26: ffff8001400000 x25: ffffffc08113e248 x24: 0000000000000000 x23: 0000000000080000 x22: ffffffc08113e280 x21: 00000000000c69f2 x20 : ffffff8000000000 x19: ffffffc081ae2500 x18: 0000000000000000 x17: 6666662074736420 x16: 3030303030303030 x15: 3038666666666666 x14: 00000000000b69 x13: ffffff9f89088530 x12: 00000000ffffffea x11: 00000000ffff7fff x10: 00000000ffff7fff x9: fffffc08193f0d0 x8: 00000000000bffe8 x7: c 0000000ffff7fff x6: 0000000000000001 x5: fffffa0fff09dc8 x4: 0000000000000000 x3: 0000000000000027 x2: 0000000000000000 x1: 0000000000000000 x0: 000000000000004e Rastreo de llamadas: swsusp_save+0x280/0x538 swsusp_arch_suspend+0x148/0x190 bernation_snapshot+0x240/0x39c hibernate+0xc4/0x378 state_store+0xf0/0x10c kobj_attr_store+0x14/0x24 El motivo es swsusp_save( ) -> copy_data_pages() -> page_is_saveable() -> kernel_page_present() suponiendo que una p\u00e1gina siempre est\u00e1 presente cuando can_set_direct_map() es falsa (todos rodata_full, debug_pagealloc_enabled() y arm64_kfence_can_set_direct_map() son falsos), independientemente de los rangos de MEMBLOCK_NOMAP. Estas regiones MEMBLOCK_NOMAP no deben guardarse durante la hibernaci\u00f3n. Este problema se introdujo por cambios en la l\u00f3gica pfn_valid() en el commit a7d9f306ba70 (\"arm64: drop pfn_valid_within() and simplifica pfn_valid()\"). Al igual que en otras arquitecturas, elimine la verificaci\u00f3n !can_set_direct_map() en kernel_page_present() para que page_is_savable() omita dichas p\u00e1ginas. [catalin.marinas@arm.com: mensaje de confirmaci\u00f3n de reelaboraci\u00f3n]" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.14", + "versionEndExcluding": "5.15.157", + "matchCriteriaId": "1D42B41E-130E-40D9-841E-8B5EEDDD755F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.88", + "matchCriteriaId": "B665F958-644E-434D-A78D-CCD1628D1774" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.29", + "matchCriteriaId": "0999E154-1E68-41FA-8DE3-9A735E382224" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.8.8", + "matchCriteriaId": "673B3328-389D-41A4-9617-669298635262" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*", + "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*", + "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*", + "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*", + "matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/022b19ebc31cce369c407617041a3db810db23b3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/31f815cb436082e72d34ed2e8a182140a73ebdf4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/50449ca66cc5a8cbc64749cf4b9f3d3fc5f4b457", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/813f5213f2c612dc800054859aaa396ec8ad7069", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f7e71a7cf399f53ff9fc314ca3836dc913b05bd6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/022b19ebc31cce369c407617041a3db810db23b3", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/31f815cb436082e72d34ed2e8a182140a73ebdf4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/50449ca66cc5a8cbc64749cf4b9f3d3fc5f4b457", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/813f5213f2c612dc800054859aaa396ec8ad7069", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f7e71a7cf399f53ff9fc314ca3836dc913b05bd6", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-269xx/CVE-2024-26993.json b/CVE-2024/CVE-2024-269xx/CVE-2024-26993.json index b255087bf2b..90c09284eb1 100644 --- a/CVE-2024/CVE-2024-269xx/CVE-2024-26993.json +++ b/CVE-2024/CVE-2024-269xx/CVE-2024-26993.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26993", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T06:15:17.110", - "lastModified": "2024-11-21T09:03:34.500", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T20:43:56.733", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,79 +15,272 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fs: sysfs: corrige la fuga de referencia en sysfs_break_active_protection() La rutina sysfs_break_active_protection() tiene una fuga de referencia obvia en su ruta de error. Si la llamada a kernfs_find_and_get() falla, entonces kn ser\u00e1 NULL, por lo que no se llamar\u00e1 a la rutina complementaria sysfs_unbreak_active_protection() (y solo causar\u00eda una infracci\u00f3n de acceso al intentar eliminar la referencia a kn->parent si se llamara). Como resultado, la referencia a kobj adquirida al inicio de la funci\u00f3n nunca se publicar\u00e1. Solucione la fuga agregando una llamada expl\u00edcita a kobject_put() cuando kn sea NULL." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.16.62", + "versionEndExcluding": "3.17", + "matchCriteriaId": "CF0E916A-2E85-4BDA-A6B9-628CB208D7E0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.18.121", + "versionEndExcluding": "3.19", + "matchCriteriaId": "6B68BB35-4680-4400-8678-945038232436" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.4.154", + "versionEndExcluding": "4.5", + "matchCriteriaId": "71EA076B-AD00-432F-B156-0748605CE34D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.9.125", + "versionEndExcluding": "4.10", + "matchCriteriaId": "6332802F-C91B-4C23-A155-60E41FC4345A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.14.68", + "versionEndExcluding": "4.15", + "matchCriteriaId": "BB57F4AD-D25F-493E-85BA-74DDA52C7AA7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.18.6", + "versionEndExcluding": "4.19", + "matchCriteriaId": "2605C4B5-016B-469F-9FEE-CF497A18AE3B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.19", + "versionEndExcluding": "5.15.157", + "matchCriteriaId": "96AD9EA4-6E34-4C07-ACD9-AB23A8FD05AF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.88", + "matchCriteriaId": "B665F958-644E-434D-A78D-CCD1628D1774" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.29", + "matchCriteriaId": "0999E154-1E68-41FA-8DE3-9A735E382224" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.8.8", + "matchCriteriaId": "673B3328-389D-41A4-9617-669298635262" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*", + "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*", + "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*", + "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*", + "matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/43f00210cb257bcb0387e8caeb4b46375d67f30c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/57baab0f376bec8f54b0fe6beb8f77a57c228063", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5d43e072285e81b0b63cee7189b3357c7768a43b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/84bd4c2ae9c3d0a7d3a5c032ea7efff17af17e17", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a4c99b57d43bab45225ba92d574a8683f9edc8e4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a90bca2228c0646fc29a72689d308e5fe03e6d78", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ac107356aabc362aaeb77463e814fc067a5d3957", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f28bba37fe244889b81bb5c508d3f6e5c6e342c5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/43f00210cb257bcb0387e8caeb4b46375d67f30c", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/57baab0f376bec8f54b0fe6beb8f77a57c228063", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5d43e072285e81b0b63cee7189b3357c7768a43b", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/84bd4c2ae9c3d0a7d3a5c032ea7efff17af17e17", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a4c99b57d43bab45225ba92d574a8683f9edc8e4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a90bca2228c0646fc29a72689d308e5fe03e6d78", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ac107356aabc362aaeb77463e814fc067a5d3957", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f28bba37fe244889b81bb5c508d3f6e5c6e342c5", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-269xx/CVE-2024-26995.json b/CVE-2024/CVE-2024-269xx/CVE-2024-26995.json index 2506a52ea54..ddbd8eb2ae6 100644 --- a/CVE-2024/CVE-2024-269xx/CVE-2024-26995.json +++ b/CVE-2024/CVE-2024-269xx/CVE-2024-26995.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26995", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T06:15:17.313", - "lastModified": "2024-11-21T09:03:34.817", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T19:49:22.590", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,109 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: typec: tcpm: corrija el recuento de PDO en pd_set Los errores off-by-one ocurren porque nr_snk_pdo y nr_src_pdo se agregaron incorrectamente. El \u00edndice del bucle es igual al n\u00famero de PDO que se actualizar\u00e1n al salir del bucle y no es necesario agregar uno. Al realizar la negociaci\u00f3n de energ\u00eda, TCPM se basa en \"nr_snk_pdo\" como el tama\u00f1o de la matriz de PDO del receptor local para que coincida con las capacidades de origen del puerto asociado. Si se produce un desbordamiento de uno a uno, es posible que se env\u00ede un RDO incorrecto y que se produzca una transferencia de energ\u00eda inesperada, como sobretensi\u00f3n o sobrecorriente (de lo esperado). \"nr_src_pdo\" se utiliza para establecer el nivel de Rp cuando el puerto est\u00e1 en la funci\u00f3n de origen. Tambi\u00e9n es el tama\u00f1o de la matriz de las capacidades de la Fuente local al llenar el b\u00fafer que se enviar\u00e1 como los PDO de la Fuente (como en la Negociaci\u00f3n de Energ\u00eda). Si se produce el desbordamiento de uno por uno, es posible que se establezca un nivel de Rp incorrecto y se enviar\u00e1n PDO de origen incorrectos al puerto asociado. Esto podr\u00eda causar sobrecorriente o restablecimientos de puertos." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-193" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.8", + "matchCriteriaId": "A6B3F478-AAC3-4675-897F-870080589B51" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*", + "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*", + "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*", + "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*", + "matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/c4128304c2169b4664ed6fb6200f228cead2ab70", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f3da3192cdd3fefe213390e976eec424a8e270b5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c4128304c2169b4664ed6fb6200f228cead2ab70", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f3da3192cdd3fefe213390e976eec424a8e270b5", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-269xx/CVE-2024-26996.json b/CVE-2024/CVE-2024-269xx/CVE-2024-26996.json index 6131c5bf2a8..828fc0cb9d9 100644 --- a/CVE-2024/CVE-2024-269xx/CVE-2024-26996.json +++ b/CVE-2024/CVE-2024-269xx/CVE-2024-26996.