Action not permitted
Modal body text goes here.
CVE-2021-47065
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47065", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-03-06T19:40:45.781001Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:26.150Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:24:39.558Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6b5aa0cf321c25f41e09a61c83ee4dc7ab9549cb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/95fb153c6027924cda3422120169d1890737f3a0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5f3dbced8eaa5c9ed7d6943f3fea99f235a6516a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9cd09722e18a08b6a3d68b8bccfac39ddc22434c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2ff25985ea9ccc6c9af2c77b0b49045adcc62e0e" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/wireless/realtek/rtw88/phy.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "6b5aa0cf321c", "status": "affected", "version": "fa6dfe6bff24", "versionType": "git" }, { "lessThan": "95fb153c6027", "status": "affected", "version": "fa6dfe6bff24", "versionType": "git" }, { "lessThan": "5f3dbced8eaa", "status": "affected", "version": "fa6dfe6bff24", "versionType": "git" }, { "lessThan": "9cd09722e18a", "status": "affected", "version": "fa6dfe6bff24", "versionType": "git" }, { "lessThan": "2ff25985ea9c", "status": "affected", "version": "fa6dfe6bff24", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/wireless/realtek/rtw88/phy.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.3" }, { "lessThan": "5.3", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.119", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.37", "versionType": "semver" }, { "lessThanOrEqual": "5.11.*", "status": "unaffected", "version": "5.11.21", "versionType": "semver" }, { "lessThanOrEqual": "5.12.*", "status": "unaffected", "version": "5.12.4", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtw88: Fix array overrun in rtw_get_tx_power_params()\n\nUsing a kernel with the Undefined Behaviour Sanity Checker (UBSAN) enabled, the\nfollowing array overrun is logged:\n\n================================================================================\nUBSAN: array-index-out-of-bounds in /home/finger/wireless-drivers-next/drivers/net/wireless/realtek/rtw88/phy.c:1789:34\nindex 5 is out of range for type \u0027u8 [5]\u0027\nCPU: 2 PID: 84 Comm: kworker/u16:3 Tainted: G O 5.12.0-rc5-00086-gd88bba47038e-dirty #651\nHardware name: TOSHIBA TECRA A50-A/TECRA A50-A, BIOS Version 4.50 09/29/2014\nWorkqueue: phy0 ieee80211_scan_work [mac80211]\nCall Trace:\n dump_stack+0x64/0x7c\n ubsan_epilogue+0x5/0x40\n __ubsan_handle_out_of_bounds.cold+0x43/0x48\n rtw_get_tx_power_params+0x83a/drivers/net/wireless/realtek/rtw88/0xad0 [rtw_core]\n ? rtw_pci_read16+0x20/0x20 [rtw_pci]\n ? check_hw_ready+0x50/0x90 [rtw_core]\n rtw_phy_get_tx_power_index+0x4d/0xd0 [rtw_core]\n rtw_phy_set_tx_power_level+0xee/0x1b0 [rtw_core]\n rtw_set_channel+0xab/0x110 [rtw_core]\n rtw_ops_config+0x87/0xc0 [rtw_core]\n ieee80211_hw_config+0x9d/0x130 [mac80211]\n ieee80211_scan_state_set_channel+0x81/0x170 [mac80211]\n ieee80211_scan_work+0x19f/0x2a0 [mac80211]\n process_one_work+0x1dd/0x3a0\n worker_thread+0x49/0x330\n ? rescuer_thread+0x3a0/0x3a0\n kthread+0x134/0x150\n ? kthread_create_worker_on_cpu+0x70/0x70\n ret_from_fork+0x22/0x30\n================================================================================\n\nThe statement where an array is being overrun is shown in the following snippet:\n\n\tif (rate \u003c= DESC_RATE11M)\n\t\ttx_power = pwr_idx_2g-\u003ecck_base[group];\n\telse\n====\u003e\t\ttx_power = pwr_idx_2g-\u003ebw40_base[group];\n\nThe associated arrays are defined in main.h as follows:\n\nstruct rtw_2g_txpwr_idx {\n\tu8 cck_base[6];\n\tu8 bw40_base[5];\n\tstruct rtw_2g_1s_pwr_idx_diff ht_1s_diff;\n\tstruct rtw_2g_ns_pwr_idx_diff ht_2s_diff;\n\tstruct rtw_2g_ns_pwr_idx_diff ht_3s_diff;\n\tstruct rtw_2g_ns_pwr_idx_diff ht_4s_diff;\n};\n\nThe problem arises because the value of group is 5 for channel 14. The trivial\nincrease in the dimension of bw40_base fails as this struct must match the layout of\nefuse. The fix is to add the rate as an argument to rtw_get_channel_group() and set\nthe group for channel 14 to 4 if rate \u003c= DESC_RATE11M.\n\nThis patch fixes commit fa6dfe6bff24 (\"rtw88: resolve order of tx power setting routines\")" } ], "providerMetadata": { "dateUpdated": "2024-11-04T11:58:45.449Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/6b5aa0cf321c25f41e09a61c83ee4dc7ab9549cb" }, { "url": "https://git.kernel.org/stable/c/95fb153c6027924cda3422120169d1890737f3a0" }, { "url": "https://git.kernel.org/stable/c/5f3dbced8eaa5c9ed7d6943f3fea99f235a6516a" }, { "url": "https://git.kernel.org/stable/c/9cd09722e18a08b6a3d68b8bccfac39ddc22434c" }, { "url": "https://git.kernel.org/stable/c/2ff25985ea9ccc6c9af2c77b0b49045adcc62e0e" } ], "title": "rtw88: Fix array overrun in rtw_get_tx_power_params()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47065", "datePublished": "2024-02-29T22:37:39.135Z", "dateReserved": "2024-02-29T22:33:44.296Z", "dateUpdated": "2024-11-04T11:58:45.449Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2021-47065\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-02-29T23:15:08.000\",\"lastModified\":\"2024-03-01T14:04:26.010\",\"vulnStatus\":\"Awaiting Analysis\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nrtw88: Fix array overrun in rtw_get_tx_power_params()\\n\\nUsing a kernel with the Undefined Behaviour Sanity Checker (UBSAN) enabled, the\\nfollowing array overrun is logged:\\n\\n================================================================================\\nUBSAN: array-index-out-of-bounds in /home/finger/wireless-drivers-next/drivers/net/wireless/realtek/rtw88/phy.c:1789:34\\nindex 5 is out of range for type \u0027u8 [5]\u0027\\nCPU: 2 PID: 84 Comm: kworker/u16:3 Tainted: G O 5.12.0-rc5-00086-gd88bba47038e-dirty #651\\nHardware name: TOSHIBA TECRA A50-A/TECRA A50-A, BIOS Version 4.50 09/29/2014\\nWorkqueue: phy0 ieee80211_scan_work [mac80211]\\nCall Trace:\\n dump_stack+0x64/0x7c\\n ubsan_epilogue+0x5/0x40\\n __ubsan_handle_out_of_bounds.cold+0x43/0x48\\n rtw_get_tx_power_params+0x83a/drivers/net/wireless/realtek/rtw88/0xad0 [rtw_core]\\n ? rtw_pci_read16+0x20/0x20 [rtw_pci]\\n ? check_hw_ready+0x50/0x90 [rtw_core]\\n rtw_phy_get_tx_power_index+0x4d/0xd0 [rtw_core]\\n rtw_phy_set_tx_power_level+0xee/0x1b0 [rtw_core]\\n rtw_set_channel+0xab/0x110 [rtw_core]\\n rtw_ops_config+0x87/0xc0 [rtw_core]\\n ieee80211_hw_config+0x9d/0x130 [mac80211]\\n ieee80211_scan_state_set_channel+0x81/0x170 [mac80211]\\n ieee80211_scan_work+0x19f/0x2a0 [mac80211]\\n process_one_work+0x1dd/0x3a0\\n worker_thread+0x49/0x330\\n ? rescuer_thread+0x3a0/0x3a0\\n kthread+0x134/0x150\\n ? kthread_create_worker_on_cpu+0x70/0x70\\n ret_from_fork+0x22/0x30\\n================================================================================\\n\\nThe statement where an array is being overrun is shown in the following snippet:\\n\\n\\tif (rate \u003c= DESC_RATE11M)\\n\\t\\ttx_power = pwr_idx_2g-\u003ecck_base[group];\\n\\telse\\n====\u003e\\t\\ttx_power = pwr_idx_2g-\u003ebw40_base[group];\\n\\nThe associated arrays are defined in main.h as follows:\\n\\nstruct rtw_2g_txpwr_idx {\\n\\tu8 cck_base[6];\\n\\tu8 bw40_base[5];\\n\\tstruct rtw_2g_1s_pwr_idx_diff ht_1s_diff;\\n\\tstruct rtw_2g_ns_pwr_idx_diff ht_2s_diff;\\n\\tstruct rtw_2g_ns_pwr_idx_diff ht_3s_diff;\\n\\tstruct rtw_2g_ns_pwr_idx_diff ht_4s_diff;\\n};\\n\\nThe problem arises because the value of group is 5 for channel 14. The trivial\\nincrease in the dimension of bw40_base fails as this struct must match the layout of\\nefuse. The fix is to add the rate as an argument to rtw_get_channel_group() and set\\nthe group for channel 14 to 4 if rate \u003c= DESC_RATE11M.