admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-06-10T20:00:19.607625+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-06-10 20:03:11 +00:00
parent ab3720d309
commit f60acbd06c
280 changed files with 5703 additions and 1080 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
CVE-2009/CVE-2009-35xx/CVE-2009-3564.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2009-3564",
"sourceIdentifier": "cve@mitre.org",
"published": "2009-10-06T17:30:00.217",
"lastModified": "2017-12-09T02:29:00.297",
"vulnStatus": "Modified",
"lastModified": "2024-06-10T19:15:06.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -79,11 +79,6 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:centos:centos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C503778F-1720-407F-BF38-73A9D9A78750"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:fedoraproject:fedora:*:*:*:*:*:*:*:*",
@ -107,12 +102,17 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=475201",
"source": "cve@mitre.org",
"tags": [
"Exploit"
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://puppet.com/security/cve/cve-2009-3564",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

2
CVE-2018/CVE-2018-116xx/CVE-2018-11682.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-11682",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-06-02T13:29:00.323",
"lastModified": "2024-05-17T01:22:39.123",
"lastModified": "2024-06-10T18:15:18.183",
"vulnStatus": "Modified",
"descriptions": [
{

7
CVE-2018/CVE-2018-117xx/CVE-2018-11770.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-11770",
"sourceIdentifier": "security@apache.org",
"published": "2018-08-13T16:29:00.650",
"lastModified": "2023-02-10T02:59:17.233",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T19:15:17.827",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -86,7 +86,8 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:spark:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.3.0",
"matchCriteriaId": "91253D3A-6C78-47F1-B609-AC4C0A2BE878"
"versionEndExcluding": "2.4.0",
"matchCriteriaId": "4D04790B-958F-4EB3-A394-E2CDD09CB458"
}
]
}

17
CVE-2018/CVE-2018-118xx/CVE-2018-11804.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-11804",
"sourceIdentifier": "security@apache.org",
"published": "2018-10-24T18:29:00.263",
"lastModified": "2023-01-31T18:56:21.277",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T19:15:30.043",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -70,7 +70,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-noinfo"
}
]
}
@ -86,7 +86,15 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:spark:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.3.0",
"matchCriteriaId": "91253D3A-6C78-47F1-B609-AC4C0A2BE878"
"versionEndExcluding": "2.2.3",
"matchCriteriaId": "E6DDE9C4-1C4F-4C99-A0C5-0B8C55614A67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:spark:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.3.0",
"versionEndExcluding": "2.3.3",
"matchCriteriaId": "A7CAF602-1980-409A-8949-2F15CDCDF4C6"
}
]
}
@ -98,6 +106,7 @@
"url": "http://www.securityfocus.com/bid/105756",
"source": "security@apache.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]

2
CVE-2020/CVE-2020-366xx/CVE-2020-36639.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-36639",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-01-04T10:15:10.383",
"lastModified": "2024-05-17T01:48:53.443",
"lastModified": "2024-06-10T19:15:51.467",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2020/CVE-2020-93xx/CVE-2020-9384.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-9384",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-04-14T20:15:15.623",
"lastModified": "2024-05-17T01:51:27.427",
"lastModified": "2024-06-10T18:15:18.670",
"vulnStatus": "Modified",
"descriptions": [
{

6
CVE-2021/CVE-2021-12xx/CVE-2021-1262.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-1262",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2021-01-20T20:15:14.970",
"lastModified": "2024-03-21T20:02:29.753",
"lastModified": "2024-06-10T19:14:52.003",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -124,9 +124,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "19.3",
"versionStartIncluding": "19.3.0",
"versionEndExcluding": "20.1.2",
"matchCriteriaId": "FCC94E19-7E34-4260-BA2F-0CD8A70BA1A4"
"matchCriteriaId": "7E8DDF91-1646-49EE-A536-2F7AE5AD88A4"
},
{
"vulnerable": true,

22
CVE-2021/CVE-2021-355xx/CVE-2021-35591.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-35591",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2021-10-20T11:17:01.017",
"lastModified": "2023-11-07T03:36:36.827",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T19:18:54.163",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -162,15 +162,27 @@
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XF3ZFPL3JJ26YRUGXLXQZYJBLZV3WC2C/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20211022-0003/",

2
CVE-2021/CVE-2021-450xx/CVE-2021-45007.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-45007",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-02-20T12:15:07.820",
"lastModified": "2024-05-17T02:02:28.577",
"lastModified": "2024-06-10T19:15:51.720",
"vulnStatus": "Modified",
"descriptions": [
{

16
CVE-2021/CVE-2021-463xx/CVE-2021-46310.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-46310",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:21.940",
"lastModified": "2023-08-28T17:46:02.613",
"vulnStatus": "Analyzed",
"lastModified": "2024-06-10T18:15:19.037",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -64,6 +64,18 @@
}
],
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4APFAWR7QE27GXQMRKR6XKNZWWUJ5YMH/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HN4JOIBNMJMW2NQSGT6DCDCQZJ2ROFM7/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEEGAR4WUF6LTOJEHSON7I2MBTPFTVR5/",
"source": "cve@mitre.org"
},
{
"url": "https://sourceforge.net/p/djvu/bugs/345/",
"source": "cve@mitre.org",

16
CVE-2021/CVE-2021-463xx/CVE-2021-46312.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-46312",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:21.993",
"lastModified": "2023-08-28T17:40:07.023",
"vulnStatus": "Analyzed",
"lastModified": "2024-06-10T18:15:19.167",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -68,6 +68,18 @@
}
],
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4APFAWR7QE27GXQMRKR6XKNZWWUJ5YMH/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HN4JOIBNMJMW2NQSGT6DCDCQZJ2ROFM7/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEEGAR4WUF6LTOJEHSON7I2MBTPFTVR5/",
"source": "cve@mitre.org"
},
{
"url": "https://sourceforge.net/p/djvu/bugs/344/",
"source": "cve@mitre.org",

70
CVE-2021/CVE-2021-475xx/CVE-2021-47513.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47513",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:12.713",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T18:43:58.750",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: net:dsa:felix: Reparar p\u00e9rdida de memoria en felix_setup_mmio_filtering Evitar una p\u00e9rdida de memoria si no hay un puerto de CPU definido. Direcciones-Coverity-ID: 1492897 (\"Fuga de recursos\") Direcciones-Coverity-ID: 1492899 (\"Fuga de recursos\")"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.15.8",
"matchCriteriaId": "3D41A0AF-6691-4755-BF48-03EA17652D8F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/973a0373e88cc19129bd6ef0ec193040535397d9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e8b1d7698038e76363859fb47ae0a262080646f5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

118
CVE-2021/CVE-2021-475xx/CVE-2021-47516.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47516",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:13.130",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T18:43:51.307",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,31 +14,131 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: nfp: corrige la p\u00e9rdida de memoria en nfp_cpp_area_cache_add() En la l\u00ednea 800 (#1), nfp_cpp_area_alloc() asigna e inicializa una estructura de \u00e1rea CPP. Pero en la l\u00ednea 807 (#2), cuando falla la asignaci\u00f3n de cach\u00e9, esta estructura de \u00e1rea CPP no se libera, lo que resultar\u00e1 en una p\u00e9rdida de memoria. Podemos solucionarlo liberando el \u00e1rea de CPP cuando falla la asignaci\u00f3n de cach\u00e9 (#2). 792 int nfp_cpp_area_cache_add(struct nfp_cpp *cpp, size_t tama\u00f1o) 793 { 794 struct nfp_cpp_area_cache *cache; 795 estructura nfp_cpp_area *\u00e1rea; \u00e1rea 800 = nfp_cpp_area_alloc(cpp, NFP_CPP_ID(7, NFP_CPP_ACTION_RW, 0), 801 0, tama\u00f1o); // #1: asigna e inicializa 802 if (!area) 803 return -ENOMEM; 805 cach\u00e9 = kzalloc(sizeof(*cache), GFP_KERNEL); 806 si (!cache) 807 retorno -ENOMEM; // #2: falta el retorno 817 gratuito 0; 818 }"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.11",
"versionEndExcluding": "4.14.258",
"matchCriteriaId": "D558DB37-1235-4001-BA1A-9A2FBE8583D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.221",
"matchCriteriaId": "CECDDE2F-DEEF-4D3A-85FF-6AEBA16D225B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.165",
"matchCriteriaId": "B1DD3148-41FC-42AC-96A5-F63D774A97A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.85",
"matchCriteriaId": "D9668578-08F7-4694-A86F-FCE448387A79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.8",
"matchCriteriaId": "6664ACE2-F748-4AE5-B98B-58803B0B2C3E"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/2e0e072e62fdaf7816220af08e05c020f0fcb77a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3e93abcdcec0436fbf0b6a88ae806902426895a2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/484069b5de9d223cc1c64c6f80389a99cfef51f1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c56c96303e9289cc34716b1179597b6f470833de",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eb51f639ef3fd5498b7def290ed8681b6aadd9a7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f707820c09239d6f67699d9b2ff57863cc7905b0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