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26996", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T06:15:17.480", - "lastModified": "2024-11-21T09:03:34.937", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T19:49:49.543", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,47 +15,171 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: gadget: f_ncm: corrige el objeto UAF ncm al volver a vincularlo despu\u00e9s del error de transporte usb ep Cuando la funci\u00f3n ncm est\u00e1 funcionando y luego detiene la interfaz usb0 para desconectar el enlace, se llama a eth_stop() . En este punto, accidentalmente, si ocurre un error de transporte USB en usb_ep_enable(), es posible que 'in_ep' y/o 'out_ep' no est\u00e9n habilitados. Despu\u00e9s de eso, se llama a ncm_disable() para deshabilitar ncm unbind, pero nunca se llama a gether_disconnect() ya que 'in_ep' no est\u00e1 habilitado. Como resultado, el objeto ncm se libera en ncm unbind pero 'dev->port_usb' asociado a 'ncm->port' no es NULL. Y cuando ncm se vincula nuevamente para recuperar netdev, el objeto ncm se reasigna pero la interfaz usb0 ya est\u00e1 asociada al objeto ncm lanzado anteriormente. Por lo tanto, una vez que la interfaz usb0 est\u00e1 activa y se llama a eth_start_xmit(), el objeto ncm liberado se desreferencia y podr\u00eda causar memoria de use-after-free. [funci\u00f3n de desvinculaci\u00f3n a trav\u00e9s de configfs] usb0: eth_stop dev->port_usb=ffffff9b179c3200 --> el error ocurre en usb_ep_enable(). NCM: ncm_disable: ncm=ffffff9b179c3200 --> no gether_disconnect() ya que ncm->port.in_ep->enabled es falso. NCM: ncm_unbind: ncm unbind ncm=ffffff9b179c3200 NCM: ncm_free: ncm free ncm=ffffff9b179c3200 <-- ncm liberado [enlace de funci\u00f3n a trav\u00e9s de configfs] NCM: ncm_alloc: ncm alloc ncm=ffffff9ac4f8a000 NCM: ncm_bind: cm enlazar ncm=ffffff9ac4f8a000 NCM: ncm_set_alt : ncm=ffffff9ac4f8a000 alt=0 usb0: eth_open dev->port_usb=ffffff9b179c3200 <-- ncm usb0 lanzado anteriormente: eth_start dev->port_usb=ffffff9b179c3200 <-- eth_start_xmit() --> dev->wrap() No se puede manejar el kernel solicitud de paginaci\u00f3n en la direcci\u00f3n virtual dead00000000014f Este parche soluciona el problema verificando si 'ncm->netdev' no es NULL en ncm_disable() para llamar a gether_disconnect() para desasociar 'dev->port_usb'. Es m\u00e1s razonable marcar 'ncm->netdev' para llamar a gether_connect/disconnect en lugar de marcar 'ncm->port.in_ep->enabled' ya que es posible que no est\u00e9 habilitado pero que se pueda establecer la conexi\u00f3n conjunta." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.15.157", + "matchCriteriaId": "CB2F4D25-B857-48D0-BBDF-5EEEB37BE055" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.88", + "matchCriteriaId": "B665F958-644E-434D-A78D-CCD1628D1774" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.29", + "matchCriteriaId": "0999E154-1E68-41FA-8DE3-9A735E382224" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.8.8", + "matchCriteriaId": "673B3328-389D-41A4-9617-669298635262" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*", + "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*", + "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*", + "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*", + "matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0588bbbd718a8130b98c54518f1e0b569ce60a93", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6334b8e4553cc69f51e383c9de545082213d785e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7250326cbb1f4f90391ac511a126b936cefb5bb7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7f67c2020cb08499c400abf0fc32c65e4d9a09ca", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f356fd0cbd9c9cbd0854657a80d1608d0d732db3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0588bbbd718a8130b98c54518f1e0b569ce60a93", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6334b8e4553cc69f51e383c9de545082213d785e", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7250326cbb1f4f90391ac511a126b936cefb5bb7", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7f67c2020cb08499c400abf0fc32c65e4d9a09ca", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f356fd0cbd9c9cbd0854657a80d1608d0d732db3", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-269xx/CVE-2024-26998.json b/CVE-2024/CVE-2024-269xx/CVE-2024-26998.json index b82cf790c7d..bb16e8fb44e 100644 --- a/CVE-2024/CVE-2024-269xx/CVE-2024-26998.json +++ b/CVE-2024/CVE-2024-269xx/CVE-2024-26998.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26998", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T06:15:17.780", - "lastModified": "2024-11-21T09:03:35.200", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T19:50:05.873", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,137 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: serial: core: borrando el b\u00fafer circular antes de anularlo. El b\u00fafer circular se anula en uart_tty_port_shutdown() bajo el bloqueo de giro. Sin embargo, el PM u otras devoluciones de llamada basadas en temporizadores a\u00fan pueden activarse despu\u00e9s de este evento sin saber que el puntero del b\u00fafer no es v\u00e1lido. Dado que el c\u00f3digo de serie es un poco inconsistente al verificar el estado del b\u00fafer (algunos se basan en las posiciones de cabecera y cola, otros en el puntero del b\u00fafer), es mejor tener ambos alineados, es decir, que el puntero del b\u00fafer sea NULL y las posiciones de cabecera y cola sean lo mismo, lo que significa que est\u00e1 vac\u00edo. Esto evitar\u00e1 llamadas asincr\u00f3nicas para desreferenciar el puntero NULL como se inform\u00f3 recientemente en el caso 8250: ERROR: desreferencia del puntero NULL del kernel, direcci\u00f3n: 00000cf5 Cola de trabajo: pm pm_runtime_work EIP: serial8250_tx_chars (drivers/tty/serial/8250/8250_port.c:1809). . serial8250_tx_chars (drivers/tty/serial/8250/8250_port.c:1809) __start_tx (drivers/tty/serial/8250/8250_port.c:1551) serial8250_start_tx (drivers/tty/serial/8250/8250_port.c:1654) serial_port_runtime_suspend ( incluir/linux/serial_core.h:667 controladores/tty/serial/serial_port.c:63) __rpm_callback (drivers/base/power/runtime.c:393)? serial_port_remove (drivers/tty/serial/serial_port.c:50) rpm_suspend (drivers/base/power/runtime.c:447) El cambio propuesto evitar\u00e1 que se llame a ->start_tx() durante la suspensi\u00f3n al cerrar el puerto." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6.24", + "versionEndExcluding": "6.6.29", + "matchCriteriaId": "F9EBAA35-C267-42BF-9547-DE4832721766" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7.12", + "versionEndExcluding": "6.8", + "matchCriteriaId": "D6A2C3EC-DA7B-4144-8BAF-2DBB7E8CE4C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.8", + "matchCriteriaId": "A6B3F478-AAC3-4675-897F-870080589B51" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*", + "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*", + "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*", + "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*", + "matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/7ae7104d54342433a3a73975f6569beefdd86350", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9cf7ea2eeb745213dc2a04103e426b960e807940", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bb1118905e875c111d7ccef9aee86ac5e4e7f985", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7ae7104d54342433a3a73975f6569beefdd86350", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9cf7ea2eeb745213dc2a04103e426b960e807940", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bb1118905e875c111d7ccef9aee86ac5e4e7f985", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-270xx/CVE-2024-27002.json b/CVE-2024/CVE-2024-270xx/CVE-2024-27002.json index ebac7ecf50a..5ee363bfb59 100644 --- a/CVE-2024/CVE-2024-270xx/CVE-2024-27002.json +++ b/CVE-2024/CVE-2024-270xx/CVE-2024-27002.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27002", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T06:15:18.437", - "lastModified": "2024-11-21T09:03:35.720", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T19:51:06.733", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,151 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: clk: mediatek: realice un PM en tiempo de ejecuci\u00f3n en los controladores durante la prueba mt8183-mfgcfg tiene una dependencia mutua con genpd durante la etapa de prueba, lo que conduce a un punto muerto en la siguiente pila de llamadas: CPU0: genpd_lock --> clk_prepare_lock genpd_power_off_work_fn() genpd_lock() generic_pm_domain::power_off() clk_unprepare() clk_prepare_lock() CPU1: clk_prepare_lock --> genpd_lock clk_register() __clk_core_init() clk_prepare_lock() clk_pm_runtime_get() genpd_lock() Hacer un tiempo de ejecuci\u00f3n PM acceda a la funci\u00f3n de sonda para asegurarse de que clk_register() no adquiera el bloqueo genpd. En lugar de modificar \u00fanicamente mt8183-mfgcfg, haga esto en todas las pruebas del controlador de reloj mediatek porque no creemos que esto cause ninguna regresi\u00f3n. Verificado en Chromebooks MT8183 y MT8192." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.2", + "versionEndExcluding": "6.1.88", + "matchCriteriaId": "DB0BC0CB-8A26-4A86-B6C8-3BA233507E5D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.29", + "matchCriteriaId": "0999E154-1E68-41FA-8DE3-9A735E382224" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.8.8", + "matchCriteriaId": "673B3328-389D-41A4-9617-669298635262" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*", + "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*", + "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*", + "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*", + "matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/165d226472575b213dd90dfda19d1605dd7c19a8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2f7b1d8b5505efb0057cd1ab85fca206063ea4c3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b62ed25feb342eab052822eff0c554873799a4f5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c0dcd5c072e2a3fff886f673e6a5d9bf8090c4cc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/165d226472575b213dd90dfda19d1605dd7c19a8", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2f7b1d8b5505efb0057cd1ab85fca206063ea4c3", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b62ed25feb342eab052822eff0c554873799a4f5", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c0dcd5c072e2a3fff886f673e6a5d9bf8090c4cc", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-270xx/CVE-2024-27003.json b/CVE-2024/CVE-2024-270xx/CVE-2024-27003.json index ffbde75c678..7ceb6185552 100644 --- a/CVE-2024/CVE-2024-270xx/CVE-2024-27003.json +++ b/CVE-2024/CVE-2024-270xx/CVE-2024-27003.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27003", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T06:15:18.597", - "lastModified": "2024-11-21T09:03:35.847", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T20:39:58.963", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,151 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: clk: Obtenga PM en tiempo de ejecuci\u00f3n antes de recorrer el \u00e1rbol para clk_summary De manera similar a el commit anterior, debemos asegurarnos de que todos los dispositivos se reanuden en tiempo de ejecuci\u00f3n antes de imprimir clk_summary a trav\u00e9s de debugfs. No hacerlo resultar\u00eda en un punto muerto si el subproceso est\u00e1 reanudando un dispositivo para imprimir el estado de clk y ese dispositivo tambi\u00e9n est\u00e1 reanudando el tiempo de ejecuci\u00f3n en otro subproceso, por ejemplo, la pantalla se enciende y el controlador de pantalla se est\u00e1 iniciando. Eliminamos las llamadas a clk_pm_runtime_{get,put}() en esta ruta porque son superfluas ahora que sabemos que los dispositivos se han reanudado en tiempo de ejecuci\u00f3n. Esto tambi\u00e9n soluciona un error por el cual el valor de retorno de clk_pm_runtime_get() no se verificaba, lo que provocaba un desbordamiento insuficiente del recuento de RPM en las rutas de error." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.17", + "versionEndExcluding": "6.1.88", + "matchCriteriaId": "48BF5B93-85A9-41F9-9FC8-F55BF9E9C600" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.29", + "matchCriteriaId": "0999E154-1E68-41FA-8DE3-9A735E382224" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.8.8", + "matchCriteriaId": "673B3328-389D-41A4-9617-669298635262" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*", + "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*", + "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*", + "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*", + "matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/2c077fdfd09dffb31a890e5095c8ab205138a42e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/83ada89e4a86e2b28ea2b5113c76d6dc7560a4d0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9d1e795f754db1ac3344528b7af0b17b8146f321", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b457105309d388e4081c716cf7b81d517ff74db4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2c077fdfd09dffb31a890e5095c8ab205138a42e", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/83ada89e4a86e2b28ea2b5113c76d6dc7560a4d0", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9d1e795f754db1ac3344528b7af0b17b8146f321", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b457105309d388e4081c716cf7b81d517ff74db4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-270xx/CVE-2024-27024.json b/CVE-2024/CVE-2024-270xx/CVE-2024-27024.json index a174ee86c1d..bdf5e4c5d23 100644 --- a/CVE-2024/CVE-2024-270xx/CVE-2024-27024.json +++ b/CVE-2024/CVE-2024-270xx/CVE-2024-27024.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27024", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T13:15:48.847", - "lastModified": "2024-11-21T09:03:41.273", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T19:22:58.463", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,79 +15,309 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net/rds: solucione la ADVERTENCIA en rds_conn_connect_if_down Si la conexi\u00f3n a\u00fan no se ha establecido, get_mr() fallar\u00e1, activar\u00e1 la conexi\u00f3n despu\u00e9s de get_mr()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.18.85", + "versionEndExcluding": "3.19", + "matchCriteriaId": "F634AF7C-7D44-4664-8424-E721CBABA88C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.1.48", + "versionEndExcluding": "4.2", + "matchCriteriaId": "1B508DE5-1B18-4819-B5C4-1172CC2F871B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.4.103", + "versionEndExcluding": "4.5", + "matchCriteriaId": "650D32F8-EA77-4DD0-853E-00A5D3748221" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.9.66", + "versionEndExcluding": "4.10", + "matchCriteriaId": "FF2C4C8C-49AC-4AAC-B560-0B3654CD08C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.11", + "versionEndExcluding": "4.19.310", + "matchCriteriaId": "980D4CBA-CDA0-4613-97DF-DDEF107EDC49" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.272", + "matchCriteriaId": "06199E67-91F5-4EC0-828B-22825E4DBAD1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.213", + "matchCriteriaId": "CE7B425A-A38B-494A-AA47-EC2251748164" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.152", + "matchCriteriaId": "DBBE9241-559E-479A-895A-02186BA03EBF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.82", + "matchCriteriaId": "933AC628-7DAD-4B2D-82E3-3B7B331B1C09" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.22", + "matchCriteriaId": "AC6FD6F8-5B16-4F53-8116-D42F4BF4FBAC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.10", + "matchCriteriaId": "FB4549F9-0160-455F-8CDC-98D38AEF6D66" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:-:*:*:*:*:*:*", + "matchCriteriaId": "41E47F32-BA80-4333-96FD-4D25082B0FDD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*", + "matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*", + "matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*", + "matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*", + "matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*", + "matchCriteriaId": "A780F817-2A77-4130-A9B7-5C25606314E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc6:*:*:*:*:*:*", + "matchCriteriaId": "AEB9199B-AB8F-4877-8964-E2BA95B5F15C" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/2b505d05280739ce31d5708da840f42df827cb85", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/786854141057751bc08eb26f1b02e97c1631c8f4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/907761307469adecb02461a14120e9a1812a5fb1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/997efea2bf3a4adb96c306b9ad6a91442237bf5b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/998fd719e6d6468b930ac0c44552ea9ff8b07b80", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9dfc15a10dfd44f8ff7f27488651cb5be6af83c2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b562ebe21ed9adcf42242797dd6cb75beef12bf0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c055fc00c07be1f0df7375ab0036cebd1106ed38", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2b505d05280739ce31d5708da840f42df827cb85", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/786854141057751bc08eb26f1b02e97c1631c8f4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/907761307469adecb02461a14120e9a1812a5fb1", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/997efea2bf3a4adb96c306b9ad6a91442237bf5b", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/998fd719e6d6468b930ac0c44552ea9ff8b07b80", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9dfc15a10dfd44f8ff7f27488651cb5be6af83c2", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b562ebe21ed9adcf42242797dd6cb75beef12bf0", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c055fc00c07be1f0df7375ab0036cebd1106ed38", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-270xx/CVE-2024-27025.json b/CVE-2024/CVE-2024-270xx/CVE-2024-27025.json index 2016f230f13..47255fddecd 100644 --- a/CVE-2024/CVE-2024-270xx/CVE-2024-27025.json +++ b/CVE-2024/CVE-2024-270xx/CVE-2024-27025.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27025", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T13:15:48.890", - "lastModified": "2024-11-21T09:03:41.403", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T19:24:12.370", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,75 +15,238 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nbd: la comprobaci\u00f3n nula de nla_nest_start nla_nest_start() puede fallar y devolver NULL. Inserte una marca y establezca errno seg\u00fan otros sitios de llamadas dentro del mismo c\u00f3digo fuente." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.12", + "versionEndExcluding": "5.4.273", + "matchCriteriaId": "00E98D9C-03F8-4C45-9EEE-3B97578B477E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.214", + "matchCriteriaId": "65987874-467B-4D3B-91D6-68A129B34FB8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.153", + "matchCriteriaId": "ACB69438-845D-4E3C-B114-3140611F9C0B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.83", + "matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.23", + "matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.11", + "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.2", + "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/31edf4bbe0ba27fd03ac7d87eb2ee3d2a231af6d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/44214d744be32a4769faebba764510888f1eb19e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4af837db0fd3679fabc7b7758397090b0c06dced", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/96436365e5d80d0106ea785a4f80a58e7c9edff8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/98e60b538e66c90b9a856828c71d4e975ebfa797", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b7f5aed55829f376e4f7e5ea5b80ccdcb023e983", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ba6a9970ce9e284cbc04099361c58731e308596a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e803040b368d046434fbc8a91945c690332c4fcf", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/31edf4bbe0ba27fd03ac7d87eb2ee3d2a231af6d", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/44214d744be32a4769faebba764510888f1eb19e", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4af837db0fd3679fabc7b7758397090b0c06dced", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/96436365e5d80d0106ea785a4f80a58e7c9edff8", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/98e60b538e66c90b9a856828c71d4e975ebfa797", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b7f5aed55829f376e4f7e5ea5b80ccdcb023e983", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ba6a9970ce9e284cbc04099361c58731e308596a", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e803040b368d046434fbc8a91945c690332c4fcf", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-270xx/CVE-2024-27029.json b/CVE-2024/CVE-2024-270xx/CVE-2024-27029.json index d4863c97467..24c37ff14e7 100644 --- a/CVE-2024/CVE-2024-270xx/CVE-2024-27029.json +++ b/CVE-2024/CVE-2024-270xx/CVE-2024-27029.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27029", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T13:15:49.083", - "lastModified": "2024-11-21T09:03:41.980", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T19:33:28.437", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,110 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu: corrige el acceso fuera de los l\u00edmites del ID del cliente mmhub. Maneja correctamente el cid 0x140." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.11", + "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.2", + "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1f24b3040f2b6ffcb97151fabb3070328254d923", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6540ff6482c1a5a6890ae44b23d0852ba1986d9e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e1e076bda4fd6378ae650f2c6ef1a4ff93c5aea5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1f24b3040f2b6ffcb97151fabb3070328254d923", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6540ff6482c1a5a6890ae44b23d0852ba1986d9e", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e1e076bda4fd6378ae650f2c6ef1a4ff93c5aea5", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-270xx/CVE-2024-27030.json b/CVE-2024/CVE-2024-270xx/CVE-2024-27030.json index 9b7ce7e1792..18081c3db5c 100644 --- a/CVE-2024/CVE-2024-270xx/CVE-2024-27030.json +++ b/CVE-2024/CVE-2024-270xx/CVE-2024-27030.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27030", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T13:15:49.137", - "lastModified": "2024-11-21T09:03:42.103", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T19:33:10.110", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,75 +15,238 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: octeontx2-af: utilice controladores separados para las interrupciones. Para el vector de interrupci\u00f3n PF a AF y el vector VF a AF, se registra el mismo controlador de interrupciones, lo que provoca la condici\u00f3n de ejecuci\u00f3n. Cuando se generan dos interrupciones en dos CPU al mismo tiempo, dos n\u00facleos atienden el mismo evento y corrompen los datos." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-362" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.273", + "matchCriteriaId": "620FD8B7-BF03-43E0-951A-0A58461D4C55" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.214", + "matchCriteriaId": "65987874-467B-4D3B-91D6-68A129B34FB8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.153", + "matchCriteriaId": "ACB69438-845D-4E3C-B114-3140611F9C0B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.83", + "matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.23", + "matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.11", + "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.2", + "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/29d2550d79a8cbd31e0fbaa5c0e2a2efdc444e44", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4fedae8f9eafa2ac8cdaca58e315f52a7e2a8701", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/50e60de381c342008c0956fd762e1c26408f372c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/766c2627acb2d9d1722cce2e24837044d52d888a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/772f18ded0e240cc1fa2b7020cc640e3e5c32b70", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/94cb17e5cf3a3c484063abc0ce4b8a2b2e8c1cb2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ad6759e233db6fcc131055f8e23b4eafbe81053c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/dc29dd00705a62c77de75b6d752259b869aac49d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/29d2550d79a8cbd31e0fbaa5c0e2a2efdc444e44", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4fedae8f9eafa2ac8cdaca58e315f52a7e2a8701", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/50e60de381c342008c0956fd762e1c26408f372c", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/766c2627acb2d9d1722cce2e24837044d52d888a", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/772f18ded0e240cc1fa2b7020cc640e3e5c32b70", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/94cb17e5cf3a3c484063abc0ce4b8a2b2e8c1cb2", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ad6759e233db6fcc131055f8e23b4eafbe81053c", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/dc29dd00705a62c77de75b6d752259b869aac49d", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-270xx/CVE-2024-27031.json b/CVE-2024/CVE-2024-270xx/CVE-2024-27031.json index 9b95181695c..6b552af7091 100644 --- a/CVE-2024/CVE-2024-270xx/CVE-2024-27031.json +++ b/CVE-2024/CVE-2024-270xx/CVE-2024-27031.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27031", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T13:15:49.180", - "lastModified": "2024-11-21T09:03:42.230", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T19:46:47.357", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,131 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: NFS: corrige el bloqueo de matriz x de nfs_netfs_issue_read() para interrupci\u00f3n de escritura regresiva. El bucle dentro de nfs_netfs_issue_read() actualmente no deshabilita las interrupciones mientras se itera a trav\u00e9s de p\u00e1ginas en la matriz x para enviarlas a lectura NFS. Sin embargo, esto no es seguro ya que despu\u00e9s de tomar xa_lock, otra p\u00e1gina en el mapeo podr\u00eda procesarse para reescritura dentro de una interrupci\u00f3n, y puede ocurrir un punto muerto. La soluci\u00f3n es simple y limpia si usamos xa_for_each_range(), que maneja la iteraci\u00f3n con RCU mientras reduce la complejidad del c\u00f3digo. El problema se reproduce f\u00e1cilmente con la siguiente prueba: mount -o vers=3,fsc 127.0.0.1:/export /mnt/nfs dd if=/dev/zero of=/mnt/nfs/file1.bin bs=4096 count= 1 echo 3 > /proc/sys/vm/drop_caches dd if=/mnt/nfs/file1.bin of=/dev/null umount /mnt/nfs En la consola con un kernel habilitado para lockdep aparecer\u00e1 un mensaje similar al siguiente ser visto: ================================ ADVERTENCIA: estado de bloqueo inconsistente 6.7.0-lockdbg+ #10 No contaminado - ------------------------------- Uso inconsistente de {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W}. test5/1708 [HC0[0]:SC0[0]:HE1:SE1] toma: ffff888127baa598 (&xa->xa_lock#4){+.?.}-{3:3}, en: nfs_netfs_issue_read+0x1b2/0x4b0 [ nfs] El estado {IN-SOFTIRQ-W} se registr\u00f3 en: lock_acquire+0x144/0x380 _raw_spin_lock_irqsave+0x4e/0xa0 __folio_end_writeback+0x17e/0x5c0 folio_end_writeback+0x93/0x1b0 iomap_finish_ioend+0xeb/0x6a0 blk_update_request+ 0x204/0x7f0 blk_mq_end_request+0x30/0x1c0 blk_complete_reqs +0x7e/0xa0 __do_softirq+0x113/0x544 __irq_exit_rcu+0xfe/0x120 irq_exit_rcu+0xe/0x20 sysvec_call_function_single+0x6f/0x90 asm_sysvec_call_function_single+0x1a/0x20 +0xf/0x20 default_idle+0x9/0x20 default_idle_call+0x67/0xa0 do_idle+0x2b5/0x300 cpu_startup_entry +0x34/0x40 start_secondary+0x19d/0x1c0 second_startup_64_no_verify+0x18f/0x19b sello de evento irq: 176891 hardirqs habilitado por \u00faltima vez en (176891): [] _raw_spin_unlock_irqrestore+0x44/0x60 hardirqs deshabilitado por \u00faltima vez en ( 176890): [] _raw_spin_lock_irqsave+0x79/0xa0 softirqs habilitado por \u00faltima vez en (176646): [] __irq_exit_rcu+0xfe/0x120 softirqs deshabilitado por \u00faltima vez en (176633): [] __irq_exit_rcu+0xfe/0x120 Otra informaci\u00f3n que podr\u00eda ayudarnos a depurar esto: Posible escenario de bloqueo inseguro: CPU0 ---- lock(&xa->xa_lock#4); bloqueo(&xa->xa_lock#4); *** DEADLOCK *** 2 bloqueos mantenidos por test5/1708: #0: ffff888127baa498 (&sb->s_type->i_mutex_key#22){++++}-{4:4}, en: nfs_start_io_read+0x28/0x90 [nfs] #1: ffff888127baa650 (mapping.invalidate_lock#3){.+.+}-{4:4}, en: page_cache_ra_unbounded+0xa4/0x280 seguimiento de pila: CPU: 6 PID: 1708 Comm: test5 Kdump: cargado No tainted 6.7.0-lockdbg+ Nombre del hardware: PC est\u00e1ndar QEMU (Q35 + ICH9, 2009), BIOS 1.16.3-1.fc39 01/04/2014 Seguimiento de llamadas: dump_stack_lvl+0x5b/0x90 mark_lock+0xb3f/0xd20 __lock_acquire+0x77b/ 0x3360 _raw_spin_lock+0x34/0x80 nfs_netfs_issue_read+0x1b2/0x4b0 [nfs] netfs_begin_read+0x77f/0x980 [netfs] nfs_netfs_readahead+0x45/0x60 [nfs_readahead+0x323/0x5 a0 [nfs] read_pages+0xf3/0x5c0 page_cache_ra_unbounded+0x1c8/0x280 filemap_get_pages+ 0x38c/0xae0 filemap_read+0x206/0x5e0 nfs_file_read+0xb7/0x140 [nfs] vfs_read+0x2a9/0x460 ksys_read+0xb7/0x140" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.4", + "versionEndExcluding": "6.6.23", + "matchCriteriaId": "81341948-503D-47E5-9E88-7F2922865141" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.11", + "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.2", + "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/8a2e5977cecd3cde6a0e3e86b7b914d00240e5dc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8df1678c021ffeb20ef8a203bd9413f3ed9b0e9a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ad27382f8495f8ef6d2c66c413d756bfd13c0598", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fd5860ab6341506004219b080aea40213b299d2e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8a2e5977cecd3cde6a0e3e86b7b914d00240e5dc", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8df1678c021ffeb20ef8a203bd9413f3ed9b0e9a", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ad27382f8495f8ef6d2c66c413d756bfd13c0598", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fd5860ab6341506004219b080aea40213b299d2e", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-270xx/CVE-2024-27033.json b/CVE-2024/CVE-2024-270xx/CVE-2024-27033.json index 0686aa1064e..8291214be6d 100644 --- a/CVE-2024/CVE-2024-270xx/CVE-2024-27033.json +++ b/CVE-2024/CVE-2024-270xx/CVE-2024-27033.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27033", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T13:15:49.273", - "lastModified": "2024-11-21T09:03:42.543", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T19:12:40.210", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,131 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: f2fs: soluci\u00f3n para eliminar f2fs_bug_on() innecesario para evitar el p\u00e1nico. verificar_blkaddr() provocar\u00e1 p\u00e1nico una vez que inyectemos el error en f2fs_is_valid_blkaddr(), soluci\u00f3n para eliminar este f2fs_bug_on() innecesario." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.23", + "matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.11", + "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.2", + "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0386408036bfc8b50296d9e544ff91c4d52af2db", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6633cdc8b2ebefcddcfcdacfd063105e60f39a49", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/abe98a05e7162f64759bf9111108ebcb11322dec", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b896e302f79678451a94769ddd9e52e954c64fbb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0386408036bfc8b50296d9e544ff91c4d52af2db", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6633cdc8b2ebefcddcfcdacfd063105e60f39a49", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/abe98a05e7162f64759bf9111108ebcb11322dec", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b896e302f79678451a94769ddd9e52e954c64fbb", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-270xx/CVE-2024-27042.json b/CVE-2024/CVE-2024-270xx/CVE-2024-27042.json index 9ea56181ef2..c9f22eb1ef5 100644 --- a/CVE-2024/CVE-2024-270xx/CVE-2024-27042.json +++ b/CVE-2024/CVE-2024-270xx/CVE-2024-27042.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27042", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T13:15:49.690", - "lastModified": "2024-11-21T09:03:43.930", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T19:12:55.067", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,131 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drm/amdgpu: corrige el posible acceso fuera de los l\u00edmites en 'amdgpu_discovery_reg_base_init()'. El problema surge cuando se accede a la matriz 'adev->vcn.vcn_config' antes de verificar si el El \u00edndice 'adev->vcn.num_vcn_inst' est\u00e1 dentro de los l\u00edmites de la matriz. La soluci\u00f3n implica mover la verificaci\u00f3n de los l\u00edmites antes del acceso a la matriz. Esto garantiza que 'adev->vcn.num_vcn_inst' est\u00e9 dentro de los l\u00edmites de la matriz antes de usarlo como \u00edndice. Corrige lo siguiente: drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c:1289 error amdgpu_discovery_reg_base_init(): prueba de desplazamiento de matriz 'adev->vcn.num_vcn_inst' despu\u00e9s de su uso." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-129" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.19", + "versionEndExcluding": "6.6.23", + "matchCriteriaId": "4F143171-EF3B-487F-85D7-8B0A8733F239" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.11", + "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.2", + "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/8db10cee51e3e11a6658742465edc21986cf1e8d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8f3e68c6a3fff53c2240762a47a0045d89371775", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b33d4af102b9c1f7a83d3f0ad3cab7d2bab8f058", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cdb637d339572398821204a1142d8d615668f1e9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8db10cee51e3e11a6658742465edc21986cf1e8d", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8f3e68c6a3fff53c2240762a47a0045d89371775", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b33d4af102b9c1f7a83d3f0ad3cab7d2bab8f058", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cdb637d339572398821204a1142d8d615668f1e9", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-270xx/CVE-2024-27043.json b/CVE-2024/CVE-2024-270xx/CVE-2024-27043.json index e38bbf03f28..c96188d498d 100644 --- a/CVE-2024/CVE-2024-270xx/CVE-2024-27043.json +++ b/CVE-2024/CVE-2024-270xx/CVE-2024-27043.