\\n\\nThis patch fixes commit fa6dfe6bff24 (\\\"rtw88: resolve order of tx power setting routines\\\")\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: rtw88: corrige el desbordamiento de la matriz en rtw_get_tx_power_params() Al utilizar un kernel con el Verificador de estado de comportamiento indefinido (UBSAN) habilitado, se registra el siguiente desbordamiento de la matriz: ======== ==================================================== ====================== UBSAN: \u00edndice de matriz fuera de los l\u00edmites en /home/finger/wireless-drivers-next/drivers/net/wireless /realtek/rtw88/phy.c:1789:34 el \u00edndice 5 est\u00e1 fuera de rango para el tipo \u0027u8 [5]\u0027 CPU: 2 PID: 84 Comm: kworker/u16:3 Tainted: GO 5.12.0-rc5-00086- gd88bba47038e-dirty #651 Nombre del hardware: TOSHIBA TECRA A50-A/TECRA A50-A, BIOS versi\u00f3n 4.50 29/09/2014 Cola de trabajo: phy0 ieee80211_scan_work [mac80211] Seguimiento de llamadas: dump_stack+0x64/0x7c ubsan_epilogue+0x5/0x40 __ubsan _handle_out_of_bounds.cold +0x43/0x48 rtw_get_tx_power_params+0x83a/drivers/net/wireless/realtek/rtw88/0xad0 [rtw_core] ? rtw_pci_read16+0x20/0x20 [rtw_pci] ? check_hw_ready+0x50/0x90 [rtw_core] rtw_phy_get_tx_power_index+0x4d/0xd0 [rtw_core] rtw_phy_set_tx_power_level+0xee/0x1b0 [rtw_core] rtw_set_channel+0xab/0x110 [rtw_core] rtw_ops_config+0x87/0xc 0 [rtw_core] ieee80211_hw_config+0x9d/0x130 [mac80211] ieee80211_scan_state_set_channel+ 0x81/0x170 [mac80211] ieee80211_scan_work+0x19f/0x2a0 [mac80211] Process_one_work+0x1dd/0x3a0 trabajador_thread+0x49/0x330? hilo_rescate+0x3a0/0x3a0 kthread+0x134/0x150 ? kthread_create_worker_on_cpu+0x70/0x70 ret_from_fork+0x22/0x30 ========================================== ========================================= Se muestra la declaraci\u00f3n donde se est\u00e1 invadiendo una matriz en el siguiente fragmento: if (rate \u0026lt;= DESC_RATE11M) tx_power = pwr_idx_2g-\u0026gt;cck_base[group]; else ====\u0026gt; tx_power = pwr_idx_2g-\u0026gt;bw40_base[grupo]; Las matrices asociadas se definen en main.h de la siguiente manera: struct rtw_2g_txpwr_idx { u8 cck_base[6]; u8 bw40_base[5]; estructura rtw_2g_1s_pwr_idx_diff ht_1s_diff; estructura rtw_2g_ns_pwr_idx_diff ht_2s_diff; estructura rtw_2g_ns_pwr_idx_diff ht_3s_diff; estructura rtw_2g_ns_pwr_idx_diff ht_4s_diff; }; El problema surge porque el valor del grupo es 5 para el canal 14. El aumento trivial en la dimensi\u00f3n de bw40_base falla ya que esta estructura debe coincidir con el dise\u00f1o de efuse. La soluci\u00f3n es agregar la tasa como argumento a rtw_get_channel_group() y configurar el grupo para el canal 14 en 4 si la tasa \u0026lt;= DESC_RATE11M. Este parche corrige la confirmaci\u00f3n fa6dfe6bff24 (\\\"rtw88: resolver el orden de las rutinas de configuraci\u00f3n de energ\u00eda de transmisi\u00f3n\\\")\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/2ff25985ea9ccc6c9af2c77b0b49045adcc62e0e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/5f3dbced8eaa5c9ed7d6943f3fea99f235a6516a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/6b5aa0cf321c25f41e09a61c83ee4dc7ab9549cb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/95fb153c6027924cda3422120169d1890737f3a0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/9cd09722e18a08b6a3d68b8bccfac39ddc22434c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}" } }
wid-sec-w-2024-0527
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Zustand zu verursachen und einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-0527 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0527.json" }, { "category": "self", "summary": "WID-SEC-2024-0527 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0527" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0855-1 vom 2024-03-12", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018151.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0900-1 vom 2024-03-14", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018167.html" }, { "category": "external", "summary": "CVE-2021-46959: spi: Fix use-after-free with devm_spi_alloc_* vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/2024022916-CVE-2021-46959-f517@gregkh/" }, { "category": "external", "summary": "CVE-2021-47016: m68k: mvme147,mvme16x: Don\u0027t wipe PCC timer config bits vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/2024022919-CVE-2021-47016-320d@gregkh/" }, { "category": "external", "summary": "CVE-2021-47020: soundwire: stream: fix memory leak in stream config error path vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/2024022920-CVE-2021-47020-78d9@gregkh/" }, { "category": "external", "summary": "CVE-2021-47054: bus: qcom: Put child node before return vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/2024022950-CVE-2021-47054-c994@gregkh/" }, { "category": "external", "summary": "CVE-2021-47055: mtd: require write permissions for locking and badblock ioctls vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/2024022950-CVE-2021-47055-6927@gregkh/" }, { "category": "external", "summary": "CVE-2021-47056: crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/2024022950-CVE-2021-47056-c2b3@gregkh/" }, { "category": "external", "summary": "CVE-2021-47057: crypto: sun8i-ss - Fix memory leak of object d when dma_iv fails to map vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/2024022951-CVE-2021-47057-01fa@gregkh/" }, { "category": "external", "summary": "CVE-2021-47058: regmap: set debugfs_name to NULL after it is freed vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/2024022951-CVE-2021-47058-3130@gregkh/" }, { "category": "external", "summary": "CVE-2021-47059: crypto: sun8i-ss - fix result memory leak on error path vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/2024022952-CVE-2021-47059-4bb8@gregkh/" }, { "category": "external", "summary": "CVE-2021-47060: KVM: Stop looking for coalesced MMIO zones if the bus is destroyed vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/2024022952-CVE-2021-47060-d2ce@gregkh/" }, { "category": "external", "summary": "CVE-2021-47061: KVM: Destroy I/O bus devices on unregister failure _after_ sync\u0027ing SRCU vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/2024022952-CVE-2021-47061-6fea@gregkh/" }, { "category": "external", "summary": "CVE-2021-47062: KVM: SVM: Use online_vcpus, not created_vcpus, to iterate over vCPUs vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/2024022953-CVE-2021-47062-ed39@gregkh/" }, { "category": "external", "summary": "CVE-2021-47063: drm: bridge/panel: Cleanup connector on bridge detach vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/2024022953-CVE-2021-47063-2f50@gregkh/" }, { "category": "external", "summary": "CVE-2021-47064: mt76: fix potential DMA mapping leak vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/2024022954-CVE-2021-47064-f220@gregkh/" }, { "category": "external", "summary": "CVE-2021-47065: rtw88: Fix array overrun in rtw_get_tx_power_params() vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/2024022954-CVE-2021-47065-be1d@gregkh/" }, { "category": "external", "summary": "CVE-2021-47066: async_xor: increase src_offs when dropping destination page vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/2024022954-CVE-2021-47066-02e0@gregkh/" }, { "category": "external", "summary": "CVE-2021-47067: soc/tegra: regulators: Fix locking up when voltage-spread is out of range vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/2024022955-CVE-2021-47067-8104@gregkh/" }, { "category": "external", "summary": "CVE-2021-47068: net/nfc: fix use-after-free llcp_sock_bind/connect vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/2024022955-CVE-2021-47068-a416@gregkh/" }, { "category": "external", "summary": "CVE-2023-52487: net/mlx5e: Fix peer flow lists handling vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-28-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2023-52488: serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-29-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2023-52489: mm/sparsemem: fix race in accessing memory_section-\u003eusage vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-30-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2023-52490: mm: migrate: fix getting incorrect page mapping during page migration vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-31-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2023-52491: media: mtk-jpeg: Fix use after free bug due to error path handling in mtk_jpeg_dec_device_run vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-32-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2023-52492: dmaengine: fix NULL pointer in channel unregistration function vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-33-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2023-52493: bus: mhi: host: Drop chan lock before queuing buffers vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-34-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2023-52494: bus: mhi: host: Add alignment check for event ring read pointer vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-35-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2023-52495: soc: qcom: pmic_glink_altmode: fix port sanity check vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-36-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2023-52496: mtd: maps: vmu-flash: Fix the (mtd core) switch to ref counters vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-37-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2023-52497: erofs: fix lz4 inplace decompression vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-38-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2023-52498: PM: sleep: Fix possible deadlocks in core system-wide PM code vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-39-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2024-26608: ksmbd: fix global oob in ksmbd_nl_policy vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-40-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2024-26609: netfilter: nf_tables: reject QUEUE/DROP verdict parameters vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-41-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2024-26610: wifi: iwlwifi: fix a memory corruption vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-42-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2024-26611: xsk: fix usage of multi-buffer BPF helpers for ZC XDP vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-43-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2024-26612: netfs, fscache: Prevent Oops in fscache_put_cache() vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-44-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2024-26613: net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-45-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2024-26614: tcp: make sure init the accept_queue\u0027s spinlocks once vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-46-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection dump vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-47-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2024-26616: btrfs: scrub: avoid use-after-free when chunk length is not 64K aligned vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-48-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2024-26617: fs/proc/task_mmu: move mmu notification mechanism inside mm lock vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-49-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2024-26618: arm64/sme: Always exit sme_alloc() early with existing storage vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-50-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2024-26619: riscv: Fix module loading free order vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-51-lee@kernel.org/" }, { "category": "external", "summary": "CVE-2024-26620: s390/vfio-ap: always filter entire AP matrix vom 2024-02-29", "url": "http://lore.kernel.org/linux-cve-announce/20240229155245.1571576-52-lee@kernel.org/" }, { "category": "external", "summary": "GitHub Advisory GHSA-69cq-jw85-57p8 vom 2024-02-29", "url": "https://github.com/advisories/GHSA-69cq-jw85-57p8" }, { "category": "external", "summary": "GitHub Advisory GHSA-3659-jjmv-v338 vom 2024-02-29", "url": "https://github.com/advisories/GHSA-3659-jjmv-v338" }, { "category": "external", "summary": "Linux Security Advisory vom 2024-02-29", "url": "https://www.kernel.org/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0856-1 vom 2024-03-13", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018155.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0857-1 vom 2024-03-13", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018154.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0900-2 vom 2024-03-15", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018182.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0925-1 vom 2024-03-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018205.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0975-1 vom 2024-03-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018186.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0926-1 vom 2024-03-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018204.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0976-1 vom 2024-03-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018185.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0977-1 vom 2024-03-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018210.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1320-1 vom 2024-04-16", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018372.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1322-1 vom 2024-04-17", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018374.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1321-1 vom 2024-04-17", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018375.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1322-2 vom 2024-04-18", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018377.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1332-1 vom 2024-04-18", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018376.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1332-2 vom 2024-04-18", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018378.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1454-1 vom 2024-04-26", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018431.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1466-1 vom 2024-04-29", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018438.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:2394 vom 2024-04-30", "url": "https://access.redhat.com/errata/RHSA-2024:2394" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1480-1 vom 2024-04-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018444.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1490-1 vom 2024-05-03", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018445.html" }, { "category": "external", "summary": "Debian Security Advisory DSA-5681 vom 2024-05-06", "url": "https://lists.debian.org/debian-security-announce/2024/msg00090.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6765-1 vom 2024-05-07", "url": "https://ubuntu.com/security/notices/USN-6765-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6767-1 vom 2024-05-07", "url": "https://ubuntu.com/security/notices/USN-6767-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6766-1 vom 2024-05-07", "url": "https://ubuntu.com/security/notices/USN-6766-1" }, { "category": "external", "summary": "Dell Security Advisory DSA-2024-198 vom 2024-05-08", "url": "https://www.dell.com/support/kbdoc/000224827/dsa-2024-=" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6767-2 vom 2024-05-14", "url": "https://ubuntu.com/security/notices/USN-6767-2" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1648-1 vom 2024-05-14", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018524.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1641-1 vom 2024-05-14", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018531.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1646-1 vom 2024-05-14", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018526.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1643-1 vom 2024-05-14", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018529.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1644-1 vom 2024-05-14", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018528.