142
CVE-2021/CVE-2021-475xx/CVE-2021-47518.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47518",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:13.557",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T18:43:43.857",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,39 +14,159 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: nfc: corrige la posible deref del puntero NULL en nfc_genl_dump_ses_done La devoluci\u00f3n de llamada de netlink done() nfc_genl_dump_ses_done() debe verificar si el argumento recibido no es NULL, porque su asignaci\u00f3n podr\u00eda fallar antes en dumpit() (nfc_genl_dump_ses())."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.12",
"versionEndExcluding": "4.4.295",
"matchCriteriaId": "7C065009-08E2-4077-B054-3FAB37A97562"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.5",
"versionEndExcluding": "4.9.293",
"matchCriteriaId": "5D107324-F4B9-4146-BACC-391E95D41D67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.258",
"matchCriteriaId": "71B2A056-7541-4FF3-859E-C55955DDA2DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.221",
"matchCriteriaId": "CECDDE2F-DEEF-4D3A-85FF-6AEBA16D225B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.165",
"matchCriteriaId": "B1DD3148-41FC-42AC-96A5-F63D774A97A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.85",
"matchCriteriaId": "D9668578-08F7-4694-A86F-FCE448387A79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.8",
"matchCriteriaId": "6664ACE2-F748-4AE5-B98B-58803B0B2C3E"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3b861a40325eac9c4c13b6c53874ad90617e944d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/48fcd08fdbe05e35b650a252ec2a2d96057a1c7a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4cd8371a234d051f9c9557fcbb1f8c523b1c0d10",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/69bb79a8f5bb9f436b6f1434ca9742591b7bbe18",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/811a7576747760bcaf60502f096d1e6e91d566fa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/83ea620a1be840bf05089a5061fb8323ca42f38c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/87cdb8789c38e44ae5454aafe277997c950d00ed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fae9705d281091254d4a81fa2da9d22346097dca",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

70
CVE-2021/CVE-2021-475xx/CVE-2021-47519.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47519",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:13.783",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T18:43:26.763",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: can: m_can: m_can_read_fifo: corrige la p\u00e9rdida de memoria en la rama de error En m_can_read_fifo(), si la segunda llamada a m_can_fifo_read() falla, la funci\u00f3n salta a la etiqueta out_fail y regresa sin llamar m_can_receive_skb(). Esto significa que el skb previamente asignado por alloc_can_skb() no se libera. En otras palabras, se trata de una p\u00e9rdida de memoria. Este parche agrega una etiqueta goto para destruir el skb si ocurre un error. Se encontr\u00f3 un problema con GCC -fanalyzer; siga el enlace a continuaci\u00f3n para obtener m\u00e1s detalles."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.15.8",
"matchCriteriaId": "3D41A0AF-6691-4755-BF48-03EA17652D8F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/31cb32a590d62b18f69a9a6d433f4e69c74fdd56",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/75a422165477dd12d2d20aa7c9ee7c9a281c9908",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

142
CVE-2021/CVE-2021-475xx/CVE-2021-47520.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47520",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:14.003",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T18:42:47.233",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,39 +14,159 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: can: pch_can: pch_can_rx_normal: corregir el use after free despu\u00e9s de llamar a netif_receive_skb(skb), desreferenciar skb no es seguro. Especialmente, el can_frame cf que alias la memoria skb se desreferencia justo despu\u00e9s de la llamada netif_receive_skb(skb). Reordenar las l\u00edneas resuelve el problema."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.37",
"versionEndExcluding": "4.4.295",
"matchCriteriaId": "0BFBC5B8-3555-4F40-8066-0E6481B4B7F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.5",
"versionEndExcluding": "4.9.293",
"matchCriteriaId": "5D107324-F4B9-4146-BACC-391E95D41D67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.258",
"matchCriteriaId": "71B2A056-7541-4FF3-859E-C55955DDA2DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.221",
"matchCriteriaId": "CECDDE2F-DEEF-4D3A-85FF-6AEBA16D225B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.165",
"matchCriteriaId": "B1DD3148-41FC-42AC-96A5-F63D774A97A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.85",
"matchCriteriaId": "D9668578-08F7-4694-A86F-FCE448387A79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.8",
"matchCriteriaId": "6664ACE2-F748-4AE5-B98B-58803B0B2C3E"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3a3c46e2eff0577454860a203be1a8295f4acb76",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3e193ef4e0a3f5bf92ede83ef214cb09d01b00aa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6c73fc931658d8cbc8a1714b326cb31eb71d16a7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/703dde112021c93d6e89443c070e7dbd4dea612e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/94cddf1e9227a171b27292509d59691819c458db",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/abb4eff3dcd2e583060082a18a8dbf31f02689d4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/affbad02bf80380a7403885b9fe4a1587d1bb4f3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bafe343a885c70dddf358379cf0b2a1c07355d8d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

142
CVE-2021/CVE-2021-475xx/CVE-2021-47521.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47521",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:14.203",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T18:41:35.017",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,39 +14,159 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: can: sja1000: arreglar el use after free en ems_pcmcia_add_card() Si el \u00faltimo canal no est\u00e1 disponible entonces se libera \"dev\". Afortunadamente, podemos usar \"pdev->irq\" en su lugar. Tambi\u00e9n debemos comprobar si se configur\u00f3 al menos un canal."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.2",
"versionEndExcluding": "4.4.295",
"matchCriteriaId": "E8A4BCFB-2E82-46CF-9D84-81F454F3C1BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.5",
"versionEndExcluding": "4.9.293",
"matchCriteriaId": "5D107324-F4B9-4146-BACC-391E95D41D67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.258",
"matchCriteriaId": "71B2A056-7541-4FF3-859E-C55955DDA2DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.221",
"matchCriteriaId": "CECDDE2F-DEEF-4D3A-85FF-6AEBA16D225B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.165",
"matchCriteriaId": "B1DD3148-41FC-42AC-96A5-F63D774A97A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.85",
"matchCriteriaId": "D9668578-08F7-4694-A86F-FCE448387A79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.8",
"matchCriteriaId": "6664ACE2-F748-4AE5-B98B-58803B0B2C3E"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1a295fea90e1acbe80c6d4940f5ff856edcd6bec",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1dd5b819f7e406dc15bbc7670596ff25261aaa2a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3ec6ca6b1a8e64389f0212b5a1b0f6fed1909e45",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/474f9a8534f5f89841240a7e978bafd6e1e039ce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/923f4dc5df679f678e121c20bf2fd70f7bf3e288",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c8718026ba287168ff9ad0ccc4f9a413062cba36",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cbd86110546f7f730a1f5d7de56c944a336c15c4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ccf070183e4655824936c0f96c4a2bcca93419aa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

93
CVE-2021/CVE-2021-475xx/CVE-2021-47522.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47522",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:14.540",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T18:42:19.167",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,23 +14,102 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: HID: bigbenff: evita la desreferencia del puntero nulo Al emular el dispositivo a trav\u00e9s de uhid, existe la posibilidad de que no tengamos informes de salida y, por lo tanto, report_field sea nulo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.165",
"matchCriteriaId": "7BC209F5-C287-4DD6-ACE6-4B1AA642E656"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.85",
"matchCriteriaId": "D9668578-08F7-4694-A86F-FCE448387A79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.8",
"matchCriteriaId": "6664ACE2-F748-4AE5-B98B-58803B0B2C3E"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/58f15f5ae7786c824868f3a7e093859b74669ce7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6272b17001e6fdcf7b4a16206287010a1523fa6e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8e0ceff632f48175ec7fb4706129c55ca8a7c7bd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/918aa1ef104d286d16b9e7ef139a463ac7a296f0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

70
CVE-2021/CVE-2021-475xx/CVE-2021-47525.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47525",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:15.167",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T18:41:12.207",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: serial: liteuart: corrige use-after-free y memleak al desvincular. Cancelar el registro del puerto al desvincular el controlador para evitar que se use despu\u00e9s de liberar los datos del controlador y p\u00e9rdida de memoria asignada por el n\u00facleo serie."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.7",
"matchCriteriaId": "A696A60B-2782-4119-83DD-1EFFBC903F02"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/05f929b395dec8957b636ff14e66b277ed022ed9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/602824cf9aa9db8830ffe5cfb2cd54365cada4fe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

70
CVE-2021/CVE-2021-475xx/CVE-2021-47526.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47526",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:15.383",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T18:40:26.110",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: serial: liteuart: se corrige la desreferencia del puntero NULL en ->remove() drvdata debe configurarse en _probe(); de lo contrario, platform_get_drvdata() provoca un ERROR de desreferencia del puntero nulo en _remove()."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.7",
"matchCriteriaId": "A696A60B-2782-4119-83DD-1EFFBC903F02"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0f55f89d98c8b3e12b4f55f71c127a173e29557c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/189c99c629bbf85916c02c153f904649cc0a9d7f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

70
CVE-2021/CVE-2021-475xx/CVE-2021-47528.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47528",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:15.763",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T18:36:37.280",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: cdnsp: corrige una desreferencia de puntero NULL en cdnsp_endpoint_init() En cdnsp_endpoint_init(), cdnsp_ring_alloc() se asigna a pep->ring y hay una desreferencia del mismo en cdnsp_endpoint_init( ), lo que podr\u00eda provocar una desreferencia del puntero NULL en caso de falla de cdnsp_ring_alloc(). Corrija este error agregando una marca de pep->ring. Este error fue encontrado por un analizador est\u00e1tico. El an\u00e1lisis emplea verificaci\u00f3n diferencial para identificar operaciones de seguridad inconsistentes (por ejemplo, comprobaciones o kfrees) entre dos rutas de c\u00f3digo y confirma que las operaciones inconsistentes no se recuperan en la funci\u00f3n actual o en las personas que llaman, por lo que constituyen errores. Tenga en cuenta que, como error encontrado mediante an\u00e1lisis est\u00e1tico, puede ser un falso positivo o dif\u00edcil de activar. Varios investigadores han realizado una revisi\u00f3n cruzada del error. Las compilaciones con CONFIG_USB_CDNSP_GADGET=y no muestran nuevas advertencias y nuestro analizador est\u00e1tico ya no advierte sobre este c\u00f3digo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.15.7",
"matchCriteriaId": "6FE5F0C4-AE43-4DD0-ADAB-1090889867A3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/37307f7020ab38dde0892a578249bf63d00bca64",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7d94bc8e335cb33918e52efdbe192c36707bfa24",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