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27043", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T13:15:49.740", - "lastModified": "2024-11-21T09:03:44.053", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T19:13:31.163", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,87 +15,250 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: medios: edia: dvbdev: corregir un use-after-free En dvb_register_device, *pdvbdev se establece igual a dvbdev, que se libera en varias rutas de manejo de errores. Sin embargo, *pdvbdev no se establece en NULL despu\u00e9s de la desasignaci\u00f3n de dvbdev, lo que provoca use-after-free en muchos lugares, por ejemplo, en la siguiente cadena de llamadas: Budget_register |-> dvb_dmxdev_init |-> dvb_register_device |-> dvb_dmxdev_release |-> dvb_unregister_device | -> dvb_remove_device |-> dvb_device_put |-> kref_put Al llamar a dvb_unregister_device, dmxdev->dvbdev (es decir, *pdvbdev en dvb_register_device) podr\u00eda apuntar a la memoria que se hab\u00eda liberado en dvb_register_device. A partir de entonces, este puntero se transfiere a kref_put y se activa un use-after-free." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.6.21", + "versionEndExcluding": "4.19.311", + "matchCriteriaId": "32929A32-A706-43C6-AE11-688AAC723E0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.273", + "matchCriteriaId": "620FD8B7-BF03-43E0-951A-0A58461D4C55" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.214", + "matchCriteriaId": "65987874-467B-4D3B-91D6-68A129B34FB8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.153", + "matchCriteriaId": "ACB69438-845D-4E3C-B114-3140611F9C0B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.83", + "matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.23", + "matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.11", + "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.2", + "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/096237039d00c839f3e3a5fe6d001bf0db45b644", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0d3fe80b6d175c220b3e252efc6c6777e700e98e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/35674111a043b0482a9bc69da8850a83f465b07d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/437a111f79a2f5b2a5f21e27fdec6f40c8768712", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/779e8db7efb22316c8581d6c229636d2f5694a62", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8c64f4cdf4e6cc5682c52523713af8c39c94e6d5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b7586e902128e4fb7bfbb661cb52e4215a65637b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d0f5c28333822f9baa5280d813124920720fd856", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f20c3270f3ed5aa6919a87e4de9bf6c05fb57086", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/096237039d00c839f3e3a5fe6d001bf0db45b644", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0d3fe80b6d175c220b3e252efc6c6777e700e98e", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/35674111a043b0482a9bc69da8850a83f465b07d", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/437a111f79a2f5b2a5f21e27fdec6f40c8768712", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/779e8db7efb22316c8581d6c229636d2f5694a62", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8c64f4cdf4e6cc5682c52523713af8c39c94e6d5", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b7586e902128e4fb7bfbb661cb52e4215a65637b", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d0f5c28333822f9baa5280d813124920720fd856", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f20c3270f3ed5aa6919a87e4de9bf6c05fb57086", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-270xx/CVE-2024-27045.json b/CVE-2024/CVE-2024-270xx/CVE-2024-27045.json index 31a73562420..055a7f5bcc7 100644 --- a/CVE-2024/CVE-2024-270xx/CVE-2024-27045.json +++ b/CVE-2024/CVE-2024-270xx/CVE-2024-27045.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27045", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T13:15:49.837", - "lastModified": "2024-11-21T09:03:44.310", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T19:13:59.617", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,67 +15,201 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: soluciona un posible desbordamiento del b\u00fafer en 'dp_dsc_clock_en_read()' Dile a snprintf() que almacene como m\u00e1ximo 10 bytes en el b\u00fafer de salida en lugar de 30. Corrige lo siguiente : drivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm_debugfs.c:1508 dp_dsc_clock_en_read() error: snprintf() est\u00e1 imprimiendo demasiado 30 vs 10" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.9", + "versionEndExcluding": "5.10.214", + "matchCriteriaId": "A73BE1C2-BC30-4A60-80F0-7975135EB641" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.153", + "matchCriteriaId": "ACB69438-845D-4E3C-B114-3140611F9C0B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.83", + "matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.23", + "matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.11", + "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.2", + "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/440f059837418fac1695b65d3ebc6080d33be877", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4b09715f1504f1b6e8dff0e9643630610bc05141", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ad76fd30557d6a106c481e4606a981221ca525f7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cf114d8d4a8d78df272116a745bb43b48cef65f4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d346b3e5b25c95d504478507eb867cd3818775ab", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/eb9327af3621d26b1d83f767c97a3fe8191a3a65", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ff28893c96c5e0927a4da10cd24a3522ca663515", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/440f059837418fac1695b65d3ebc6080d33be877", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4b09715f1504f1b6e8dff0e9643630610bc05141", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ad76fd30557d6a106c481e4606a981221ca525f7", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cf114d8d4a8d78df272116a745bb43b48cef65f4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d346b3e5b25c95d504478507eb867cd3818775ab", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/eb9327af3621d26b1d83f767c97a3fe8191a3a65", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ff28893c96c5e0927a4da10cd24a3522ca663515", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-270xx/CVE-2024-27047.json b/CVE-2024/CVE-2024-270xx/CVE-2024-27047.json index c5f310cc21d..a7549ba319d 100644 --- a/CVE-2024/CVE-2024-270xx/CVE-2024-27047.json +++ b/CVE-2024/CVE-2024-270xx/CVE-2024-27047.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27047", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T13:15:49.930", - "lastModified": "2024-11-21T09:03:44.563", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T19:14:13.317", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,67 +15,201 @@ "value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: net:phy: fix phy_get_internal_delay accediendo a un array vac\u00edo La funci\u00f3n phy_get_internal_delay podr\u00eda intentar acceder a un array vac\u00edo en el caso de que el driver est\u00e9 llamando a phy_get_internal_delay sin definir delay_values y rx-internal- delay-ps o tx-internal-delay-ps se define en 0 en el \u00e1rbol de dispositivos. Esto provocar\u00e1 que \"no se pueda manejar la desreferencia del puntero NULL del kernel en la direcci\u00f3n virtual 0\". Para evitar este problema del kernel, la prueba debe tener un retraso >= 0. Como ya hay un retraso < 0 en la prueba justo antes, la prueba solo podr\u00eda tener un tama\u00f1o == 0." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.9", + "versionEndExcluding": "5.10.214", + "matchCriteriaId": "A73BE1C2-BC30-4A60-80F0-7975135EB641" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.153", + "matchCriteriaId": "ACB69438-845D-4E3C-B114-3140611F9C0B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.83", + "matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.23", + "matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.11", + "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.2", + "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0307cf443308ecc6be9b2ca312bb31bae5e5a7ad", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/06dd21045a7e8bc8701b0ebedcd9a30a6325878b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0e939a002c8a7d66e60bd0ea6b281fb39d713c1a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2a2ff709511617de9c6c072eeee82bcbbdfecaf8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4469c0c5b14a0919f5965c7ceac96b523eb57b79", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/589ec16174dd9378953b8232ae76fad0a96e1563", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c0691de7df1d51482a52cac93b7fe82fd9dd296b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0307cf443308ecc6be9b2ca312bb31bae5e5a7ad", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/06dd21045a7e8bc8701b0ebedcd9a30a6325878b", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0e939a002c8a7d66e60bd0ea6b281fb39d713c1a", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2a2ff709511617de9c6c072eeee82bcbbdfecaf8", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4469c0c5b14a0919f5965c7ceac96b523eb57b79", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/589ec16174dd9378953b8232ae76fad0a96e1563", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c0691de7df1d51482a52cac93b7fe82fd9dd296b", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-270xx/CVE-2024-27048.json b/CVE-2024/CVE-2024-270xx/CVE-2024-27048.json index 375f457b23e..7f811e1f773 100644 --- a/CVE-2024/CVE-2024-270xx/CVE-2024-27048.json +++ b/CVE-2024/CVE-2024-270xx/CVE-2024-27048.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27048", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T13:15:49.977", - "lastModified": "2024-11-21T09:03:44.707", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T19:05:50.830", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,131 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: brcm80211: maneja el error de asignaci\u00f3n de pmk_op El kzalloc() en brcmf_pmksa_v3_op() devolver\u00e1 nulo si la memoria f\u00edsica se ha agotado. Como resultado, si eliminamos la referencia del valor nulo, se producir\u00e1 el error de desreferencia del puntero nulo. Devuelve -ENOMEM de brcmf_pmksa_v3_op() si kzalloc() falla para pmk_op." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.4", + "versionEndExcluding": "6.6.23", + "matchCriteriaId": "81341948-503D-47E5-9E88-7F2922865141" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.11", + "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.2", + "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/6138a82f3bccfc67ed7ac059493579fc326c02e5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9975908315c13bae2f2ed5ba92870fa935180b0e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b4152222e04cb8afeeca239c90e3fcaf4c553b42", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/df62e22c2e27420e8990a4f09e30d7bf56c2036f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6138a82f3bccfc67ed7ac059493579fc326c02e5", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9975908315c13bae2f2ed5ba92870fa935180b0e", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b4152222e04cb8afeeca239c90e3fcaf4c553b42", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/df62e22c2e27420e8990a4f09e30d7bf56c2036f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-270xx/CVE-2024-27049.json b/CVE-2024/CVE-2024-270xx/CVE-2024-27049.json index c2b9cc5410a..b6c96a765d6 100644 --- a/CVE-2024/CVE-2024-270xx/CVE-2024-27049.json +++ b/CVE-2024/CVE-2024-270xx/CVE-2024-27049.