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1645-1 vom 2024-05-14", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018527.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1642-1 vom 2024-05-14", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018530.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1647-1 vom 2024-05-14", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018525.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1659-1 vom 2024-05-15", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018538.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6766-2 vom 2024-05-15", "url": "https://ubuntu.com/security/notices/USN-6766-2" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6777-1 vom 2024-05-16", "url": "https://ubuntu.com/security/notices/USN-6777-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6778-1 vom 2024-05-16", "url": "https://ubuntu.com/security/notices/USN-6778-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6776-1 vom 2024-05-16", "url": "https://ubuntu.com/security/notices/USN-6776-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6774-1 vom 2024-05-16", "url": "https://ubuntu.com/security/notices/USN-6774-1" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1696-1 vom 2024-05-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018554.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1695-1 vom 2024-05-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018549.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1682-1 vom 2024-05-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018546.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1685-1 vom 2024-05-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018553.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1677-1 vom 2024-05-17", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018543.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6777-2 vom 2024-05-20", "url": "https://ubuntu.com/security/notices/USN-6777-2" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6766-3 vom 2024-05-20", "url": "https://ubuntu.com/security/notices/USN-6766-3" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1683-1 vom 2024-05-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018545.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1679-1 vom 2024-05-17", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018544.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1680-1 vom 2024-05-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018547.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1705-1 vom 2024-05-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018565.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1706-1 vom 2024-05-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018564.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1708-1 vom 2024-05-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018562.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1707-1 vom 2024-05-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018563.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1648-2 vom 2024-05-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018572.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1732-1 vom 2024-05-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018573.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1723-1 vom 2024-05-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018566.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6777-3 vom 2024-05-22", "url": "https://ubuntu.com/security/notices/USN-6777-3" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1736-1 vom 2024-05-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018583.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1720-1 vom 2024-05-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018567.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1738-1 vom 2024-05-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018581.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1739-1 vom 2024-05-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018580.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1740-1 vom 2024-05-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018579.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1731-1 vom 2024-05-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018574.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1726-1 vom 2024-05-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018577.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1711-1 vom 2024-05-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018571.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:3138 vom 2024-05-22", "url": "https://access.redhat.com/errata/RHSA-2024:3138" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:2950 vom 2024-05-22", "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1750-1 vom 2024-05-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018586.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1759-1 vom 2024-05-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018592.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1757-1 vom 2024-05-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018593.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1749-1 vom 2024-05-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018587.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1746-1 vom 2024-05-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018588.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1748-1 vom 2024-05-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018589.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1751-1 vom 2024-05-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018585.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1753-1 vom 2024-05-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018584.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1760-1 vom 2024-05-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018591.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6777-4 vom 2024-05-23", "url": "https://ubuntu.com/security/notices/USN-6777-4" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6795-1 vom 2024-05-28", "url": "https://ubuntu.com/security/notices/USN-6795-1" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1870-1 vom 2024-05-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018634.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:3618 vom 2024-06-05", "url": "https://access.redhat.com/errata/RHSA-2024:3618" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:3627 vom 2024-06-05", "url": "https://access.redhat.com/errata/RHSA-2024:3627" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-12385 vom 2024-06-05", "url": "https://oss.oracle.com/pipermail/el-errata/2024-June/015807.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-3618 vom 2024-06-06", "url": "https://linux.oracle.com/errata/ELSA-2024-3618.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6819-1 vom 2024-06-08", "url": "https://ubuntu.com/security/notices/USN-6819-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6818-1 vom 2024-06-08", "url": "https://ubuntu.com/security/notices/USN-6818-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6821-1 vom 2024-06-08", "url": "https://ubuntu.com/security/notices/USN-6821-1" }, { "category": "external", "summary": "IBM Security Bulletin 7156774 vom 2024-06-07", "url": "https://www.ibm.com/support/pages/node/7156774" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6820-1 vom 2024-06-08", "url": "https://ubuntu.com/security/notices/USN-6820-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6818-2 vom 2024-06-10", "url": "https://ubuntu.com/security/notices/USN-6818-2" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6821-2 vom 2024-06-10", "url": "https://ubuntu.com/security/notices/USN-6821-2" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6828-1 vom 2024-06-11", "url": "https://ubuntu.com/security/notices/USN-6828-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6820-2 vom 2024-06-11", "url": "https://ubuntu.com/security/notices/USN-6820-2" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6821-3 vom 2024-06-11", "url": "https://ubuntu.com/security/notices/USN-6821-3" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6819-2 vom 2024-06-12", "url": "https://ubuntu.com/security/notices/USN-6819-2" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6819-3 vom 2024-06-12", "url": "https://ubuntu.com/security/notices/USN-6819-3" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6831-1 vom 2024-06-12", "url": "https://ubuntu.com/security/notices/USN-6831-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6821-4 vom 2024-06-14", "url": "https://ubuntu.com/security/notices/USN-6821-4" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6818-3 vom 2024-06-14", "url": "https://ubuntu.com/security/notices/USN-6818-3" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6818-4 vom 2024-06-19", "url": "https://ubuntu.com/security/notices/USN-6818-4" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2101-1 vom 2024-06-19", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018760.