70
CVE-2021/CVE-2021-475xx/CVE-2021-47529.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47529",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:15.967",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T18:36:03.127",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iwlwifi: soluciona p\u00e9rdidas de memoria en la ruta de manejo de errores. Si ocurre un error (lengua TLV no v\u00e1lida o falla en la asignaci\u00f3n de memoria), la memoria ya asignada en 'reduce_power_data' debe liberarse antes de regresar; de lo contrario, est\u00e1 goteando."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.14",
"versionEndExcluding": "5.15.7",
"matchCriteriaId": "5871F1B2-E1CB-486B-B38F-46AED1035423"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/4768935c25403ba96e7a745645df24a51a774b7e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a571bc28326d9f3e13f5f2d9cda2883e0631b0ce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

70
CVE-2021/CVE-2021-475xx/CVE-2021-47537.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47537",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:17.543",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T18:35:41.393",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: octeontx2-af: corrige un error de memleak en rvu_mbox_init() En rvu_mbox_init(), mbox_regions no se libera ni se pasa en la regi\u00f3n predeterminada del conmutador, lo que podr\u00eda provocar una p\u00e9rdida de memoria. Corrija este error cambiando 'return err' por 'goto free_regions'. Este error fue encontrado por un analizador est\u00e1tico. El an\u00e1lisis emplea verificaci\u00f3n diferencial para identificar operaciones de seguridad inconsistentes (por ejemplo, comprobaciones o kfrees) entre dos rutas de c\u00f3digo y confirma que las operaciones inconsistentes no se recuperan en la funci\u00f3n actual o en las personas que llaman, por lo que constituyen errores. Tenga en cuenta que, como error encontrado mediante an\u00e1lisis est\u00e1tico, puede ser un falso positivo o dif\u00edcil de activar. Varios investigadores han realizado una revisi\u00f3n cruzada del error. Las compilaciones con CONFIG_OCTEONTX2_AF=y no muestran nuevas advertencias y nuestro analizador est\u00e1tico ya no advierte sobre este c\u00f3digo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.15.7",
"matchCriteriaId": "6FE5F0C4-AE43-4DD0-ADAB-1090889867A3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1c0ddef45b7e3dbe3ed073695d20faa572b7056a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e07a097b4986afb8f925d0bb32612e1d3e88ce15",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

82
CVE-2021/CVE-2021-475xx/CVE-2021-47540.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47540",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:18.147",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T18:35:23.710",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mt76: mt7915: corrige la desreferencia del puntero NULL en mt7915_get_phy_mode. Corrija la siguiente desreferencia del puntero NULL en la rutina mt7915_get_phy_mode agregando una interfaz ibss al controlador mt7915. [ 101.137097] wlan0: activa una nueva exploraci\u00f3n para encontrar un IBSS al que unirse [ 102.827039] wlan0: crea una nueva red IBSS, BSSID 26:a4:50:1a:6e:69 [ 103.064756] No se puede manejar la desreferencia del puntero NULL del kernel en la direcci\u00f3n virtual 0000000000000000 [ 103.073670] Informaci\u00f3n de cancelaci\u00f3n de memoria: [ 103.076520] ESR = 0x96000005 [ 103.079614] EC = 0x25: DABT (EL actual), IL = 32 bits [ 103.084934] SET = 0, FnV = 0 [ 103.088042] EA = 0, 1PTW = 0 [ 103.091215] Informaci\u00f3n de cancelaci\u00f3n de datos: [ 103.094104] ISV = 0, ISS = 0x00000005 [ 103.098041] CM = 0, WnR = 0 [ 103.101044] tabla de p\u00e1ginas de usuario: p\u00e1ginas de 4k, VA de 39 bits, pgdp=00000000460 b1000 [ 103.107565 ] [0000000000000000] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000 [103.116590] Error interno: Ups: 96000005 [#1] SMP [103.189066] CPU: 1 PID: 333 Comunicaciones: kworker/u4:3 No contaminado 5.10.75 #0 [ 103.195498 ] Nombre del hardware: Placa MediaTek MT7622 RFB1 (DT) [103.201124] Cola de trabajo: phy0 ieee80211_iface_work [mac80211] [103.206695] pstate: 20000005 (nzCv daif -PAN -UAO -TCO BTYPE=--) [103.212705] pc: t7915_get_phy_mode+0x68/ 0x120 [MT7915E] [103.218103] LR: MT7915_MCU_ADD_BSS_INFO+0X11C/0X760 [MT7915E] [103.223927] SP: FFFFFFFC011CDB9E0 [103.222235] x29: F8006563098 [103.232545] x27: ffffff8005f4da22 x26: ffffff800685ac40 [103.237855] x25: 000000000000000001 x24: 000000000000011f [ 103.243165] x23: ffffff8005f4e260 x22: ffffff8006567918 [ 103.248475] x21: ffffff8005f4df80 x20: ffffff800685ac58 [ 103.253785] x19: 44400 x18: 0000000000000000 [ 103.259094] x17: 0000000000000000 x16: 0000000000000001 [ 103.264403] x15: 000899c3a2d9d2e4 x14: 99bdc3c3a1c8 [103.269713] x13: 0000000000000000 x12: 0000000000000000 [ 103.275024] x11: ffffffc010e30c20 x10: 0000000000000000 [ 103.280333] x9 : 0000000000000050 x8: ffffff8006567d88 [103.285642] x7: ffffff8006563b5c x6: ffffff8006563b44 [103.290952] x5: 00000000000000002 x4: 0000000000000001 [ 103.2 96262] x3: 0000000000000001 x2: 0000000000000001 [ 103.301572] x1: 0000000000000000 x0: 0000000000000011 [103.306882] Rastreo de llamadas: [103.309328] mt7915_get_phy_mode+0x68/0x120 [mt7915e] [ 378] mt7915_bss_info_changed+0x198/0x200 [mt7915e] [ 103.319941] ieee80211_bss_info_change_notify+0x128/0x290 [mac80211] [ 103.326360] __ieee80211_sta_join_ibss+0x308/0x6c4 [mac80211] [ 103.332171] ieee80211_sta_create_ibss+0x8c/0x10c [mac80211] [ 103.337895] 614 [mac80211] [ 103.343185] ieee80211_iface_work+0x388/0x3f0 [mac80211] [ 103.348495] Process_one_work+0x288/0x690 [ 103.352499] work_thread+0x70/0x464 [ 103.356157] kthread+0x144/0x150 [ 103.359380] ret_from_fork+0x10/0x18 [ 103.362952] C\u00f3digo: 394008c3 52800220 00e4 7100007f (39400023)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.8",
"versionEndExcluding": "5.10.84",
"matchCriteriaId": "E9314948-D53C-419C-B785-89A3C0B287DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.7",
"matchCriteriaId": "A696A60B-2782-4119-83DD-1EFFBC903F02"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/14b03b8cebdf18ff13c39d58501b625411314de2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6e53d6d26920d5221d3f4d4f5ffdd629ea69aa5c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/932b338f4e5c4cb0c2ed640da3bced1e63620198",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

118
CVE-2021/CVE-2021-475xx/CVE-2021-47541.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47541",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:18.330",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T18:34:51.683",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,31 +14,131 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/mlx4_en: corrige un error de use-after-free en mlx4_en_try_alloc_resources() En mlx4_en_try_alloc_resources(), se llama a mlx4_en_copy_priv() y se liberar\u00e1 tmp->tx_cq en la ruta del error de mlx4_en_copy_priv(). Despu\u00e9s de eso, se llama a mlx4_en_alloc_resources() y hay una desreferencia de &tmp->tx_cq[t][i] en mlx4_en_alloc_resources(), lo que podr\u00eda llevar a un problema de use-after-free si falla mlx4_en_copy_priv(). Corrija este error agregando una verificaci\u00f3n de mlx4_en_copy_priv() Este error fue encontrado por un analizador est\u00e1tico. El an\u00e1lisis emplea verificaci\u00f3n diferencial para identificar operaciones de seguridad inconsistentes (por ejemplo, comprobaciones o kfrees) entre dos rutas de c\u00f3digo y confirma que las operaciones inconsistentes no se recuperan en la funci\u00f3n actual o en las personas que llaman, por lo que constituyen errores. Tenga en cuenta que, como error encontrado mediante an\u00e1lisis est\u00e1tico, puede ser un falso positivo o dif\u00edcil de activar. Varios investigadores han realizado una revisi\u00f3n cruzada del error. Las compilaciones con CONFIG_MLX4_EN=m no muestran nuevas advertencias y nuestro analizador est\u00e1tico ya no advierte sobre este c\u00f3digo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.7",
"versionEndExcluding": "4.14.257",
"matchCriteriaId": "7AF49EC4-841A-445B-BA46-0256B0EFB84C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.220",
"matchCriteriaId": "FFE5D9F3-CF1C-4DE8-9116-2EBE7BDEF7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.164",
"matchCriteriaId": "D2D8DC10-1823-4334-BD0F-C1B620602FF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.84",
"matchCriteriaId": "AE5B4333-2C46-40C3-8B42-0168AD91DDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.7",
"matchCriteriaId": "A696A60B-2782-4119-83DD-1EFFBC903F02"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/676dc7d9b15bf8733233a2db1ec3f9091ab34275",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/75917372eef0dbfb290ae45474314d35f97aea18",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/addad7643142f500080417dd7272f49b7a185570",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/be12572c5ddc8ad7453bada4eec8fa46967dc757",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e461a9816a1ac5b4aeb61621b817225b61e46a68",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f1d43efa59f1edd3e7eca0e94559b4c6b1cd4e2b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