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27049", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T13:15:50.020", - "lastModified": "2024-11-21T09:03:44.820", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T19:11:05.037", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,110 @@ "value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: wifi: mt76: mt7925e: fix use-after-free in free_irq() Desde el commit a304e1b82808 (\"[PATCH] Depurar irqs compartidas\"), existe una prueba para asegurarse de que El controlador de irq compartido deber\u00eda poder manejar el evento inesperado despu\u00e9s de la cancelaci\u00f3n del registro. Para este caso, apliquemos el indicador MT76_REMOVED para indicar que el dispositivo fue eliminado y que ya no se puede acceder al recurso." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.11", + "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.2", + "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/6d9930096e1f13cf6d9aabfbf95d0e05fb04144f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/84470b48af03a818039d587478b415cbcb264ff5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a5a5f4413d91f395cb2d89829d376d7393ad48b9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6d9930096e1f13cf6d9aabfbf95d0e05fb04144f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/84470b48af03a818039d587478b415cbcb264ff5", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a5a5f4413d91f395cb2d89829d376d7393ad48b9", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-270xx/CVE-2024-27051.json b/CVE-2024/CVE-2024-270xx/CVE-2024-27051.json index ce701c1236e..667186c6366 100644 --- a/CVE-2024/CVE-2024-270xx/CVE-2024-27051.json +++ b/CVE-2024/CVE-2024-270xx/CVE-2024-27051.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27051", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T13:15:50.120", - "lastModified": "2024-11-21T09:03:45.127", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-23T19:11:23.533", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,67 +15,201 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: cpufreq: brcmstb-avs-cpufreq: agregar verificaci\u00f3n para el valor de retorno de cpufreq_cpu_get cpufreq_cpu_get puede devolver NULL. Para evitar la desreferencia NULL, verif\u00edquelo y devuelva 0 en caso de error. Encontrado por el Centro de verificaci\u00f3n de Linux (linuxtesting.org) con SVACE." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "5.10.214", + "matchCriteriaId": "2EDD01A7-5FF5-4171-BC87-14C35FB3872B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.153", + "matchCriteriaId": "ACB69438-845D-4E3C-B114-3140611F9C0B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.83", + "matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.23", + "matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.11", + "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.2", + "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/74b84d0d71180330efe67c82f973a87f828323e5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9127599c075caff234359950117018a010dd01db", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b25b64a241d769e932a022e5c780cf135ef56035", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d951cf510fb0df91d3abac0121a59ebbc63c0567", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e6e3e51ffba0784782b1a076d7441605697ea3c6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e72160cb6e23b78b41999d6885a34ce8db536095", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f661017e6d326ee187db24194cabb013d81bc2a6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/74b84d0d71180330efe67c82f973a87f828323e5", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9127599c075caff234359950117018a010dd01db", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b25b64a241d769e932a022e5c780cf135ef56035", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d951cf510fb0df91d3abac0121a59ebbc63c0567", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e6e3e51ffba0784782b1a076d7441605697ea3c6", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e72160cb6e23b78b41999d6885a34ce8db536095", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f661017e6d326ee187db24194cabb013d81bc2a6", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index afd235ad055..b5f0f895f35 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-23T19:00:21.728498+00:00 +2024-12-23T21:00:20.486239+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-23T18:19:19.613000+00:00 +2024-12-23T20:48:01.910000+00:00 ``` ### Last Data Feed Release @@ -38,31 +38,38 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### CVEs added in the last Commit -Recently added CVEs: `5` +Recently added CVEs: `0` -- [CVE-2024-40896](CVE-2024/CVE-2024-408xx/CVE-2024-40896.json) (`2024-12-23T17:15:08.400`) -- [CVE-2024-53275](CVE-2024/CVE-2024-532xx/CVE-2024-53275.json) (`2024-12-23T18:15:07.143`) -- [CVE-2024-53276](CVE-2024/CVE-2024-532xx/CVE-2024-53276.json) (`2024-12-23T18:15:07.293`) -- [CVE-2024-56362](CVE-2024/CVE-2024-563xx/CVE-2024-56362.json) (`2024-12-23T18:15:07.617`) -- [CVE-2024-56363](CVE-2024/CVE-2024-563xx/CVE-2024-56363.json) (`2024-12-23T18:15:07.767`) ### CVEs modified in the last Commit -Recently modified CVEs: `12` +Recently modified CVEs: `24` -- [CVE-2023-27291](CVE-2023/CVE-2023-272xx/CVE-2023-27291.json) (`2024-12-23T17:58:44.957`) -- [CVE-2023-43054](CVE-2023/CVE-2023-430xx/CVE-2023-43054.json) (`2024-12-23T17:29:02.930`) -- [CVE-2023-47742](CVE-2023/CVE-2023-477xx/CVE-2023-47742.json) (`2024-12-23T18:01:38.420`) -- [CVE-2023-47745](CVE-2023/CVE-2023-477xx/CVE-2023-47745.json) (`2024-12-23T17:33:15.237`) -- [CVE-2024-1093](CVE-2024/CVE-2024-10xx/CVE-2024-1093.json) (`2024-12-23T17:03:58.370`) -- [CVE-2024-1769](CVE-2024/CVE-2024-17xx/CVE-2024-1769.json) (`2024-12-23T17:21:56.777`) -- [CVE-2024-22355](CVE-2024/CVE-2024-223xx/CVE-2024-22355.json) (`2024-12-23T18:01:08.250`) -- [CVE-2024-23945](CVE-2024/CVE-2024-239xx/CVE-2024-23945.json) (`2024-12-23T18:15:06.403`) -- [CVE-2024-27046](CVE-2024/CVE-2024-270xx/CVE-2024-27046.json) (`2024-12-23T18:19:19.613`) -- [CVE-2024-27255](CVE-2024/CVE-2024-272xx/CVE-2024-27255.json) (`2024-12-23T17:32:58.470`) -- [CVE-2024-45387](CVE-2024/CVE-2024-453xx/CVE-2024-45387.json) (`2024-12-23T18:15:07.043`) -- [CVE-2024-56084](CVE-2024/CVE-2024-560xx/CVE-2024-56084.json) (`2024-12-23T18:15:07.440`) +- [CVE-2021-47379](CVE-2021/CVE-2021-473xx/CVE-2021-47379.json) (`2024-12-23T20:47:30.867`) +- [CVE-2021-47380](CVE-2021/CVE-2021-473xx/CVE-2021-47380.json) (`2024-12-23T20:48:01.910`) +- [CVE-2023-52649](CVE-2023/CVE-2023-526xx/CVE-2023-52649.json) (`2024-12-23T19:14:57.980`) +- [CVE-2024-26981](CVE-2024/CVE-2024-269xx/CVE-2024-26981.json) (`2024-12-23T20:42:57.277`) +- [CVE-2024-26989](CVE-2024/CVE-2024-269xx/CVE-2024-26989.json) (`2024-12-23T20:43:38.437`) +- [CVE-2024-26993](CVE-2024/CVE-2024-269xx/CVE-2024-26993.json) (`2024-12-23T20:43:56.733`) +- [CVE-2024-26995](CVE-2024/CVE-2024-269xx/CVE-2024-26995.json) (`2024-12-23T19:49:22.590`) +- [CVE-2024-26996](CVE-2024/CVE-2024-269xx/CVE-2024-26996.json) (`2024-12-23T19:49:49.543`) +- [CVE-2024-26998](CVE-2024/CVE-2024-269xx/CVE-2024-26998.json) (`2024-12-23T19:50:05.873`) +- [CVE-2024-27002](CVE-2024/CVE-2024-270xx/CVE-2024-27002.json) (`2024-12-23T19:51:06.733`) +- [CVE-2024-27003](CVE-2024/CVE-2024-270xx/CVE-2024-27003.json) (`2024-12-23T20:39:58.963`) +- [CVE-2024-27024](CVE-2024/CVE-2024-270xx/CVE-2024-27024.json) (`2024-12-23T19:22:58.463`) +- [CVE-2024-27025](CVE-2024/CVE-2024-270xx/CVE-2024-27025.json) (`2024-12-23T19:24:12.370`) +- [CVE-2024-27029](CVE-2024/CVE-2024-270xx/CVE-2024-27029.json) (`2024-12-23T19:33:28.437`) +- [CVE-2024-27030](CVE-2024/CVE-2024-270xx/CVE-2024-27030.json) (`2024-12-23T19:33:10.110`) +- [CVE-2024-27031](CVE-2024/CVE-2024-270xx/CVE-2024-27031.json) (`2024-12-23T19:46:47.357`) +- [CVE-2024-27033](CVE-2024/CVE-2024-270xx/CVE-2024-27033.json) (`2024-12-23T19:12:40.210`) +- [CVE-2024-27042](CVE-2024/CVE-2024-270xx/CVE-2024-27042.json) (`2024-12-23T19:12:55.067`) +- [CVE-2024-27043](CVE-2024/CVE-2024-270xx/CVE-2024-27043.json) (`2024-12-23T19:13:31.163`) +- [CVE-2024-27045](CVE-2024/CVE-2024-270xx/CVE-2024-27045.json) (`2024-12-23T19:13:59.617`) +- [CVE-2024-27047](CVE-2024/CVE-2024-270xx/CVE-2024-27047.json) (`2024-12-23T19:14:13.317`) +- [CVE-2024-27048](CVE-2024/CVE-2024-270xx/CVE-2024-27048.json) (`2024-12-23T19:05:50.830`) +- [CVE-2024-27049](CVE-2024/CVE-2024-270xx/CVE-2024-27049.json) (`2024-12-23T19:11:05.037`) +- [CVE-2024-27051](CVE-2024/CVE-2024-270xx/CVE-2024-27051.json) (`2024-12-23T19:11:23.533`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 43f143f8f9b..2056eb1c9d2 100644 --- a/_state.csv +++ b/_state.csv @@ -187543,8 +187543,8 @@ CVE-2021-47375,0,0,daa5fe7e4d3964a12e2bcd9af03cc7eb715f55d9fdd17eb4077e638abf8ac CVE-2021-47376,0,0,e4e2e91a48ccc0e7be03f9d0eb65fe1705fa52f5bac1244bd9675e31930ce773,2024-11-21T06:36:01.090000 CVE-2021-47377,0,0,cbaeb70b9806767a5a3a5aa11b89a836e7a242ea2c157a7c29d647c590b451c9,2024-05-28T19:15:08.857000 CVE-2021-47378,0,0,61aa0638bc7ee0395a662fdc5f4f13b5b1b9ce16346a6ed71a2a1250339146a3,2024-11-21T06:36:01.220000 -CVE-2021-47379,0,0,76cdfde0c81bed6bf3d28e6dca7823c32ae4d63a7adea6364df9c93bc9defdc0,2024-11-21T06:36:01.397000 -CVE-2021-47380,0,0,5e9ceea1632a1bfaf5e829456a5ec573044e232a85d9bd48531e1e2109435cf5,2024-11-21T06:36:01.517000 +CVE-2021-47379,0,1,3af783699b681bcffb74a2660da0530399c3e52991b6855e838ae2f4f2a4a6f7,2024-12-23T20:47:30.867000 +CVE-2021-47380,0,1,334d3b8b44718c38a1a24aa2305d3adcb569796b98de33e4074b5736ae175e69,2024-12-23T20:48:01.910000 CVE-2021-47381,0,0,ea9581172c2cef8c9f5c61fde5035f577a718b0e4516fc363d9583f7adc1168e,2024-11-21T06:36:01.627000 CVE-2021-47382,0,0,c2e08bf0c977c4ed26a20c1e37ed0c4ac6564358eb7e5ab4cfc2af653c7447cb,2024-11-21T06:36:01.757000 CVE-2021-47383,0,0,0fea9bf20d9be4ceb176eb152b0a196ea8810eed9df3d1f03d48ee0cced5dcc0,2024-11-21T06:36:01.867000 @@ -220966,7 +220966,7 @@ CVE-2023-27285,0,0,1007a628ba537eeb9cf3829c1e971c955976a8c54c997aa8b8fb2b201a43b CVE-2023-27286,0,0,0ddae44b2ed029aef181f2c509a039c45c2fa7e460c42bcc46086a02769bb052,2024-11-21T07:52:35.267000 CVE-2023-2729,0,0,7ea70f9a23bdb638173c1dc3736dc1124c05150e55610a5ba19e6ba87c6955b8,2024-11-21T07:59:10.930000 CVE-2023-27290,0,0,e8f6c4ee4e5a554d54ff4146c0d8e3577fc9a770269c23444485b190b99f4c6e,2024-11-21T07:52:35.390000 -CVE-2023-27291,0,1,71466b680d180061708f71e970cd5fe72b643359a570e62afaca5342fbfcfd13,2024-12-23T17:58:44.957000 +CVE-2023-27291,0,0,71466b680d180061708f71e970cd5fe72b643359a570e62afaca5342fbfcfd13,2024-12-23T17:58:44.957000 CVE-2023-27292,0,0,97dcbe475305ce7caa822a272d7c9ae7ba2ff74ad54d20a927c7a39de32fb198,2024-11-21T07:52:35.623000 CVE-2023-27293,0,0,a6bd67d7f4699cf2b8a0eaf868b22b96444ff9300c334690ff1df27158d500f3,2024-11-21T07:52:35.733000 CVE-2023-27294,0,0,a8c2ed9f7bf316e1c8137f253452c0e613f7a6b7e34251d8285938c38d5a8709,2024-11-21T07:52:35.860000 @@ -233293,7 +233293,7 @@ CVE-2023-43043,0,0,4ec93aa82436dc86b4ccb1b3684f50d48aedc5bdc1d93f254412bd4b2a651 CVE-2023-43044,0,0,c700e000c93a60d18aeeabd55f0025926f6f0c9fba18f1ec754ac13e08b3d371,2024-11-21T08:23:38.910000 CVE-2023-43045,0,0,692f22dbc4dc19c089253751109b93bb0e5cefd8359cd7675e66e51e06c8d3dd,2024-11-21T08:23:39.040000 CVE-2023-43051,0,0,4bfe3f7af7f7c10b085bea7a2a7c30c7295211027ed2948bc84ca1321579c451,2024-12-17T18:08:08.027000 -CVE-2023-43054,0,1,9b98929a01c3516c30a60093cdeac2c68b316c34df031c8da7e05916cee17af2,2024-12-23T17:29:02.930000 +CVE-2023-43054,0,0,9b98929a01c3516c30a60093cdeac2c68b316c34df031c8da7e05916cee17af2,2024-12-23T17:29:02.930000 CVE-2023-43057,0,0,01fddeae7f9538027c931e3e992d44ad1edd38b1d8fac1c202a9cab42dc2359d,2024-11-21T08:23:39.433000 CVE-2023-43058,0,0,a2df93f61b20e82bd3917a094411dc8a8f78a1f838adb628292a86116ce01de3,2024-11-21T08:23:39.570000 CVE-2023-43064,0,0,99757a9c3284cfbdb78f4af3c3ec6efedfd0c84c8b418e3142622f45896692af,2024-11-21T08:23:39.710000 @@ -236492,8 +236492,8 @@ CVE-2023-4773,0,0,172d90771c156d695a1953b60a0ebb2953108f87f4c1fb387791be3c59eeb7 CVE-2023-47731,0,0,55012cea803cf1003bbde5e322863bcf61542365187c7c8c2b67d02d7f92d484,2024-11-21T08:30:44.693000 CVE-2023-4774,0,0,6689751d4db77f0b206f01f2647e5fca751f16f84dc0b3169ba7d1496a0a9127,2024-11-21T08:35:57.393000 CVE-2023-47741,0,0,538ca3f68bfbf7edf487c8a0134c536db9d83b9681aa6a4581a3ed1c92a09ab4,2024-11-21T08:30:44.820000 -CVE-2023-47742,0,1,b4bc2243821c116a3329e7b3fa598e6b3cf58fa3fdd1551ccc68fe8517921e40,2024-12-23T18:01:38.420000 -CVE-2023-47745,0,1,7af9b26ee35669461ee74d191da0d5d8effbd83bb77af923fa2278e1399abdfb,2024-12-23T17:33:15.237000 +CVE-2023-47742,0,0,b4bc2243821c116a3329e7b3fa598e6b3cf58fa3fdd1551ccc68fe8517921e40,2024-12-23T18:01:38.420000 +CVE-2023-47745,0,0,7af9b26ee35669461ee74d191da0d5d8effbd83bb77af923fa2278e1399abdfb,2024-12-23T17:33:15.237000 CVE-2023-47746,0,0,9922788ba494dd82e5f82ac0d220ad210b34709be2a4cdaf5a2ddd8dd83e84b8,2024-11-21T08:30:45.207000 CVE-2023-47747,0,0,787aa92e7496a3bdca60bdaecffcb37941545ad2f07b22c84c019ea35422d16a,2024-11-21T08:30:45.360000 CVE-2023-4775,0,0,d0e086363573bdbbad4db0ef4272cf3e1990cfed85ee8ec4b7618602e21aca22,2024-11-21T08:35:57.527000 @@ -240038,7 +240038,7 @@ CVE-2023-52645,0,0,b7243e0650448847f32080e14db91cf203d54c57d7b28acbe818fbd2b13c5 CVE-2023-52646,0,0,139aee8a121c8d7a2a15bab8da8b6e42f6d1800d9c6146dd3e1fb095deeb5cfc,2024-11-21T08:40:16.687000 CVE-2023-52647,0,0,e2976bef8bc92e0adeadd89937440a86e758817f278db22054eaa69f951695d6,2024-11-21T08:40:16.850000 CVE-2023-52648,0,0,bf327e16fd314087311880b9907320568dc951df7031e7a2a98e2b4c960ed3dc,2024-11-21T08:40:16.977000 -CVE-2023-52649,0,0,1ea0d518a024b099c6a8a1f923b9aa6e0cb46296f99bd7a3713649bab87a121f,2024-11-21T08:40:17.107000 +CVE-2023-52649,0,1,a99e2d150671082fa4d3c37d35f0947b0eb528b79f37ab81343c41664ce0ad3a,2024-12-23T19:14:57.980000 CVE-2023-5265,0,0,3be8e5110f5a8eca568e8c9e8873089d4346ff1f83ab84fb39209889eeaf5856,2024-11-21T08:41:24.517000 CVE-2023-52650,0,0,82cd733f79a1f4052a9c2cc8405d0c98244becaa4151159d589fc3401cc1df1c,2024-12-23T14:09:30.523000 CVE-2023-52651,0,0,00131e194f6b58054657b0e79a88a7fa1f8e43248fe63e6633670aa65dcb2d7d,2024-05-02T10:15:07.500000 @@ -243821,7 +243821,7 @@ CVE-2024-10924,0,0,f1198492ea5d0448c480cfb52c449c77b28f46a760324baad7abe4da889f1 CVE-2024-10926,0,0,ad47f219103ae4ebd92db7592078769652c8133d266b35358f61dcfb9dc4e1ed,2024-11-08T19:01:25.633000 CVE-2024-10927,0,0,f09c2725d755f5937d35809a87d5ada4fd8d3d09c9d48fcc66b16a3fa883071d,2024-11-22T19:14:48.190000 CVE-2024-10928,0,0,862f1a88452be3b22edef7e2642809ba572832547c6da90647052695aaf77de0,2024-11-22T19:10:19.290000 -CVE-2024-1093,0,1,89814f1ec92fa01b227d327cee36cd67dae02b4651cb82beaa69cd86af716337,2024-12-23T17:03:58.370000 +CVE-2024-1093,0,0,89814f1ec92fa01b227d327cee36cd67dae02b4651cb82beaa69cd86af716337,2024-12-23T17:03:58.370000 CVE-2024-10933,0,0,04454997e745a68880991c602cc8325b99e3c53905740538bda66aba85b8cef1,2024-12-05T20:15:21.417000 CVE-2024-10934,0,0,6dae70f2d9b047711f71d589675cbcb98ce87c40154b32c6e0f536ad5d783b6a,2024-11-18T17:11:56.587000 CVE-2024-10937,0,0,f3549007a000819e9c2b92d84627c6a8f0950225e9fa8a067012e5b6f0eb9781,2024-12-05T09:15:04.377000 @@ -245526,7 +245526,7 @@ CVE-2024-1765,0,0,59c91913d171a81fb5475f94729055825298c4825c2c1c89296f006dcdad04 CVE-2024-1766,0,0,d8ff872b7c733da8ac7e1c2957ad11b4600ff77b669728faaac2462853b27909,2024-11-21T08:51:15.920000 CVE-2024-1767,0,0,46a39479a9b591bf1071f7fd4913fbaba087307dcc1a4d130d8d5b3ad9292185,2024-11-21T08:51:16.067000 CVE-2024-1768,0,0,084ea6e85b6e0db23c5de56c4e455942100ac7c25c4612406b0ed1fa01484f30,2024-11-21T08:51:16.190000 -CVE-2024-1769,0,1,1d07fe7a6dd9724d02efef1fa7eb34e17103f527a04bd0edda805ea3713fda60,2024-12-23T17:21:56.777000 +CVE-2024-1769,0,0,1d07fe7a6dd9724d02efef1fa7eb34e17103f527a04bd0edda805ea3713fda60,2024-12-23T17:21:56.777000 CVE-2024-1770,0,0,be7f84c853421e443cf5ae22747f87bd5c1fa8ecada9be24081bdcc6cc4bfe2f,2024-11-21T08:51:16.457000 CVE-2024-1771,0,0,dfc64cd2d5902446d25294ce0163ab293276e26453b42c802ea6af4493302727,2024-11-21T08:51:16.577000 CVE-2024-1772,0,0,f99b113d86a69f6dc327bee2933c94ef07e01bd499efa53690214e4c00dd4e45,2024-11-21T08:51:16.703000 @@ -247808,7 +247808,7 @@ CVE-2024-2235,0,0,a0829bcbdbed86a72a56dd6769abd8e7854afa08a7fcab0364845431cf5bcc CVE-2024-22352,0,0,903d5c6f0448bdc0bf08006216f6899a3c5646dd96e9c8f6bb1e8c750ccd821c,2024-11-21T08:56:06.007000 CVE-2024-22353,0,0,0ea4428102047b2faffc31e2ac25c47aff142899beade323ab31892621a6fc1f,2024-11-21T08:56:06.147000 CVE-2024-22354,0,0,36f7376c3e5da5bc5ebfbf6d09dfb90cb4ef7e55cdcf69f513547ace7e0b27a3,2024-11-21T08:56:06.303000 -CVE-2024-22355,0,1,8fe8ccf1d9c0f6603436166db4be4eb85258f1efecc342a0cecad81e7aae33b3,2024-12-23T18:01:08.250000 +CVE-2024-22355,0,0,8fe8ccf1d9c0f6603436166db4be4eb85258f1efecc342a0cecad81e7aae33b3,2024-12-23T18:01:08.250000 CVE-2024-22356,0,0,3d629d15109c8adc44f4eecec6831a51fa629f815f74de17c5c062f072fd4d29,2024-11-21T08:56:06.580000 CVE-2024-22357,0,0,192cb22e74dbc037b857b15528d854633c03a12cf462a0d18eadc196dd9a0ccc,2024-11-21T08:56:06.710000 CVE-2024-22358,0,0,6157f99a7878956c21bf5fdc02860c4e99702f3939ef3bcb021a336848c09424,2024-11-21T08:56:06.843000 @@ -248910,7 +248910,7 @@ CVE-2024-2394,0,0,621d534b6e99ea3eb7663377d97ee0e05ad2be3959f632056cfe6794bf2d11 CVE-2024-23940,0,0,06d04c2e3a7f29a0e7a62a5331ae3d9d5c7acce3a81c480978850a16e4f0b74a,2024-11-21T08:58:43.807000 CVE-2024-23941,0,0,377e40ad54a332b818df016f5e6db38286f42aa52aa09ea13a642fb9c9a22ca1,2024-11-21T08:58:43.940000 CVE-2024-23944,0,0,52d30435d5fece2084654095f6cb22c51963787cdd07ba430e66badb23fb97d7,2024-11-21T08:58:44.067000 -CVE-2024-23945,0,1,214155ee4bec1623063a3e3621488296eef65b7efa14a8ae390d990e9c27c994,2024-12-23T18:15:06.403000 +CVE-2024-23945,0,0,214155ee4bec1623063a3e3621488296eef65b7efa14a8ae390d990e9c27c994,2024-12-23T18:15:06.403000 CVE-2024-23946,0,0,9c898cf09e521a2a31019dd3080db79ce9c32f7697e5321cb7301cafff4ddf89,2024-11-21T08:58:44.260000 CVE-2024-23947,0,0,f911293c6af8cf8e2a4c71b3a16ce5c03d9ac810bd789b6ce8a33c36c29ca1c5,2024-11-21T08:58:44.480000 CVE-2024-23948,0,0,d6d4011f0c2b673928e54c2b884e178d06b968843ed951ce2e90e73776691214,2024-11-21T08:58:44.607000 @@ -251079,7 +251079,7 @@ CVE-2024-26978,0,0,9f0afb61ebfd2a81c4c460b2c8d0cee7dd4d2cd6d33af2f1fce5b72903535 CVE-2024-26979,0,0,33d8a117099141e9ac17b778389695861dbfcb2a950ec3472e402d03bd709b88,2024-06-12T16:15:11.147000 CVE-2024-2698,0,0,92caf5de1a4db3d2766017db2b8c2c83c4ffe4ed3a628a64f14163835fb45ff5,2024-11-24T17:15:04.170000 CVE-2024-26980,0,0,c664518d666b8dc60398076a7315aa316908c8287d246e166912ba77399e9ec0,2024-11-21T09:03:32.600000 -CVE-2024-26981,0,0,d7faa5c86edfa3a1d9ac06c05570f69585a2f9e2fbb2d76913bfff1fc1c285b1,2024-11-21T09:03:32.790000 +CVE-2024-26981,0,1,e3d85d4378a3dedaa0ea4ee82c134e38e306ef680bd7e72d630d02192612620c,2024-12-23T20:42:57.277000 CVE-2024-26982,0,0,444403cafe9bcfe49ab52759ef353e7023ac6e0ec62463368be1385824a01914,2024-11-21T09:03:32.917000 CVE-2024-26983,0,0,668befa1524b84eb804e032a2857d5c5316ec13983095bd9d2f5e231c1910c36,2024-12-23T14:53:02.043000 CVE-2024-26984,0,0,d5fba52a36226feb49bb95128fa870f8c609ab762c84661aa0776867387cbc6c,2024-11-21T09:03:33.177000 @@ -251087,22 +251087,22 @@ CVE-2024-26985,0,0,828c1d0fb4c1394a0226e133cac1cf8633b8aef9bacbe1c0d4677aeab25a0 CVE-2024-26986,0,0,2d5e90c27de03273df3c3a4dddba5f37390a47f124b9efbc14fb5a174055e902,2024-11-21T09:03:33.550000 CVE-2024-26987,0,0,d9201e7da7cc0d6b520adf309274caea80c709e3234541b4cecdf14de37f61bf,2024-11-21T09:03:33.697000 CVE-2024-26988,0,0,b72a6db8cb813c5d17d4c81d91c1ef7ed8f0b453c7d8a85ca9d54b25cb6c75f5,2024-11-21T09:03:33.830000 -CVE-2024-26989,0,0,47b49bf300b34d4f645bbaf1924776467b5ec6dc6caa5237bb12407029d706b3,2024-11-21T09:03:33.953000 +CVE-2024-26989,0,1,b184e6e01f90b2a80d2af168f35eaddccd2b3f1da296eb258e1d53040db364b6,2024-12-23T20:43:38.437000 CVE-2024-26990,0,0,89cea06ef826df46e7704f1d21f5fb884d6cccd9351cbfac6cbcd01fe7d1300a,2024-11-21T09:03:34.077000 CVE-2024-26991,0,0,5ca0e3dfb8785d1dd6af26259ab6001bbd5fc97c812a77b9f9046aab9aa5779d,2024-11-21T09:03:34.190000 CVE-2024-26992,0,0,ad3ac1c7673016b954170907d87fe9446feb8c3d161c5585a2cb66416d0b91e0,2024-11-21T09:03:34.383000 -CVE-2024-26993,0,0,9eb746f11ad2b90d137ecb17badc3a3fb1fb2df1a71fe9d46686ee7e24a8900e,2024-11-21T09:03:34.500000 +CVE-2024-26993,0,1,2ff36cb9b8e8612f133155256ff088e8fc6fadeac8bfe9bd768370696b2acb88,2024-12-23T20:43:56.733000 CVE-2024-26994,0,0,49a17eef060f9bf1ac9d1914c993c3487e3fb0420f3a94df3698d8f979c9294c,2024-11-21T09:03:34.623000 -CVE-2024-26995,0,0,937f1b319ea70b1a1ed72d40b7c1d98940098405a788e6378e97f20c27242339,2024-11-21T09:03:34.817000 -CVE-2024-26996,0,0,d87e1832d6303283e3f1a3f6875862af5b6d15311b2c9e93f908390c6cbaaa66,2024-11-21T09:03:34.937000 +CVE-2024-26995,0,1,0b338507604cbb1e8de1a588aacac642604340925bf7ef4099cd8e3bdade3208,2024-12-23T19:49:22.590000 +CVE-2024-26996,0,1,94196a92dedcd59ff65c8d8bf38cc6eafbc4d2c42dc054f5538bfb34db4eebf2,2024-12-23T19:49:49.543000 CVE-2024-26997,0,0,56325b5ec86fb7da94104b4d1eed21b17473267625bfb004c22f3f5d9b456480,2024-11-21T09:03:35.063000 -CVE-2024-26998,0,0,1c3462667cc51d544505e181703abd8f52a5a2049201762f3a8e3baab7ecc28e,2024-11-21T09:03:35.200000 +CVE-2024-26998,0,1,744733f8c7e40554e20d2146afebd3eb629aa7e3bb4b5274484b3c3b2c66f4a2,2024-12-23T19:50:05.873000 CVE-2024-26999,0,0,ad3a3edb42b165364621b68db0d448f7a8f461305f71f48ec46f4f70c520b3f2,2024-11-21T09:03:35.323000 CVE-2024-2700,0,0,2d26752bea08305a869ee1f5f945d4063d004cec5729f287c9f6fe9b7fbeebbb,2024-12-12T22:15:07.877000 CVE-2024-27000,0,0,ec8e70532984c41a55949dd8b1543183d45686bd12b5d8f12c15457a149aa761,2024-11-21T09:03:35.457000 CVE-2024-27001,0,0,68a5501bb9c3e0b332c21c192c280c2859679c23e4fc027f83619dd9c15129d9,2024-11-21T09:03:35.587000 -CVE-2024-27002,0,0,642f894b72ce6f389d9ce8c399dc1330515aa6fdb5f44192ae465df4c17e1943,2024-11-21T09:03:35.720000 -CVE-2024-27003,0,0,dc228db54afc6f987c3dcc0ee03f4ba35a50a972f1081e955be9e0bf3e5c56b1,2024-11-21T09:03:35.847000 +CVE-2024-27002,0,1,9cf0cf5fd72a2800002a56112a73db55f28b9b7dec4b320c79f00b5eed92cd99,2024-12-23T19:51:06.733000 +CVE-2024-27003,0,1,c203f45c8f1d97bd302649094986ff5258c4f7bfeefce3cacd9ec66ba70661e7,2024-12-23T20:39:58.963000 CVE-2024-27004,0,0,f83d4726c9eaf02e20d27777484adeba44d10c3f8142914019d0b828afc6f9ee,2024-11-21T09:03:35.970000 CVE-2024-27005,0,0,90b0627f5d8f37de60d811f44c5fb13c405a58e5343912faef8949e8f1b9ab45,2024-11-21T09:03:36.110000 CVE-2024-27006,0,0,f99857766778f03ac72a3c7e775775eadee02d9df0193c5fca85f4242b8c61d6,2024-11-21T09:03:36.310000 @@ -251124,17 +251124,17 @@ CVE-2024-27020,0,0,d0573a58ce4f9e18709c724e71edef68802be0cf8cb8b98309fa06e708a79 CVE-2024-27021,0,0,9883d71920346bcc78c175d4fa4a33fc9cadf8ed29ca97ea798bc9656135691e,2024-11-21T09:03:40.883000 CVE-2024-27022,0,0,c833ed98c969f87d6e02d6c4036c297dbc511dd1244ba4bd2afc638ebc88fa83,2024-11-21T09:03:41.010000 CVE-2024-27023,0,0,2aaf37192bcf19ff82447827ef1a65b2dac0157dd2feeef8bad9a358df7f5392,2024-11-21T09:03:41.150000 -CVE-2024-27024,0,0,3ed61cad70323c340c1cf0606c1cd58c85798ace74d6f4f099aac4395d457488,2024-11-21T09:03:41.273000 -CVE-2024-27025,0,0,dc7bc00667415f7eefcca41032c595996862cebc3b7152f6d789498ed6df8919,2024-11-21T09:03:41.403000 +CVE-2024-27024,0,1,ebee5e148de6b3dde2fcaa8816a9f4f8ed64a771f098565be007ca61974f2619,2024-12-23T19:22:58.463000 +CVE-2024-27025,0,1,5c3859f46c671ad7ffd95b4676d27d7a5d64666b3d74e9808cc4d7ce65e2e8ff,2024-12-23T19:24:12.370000 CVE-2024-27026,0,0,db59343777826d1c6d8768c2cfaa8a1568c83a35e6f76e5721b110c4a60b303d,2024-11-21T09:03:41.530000 CVE-2024-27027,0,0,ec024f008e45533c7aa91a2939bed64fbe577975d8b93228076417e0feb7b7fa,2024-11-21T09:03:41.650000 CVE-2024-27028,0,0,4246551a6c16b60a708e8d31512be639408dd731b44c719c490d0705c79e5515,2024-11-21T09:03:41.770000 -CVE-2024-27029,0,0,e14219c89343e20dcdecbd8099035a648b22093af2bdc7b5f745114da540f1e7,2024-11-21T09:03:41.980000 +CVE-2024-27029,0,1,1bc28b467b9b9b92bd81e2a843981108d7a2bcb3adede434c7103dc028886ab0,2024-12-23T19:33:28.437000 CVE-2024-2703,0,0,c9a68ebea086b1029008af78c4567f462cebcbd1c90bc610ff5a2636d7089ddc,2024-12-12T17:26:40.867000 -CVE-2024-27030,0,0,0cfa2ec0bdf23f1742b21d3316bbd3f86ff0b509477dc44894ccd0ac20f505b4,2024-11-21T09:03:42.103000 -CVE-2024-27031,0,0,3a43cea9fae7e772673e3811b9a535a4cb08856e82e4f16bd7bcc1382f628d7f,2024-11-21T09:03:42.230000 +CVE-2024-27030,0,1,81a42d017ff2a2374aefa7bff36a9e82fcf707ef94a2c0aee62e28c0194051ea,2024-12-23T19:33:10.110000 +CVE-2024-27031,0,1,3810e513d80101e5db5de2e8bfd860ea05053183ef045a88846dd8babb3a956e,2024-12-23T19:46:47.357000 CVE-2024-27032,0,0,e068ae8ac1d8d474830da7be0da09ff4c92e7b237812b93a406b780ffdb2a3fe,2024-11-21T09:03:42.353000 -CVE-2024-27033,0,0,6f0006bf9ed0b5766fba5d09529a5aa2d10b9a77c7d68d81a6c6a1ee1e0d484c,2024-11-21T09:03:42.543000 +CVE-2024-27033,0,1,4bf66f03e6ba3137d8ecf573b1befe4641b1146e2898ed2cc6aceb52eb888a44,2024-12-23T19:12:40.210000 CVE-2024-27034,0,0,9874c1db278dcfc3bd6c43a5a9c11e614e2bc1b6c5f73a3182eb8a7c8608ba84,2024-11-21T09:03:42.663000 CVE-2024-27035,0,0,a3f223514d69e22d1cc0a4d7abe8b095509dba5ec3f4c12adcfd6c587d9748c4,2024-11-21T09:03:42.797000 CVE-2024-27036,0,0,dfea46e2522d2d18e0cc6a9be82afdac129cdfaeb38d9953b97399c588ca691e,2024-11-21T09:03:42.940000 @@ -251144,17 +251144,17 @@ CVE-2024-27039,0,0,b5208e7380b924d92f69017aea5f13f8418ceb2f3e9287ac96416ef79799f CVE-2024-2704,0,0,08574c4c93b7eb8d39fe9ad19e5915cf67b4518a9ad69e3b003ae0373a536a61,2024-12-12T17:27:11.390000 CVE-2024-27040,0,0,daadacbb6e9e7c80fef17ec3ae32c519f0b5983bc589ce776ef1242d64bd3e8b,2024-11-21T09:03:43.543000 CVE-2024-27041,0,0,763a17f6a488caa403465e7987579ba453cdd4097447f29e20834d9daf7dbe42,2024-11-21T09:03:43.730000 -CVE-2024-27042,0,0,43566754d34310e1414a8f417ccd1b233822ad4717be62d5528c06a800368aee,2024-11-21T09:03:43.930000 -CVE-2024-27043,0,0,04e1fe72104d998d209064b93bad89833cdd0f1032f967939b96379cbd82ac18,2024-11-21T09:03:44.053000 +CVE-2024-27042,0,1,87cc162a259f533a64a1299221ec2eab29cf0f72505d5036e1c5990c71bde103,2024-12-23T19:12:55.067000 +CVE-2024-27043,0,1,65bc53462686f66e98fbf5b8eb04affbbfd0d964569943ec6ab2df2f103c802e,2024-12-23T19:13:31.163000 CVE-2024-27044,0,0,d9407acf9a323715f0614827a427d94c43b6cd02625bebf359c6271e309d347e,2024-12-23T14:12:17.657000 -CVE-2024-27045,0,0,8bf20c2a4c708a3579cd9ad69dce32c6cc624dec27c1f8d695804916d9ffd6be,2024-11-21T09:03:44.310000 -CVE-2024-27046,0,1,6b5bfef3dac9da84fad55e80259b44de7de2d894597ff671d81c2682c8a79b3d,2024-12-23T18:19:19.613000 -CVE-2024-27047,0,0,9dc343355887e00b6c12fe5ce13c7be0b28948dd7e96d11974c3dc0672597af7,2024-11-21T09:03:44.563000 -CVE-2024-27048,0,0,9d970d7294b97b081590ac09f5272d974bfd0f6ae8f909bc567c34e2488a2142,2024-11-21T09:03:44.707000 -CVE-2024-27049,0,0,71bef612c2749a1d1ee2e1be20c30098f33e6fb50358787bc75b1138eeb0cb27,2024-11-21T09:03:44.820000 +CVE-2024-27045,0,1,f2a358b1a7f046d21e750768b7fdfed72b6c0fbe8fc7025ad3dd63b96ae4e853,2024-12-23T19:13:59.617000 +CVE-2024-27046,0,0,6b5bfef3dac9da84fad55e80259b44de7de2d894597ff671d81c2682c8a79b3d,2024-12-23T18:19:19.613000 +CVE-2024-27047,0,1,110bfcb96f9864c7ba7b9da588f0f76c61f22127fd896befdd7498a6178bb8f2,2024-12-23T19:14:13.317000 +CVE-2024-27048,0,1,d61c922e329e61d71a6538afef7ec58451ff4d7886dc3f1ee0ae22a003c986a4,2024-12-23T19:05:50.830000 +CVE-2024-27049,0,1,8e61077125a252948b0bb7222bc6a281c84eaca242a53e7004b44d5edd1ef12d,2024-12-23T19:11:05.037000 CVE-2024-2705,0,0,e626070f180caa122294e7f41895b56d79e384475450e8e9dbb2b4cc88f97f8f,2024-12-12T17:27:35.747000 CVE-2024-27050,0,0,4121ff17e0e7ffed687d903c808e57c6a91a9fd4a37de7c8602de749e226af97,2024-11-21T09:03:44.947000 -CVE-2024-27051,0,0,aa475c42e11214731c4495087fa83e32d649337dc1619132b0b31532186d9482,2024-11-21T09:03:45.127000 +CVE-2024-27051,0,1,29c4b363431a5a9f51f00fd8a89b743131cb7ef3c9e253b048cd323779287ce5,2024-12-23T19:11:23.533000 CVE-2024-27052,0,0,b014ef3d70e7d52f212b070ccf280ec8602a40234d19cdb7cfeefe9fb54997dc,2024-11-21T09:03:45.253000 CVE-2024-27053,0,0,fab5ac77fb553181428dd3f4ccb1dfcc138fd34b12976177a1399f1f5f83e7be,2024-11-21T09:03:45.457000 CVE-2024-27054,0,0,56c6f67afa434cc0076215a854fd0036a15b86608accbe0d9b824b22834c21d6,2024-11-21T09:03:45.667000 @@ -251358,7 +251358,7 @@ CVE-2024-27244,0,0,3ea43f42d5905c8f2e1abb3facdcea93d942c7980488e9ccc833afa0c3630 CVE-2024-27247,0,0,80b2c738afb7fd372a582a5de229fc1b8561eb2e037fe8418073b03a3ca01917,2024-11-21T09:04:11.573000 CVE-2024-2725,0,0,b1b1eca530920ff690dfb0fd89719f48c747479f1615873b2e02b96009cc4c1e,2024-11-21T09:10:22.883000 CVE-2024-27254,0,0,12b735938e92147b71e9b36ac9a59ad706596e2b0d7f3009adfcc8f330eb86b2,2024-11-21T09:04:11.710000 -CVE-2024-27255,0,1,e6a550e0d0cf47ef40d74fbe3f602e64b9f39121e108586b209c927b96a53b4f,2024-12-23T17:32:58.470000 +CVE-2024-27255,0,0,e6a550e0d0cf47ef40d74fbe3f602e64b9f39121e108586b209c927b96a53b4f,2024-12-23T17:32:58.470000 CVE-2024-27257,0,0,691c5dc8e8ee6dc8cf4d467dc5d3cecba3bf33df4b5a8f7cf103f192a777dc97,2024-09-16T14:26:15.400000 CVE-2024-2726,0,0,7bf287b1ed61a27957754b43bb3eb83ce224f5526d7a8605b12bacbec8912e82,2024-11-21T09:10:23 CVE-2024-27260,0,0,d8abf1871a989c63042ef17773af437c6f9012fbd4c3caf016f954fa2e26ad04,2024-11-21T09:04:12.017000 @@ -261351,7 +261351,7 @@ CVE-2024-4089,0,0,7a035608d08862b8a3927991cbc7bcfd8e0cb13815d39b3b58eaf685ec21d6 CVE-2024-40892,0,0,0bef0c096de1fd9b74596dba063b1cf9ffb172ff0abd417611d342278b46245f,2024-08-21T18:15:09.710000 CVE-2024-40893,0,0,291c1cc414cfaa66f88e6f282a2cb52f9787a1f732797e904eca670adbd8e574,2024-08-21T18:15:09.803000 CVE-2024-40895,0,0,9bfbe451c0a62cc469c348ecf829cab564e06b39ab7ab75fbb9a00c7abd49483,2024-11-21T09:31:48.250000 -CVE-2024-40896,1,1,99cd60873be66345887580cd246a9786d55d0f242caaa835b8f113819f38ab35,2024-12-23T18:15:06.940000 +CVE-2024-40896,0,0,99cd60873be66345887580cd246a9786d55d0f242caaa835b8f113819f38ab35,2024-12-23T18:15:06.940000 CVE-2024-40897,0,0,5de984c0ce0b5f00f148c2d87f9ba7398ed21388187cb055a9d01cc9ee9adfcc,2024-11-21T09:31:48.450000 CVE-2024-40898,0,0,b930bfc2025b86aea21c8f0fe9e9b6f374f54a09bbb3f9c81abb259ea87ff81c,2024-11-21T09:31:48.670000 CVE-2024-40899,0,0,27efc19ced00bac32be0c727e443e10ff312f5514ad1f8ef8ce233abd9e28b76,2024-11-21T09:31:48.870000 @@ -264638,7 +264638,7 @@ CVE-2024-4538,0,0,5bd1ad90e973f76dc331cc98dd5010eac6153f7bd5c3f59bc15316bd99e49f CVE-2024-45382,0,0,cd17bb10b42a7a52154b8f180f6a96138cbe671bc16e0955e6b9f0951bb6f705,2024-10-16T17:43:43.917000 CVE-2024-45383,0,0,18b2a12c0247f6bd404573e4f3025c14dad6c1dfae1f9cf4c31db12712f62634,2024-11-21T09:37:42.043000 CVE-2024-45384,0,0,cbfb50bafa8517a7944bff5db1df53c710c3eadab72436ecb1123d86217adad5,2024-11-21T09:37:42.190000 -CVE-2024-45387,0,1,1f8fe19031480c73e7f97c37efd6ec2e9f848d08a6b10e711f96c8cf3c513619,2024-12-23T18:15:07.043000 +CVE-2024-45387,0,0,1f8fe19031480c73e7f97c37efd6ec2e9f848d08a6b10e711f96c8cf3c513619,2024-12-23T18:15:07.043000 CVE-2024-45388,0,0,5e8b5ccfdf2c3da6b5d7948eeb7403963fce2832acccafbcb71f9440d5a08c72,2024-09-19T15:18:32.007000 CVE-2024-45389,0,0,7edb5866be2f947d92ed825c273c577f4ddbd466128d69408c1eab72a19e26af,2024-09-12T20:17:31.767000 CVE-2024-4539,0,0,a50c21946790a9182b1f358ef39ac139f12b2ba174f8c831ada00c492c3c771e,2024-12-13T01:10:44.940000 @@ -269722,8 +269722,8 @@ CVE-2024-53271,0,0,bf343792418ea9791cab65636364e42817a58c9fbdd6d31284460cca28c34 CVE-2024-53272,0,0,f3ae5c3af00a8a1ede971886e8407e0fd8e6e8ff1a7606066ce068e53ea18328,2024-12-12T02:15:28.670000 CVE-2024-53273,0,0,4be201cb4a2a2818369414ac4a638086038f7b2129c8882fb2f8ed84d4b3ca40,2024-12-12T02:15:28.813000 CVE-2024-53274,0,0,1b082934bf5e9b4005ba0f77ebbc282458901418112daa847bcdad246d3a28e8,2024-12-12T02:15:28.940000 -CVE-2024-53275,1,1,c1f6e784f8ecb23a97a4fd94d048a66f97abc8575b75dd57730625c7521d4d06,2024-12-23T18:15:07.143000 -CVE-2024-53276,1,1,26c8031740b54c6fd5adae23cbca05b16f6af4f0f154843ed548a5b689c8d0bc,2024-12-23T18:15:07.293000 +CVE-2024-53275,0,0,c1f6e784f8ecb23a97a4fd94d048a66f97abc8575b75dd57730625c7521d4d06,2024-12-23T18:15:07.143000 +CVE-2024-53276,0,0,26c8031740b54c6fd5adae23cbca05b16f6af4f0f154843ed548a5b689c8d0bc,2024-12-23T18:15:07.293000 CVE-2024-53278,0,0,6f30b711eaa2519505a8ae7e3cc5077447b747b2c4a9b5a5e0658f524894f224,2024-11-26T05:15:10.563000 CVE-2024-53279,0,0,44033b042ffed7a89d7ff23520a85cac4516e857c657f0452265be9252a09d8c,2024-12-09T04:15:04.477000 CVE-2024-5328,0,0,8c7cab73e73336a340952a9318c322c99389e6514b1340a59b208cd9ecb39030,2024-11-21T09:47:25.977000 @@ -270809,7 +270809,7 @@ CVE-2024-56074,0,0,a14415b5ae296cd11e2e04c1575df9e68986e1feed991423320ce9c846af3 CVE-2024-5608,0,0,ced92374bfec9f9526a30572e667eb2d7d2eee08d2b8c010b292f0924bebbe2c,2024-11-26T01:42:21.587000 CVE-2024-56082,0,0,759741abf7a58bf8beca623211202e6de06c201a028b6b4a8a373767a6468574,2024-12-16T16:15:09.460000 CVE-2024-56083,0,0,3b1c15530b6c4c8ff63570d435fc18c0b351048227eaf968796d4ff2914fdf79,2024-12-16T17:15:13.883000 -CVE-2024-56084,0,1,5461b03bf7885467ec018b1ae209c35eb8bceb3e64d3adba34292f4be3610693,2024-12-23T18:15:07.440000 +CVE-2024-56084,0,0,5461b03bf7885467ec018b1ae209c35eb8bceb3e64d3adba34292f4be3610693,2024-12-23T18:15:07.440000 CVE-2024-56085,0,0,7848f40aec07f93e208a7c7a09cd4f70e8f638200ed35d993b1ef358eb39ec03,2024-12-16T16:15:09.803000 CVE-2024-56086,0,0,3f20b8dee933a49f8c115ad1e5c021ec38fc1b178307186ae15ac1f8b670606c,2024-12-16T16:15:09.980000 CVE-2024-56087,0,0,05dc1ed5074a537273e80994b3567c3e6a1b61e2cf65010e706da64508e1570e,2024-12-16T16:15:10.147000 @@ -270883,8 +270883,8 @@ CVE-2024-56357,0,0,9859a02c86325eb096d891c0331c0c272fa35fd3f3348ca7975c1433009cd CVE-2024-56358,0,0,a5242b1488bc185e31d245df23f8cd112af7bc1ad520eb610922e4932f3aaa06,2024-12-20T21:15:10.673000 CVE-2024-56359,0,0,57fb0eb3210037d0725af8cb3d5a41f7619e854b3139ae13f78a6461042373b7,2024-12-20T21:15:10.880000 CVE-2024-5636,0,0,be674ee7db367fbb27ae45f825fa3b6cac855c767643bde3f8b1378da8ddb51a,2024-11-21T09:48:03.883000 -CVE-2024-56362,1,1,dd5033b04c0a04acaf53e636d0201cacb970804dce1ae28fdf600c92d6069cf1,2024-12-23T18:15:07.617000 -CVE-2024-56363,1,1,f22bc17bbcbacc3d4c8946803bd76249d4162387d56a582274e363a9547d6b46,2024-12-23T18:15:07.767000 +CVE-2024-56362,0,0,dd5033b04c0a04acaf53e636d0201cacb970804dce1ae28fdf600c92d6069cf1,2024-12-23T18:15:07.617000 +CVE-2024-56363,0,0,f22bc17bbcbacc3d4c8946803bd76249d4162387d56a582274e363a9547d6b46,2024-12-23T18:15:07.767000 CVE-2024-56364,0,0,b554e0df0a4ad57cd70c0d37933b45401c149826dc27d68ffb15442fe3902ff6,2024-12-23T16:15:07.770000 CVE-2024-5637,0,0,a5e32b0dfdcc3b00fa1c534a6efa8caef39b80f083f1c956c246ad8a83c6df00,2024-11-21T09:48:04.030000 CVE-2024-56375,0,0,2a34ccceff495c37ae84092fe8c0ad283727cd545575a5f30821495b0c5dc2ed,2024-12-22T23:15:06.613000