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2100-1 vom 2024-06-19", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018761.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2092-1 vom 2024-06-19", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018765.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2162-1 vom 2024-06-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018785.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2139-1 vom 2024-06-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018773.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2135-1 vom 2024-06-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018783.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2148-1 vom 2024-06-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018789.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2163-1 vom 2024-06-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018784.html" }, { "category": "external", "summary": "Debian Security Advisory DLA-3842 vom 2024-06-25", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2209-1 vom 2024-06-25", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018822.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2208-1 vom 2024-06-25", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018823.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2207-1 vom 2024-06-25", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018824.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6819-4 vom 2024-06-26", "url": "https://ubuntu.com/security/notices/USN-6819-4" }, { "category": "external", "summary": "Dell Security Advisory DSA-2024-022 vom 2024-07-03", "url": "https://www.dell.com/support/kbdoc/de-de/000226633/dsa-2024-022-security-update-for-dell-networker-vproxy-multiple-component-vulnerabilities" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6867-1 vom 2024-07-04", "url": "https://ubuntu.com/security/notices/USN-6867-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6866-1 vom 2024-07-04", "url": "https://ubuntu.com/security/notices/USN-6866-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6871-1 vom 2024-07-04", "url": "https://ubuntu.com/security/notices/USN-6871-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6866-2 vom 2024-07-04", "url": "https://ubuntu.com/security/notices/USN-6866-2" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6865-2 vom 2024-07-04", "url": "https://ubuntu.com/security/notices/USN-6865-2" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2337-1 vom 2024-07-08", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018881.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2335-1 vom 2024-07-08", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018882.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2373-1 vom 2024-07-09", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018895.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2357-1 vom 2024-07-09", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018899.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2382-1 vom 2024-07-10", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018917.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6866-3 vom 2024-07-10", "url": "https://ubuntu.com/security/notices/USN-6866-3" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6892-1 vom 2024-07-10", "url": "https://ubuntu.com/security/notices/USN-6892-1" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2447-1 vom 2024-07-12", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018946.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2472-1 vom 2024-07-12", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018943.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2473-1 vom 2024-07-12", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018942.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2446-1 vom 2024-07-12", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018947.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2448-1 vom 2024-07-12", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018945.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6898-1 vom 2024-07-15", "url": "https://ubuntu.com/security/notices/USN-6898-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6898-2 vom 2024-07-17", "url": "https://ubuntu.com/security/notices/USN-6898-2" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6898-3 vom 2024-07-19", "url": "https://ubuntu.com/security/notices/USN-6898-3" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6898-4 vom 2024-07-23", "url": "https://ubuntu.com/security/notices/USN-6898-4" } ], "source_lang": "en-US", "title": "Linux Kernel: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-07-22T22:00:00.000+00:00", "generator": { "date": "2024-07-23T10:41:07.361+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-0527", "initial_release_date": "2024-02-29T23:00:00.000+00:00", "revision_history": [ { "date": "2024-02-29T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2024-03-12T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-03-14T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-03-17T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-03-24T23:00:00.000+00:00", "number": "5", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-04-16T22:00:00.000+00:00", "number": "6", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-04-18T22:00:00.000+00:00", "number": "7", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-04-28T22:00:00.000+00:00", "number": "8", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-04-29T22:00:00.000+00:00", "number": "9", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-05-01T22:00:00.000+00:00", "number": "10", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-05-02T22:00:00.000+00:00", "number": "11", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-05-06T22:00:00.000+00:00", "number": "12", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2024-05-07T22:00:00.000+00:00", "number": "13", "summary": "Neue Updates von Ubuntu und Dell aufgenommen" }, { "date": "2024-05-13T22:00:00.000+00:00", "number": "14", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-05-14T22:00:00.000+00:00", "number": "15", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-05-15T22:00:00.000+00:00", "number": "16", "summary": "Neue Updates von SUSE und Ubuntu aufgenommen" }, { "date": "2024-05-16T22:00:00.000+00:00", "number": "17", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-05-20T22:00:00.000+00:00", "number": "18", "summary": "Neue Updates von SUSE und Ubuntu aufgenommen" }, { "date": "2024-05-21T22:00:00.000+00:00", "number": "19", "summary": "Neue Updates von SUSE und Ubuntu