142
CVE-2021/CVE-2021-475xx/CVE-2021-47542.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47542",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:18.550",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T18:34:33.073",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,39 +14,159 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: qlogic: qlcnic: corrigi\u00f3 una desreferencia de puntero NULL en qlcnic_83xx_add_rings() En qlcnic_83xx_add_rings(), se llamar\u00e1 a la funci\u00f3n indirecta de ahw->hw_ops->alloc_mbx_args para asignar memoria para cmd.req.arg, y hay una desreferencia del mismo en qlcnic_83xx_add_rings(), lo que podr\u00eda llevar a una desreferencia del puntero NULL en caso de falla de la funci\u00f3n indirecta como qlcnic_83xx_alloc_mbx_args(). Corrija este error agregando una verificaci\u00f3n de alloc_mbx_args(); este parche imita la l\u00f3gica del manejo de fallas de mbx_cmd(). Este error fue encontrado por un analizador est\u00e1tico. El an\u00e1lisis emplea verificaci\u00f3n diferencial para identificar operaciones de seguridad inconsistentes (por ejemplo, comprobaciones o kfrees) entre dos rutas de c\u00f3digo y confirma que las operaciones inconsistentes no se recuperan en la funci\u00f3n actual o en las personas que llaman, por lo que constituyen errores. Tenga en cuenta que, como error encontrado mediante an\u00e1lisis est\u00e1tico, puede ser un falso positivo o dif\u00edcil de activar. Varios investigadores han realizado una revisi\u00f3n cruzada del error. Las compilaciones con CONFIG_QLCNIC=m no muestran nuevas advertencias y nuestro analizador est\u00e1tico ya no advierte sobre este c\u00f3digo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.9",
"versionEndExcluding": "4.4.294",
"matchCriteriaId": "ADB9EFEF-ACB0-4A8F-AB11-363006921493"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.5",
"versionEndExcluding": "4.9.292",
"matchCriteriaId": "DB7F6C04-42D3-48A3-892D-2487383B9B6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.257",
"matchCriteriaId": "7080D941-9847-42F5-BA50-0A03CFB61FD1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.220",
"matchCriteriaId": "FFE5D9F3-CF1C-4DE8-9116-2EBE7BDEF7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.164",
"matchCriteriaId": "D2D8DC10-1823-4334-BD0F-C1B620602FF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.84",
"matchCriteriaId": "AE5B4333-2C46-40C3-8B42-0168AD91DDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.7",
"matchCriteriaId": "A696A60B-2782-4119-83DD-1EFFBC903F02"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/15fa12c119f869173f9b710cbe6a4a14071d2105",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3a061d54e260b701b538873b43e399d9b8b83e03",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/550658a2d61e4eaf522c8ebc7fad76dc376bfb45",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/57af54a56024435d83e44c78449513b414eb6edf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b4f217d6fcc00c3fdc0921a7691f30be7490b073",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bbeb0325a7460ebf1e03f5e0bfc5c652fba9519f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c5ef33c1489b2cd74368057fa00b5d2183bb5853",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e2dabc4f7e7b60299c20a36d6a7b24ed9bf8e572",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

93
CVE-2021/CVE-2021-475xx/CVE-2021-47543.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47543",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:18.777",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T18:31:52.387",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,23 +14,102 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: informe de rendimiento: corrige p\u00e9rdidas de memoria en torno a perf_tip() perf_tip() puede asignar memoria o usar un literal, esto significa que la memoria no se liber\u00f3 si se asign\u00f3. Cambie la API para que no se utilicen literales. Al mismo tiempo, agregue los espacios libres que faltan para system_path. Estos problemas se detectaron utilizando un sanitizante para fugas."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.164",
"matchCriteriaId": "D9D4A7FF-D4E4-4E2E-AB03-A61A4AB3A757"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.84",
"matchCriteriaId": "AE5B4333-2C46-40C3-8B42-0168AD91DDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.7",
"matchCriteriaId": "A696A60B-2782-4119-83DD-1EFFBC903F02"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/71e284dcebecb9fd204ff11097469cc547723ad1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d9fc706108c15f8bc2d4ccccf8e50f74830fabd9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/df5990db088d4c7fea9a2f9b8195a7859e1768c4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ff061b5bda73c4f785b4703eeb0848fd99e5608a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

117
CVE-2021/CVE-2021-475xx/CVE-2021-47545.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47545",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:19.200",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T18:31:09.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,31 +14,130 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: perf hist: corrige la p\u00e9rdida de memoria de un perf_hpp_fmt perf_hpp__column_unregister() elimina una entrada de una lista pero no libera la memoria, lo que provoca una p\u00e9rdida de memoria detectada por el sanitizante de fugas. Agregue free y al mismo tiempo reduzca el alcance de la funci\u00f3n a est\u00e1tico."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.14.257",
"matchCriteriaId": "AC83C406-105B-497E-BD04-BC75618864B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.220",
"matchCriteriaId": "FFE5D9F3-CF1C-4DE8-9116-2EBE7BDEF7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.164",
"matchCriteriaId": "D2D8DC10-1823-4334-BD0F-C1B620602FF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.84",
"matchCriteriaId": "AE5B4333-2C46-40C3-8B42-0168AD91DDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.7",
"matchCriteriaId": "A696A60B-2782-4119-83DD-1EFFBC903F02"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0ca1f534a776cc7d42f2c33da4732b74ec2790cd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/24a139c105fa0f7f99888cf328bf6a02fc841675",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5b5c6f57a1f81499db4c8ea597898cb1b87de0b6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a4c17ebdd6249cb4e061358d3693383f6628e069",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b380d09e44e8479e71e3ae8446b515a5b3166244",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c5c8a26c0dc69a400553245e92d741fe55f91095",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

94
CVE-2021/CVE-2021-475xx/CVE-2021-47546.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47546",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:19.450",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T18:30:20.320",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,23 +14,103 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ipv6: corrige la p\u00e9rdida de memoria en fib6_rule_suppress El kernel pierde memoria cuando una regla `fib` est\u00e1 presente en las reglas de firewall de nftables de IPv6 y una regla de supresi\u00f3n_prefix est\u00e1 presente en las reglas de enrutamiento de IPv6 (utilizadas por ciertas herramientas como wg-quick). En tales escenarios, cada paquete entrante perder\u00e1 una asignaci\u00f3n en el cach\u00e9 de losa `ip6_dst_cache`. Despu\u00e9s de algunas horas de `bpftrace`-ing y lectura del c\u00f3digo fuente, rastre\u00e9 el problema hasta ca7a03c41753 (\"ipv6: no libere rt si FIB_LOOKUP_NOREF est\u00e1 configurado en la regla de supresi\u00f3n\"). El problema con ese cambio es que los `args->flags` gen\u00e9ricos siempre tienen `FIB_LOOKUP_NOREF` configurado[1][2] pero el indicador espec\u00edfico de IPv6 `RT6_LOOKUP_F_DST_NOREF` podr\u00eda no estarlo, lo que lleva a que `fib6_rule_suppress` no disminuya el recuento cuando necesario. C\u00f3mo reproducir: - Agregue la siguiente regla nftables a una cadena de enrutamiento previo: meta nfproto ipv6 fib saddr. marca . iif oif falta gota Esto se puede hacer con: sudo nft create table inet test sudo nft create chain inet test test_chain '{ tipo filtro gancho prerouting filtro de prioridad + 10; aceptar pol\u00edtica; }' sudo nft agregar regla inet test test_chain meta nfproto ipv6 fib saddr. marca . iif oif falta gota - Ejecutar: sudo ip -6 regla agregar tabla principal suprimir_prefixlength 0 - Ver `sudo slabtop -o | grep ip6_dst_cache` para ver el aumento del uso de memoria con cada paquete ipv6 entrante. Este parche expone los indicadores espec\u00edficos del protocolo a la funci\u00f3n `suprimir` espec\u00edfica del protocolo y verifica el argumento `flags` espec\u00edfico del protocolo para RT6_LOOKUP_F_DST_NOREF en lugar del FIB_LOOKUP_NOREF gen\u00e9rico al disminuir el recuento, de esta manera. [1]: https://github.com/torvalds/linux/blob/ca7a03c4175366a92cee0ccc4fec0038c3266e26/net/ipv6/fib6_rules.c#L71 [2]: https://github.com/torvalds/linux/blob/ca7a03c4175366a92cee0ccc4fec0038 c3266e26/net /ipv6/fib6_rules.c#L99"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "5.4.164",
"matchCriteriaId": "1C6E0E5A-819B-4CEA-BD4B-6647308627E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.84",
"matchCriteriaId": "AE5B4333-2C46-40C3-8B42-0168AD91DDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.7",
"matchCriteriaId": "A696A60B-2782-4119-83DD-1EFFBC903F02"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/209d35ee34e25f9668c404350a1c86d914c54ffa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8ef8a76a340ebdb2c2eea3f6fb0ebbed09a16383",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cdef485217d30382f3bf6448c54b4401648fe3f1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ee38eb8cf9a7323884c2b8e0adbbeb2192d31e29",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

81
CVE-2021/CVE-2021-475xx/CVE-2021-47550.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47550",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:19.857",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T19:23:10.227",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,88 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drm/amd/amdgpu: corrige una posible fuga de mem en la funci\u00f3n amdgpu_get_xgmi_hive, cuando falla kobject_init_and_add Hay una posible fuga de mem si no se llama a kobject_put."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.84",
"matchCriteriaId": "2771BC87-698A-4F2C-B04F-D8D773D4EA58"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.7",
"matchCriteriaId": "A696A60B-2782-4119-83DD-1EFFBC903F02"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/27dfaedc0d321b4ea4e10c53e4679d6911ab17aa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/75752ada77e0726327adf68018b9f50ae091baeb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c746945fb6bcbe3863c9ea6369c7ef376e38e5eb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