aufgenommen" }, { "date": "2024-05-22T22:00:00.000+00:00", "number": "20", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-05-23T22:00:00.000+00:00", "number": "21", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-05-28T22:00:00.000+00:00", "number": "22", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-05-30T22:00:00.000+00:00", "number": "23", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-06-04T22:00:00.000+00:00", "number": "24", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-06-05T22:00:00.000+00:00", "number": "25", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-06-06T22:00:00.000+00:00", "number": "26", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-06-09T22:00:00.000+00:00", "number": "27", "summary": "Neue Updates von Ubuntu und IBM aufgenommen" }, { "date": "2024-06-10T22:00:00.000+00:00", "number": "28", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-06-11T22:00:00.000+00:00", "number": "29", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-06-12T22:00:00.000+00:00", "number": "30", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-06-16T22:00:00.000+00:00", "number": "31", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-06-18T22:00:00.000+00:00", "number": "32", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-06-19T22:00:00.000+00:00", "number": "33", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-06-23T22:00:00.000+00:00", "number": "34", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-06-25T22:00:00.000+00:00", "number": "35", "summary": "Neue Updates von Debian und SUSE aufgenommen" }, { "date": "2024-06-26T22:00:00.000+00:00", "number": "36", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-07-02T22:00:00.000+00:00", "number": "37", "summary": "Neue Updates von Dell aufgenommen" }, { "date": "2024-07-03T22:00:00.000+00:00", "number": "38", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-07-04T22:00:00.000+00:00", "number": "39", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-07-08T22:00:00.000+00:00", "number": "40", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-07-09T22:00:00.000+00:00", "number": "41", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-07-10T22:00:00.000+00:00", "number": "42", "summary": "Neue Updates von SUSE und Ubuntu aufgenommen" }, { "date": "2024-07-14T22:00:00.000+00:00", "number": "43", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-07-15T22:00:00.000+00:00", "number": "44", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-07-17T22:00:00.000+00:00", "number": "45", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-07-18T22:00:00.000+00:00", "number": "46", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-07-22T22:00:00.000+00:00", "number": "47", "summary": "Neue Updates von Ubuntu aufgenommen" } ], "status": "final", "version": "47" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Debian Linux", "product": { "name": "Debian Linux", "product_id": "2951", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:-" } } } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "virtual", "product": { "name": "Dell NetWorker virtual", "product_id": "T034583", "product_identification_helper": { "cpe": "cpe:/a:dell:networker:virtual" } } }, { "category": "product_version_range", "name": "\u003c19.11", "product": { "name": "Dell NetWorker \u003c19.11", "product_id": "T035785", "product_identification_helper": { "cpe": "cpe:/a:dell:networker:19.11" } } } ], "category": "product_name", "name": "NetWorker" } ], "category": "vendor", "name": "Dell" }, { "branches": [ { "category": "product_name", "name": "EMC Avamar", "product": { "name": "EMC Avamar", "product_id": "T014381", "product_identification_helper": { "cpe": "cpe:/a:emc:avamar:-" } } } ], "category": "vendor", "name": "EMC" }, { "branches": [ { "category": "product_name", "name": "IBM QRadar SIEM", "product": { "name": "IBM QRadar SIEM", "product_id": "T021415", "product_identification_helper": { "cpe": "cpe:/a:ibm:qradar_siem:-" } } } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "category": "product_name", "name": "Open Source Linux Kernel", "product": { "name": "Open Source Linux Kernel", "product_id": "T033189", "product_identification_helper": { "cpe": "cpe:/o:linux:linux_kernel:-" } } } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-46959", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-46959" }, { "cve": "CVE-2021-47016", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-47016" }, { "cve": "CVE-2021-47020", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-47020" }, { "cve": "CVE-2021-47054", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-47054" }, { "cve": "CVE-2021-47055", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-47055" }, { "cve": "CVE-2021-47056", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-47056" }, { "cve": "CVE-2021-47057", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-47057" }, { "cve": "CVE-2021-47058", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-47058" }, { "cve": "CVE-2021-47059", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-47059" }, { "cve": "CVE-2021-47060", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-47060" }, { "cve": "CVE-2021-47061", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-47061" }, { "cve": "CVE-2021-47062", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-47062" }, { "cve": "CVE-2021-47063", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-47063" }, { "cve": "CVE-2021-47064", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-47064" }, { "cve": "CVE-2021-47065", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-47065" }, { "cve": "CVE-2021-47066", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-47066" }, { "cve": "CVE-2021-47067", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-47067" }, { "cve": "CVE-2021-47068", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2021-47068" }, { "cve": "CVE-2023-52485", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-52485" }, { "cve": "CVE-2023-52487", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-52487" }, { "cve": "CVE-2023-52488", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-52488" }, { "cve": "CVE-2023-52489", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-52489" }, { "cve": "CVE-2023-52490", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-52490" }, { "cve": "CVE-2023-52491", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-52491" }, { "cve": "CVE-2023-52492", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-52492" }, { "cve": "CVE-2023-52493", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-52493" }, { "cve": "CVE-2023-52494", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-52494" }, { "cve": "CVE-2023-52495", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-52495" }, { "cve": "CVE-2023-52496", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-52496" }, { "cve": "CVE-2023-52497", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-52497" }, { "cve": "CVE-2023-52498", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2023-52498" }, { "cve": "CVE-2024-26607", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2024-26607" }, { "cve": "CVE-2024-26608", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2024-26608" }, { "cve": "CVE-2024-26609", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2024-26609" }, { "cve": "CVE-2024-26610", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2024-26610" }, { "cve": "CVE-2024-26611", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2024-26611" }, { "cve": "CVE-2024-26612", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2024-26612" }, { "cve": "CVE-2024-26613", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2024-26613" }, { "cve": "CVE-2024-26614", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2024-26614" }, { "cve": "CVE-2024-26615", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2024-26615" }, { "cve": "CVE-2024-26616", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2024-26616" }, { "cve": "CVE-2024-26617", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2024-26617" }, { "cve": "CVE-2024-26618", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2024-26618" }, { "cve": "CVE-2024-26619", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2024-26619" }, { "cve": "CVE-2024-26620", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie Soundwire, KVM oder Crypto aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen und einen nicht spezifizierten Angriff auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T014381", "2951", "T002207", "67646", "T000126", "T021415", "T034583", "T004914", "T033189", "T035785" ] }, "release_date": "2024-02-29T23:00:00Z", "title": "CVE-2024-26620" } ] }