70
CVE-2021/CVE-2021-475xx/CVE-2021-47556.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47556",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:20.320",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T19:23:01.133",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ethtool: ioctl: corrige un posible deref NULL en ethtool_set_coalesce() ethtool_set_coalesce() ahora usa las devoluciones de llamada .get_coalesce() y .set_coalesce(). Pero la verificaci\u00f3n de su disponibilidad tiene errores, por lo que cambiar la configuraci\u00f3n de fusi\u00f3n en un dispositivo donde el controlador proporciona solo _una_ de las devoluciones de llamada da como resultado una desreferencia del puntero NULL en lugar de un -EOPNOTSUPP. Corrija la condici\u00f3n para que se garantice la disponibilidad de ambas devoluciones de llamada. Esto tambi\u00e9n coincide con el c\u00f3digo netlink. Tenga en cuenta que reproducir esto requiere algo de esfuerzo: solo afecta la ruta ioctl heredada y necesita una combinaci\u00f3n espec\u00edfica de opciones de controlador: - tener .get_coalesce() y .coalesce_supported pero no .set_coalesce(), o - tener .set_coalesce() pero no .get_coalesce(). Aqu\u00ed por ej. ethtool no causa el bloqueo ya que primero intenta llamar a ethtool_get_coalesce() y sale por error."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.15.6",
"matchCriteriaId": "082C8F69-46F5-469A-A650-E0340F11BEF5"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0276af2176c78771da7f311621a25d7608045827",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/abfdd9e2f0f9699015d72317f74154d3e53664e6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

82
CVE-2021/CVE-2021-475xx/CVE-2021-47559.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47559",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:20.537",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T19:22:53.997",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/smc: corrige la desreferenciaci\u00f3n del puntero NULL en smc_vlan_by_tcpsk() Coverity informa un posible problema de desreferenciaci\u00f3n de NULL: en smc_vlan_by_tcpsk(): 6. return_null: netdev_lower_get_next devuelve NULL (comprobado 29 de 30 veces). 7. var_assigned: Asignaci\u00f3n: ndev = valor de retorno NULL de netdev_lower_get_next. 1623 ndev = (struct net_device *)netdev_lower_get_next(ndev, &lower); CID 1468509 (#1 de 1): Desreferenciar valor de retorno nulo (NULL_RETURNS) 8. desreferencia: Desreferenciar un puntero que podr\u00eda ser NULL ndev al llamar a is_vlan_dev. 1624 if (is_vlan_dev(ndev)) { Elimine la implementaci\u00f3n manual y use netdev_walk_all_lower_dev() para iterar sobre los dispositivos inferiores. Mientras est\u00e9 en \u00e9l, elimine un comentario de par\u00e1metro de funci\u00f3n obsoleto."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.18",
"versionEndExcluding": "5.10.83",
"matchCriteriaId": "835BC6F8-85B4-4718-9DE2-261C7D68F1B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.6",
"matchCriteriaId": "990C08FB-0121-4296-896F-556312F8FF3B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/587acad41f1bc48e16f42bb2aca63bf323380be8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bb851d0fb02547d03cd40106b5f2391c4fed6ed1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c94cbd262b6aa3b54d73a1ed1f9c0d19df57f4ff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

70
CVE-2021/CVE-2021-475xx/CVE-2021-47570.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47570",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:22.410",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T19:22:46.993",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: staging: r8188eu: soluciona una p\u00e9rdida de memoria en rtw_wx_read32() Libera \"ptmp\" antes de devolver -EINVAL."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.15.6",
"matchCriteriaId": "082C8F69-46F5-469A-A650-E0340F11BEF5"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/be4ea8f383551b9dae11b8dfff1f38b3b5436e9a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c8d3775745adacf9784a7a80a82d047051752573",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

142
CVE-2021/CVE-2021-475xx/CVE-2021-47571.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47571",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:22.607",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T19:22:36.833",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,39 +14,159 @@
"value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: staging: rtl8192e: Corrige el use after free en _rtl92e_pci_disconnect() La funci\u00f3n free_rtllib() libera el puntero \"dev\" para que haya use after free en la siguiente l\u00ednea. Reorganice las cosas para evitar eso."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.2",
"versionEndExcluding": "4.4.294",
"matchCriteriaId": "C0203844-754E-40C9-AFB3-678A9A9D2490"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.5",
"versionEndExcluding": "4.9.292",
"matchCriteriaId": "DB7F6C04-42D3-48A3-892D-2487383B9B6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.257",
"matchCriteriaId": "7080D941-9847-42F5-BA50-0A03CFB61FD1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.219",
"matchCriteriaId": "B9EF0575-6BF6-4AD9-B9A0-5C8D7D71710C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.163",
"matchCriteriaId": "80E8F086-C9B9-4987-8B2E-B4A16D1DA7BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.83",
"matchCriteriaId": "D4843826-EA9A-472B-82EC-B9E4FD4149AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.6",
"matchCriteriaId": "990C08FB-0121-4296-896F-556312F8FF3B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/2e1ec01af2c7139c6a600bbfaea1a018b35094b6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8d0163cec7de995f9eb9c3128c83fb84f0cb1c64",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9186680382934b0e7529d3d70dcc0a21d087683b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b535917c51acc97fb0761b1edec85f1f3d02bda4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bca19bb2dc2d89ce60c4a4a6e59609d4cf2e13ef",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c0ef0e75a858cbd8618b473f22fbca36106dcf82",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d43aecb694b10db9a4228ce2d38b5ae8de374443",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e27ee2f607fe6a9b923ef1fc65461c0613c97594",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

94
CVE-2021/CVE-2021-475xx/CVE-2021-47572.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47572",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-24T15:15:22.887",
"lastModified": "2024-05-24T18:09:20.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T19:22:05.237",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,23 +14,103 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: nexthop: corrige la desreferencia del puntero nulo cuando IPv6 no est\u00e1 habilitado Cuando intentamos agregar un nexthop IPv6 y IPv6 no est\u00e1 habilitado (!CONFIG_IPV6) alcanzaremos una desreferencia del puntero NULL [1] en la ruta de error de nh_create_ipv6() debido a la llamada a ipv6_stub->fib6_nh_release. El error ha estado presente desde el comienzo del soporte de la puerta de enlace IPv6 nexthop. El commit 1aefd3de7bc6 (\"ipv6: Agregar fib6_nh_init y liberar a los stubs\") nos dice que solo fib6_nh_init tiene un stub ficticio porque no se debe llamar a fib6_nh_release si fib6_nh_init devuelve un error, pero el commit a continuaci\u00f3n agreg\u00f3 una llamada a ipv6_stub->fib6_nh_release en su error camino. Para solucionarlo, devuelva el error -EAFNOSUPPORT del c\u00f3digo auxiliar ficticio directamente sin llamar a ipv6_stub->fib6_nh_release en la ruta de error de nh_create_ipv6(). [1] La salida est\u00e1 un poco truncada, pero muestra claramente el error. ERROR: desreferencia del puntero NULL del kernel, direcci\u00f3n: 0000000000000000000 #PF: b\u00fasqueda de instrucciones del supervisor en modo kernel #PF: c\u00f3digo_error(0x0010) - p\u00e1gina no presente PGD 0 P4D 0 Ups: 0010 [#1] PREEMPT SMP NOPTI CPU: 4 PID: 638 Comm: ip Kdump: cargado No contaminado 5.16.0-rc1+ #446 Nombre del hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996), BIOS 1.14.0-4.fc34 01/04/2014 RIP: 0010:0x0 C\u00f3digo: No se puede acceder a los bytes del c\u00f3digo de operaci\u00f3n en RIP 0xffffffffffffffd6. RSP: 0018:ffff888109f5b8f0 EFLAGS: 00010286^Ac RAX: 0000000000000000 RBX: ffff888109f5ba28 RCX: 00000000000000000 RDX: 0000000000000000 RSI: 000000000000000 RDI: ffff8881008a2860 RBP: ffff888109f5b9d8 R08: 0000000000000000 R09: 00000000000000000 R10: ffff888109f5b978 R11: 9f5b948 R12: 00000000ffffff9f R13: ffff8881008a2a80 R14 : ffff8881008a2860 R15: ffff8881008a2840 FS: 00007f98de70f100(0000) GS:ffff88822bf00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0 CR0: 0000000080050033 CR2: ffffffffffffffd6 CR3: 0000000100efc000 CR4: 00000000000006e0 Seguimiento de llamadas: nh_create_ipv6+0xed /0x10c rtm_new_nexthop+0x6d7/0x13f3 ? check_preemption_disabled+0x3d/0xf2? lock_is_held_type+0xbe/0xfd rtnetlink_rcv_msg+0x23f/0x26a? check_preemption_disabled+0x3d/0xf2? rtnl_calcit.isra.0+0x147/0x147 netlink_rcv_skb+0x61/0xb2 netlink_unicast+0x100/0x187 netlink_sendmsg+0x37f/0x3a0 ? netlink_unicast+0x187/0x187 sock_sendmsg_nosec+0x67/0x9b ____sys_sendmsg+0x19d/0x1f9 ? copy_msghdr_from_user+0x4c/0x5e? rcu_read_lock_any_held+0x2a/0x78 ___sys_sendmsg+0x6c/0x8c? asm_sysvec_apic_timer_interrupt+0x12/0x20? lockdep_hardirqs_on+0xd9/0x102? sockfd_lookup_light+0x69/0x99 __sys_sendmsg+0x50/0x6e do_syscall_64+0xcb/0xf2 Entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f98dea28914 C\u00f3digo: 00 f7 d8 64 89 02 c7 c0 ff ff ff ff eb b5 0f 1f 80 00 00 00 00 48 8d 05 e9 5d 0c 00 8b 00 85 c0 75 13 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 41 54 41 89 d4 55 48 89 f5 53 RSP: :00007fff859f5e68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e2e RAX: ffffffffffffffda RBX: 00000000619cb810 RCX: 00007f98dea28914 RDX: 0000000000000000 RSI: 00007fff859f5ed0 RDI: 0000000000000003 RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000008 R10: fffffffffffffce6 R11: 0000000000000246 R12: 0000000000001 R13: 000055c0097ae520 R14: 000055c0097957fd R15: 00007fff859f63a0 < /TASK> M\u00f3dulos vinculados en: bridge stp llc bonding virtio_net"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.3",
"versionEndExcluding": "5.4.163",
"matchCriteriaId": "755F3E83-05A5-403D-A6B2-ED9DE8B0F69B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.83",
"matchCriteriaId": "D4843826-EA9A-472B-82EC-B9E4FD4149AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.6",
"matchCriteriaId": "990C08FB-0121-4296-896F-556312F8FF3B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1c743127cc54b112b155f434756bd4b5fa565a99",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/39509d76a9a3d02f379d52cb4b1449469c56c0e0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7b6f44856da5ba0b1aa61403eb9fddd272156503",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b70ff391deeec35cdd8a05f5f63f5fe28bc4f225",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

2
CVE-2022/CVE-2022-247xx/CVE-2022-24702.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24702",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-06-02T14:15:37.513",
"lastModified": "2024-05-17T02:06:19.583",
"lastModified": "2024-06-10T19:15:52.243",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2022/CVE-2022-302xx/CVE-2022-30284.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30284",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-05-04T22:15:11.357",
"lastModified": "2024-05-17T02:09:02.717",
"lastModified": "2024-06-10T19:15:52.430",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2022/CVE-2022-331xx/CVE-2022-33171.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-33171",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-07-04T16:15:08.757",
"lastModified": "2024-05-17T02:10:16.893",
"lastModified": "2024-06-10T18:15:19.350",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2022/CVE-2022-371xx/CVE-2022-37177.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-37177",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-08-29T21:15:09.183",
"lastModified": "2024-05-17T02:11:49.920",
"lastModified": "2024-06-10T18:15:19.530",
"vulnStatus": "Modified",
"descriptions": [
{

6
CVE-2022/CVE-2022-392xx/CVE-2022-39253.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39253",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-10-19T11:15:11.227",
"lastModified": "2023-12-27T10:15:37.640",
"lastModified": "2024-06-10T18:15:19.643",
"vulnStatus": "Modified",
"descriptions": [
{
@ -225,6 +225,10 @@
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/14/2",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/git/git/security/advisories/GHSA-3wp6-j8xr-qw85",
"source": "security-advisories@github.com",

4
CVE-2022/CVE-2022-451xx/CVE-2022-45168.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45168",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-10T15:15:50.600",
"lastModified": "2024-06-10T15:15:50.600",
"vulnStatus": "Received",
"lastModified": "2024-06-10T18:06:22.600",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-451xx/CVE-2022-45176.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45176",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-10T15:15:50.687",
"lastModified": "2024-06-10T15:15:50.687",
"vulnStatus": "Received",
"lastModified": "2024-06-10T18:06:22.600",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

6
CVE-2022/CVE-2022-486xx/CVE-2022-48624.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48624",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-19T01:15:48.643",
"lastModified": "2024-06-10T17:16:10.493",
"lastModified": "2024-06-10T18:15:19.857",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -28,6 +28,10 @@
"url": "https://greenwoodsoftware.com/less/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00018.html",
"source": "cve@mitre.org"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240605-0010/",
"source": "cve@mitre.org"

8
CVE-2023/CVE-2023-205xx/CVE-2023-20588.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20588",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-08-08T18:15:11.653",
"lastModified": "2024-04-01T15:45:59.377",
"vulnStatus": "Analyzed",
"lastModified": "2024-06-10T18:15:19.940",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -1239,6 +1239,10 @@
"Mailing List"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240531-0005/",
"source": "psirt@amd.com"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007",
"source": "psirt@amd.com",

6
CVE-2023/CVE-2023-205xx/CVE-2023-20593.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20593",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-07-24T20:15:10.237",
"lastModified": "2023-09-25T21:15:13.997",
"lastModified": "2024-06-10T18:15:20.270",
"vulnStatus": "Modified",
"descriptions": [
{
@ -2147,6 +2147,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD2G74BXS2SWOE3FIQJ6X76S3A7PDGML/",
"source": "psirt@amd.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240531-0004/",
"source": "psirt@amd.com"
},
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7008",
"source": "psirt@amd.com",

8
CVE-2023/CVE-2023-320xx/CVE-2023-32067.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32067",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-25T23:15:09.380",
"lastModified": "2023-10-31T16:06:09.363",
"vulnStatus": "Analyzed",
"lastModified": "2024-06-10T18:15:20.643",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -179,6 +179,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240605-0004/",
"source": "security-advisories@github.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5419",
"source": "security-advisories@github.com",

6
CVE-2023/CVE-2023-359xx/CVE-2023-35949.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-35949",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-05-28T14:15:08.420",
"lastModified": "2024-05-28T14:59:09.827",
"lastModified": "2024-06-10T18:15:20.787",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -54,6 +54,10 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1784",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-359xx/CVE-2023-35950.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-35950",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-05-28T14:15:08.697",
"lastModified": "2024-05-28T14:59:09.827",
"lastModified": "2024-06-10T18:15:20.923",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -54,6 +54,10 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1784",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-359xx/CVE-2023-35951.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-35951",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-05-28T14:15:08.920",
"lastModified": "2024-05-28T14:59:09.827",
"lastModified": "2024-06-10T18:15:21.050",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -54,6 +54,10 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1784",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-359xx/CVE-2023-35952.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-35952",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-05-28T14:15:09.313",
"lastModified": "2024-05-28T14:59:09.827",
"lastModified": "2024-06-10T18:15:21.203",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -54,6 +54,10 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1784",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-359xx/CVE-2023-35953.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-35953",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-05-28T14:15:09.540",
"lastModified": "2024-05-28T14:59:09.827",
"lastModified": "2024-06-10T18:15:21.520",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -54,6 +54,10 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1784",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-405xx/CVE-2023-40546.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-40546",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-29T17:15:08.347",
"lastModified": "2024-04-29T14:15:07.383",
"lastModified": "2024-06-10T18:15:21.780",
"vulnStatus": "Modified",
"descriptions": [
{
@ -174,6 +174,10 @@
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html",
"source": "secalert@redhat.com"
}
]
}

6
CVE-2023/CVE-2023-405xx/CVE-2023-40547.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-40547",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-25T16:15:07.717",
"lastModified": "2024-04-30T12:15:45.093",
"lastModified": "2024-06-10T18:15:22.260",
"vulnStatus": "Modified",
"descriptions": [
{
@ -187,6 +187,10 @@
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html",
"source": "secalert@redhat.com"
}
]
}

6
CVE-2023/CVE-2023-405xx/CVE-2023-40548.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-40548",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-29T15:15:08.893",
"lastModified": "2024-05-08T09:15:07.757",
"lastModified": "2024-06-10T18:15:22.477",
"vulnStatus": "Modified",
"descriptions": [
{
@ -173,6 +173,10 @@
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html",
"source": "secalert@redhat.com"
}
]
}

6
CVE-2023/CVE-2023-405xx/CVE-2023-40549.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-40549",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-29T17:15:08.580",
"lastModified": "2024-04-29T14:15:07.807",
"lastModified": "2024-06-10T18:15:22.643",
"vulnStatus": "Modified",
"descriptions": [
{
@ -174,6 +174,10 @@
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html",
"source": "secalert@redhat.com"
}
]
}

6
CVE-2023/CVE-2023-405xx/CVE-2023-40550.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-40550",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-29T17:15:08.773",
"lastModified": "2024-04-29T14:15:07.910",
"lastModified": "2024-06-10T18:15:22.887",
"vulnStatus": "Modified",
"descriptions": [
{
@ -174,6 +174,10 @@
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html",
"source": "secalert@redhat.com"
}
]
}

6
CVE-2023/CVE-2023-405xx/CVE-2023-40551.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-40551",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-29T17:15:08.970",
"lastModified": "2024-04-29T14:15:08.007",
"lastModified": "2024-06-10T18:15:23.063",
"vulnStatus": "Modified",
"descriptions": [
{
@ -174,6 +174,10 @@
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html",
"source": "secalert@redhat.com"
}
]
}

14
CVE-2023/CVE-2023-428xx/CVE-2023-42893.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-42893",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-03-28T16:15:07.903",
"lastModified": "2024-06-10T17:16:13.573",
"lastModified": "2024-06-10T18:15:23.210",
"vulnStatus": "Modified",
"descriptions": [
{
@ -126,6 +126,10 @@
"url": "http://seclists.org/fulldisclosure/2024/May/10",
"source": "product-security@apple.com"
},
{
"url": "http://seclists.org/fulldisclosure/2024/May/12",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT214034",
"source": "product-security@apple.com",
@ -181,6 +185,14 @@
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214101",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/kb/HT214106",
"source": "product-security@apple.com"
}
]
}

14
CVE-2023/CVE-2023-495xx/CVE-2023-49501.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49501",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-19T17:15:51.787",
"lastModified": "2024-04-19T18:29:53.040",
"lastModified": "2024-06-10T18:15:23.307",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -20,6 +20,18 @@
"url": "https://github.com/FFmpeg/FFmpeg",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
"source": "cve@mitre.org"
},
{
"url": "https://trac.ffmpeg.org/ticket/10686",
"source": "cve@mitre.org"

14
CVE-2023/CVE-2023-495xx/CVE-2023-49502.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49502",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-19T17:15:51.850",
"lastModified": "2024-04-19T18:29:53.040",
"lastModified": "2024-06-10T18:15:23.440",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -20,6 +20,18 @@
"url": "https://github.com/FFmpeg/FFmpeg",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
"source": "cve@mitre.org"
},
{
"url": "https://trac.ffmpeg.org/ticket/10688",
"source": "cve@mitre.org"