ghsa-7p9v-9x3x-2f79
Vulnerability from github
In the Linux kernel, the following vulnerability has been resolved:
rtw88: Fix array overrun in rtw_get_tx_power_params()
Using a kernel with the Undefined Behaviour Sanity Checker (UBSAN) enabled, the following array overrun is logged:
================================================================================ UBSAN: array-index-out-of-bounds in /home/finger/wireless-drivers-next/drivers/net/wireless/realtek/rtw88/phy.c:1789:34 index 5 is out of range for type 'u8 [5]' CPU: 2 PID: 84 Comm: kworker/u16:3 Tainted: G O 5.12.0-rc5-00086-gd88bba47038e-dirty #651 Hardware name: TOSHIBA TECRA A50-A/TECRA A50-A, BIOS Version 4.50 09/29/2014 Workqueue: phy0 ieee80211_scan_work [mac80211] Call Trace: dump_stack+0x64/0x7c ubsan_epilogue+0x5/0x40 __ubsan_handle_out_of_bounds.cold+0x43/0x48 rtw_get_tx_power_params+0x83a/drivers/net/wireless/realtek/rtw88/0xad0 [rtw_core] ? rtw_pci_read16+0x20/0x20 [rtw_pci] ? check_hw_ready+0x50/0x90 [rtw_core] rtw_phy_get_tx_power_index+0x4d/0xd0 [rtw_core] rtw_phy_set_tx_power_level+0xee/0x1b0 [rtw_core] rtw_set_channel+0xab/0x110 [rtw_core] rtw_ops_config+0x87/0xc0 [rtw_core] ieee80211_hw_config+0x9d/0x130 [mac80211] ieee80211_scan_state_set_channel+0x81/0x170 [mac80211] ieee80211_scan_work+0x19f/0x2a0 [mac80211] process_one_work+0x1dd/0x3a0 worker_thread+0x49/0x330 ? rescuer_thread+0x3a0/0x3a0 kthread+0x134/0x150 ? kthread_create_worker_on_cpu+0x70/0x70 ret_from_fork+0x22/0x30 ================================================================================
The statement where an array is being overrun is shown in the following snippet:
if (rate <= DESC_RATE11M)
tx_power = pwr_idx_2g->cck_base[group];
else
====> tx_power = pwr_idx_2g->bw40_base[group];
The associated arrays are defined in main.h as follows:
struct rtw_2g_txpwr_idx { u8 cck_base[6]; u8 bw40_base[5]; struct rtw_2g_1s_pwr_idx_diff ht_1s_diff; struct rtw_2g_ns_pwr_idx_diff ht_2s_diff; struct rtw_2g_ns_pwr_idx_diff ht_3s_diff; struct rtw_2g_ns_pwr_idx_diff ht_4s_diff; };
The problem arises because the value of group is 5 for channel 14. The trivial increase in the dimension of bw40_base fails as this struct must match the layout of efuse. The fix is to add the rate as an argument to rtw_get_channel_group() and set the group for channel 14 to 4 if rate <= DESC_RATE11M.
This patch fixes commit fa6dfe6bff24 ("rtw88: resolve order of tx power setting routines")
{ "affected": [], "aliases": [ "CVE-2021-47065" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2024-02-29T23:15:08Z", "severity": null }, "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtw88: Fix array overrun in rtw_get_tx_power_params()\n\nUsing a kernel with the Undefined Behaviour Sanity Checker (UBSAN) enabled, the\nfollowing array overrun is logged:\n\n================================================================================\nUBSAN: array-index-out-of-bounds in /home/finger/wireless-drivers-next/drivers/net/wireless/realtek/rtw88/phy.c:1789:34\nindex 5 is out of range for type \u0027u8 [5]\u0027\nCPU: 2 PID: 84 Comm: kworker/u16:3 Tainted: G O 5.12.0-rc5-00086-gd88bba47038e-dirty #651\nHardware name: TOSHIBA TECRA A50-A/TECRA A50-A, BIOS Version 4.50 09/29/2014\nWorkqueue: phy0 ieee80211_scan_work [mac80211]\nCall Trace:\n dump_stack+0x64/0x7c\n ubsan_epilogue+0x5/0x40\n __ubsan_handle_out_of_bounds.cold+0x43/0x48\n rtw_get_tx_power_params+0x83a/drivers/net/wireless/realtek/rtw88/0xad0 [rtw_core]\n ? rtw_pci_read16+0x20/0x20 [rtw_pci]\n ? check_hw_ready+0x50/0x90 [rtw_core]\n rtw_phy_get_tx_power_index+0x4d/0xd0 [rtw_core]\n rtw_phy_set_tx_power_level+0xee/0x1b0 [rtw_core]\n rtw_set_channel+0xab/0x110 [rtw_core]\n rtw_ops_config+0x87/0xc0 [rtw_core]\n ieee80211_hw_config+0x9d/0x130 [mac80211]\n ieee80211_scan_state_set_channel+0x81/0x170 [mac80211]\n ieee80211_scan_work+0x19f/0x2a0 [mac80211]\n process_one_work+0x1dd/0x3a0\n worker_thread+0x49/0x330\n ? rescuer_thread+0x3a0/0x3a0\n kthread+0x134/0x150\n ? kthread_create_worker_on_cpu+0x70/0x70\n ret_from_fork+0x22/0x30\n================================================================================\n\nThe statement where an array is being overrun is shown in the following snippet:\n\n\tif (rate \u003c= DESC_RATE11M)\n\t\ttx_power = pwr_idx_2g-\u003ecck_base[group];\n\telse\n====\u003e\t\ttx_power = pwr_idx_2g-\u003ebw40_base[group];\n\nThe associated arrays are defined in main.h as follows:\n\nstruct rtw_2g_txpwr_idx {\n\tu8 cck_base[6];\n\tu8 bw40_base[5];\n\tstruct rtw_2g_1s_pwr_idx_diff ht_1s_diff;\n\tstruct rtw_2g_ns_pwr_idx_diff ht_2s_diff;\n\tstruct rtw_2g_ns_pwr_idx_diff ht_3s_diff;\n\tstruct rtw_2g_ns_pwr_idx_diff ht_4s_diff;\n};\n\nThe problem arises because the value of group is 5 for channel 14. The trivial\nincrease in the dimension of bw40_base fails as this struct must match the layout of\nefuse. The fix is to add the rate as an argument to rtw_get_channel_group() and set\nthe group for channel 14 to 4 if rate \u003c= DESC_RATE11M.\n\nThis patch fixes commit fa6dfe6bff24 (\"rtw88: resolve order of tx power setting routines\")", "id": "GHSA-7p9v-9x3x-2f79", "modified": "2024-03-01T00:30:28Z", "published": "2024-03-01T00:30:28Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47065" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/2ff25985ea9ccc6c9af2c77b0b49045adcc62e0e" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/5f3dbced8eaa5c9ed7d6943f3fea99f235a6516a" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/6b5aa0cf321c25f41e09a61c83ee4dc7ab9549cb" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/95fb153c6027924cda3422120169d1890737f3a0" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/9cd09722e18a08b6a3d68b8bccfac39ddc22434c" } ], "schema_version": "1.4.0", "severity": [] }
gsd-2021-47065
Vulnerability from gsd
{ "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2021-47065" ], "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtw88: Fix array overrun in rtw_get_tx_power_params()\n\nUsing a kernel with the Undefined Behaviour Sanity Checker (UBSAN) enabled, the\nfollowing array overrun is logged:\n\n================================================================================\nUBSAN: array-index-out-of-bounds in /home/finger/wireless-drivers-next/drivers/net/wireless/realtek/rtw88/phy.c:1789:34\nindex 5 is out of range for type \u0027u8 [5]\u0027\nCPU: 2 PID: 84 Comm: kworker/u16:3 Tainted: G O 5.12.0-rc5-00086-gd88bba47038e-dirty #651\nHardware name: TOSHIBA TECRA A50-A/TECRA A50-A, BIOS Version 4.50 09/29/2014\nWorkqueue: phy0 ieee80211_scan_work [mac80211]\nCall Trace:\n dump_stack+0x64/0x7c\n ubsan_epilogue+0x5/0x40\n __ubsan_handle_out_of_bounds.cold+0x43/0x48\n rtw_get_tx_power_params+0x83a/drivers/net/wireless/realtek/rtw88/0xad0 [rtw_core]\n ? rtw_pci_read16+0x20/0x20 [rtw_pci]\n ? check_hw_ready+0x50/0x90 [rtw_core]\n rtw_phy_get_tx_power_index+0x4d/0xd0 [rtw_core]\n rtw_phy_set_tx_power_level+0xee/0x1b0 [rtw_core]\n rtw_set_channel+0xab/0x110 [rtw_core]\n rtw_ops_config+0x87/0xc0 [rtw_core]\n ieee80211_hw_config+0x9d/0x130 [mac80211]\n ieee80211_scan_state_set_channel+0x81/0x170 [mac80211]\n ieee80211_scan_work+0x19f/0x2a0 [mac80211]\n process_one_work+0x1dd/0x3a0\n worker_thread+0x49/0x330\n ? rescuer_thread+0x3a0/0x3a0\n kthread+0x134/0x150\n ? kthread_create_worker_on_cpu+0x70/0x70\n ret_from_fork+0x22/0x30\n================================================================================\n\nThe statement where an array is being overrun is shown in the following snippet:\n\n\tif (rate \u003c= DESC_RATE11M)\n\t\ttx_power = pwr_idx_2g-\u003ecck_base[group];\n\telse\n====\u003e\t\ttx_power = pwr_idx_2g-\u003ebw40_base[group];\n\nThe associated arrays are defined in main.h as follows:\n\nstruct rtw_2g_txpwr_idx {\n\tu8 cck_base[6];\n\tu8 bw40_base[5];\n\tstruct rtw_2g_1s_pwr_idx_diff ht_1s_diff;\n\tstruct rtw_2g_ns_pwr_idx_diff ht_2s_diff;\n\tstruct rtw_2g_ns_pwr_idx_diff ht_3s_diff;\n\tstruct rtw_2g_ns_pwr_idx_diff ht_4s_diff;\n};\n\nThe problem arises because the value of group is 5 for channel 14. The trivial\nincrease in the dimension of bw40_base fails as this struct must match the layout of\nefuse. The fix is to add the rate as an argument to rtw_get_channel_group() and set\nthe group for channel 14 to 4 if rate \u003c= DESC_RATE11M.