14
CVE-2023/CVE-2023-495xx/CVE-2023-49528.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49528",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-12T06:15:06.320",
"lastModified": "2024-04-12T12:43:46.210",
"lastModified": "2024-06-10T18:15:23.510",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -16,6 +16,18 @@
],
"metrics": {},
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
"source": "cve@mitre.org"
},
{
"url": "https://trac.ffmpeg.org/ticket/10691",
"source": "cve@mitre.org"

14
CVE-2023/CVE-2023-500xx/CVE-2023-50007.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-50007",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-19T17:15:51.957",
"lastModified": "2024-04-19T18:29:53.040",
"lastModified": "2024-06-10T18:15:23.583",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -20,6 +20,18 @@
"url": "https://github.com/FFmpeg/FFmpeg/commit/b1942734c7cbcdc9034034373abcc9ecb9644c47",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
"source": "cve@mitre.org"
},
{
"url": "https://trac.ffmpeg.org/ticket/10700",
"source": "cve@mitre.org"

14
CVE-2023/CVE-2023-500xx/CVE-2023-50008.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-50008",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-19T17:15:52.013",
"lastModified": "2024-04-19T18:29:53.040",
"lastModified": "2024-06-10T18:15:23.660",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -20,6 +20,18 @@
"url": "https://github.com/FFmpeg/FFmpeg/commit/5f87a68cf70dafeab2fb89b42e41a4c29053b89b",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
"source": "cve@mitre.org"
},
{
"url": "https://trac.ffmpeg.org/ticket/10701",
"source": "cve@mitre.org"

14
CVE-2023/CVE-2023-500xx/CVE-2023-50009.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-50009",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-19T17:15:52.070",
"lastModified": "2024-04-19T18:29:53.040",
"lastModified": "2024-06-10T18:15:23.723",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -24,6 +24,18 @@
"url": "https://github.com/FFmpeg/FFmpeg",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
"source": "cve@mitre.org"
},
{
"url": "https://trac.ffmpeg.org/ticket/10699",
"source": "cve@mitre.org"

14
CVE-2023/CVE-2023-500xx/CVE-2023-50010.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-50010",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-19T17:15:52.127",
"lastModified": "2024-04-19T18:29:53.040",
"lastModified": "2024-06-10T18:15:23.783",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -20,6 +20,18 @@
"url": "https://ffmpeg.org/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
"source": "cve@mitre.org"
},
{
"url": "https://trac.ffmpeg.org/ticket/10702",
"source": "cve@mitre.org"

6
CVE-2023/CVE-2023-517xx/CVE-2023-51764.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-51764",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-24T05:15:08.273",
"lastModified": "2024-01-30T14:15:47.213",
"lastModified": "2024-06-10T18:15:23.843",
"vulnStatus": "Modified",
"descriptions": [
{
@ -146,6 +146,10 @@
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/09/3",
"source": "cve@mitre.org"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-51764",
"source": "cve@mitre.org",

14
CVE-2023/CVE-2023-517xx/CVE-2023-51791.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-51791",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-19T17:15:52.183",
"lastModified": "2024-04-19T18:29:53.040",
"lastModified": "2024-06-10T18:15:24.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -20,6 +20,18 @@
"url": "https://ffmpeg.org/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
"source": "cve@mitre.org"
},
{
"url": "https://trac.ffmpeg.org/ticket/10738",
"source": "cve@mitre.org"

14
CVE-2023/CVE-2023-517xx/CVE-2023-51792.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-51792",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-19T17:15:52.240",
"lastModified": "2024-04-19T18:29:53.040",
"lastModified": "2024-06-10T18:15:24.167",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -23,6 +23,18 @@
{
"url": "https://github.com/strukturag/libde265/issues/427",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
"source": "cve@mitre.org"
}
]
}

14
CVE-2023/CVE-2023-517xx/CVE-2023-51793.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-51793",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-19T17:15:52.297",
"lastModified": "2024-04-19T18:29:53.040",
"lastModified": "2024-06-10T18:15:24.273",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -20,6 +20,18 @@
"url": "https://ffmpeg.org/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
"source": "cve@mitre.org"
},
{
"url": "https://trac.ffmpeg.org/ticket/10743",
"source": "cve@mitre.org"

14
CVE-2023/CVE-2023-517xx/CVE-2023-51795.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-51795",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-19T17:15:52.350",
"lastModified": "2024-04-19T18:29:53.040",
"lastModified": "2024-06-10T18:15:24.363",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -20,6 +20,18 @@
"url": "https://ffmpeg.org/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
"source": "cve@mitre.org"
},
{
"url": "https://trac.ffmpeg.org/ticket/10749",
"source": "cve@mitre.org"

14
CVE-2023/CVE-2023-517xx/CVE-2023-51796.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-51796",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-19T17:15:52.407",
"lastModified": "2024-04-19T18:29:53.040",
"lastModified": "2024-06-10T18:15:24.427",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -20,6 +20,18 @@
"url": "https://ffmpeg.org/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
"source": "cve@mitre.org"
},
{
"url": "https://trac.ffmpeg.org/ticket/10753",
"source": "cve@mitre.org"

14
CVE-2023/CVE-2023-517xx/CVE-2023-51797.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-51797",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-19T17:15:52.463",
"lastModified": "2024-04-19T18:29:53.040",
"lastModified": "2024-06-10T18:15:24.487",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -24,6 +24,18 @@
"url": "https://github.com/FFmpeg/FFmpeg",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
"source": "cve@mitre.org"
},
{
"url": "https://trac.ffmpeg.org/ticket/10756",
"source": "cve@mitre.org"

14
CVE-2023/CVE-2023-517xx/CVE-2023-51798.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-51798",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-19T17:15:52.527",
"lastModified": "2024-04-19T18:29:53.040",
"lastModified": "2024-06-10T18:15:24.550",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -20,6 +20,18 @@
"url": "https://ffmpeg.org/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
"source": "cve@mitre.org"
},
{
"url": "https://trac.ffmpeg.org/ticket/10758",
"source": "cve@mitre.org"

10
CVE-2023/CVE-2023-57xx/CVE-2023-5752.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5752",
"sourceIdentifier": "cna@python.org",
"published": "2023-10-25T18:17:44.867",
"lastModified": "2024-06-10T17:16:16.657",
"lastModified": "2024-06-10T18:15:24.660",
"vulnStatus": "Modified",
"descriptions": [
{
@ -110,6 +110,14 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/622OZXWG72ISQPLM5Y57YCVIMWHD4C3U/",
"source": "cna@python.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65UKKF5LBHEFDCUSPBHUN4IHYX7SRMHH/",
"source": "cna@python.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXUVMJM25PUAZRQZBF54OFVKTY3MINPW/",
"source": "cna@python.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KFC2SPFG5FLCZBYY2K3T5MFW2D22NG6E/",
"source": "cna@python.org"

6
CVE-2023/CVE-2023-65xx/CVE-2023-6597.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-6597",
"sourceIdentifier": "cna@python.org",
"published": "2024-03-19T16:15:08.743",
"lastModified": "2024-06-10T16:15:10.787",
"lastModified": "2024-06-10T18:15:24.760",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -79,6 +79,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/",
"source": "cna@python.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5VHWS52HGD743C47UMCSAK2A773M2YE/",
"source": "cna@python.org"
},
{
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/Q5C6ATFC67K53XFV4KE45325S7NS62LD/",
"source": "cna@python.org"

6
CVE-2024/CVE-2024-04xx/CVE-2024-0450.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-0450",
"sourceIdentifier": "cna@python.org",
"published": "2024-03-19T16:15:09.180",
"lastModified": "2024-06-10T16:15:10.930",
"lastModified": "2024-06-10T18:15:24.853",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -99,6 +99,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/",
"source": "cna@python.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5VHWS52HGD743C47UMCSAK2A773M2YE/",
"source": "cna@python.org"
},
{
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/XELNUX2L3IOHBTFU7RQHCY6OUVEWZ2FG/",
"source": "cna@python.org"

84
CVE-2024/CVE-2024-05xx/CVE-2024-0567.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0567",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-16T14:15:48.527",
"lastModified": "2024-03-05T11:15:08.783",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-10T19:18:32.897",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -90,8 +90,59 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.7.0",
"versionEndExcluding": "3.8.3",
"matchCriteriaId": "A4950F54-4C00-423E-9483-239B4B907912"
"matchCriteriaId": "1B04601A-3664-4F94-A0AE-70AE438430F5"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
@ -109,11 +160,17 @@
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0533",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1082",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-0567",
@ -143,11 +200,19 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html",
@ -158,7 +223,10 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20240202-0011/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2024/CVE-2024-13xx/CVE-2024-1313.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-1313",
"sourceIdentifier": "security@grafana.com",
"published": "2024-03-26T18:15:09.350",
"lastModified": "2024-03-27T12:29:41.530",
"lastModified": "2024-06-10T18:15:24.947",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -54,6 +54,10 @@
{
"url": "https://grafana.com/security/security-advisories/cve-2024-1313/",
"source": "security@grafana.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240524-0008/",
"source": "security@grafana.com"
}
]
}

6
CVE-2024/CVE-2024-206xx/CVE-2024-20697.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-20697",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:53.130",
"lastModified": "2024-06-10T17:16:17.987",
"lastModified": "2024-06-10T18:15:25.050",
"vulnStatus": "Modified",
"descriptions": [
{
@ -102,6 +102,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/06/04/2",
"source": "secure@microsoft.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/06/05/1",
"source": "secure@microsoft.com"

6
CVE-2024/CVE-2024-210xx/CVE-2024-21096.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-21096",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-04-16T22:15:30.207",
"lastModified": "2024-04-26T09:15:11.683",
"lastModified": "2024-06-10T18:15:25.143",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -39,6 +39,10 @@
]
},
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KFYBDWDBE4YICSV34LJZGYRVSG6QIRKE/",
"source": "secalert_us@oracle.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240426-0013/",
"source": "secalert_us@oracle.com"

6
CVE-2024/CVE-2024-215xx/CVE-2024-21501.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-21501",
"sourceIdentifier": "report@snyk.io",
"published": "2024-02-24T05:15:44.310",
"lastModified": "2024-06-10T17:16:18.360",
"lastModified": "2024-06-10T18:15:25.273",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -67,6 +67,10 @@
"url": "https://github.com/apostrophecms/sanitize-html/pull/650",
"source": "report@snyk.io"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EB5JPYRCTS64EA5AMV3INHDPI6I4AW7/",
"source": "report@snyk.io"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P4I5X6V3LYUNBMZ5YOW4BV427TH3IK4S/",
"source": "report@snyk.io"

6
CVE-2024/CVE-2024-216xx/CVE-2024-21683.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2024-21683",
"sourceIdentifier": "security@atlassian.com",
"published": "2024-05-21T23:15:07.923",
"lastModified": "2024-06-04T14:30:30.870",
"vulnStatus": "Analyzed",
"lastModified": "2024-06-10T18:15:25.363",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server.\n\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.3, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.\u00a0\n\nAtlassian recommends that Confluence Data Center and Server customers upgrade to latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://confluence.atlassian.com/doc/confluence-release-notes-327.html\n\nYou can download the latest version of Confluence Data Center and Server from the download center https://www.atlassian.com/software/confluence/download-archives.\n\nThis vulnerability was found internally."
"value": "This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server.\n\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.\u00a0\n\nAtlassian recommends that Confluence Data Center and Server customers upgrade to latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://confluence.atlassian.com/doc/confluence-release-notes-327.html\n\nYou can download the latest version of Confluence Data Center and Server from the download center https://www.atlassian.com/software/confluence/download-archives.\n\nThis vulnerability was found internally."
},
{
"lang": "es",

10
CVE-2024/CVE-2024-218xx/CVE-2024-21823.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-21823",
"sourceIdentifier": "secure@intel.com",
"published": "2024-05-16T21:16:03.877",
"lastModified": "2024-06-10T16:15:11.070",
"lastModified": "2024-06-10T18:15:25.450",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -51,6 +51,14 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/15/1",
"source": "secure@intel.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DW2MIOIMOFUSNLHLRYX23AFR36BMKD65/",
"source": "secure@intel.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/",
"source": "secure@intel.com"

6
CVE-2024/CVE-2024-220xx/CVE-2024-22025.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-22025",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-03-19T05:15:10.267",
"lastModified": "2024-03-27T03:15:11.187",
"lastModified": "2024-06-10T18:15:25.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -46,6 +46,10 @@
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00029.html",
"source": "support@hackerone.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240517-0008/",
"source": "support@hackerone.com"
}
]
}

6
CVE-2024/CVE-2024-221xx/CVE-2024-22187.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-22187",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-05-28T16:15:12.330",
"lastModified": "2024-05-29T13:15:49.097",
"lastModified": "2024-06-10T18:15:25.660",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -58,6 +58,10 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1940",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1940",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2024/CVE-2024-222xx/CVE-2024-22243.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-22243",
"sourceIdentifier": "security@vmware.com",
"published": "2024-02-23T05:15:08.143",
"lastModified": "2024-02-23T16:14:43.447",
"lastModified": "2024-06-10T18:15:25.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -39,6 +39,10 @@
]
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20240524-0001/",
"source": "security@vmware.com"
},
{
"url": "https://spring.io/security/cve-2024-22243",
"source": "security@vmware.com"

6
CVE-2024/CVE-2024-222xx/CVE-2024-22259.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-22259",
"sourceIdentifier": "security@vmware.com",
"published": "2024-03-16T05:15:20.830",
"lastModified": "2024-03-17T22:38:29.433",
"lastModified": "2024-06-10T18:15:25.853",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -39,6 +39,10 @@
]
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20240524-0002/",
"source": "security@vmware.com"
},
{
"url": "https://spring.io/security/cve-2024-22259",
"source": "security@vmware.com"

6
CVE-2024/CVE-2024-222xx/CVE-2024-22262.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-22262",
"sourceIdentifier": "security@vmware.com",
"published": "2024-04-16T06:15:46.270",
"lastModified": "2024-04-16T13:24:07.103",
"lastModified": "2024-06-10T18:15:25.940",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -39,6 +39,10 @@
]
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20240524-0003/",
"source": "security@vmware.com"
},
{
"url": "https://spring.io/security/cve-2024-22262",
"source": "security@vmware.com"

10
CVE-2024/CVE-2024-22xx/CVE-2024-2212.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-2212",
"sourceIdentifier": "emo@eclipse.org",
"published": "2024-03-26T16:15:13.233",
"lastModified": "2024-03-26T17:09:53.043",
"lastModified": "2024-06-10T19:15:53.270",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -55,6 +55,14 @@
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/May/35",
"source": "emo@eclipse.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/28/1",
"source": "emo@eclipse.org"
},
{
"url": "https://github.com/eclipse-threadx/threadx/security/advisories/GHSA-v9jj-7qjg-h6g6",
"source": "emo@eclipse.org"

10
CVE-2024/CVE-2024-22xx/CVE-2024-2214.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-2214",
"sourceIdentifier": "emo@eclipse.org",
"published": "2024-03-26T16:15:13.430",
"lastModified": "2024-03-26T17:09:53.043",
"lastModified": "2024-06-10T19:15:53.347",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -51,6 +51,14 @@
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/May/35",
"source": "emo@eclipse.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/28/1",
"source": "emo@eclipse.org"
},
{
"url": "https://github.com/eclipse-threadx/threadx/security/advisories/GHSA-vmp6-qhp9-r66x",
"source": "emo@eclipse.org"

6
CVE-2024/CVE-2024-232xx/CVE-2024-23229.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23229",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-05-14T14:58:46.647",
"lastModified": "2024-06-10T17:16:19.117",
"lastModified": "2024-06-10T19:15:53.010",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -39,6 +39,10 @@
{
"url": "https://support.apple.com/kb/HT214085",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/kb/HT214105",
"source": "product-security@apple.com"
}
]
}

10
CVE-2024/CVE-2024-232xx/CVE-2024-23236.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23236",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-05-14T14:58:48.170",
"lastModified": "2024-05-14T16:13:02.773",
"lastModified": "2024-06-10T18:15:26.030",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -16,9 +16,17 @@
],
"metrics": {},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/May/12",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT214106",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/kb/HT214106",
"source": "product-security@apple.com"
}
]
}

6
CVE-2024/CVE-2024-232xx/CVE-2024-23296.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23296",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-03-05T20:16:01.553",
"lastModified": "2024-06-10T17:16:19.193",
"lastModified": "2024-06-10T18:15:26.090",
"vulnStatus": "Modified",
"cisaExploitAdd": "2024-03-06",
"cisaActionDue": "2024-03-27",
@ -187,6 +187,10 @@
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214100",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/kb/HT214107",
"source": "product-security@apple.com"

6
CVE-2024/CVE-2024-233xx/CVE-2024-23315.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23315",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-05-28T16:15:12.663",
"lastModified": "2024-05-29T13:15:49.203",
"lastModified": "2024-06-10T18:15:26.180",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -58,6 +58,10 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1941",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1941",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2024/CVE-2024-246xx/CVE-2024-24684.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24684",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-05-28T14:15:11.830",
"lastModified": "2024-05-28T14:59:09.827",
"lastModified": "2024-06-10T18:15:26.487",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -54,6 +54,10 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1929",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1929",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2024/CVE-2024-246xx/CVE-2024-24685.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24685",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-05-28T14:15:12.043",
"lastModified": "2024-05-28T14:59:09.827",
"lastModified": "2024-06-10T18:15:26.620",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -54,6 +54,10 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1929",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1929",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2024/CVE-2024-246xx/CVE-2024-24686.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24686",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-05-28T14:15:12.270",
"lastModified": "2024-05-28T14:59:09.827",
"lastModified": "2024-06-10T18:15:26.737",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -54,6 +54,10 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1929",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1929",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2024/CVE-2024-247xx/CVE-2024-24786.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24786",
"sourceIdentifier": "security@golang.org",
"published": "2024-03-05T23:15:07.820",
"lastModified": "2024-05-01T17:15:29.667",
"lastModified": "2024-06-10T18:15:26.830",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -31,6 +31,10 @@
{
"url": "https://pkg.go.dev/vuln/GO-2024-2611",
"source": "security@golang.org"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240517-0002/",
"source": "security@golang.org"
}
]
}

6
CVE-2024/CVE-2024-247xx/CVE-2024-24789.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24789",
"sourceIdentifier": "security@golang.org",
"published": "2024-06-05T16:15:10.470",
"lastModified": "2024-06-06T14:17:35.017",
"lastModified": "2024-06-10T18:15:26.897",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -16,6 +16,10 @@
],
"metrics": {},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/06/04/1",
"source": "security@golang.org"
},
{
"url": "https://go.dev/cl/585397",
"source": "security@golang.org"

6
CVE-2024/CVE-2024-247xx/CVE-2024-24790.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24790",
"sourceIdentifier": "security@golang.org",
"published": "2024-06-05T16:15:10.560",
"lastModified": "2024-06-06T14:17:35.017",
"lastModified": "2024-06-10T18:15:26.953",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -16,6 +16,10 @@
],
"metrics": {},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/06/04/1",
"source": "security@golang.org"
},
{
"url": "https://go.dev/cl/590316",
"source": "security@golang.org"

Some files were not shown because too many files have changed in this diff Show More