\n\nThis patch fixes commit fa6dfe6bff24 (\"rtw88: resolve order of tx power setting routines\")", "id": "GSD-2021-47065", "modified": "2024-03-01T06:04:48.309057Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@kernel.org", "ID": "CVE-2021-47065", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Linux", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "fa6dfe6bff24", "version_value": "6b5aa0cf321c" }, { "version_value": "not down converted", "x_cve_json_5_version_data": { "defaultStatus": "affected", "versions": [ { "status": "affected", "version": "5.3" }, { "lessThan": "5.3", "status": "unaffected", "version": "0", "versionType": "custom" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.119", "versionType": "custom" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.37", "versionType": "custom" }, { "lessThanOrEqual": "5.11.*", "status": "unaffected", "version": "5.11.21", "versionType": "custom" }, { "lessThanOrEqual": "5.12.*", "status": "unaffected", "version": "5.12.4", "versionType": "custom" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix" } ] } } ] } } ] }, "vendor_name": "Linux" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtw88: Fix array overrun in rtw_get_tx_power_params()\n\nUsing a kernel with the Undefined Behaviour Sanity Checker (UBSAN) enabled, the\nfollowing array overrun is logged:\n\n================================================================================\nUBSAN: array-index-out-of-bounds in /home/finger/wireless-drivers-next/drivers/net/wireless/realtek/rtw88/phy.c:1789:34\nindex 5 is out of range for type \u0027u8 [5]\u0027\nCPU: 2 PID: 84 Comm: kworker/u16:3 Tainted: G O 5.12.0-rc5-00086-gd88bba47038e-dirty #651\nHardware name: TOSHIBA TECRA A50-A/TECRA A50-A, BIOS Version 4.50 09/29/2014\nWorkqueue: phy0 ieee80211_scan_work [mac80211]\nCall Trace:\n dump_stack+0x64/0x7c\n ubsan_epilogue+0x5/0x40\n __ubsan_handle_out_of_bounds.cold+0x43/0x48\n rtw_get_tx_power_params+0x83a/drivers/net/wireless/realtek/rtw88/0xad0 [rtw_core]\n ? rtw_pci_read16+0x20/0x20 [rtw_pci]\n ? check_hw_ready+0x50/0x90 [rtw_core]\n rtw_phy_get_tx_power_index+0x4d/0xd0 [rtw_core]\n rtw_phy_set_tx_power_level+0xee/0x1b0 [rtw_core]\n rtw_set_channel+0xab/0x110 [rtw_core]\n rtw_ops_config+0x87/0xc0 [rtw_core]\n ieee80211_hw_config+0x9d/0x130 [mac80211]\n ieee80211_scan_state_set_channel+0x81/0x170 [mac80211]\n ieee80211_scan_work+0x19f/0x2a0 [mac80211]\n process_one_work+0x1dd/0x3a0\n worker_thread+0x49/0x330\n ? rescuer_thread+0x3a0/0x3a0\n kthread+0x134/0x150\n ? kthread_create_worker_on_cpu+0x70/0x70\n ret_from_fork+0x22/0x30\n================================================================================\n\nThe statement where an array is being overrun is shown in the following snippet:\n\n\tif (rate \u003c= DESC_RATE11M)\n\t\ttx_power = pwr_idx_2g-\u003ecck_base[group];\n\telse\n====\u003e\t\ttx_power = pwr_idx_2g-\u003ebw40_base[group];\n\nThe associated arrays are defined in main.h as follows:\n\nstruct rtw_2g_txpwr_idx {\n\tu8 cck_base[6];\n\tu8 bw40_base[5];\n\tstruct rtw_2g_1s_pwr_idx_diff ht_1s_diff;\n\tstruct rtw_2g_ns_pwr_idx_diff ht_2s_diff;\n\tstruct rtw_2g_ns_pwr_idx_diff ht_3s_diff;\n\tstruct rtw_2g_ns_pwr_idx_diff ht_4s_diff;\n};\n\nThe problem arises because the value of group is 5 for channel 14. The trivial\nincrease in the dimension of bw40_base fails as this struct must match the layout of\nefuse. The fix is to add the rate as an argument to rtw_get_channel_group() and set\nthe group for channel 14 to 4 if rate \u003c= DESC_RATE11M.\n\nThis patch fixes commit fa6dfe6bff24 (\"rtw88: resolve order of tx power setting routines\")" } ] }, "generator": { "engine": "bippy-4986f5686161" }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://git.kernel.org/stable/c/6b5aa0cf321c25f41e09a61c83ee4dc7ab9549cb", "refsource": "MISC", "url": "https://git.kernel.org/stable/c/6b5aa0cf321c25f41e09a61c83ee4dc7ab9549cb" }, { "name": "https://git.kernel.org/stable/c/95fb153c6027924cda3422120169d1890737f3a0", "refsource": "MISC", "url": "https://git.kernel.org/stable/c/95fb153c6027924cda3422120169d1890737f3a0" }, { "name": "https://git.kernel.org/stable/c/5f3dbced8eaa5c9ed7d6943f3fea99f235a6516a", "refsource": "MISC", "url": "https://git.kernel.org/stable/c/5f3dbced8eaa5c9ed7d6943f3fea99f235a6516a" }, { "name": "https://git.kernel.org/stable/c/9cd09722e18a08b6a3d68b8bccfac39ddc22434c", "refsource": "MISC", "url": "https://git.kernel.org/stable/c/9cd09722e18a08b6a3d68b8bccfac39ddc22434c" }, { "name": "https://git.kernel.org/stable/c/2ff25985ea9ccc6c9af2c77b0b49045adcc62e0e", "refsource": "MISC", "url": "https://git.kernel.org/stable/c/2ff25985ea9ccc6c9af2c77b0b49045adcc62e0e" } ] } }, "nvd.nist.gov": { "cve": { "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtw88: Fix array overrun in rtw_get_tx_power_params()\n\nUsing a kernel with the Undefined Behaviour Sanity Checker (UBSAN) enabled, the\nfollowing array overrun is logged:\n\n================================================================================\nUBSAN: array-index-out-of-bounds in /home/finger/wireless-drivers-next/drivers/net/wireless/realtek/rtw88/phy.c:1789:34\nindex 5 is out of range for type \u0027u8 [5]\u0027\nCPU: 2 PID: 84 Comm: kworker/u16:3 Tainted: G O 5.12.0-rc5-00086-gd88bba47038e-dirty #651\nHardware name: TOSHIBA TECRA A50-A/TECRA A50-A, BIOS Version 4.50 09/29/2014\nWorkqueue: phy0 ieee80211_scan_work [mac80211]\nCall Trace:\n dump_stack+0x64/0x7c\n ubsan_epilogue+0x5/0x40\n __ubsan_handle_out_of_bounds.cold+0x43/0x48\n rtw_get_tx_power_params+0x83a/drivers/net/wireless/realtek/rtw88/0xad0 [rtw_core]\n ? rtw_pci_read16+0x20/0x20 [rtw_pci]\n ? check_hw_ready+0x50/0x90 [rtw_core]\n rtw_phy_get_tx_power_index+0x4d/0xd0 [rtw_core]\n rtw_phy_set_tx_power_level+0xee/0x1b0 [rtw_core]\n rtw_set_channel+0xab/0x110 [rtw_core]\n rtw_ops_config+0x87/0xc0 [rtw_core]\n ieee80211_hw_config+0x9d/0x130 [mac80211]\n ieee80211_scan_state_set_channel+0x81/0x170 [mac80211]\n ieee80211_scan_work+0x19f/0x2a0 [mac80211]\n process_one_work+0x1dd/0x3a0\n worker_thread+0x49/0x330\n ? rescuer_thread+0x3a0/0x3a0\n kthread+0x134/0x150\n ? kthread_create_worker_on_cpu+0x70/0x70\n ret_from_fork+0x22/0x30\n================================================================================\n\nThe statement where an array is being overrun is shown in the following snippet:\n\n\tif (rate \u003c= DESC_RATE11M)\n\t\ttx_power = pwr_idx_2g-\u003ecck_base[group];\n\telse\n====\u003e\t\ttx_power = pwr_idx_2g-\u003ebw40_base[group];\n\nThe associated arrays are defined in main.h as follows:\n\nstruct rtw_2g_txpwr_idx {\n\tu8 cck_base[6];\n\tu8 bw40_base[5];\n\tstruct rtw_2g_1s_pwr_idx_diff ht_1s_diff;\n\tstruct rtw_2g_ns_pwr_idx_diff ht_2s_diff;\n\tstruct rtw_2g_ns_pwr_idx_diff ht_3s_diff;\n\tstruct rtw_2g_ns_pwr_idx_diff ht_4s_diff;\n};\n\nThe problem arises because the value of group is 5 for channel 14. The trivial\nincrease in the dimension of bw40_base fails as this struct must match the layout of\nefuse. The fix is to add the rate as an argument to rtw_get_channel_group() and set\nthe group for channel 14 to 4 if rate \u003c= DESC_RATE11M.\n\nThis patch fixes commit fa6dfe6bff24 (\"rtw88: resolve order of tx power setting routines\")" }, { "lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: rtw88: corrige el desbordamiento de la matriz en rtw_get_tx_power_params() Al utilizar un kernel con el Verificador de estado de comportamiento indefinido (UBSAN) habilitado, se registra el siguiente desbordamiento de la matriz: ======== ==================================================== ====================== UBSAN: \u00edndice de matriz fuera de los l\u00edmites en /home/finger/wireless-drivers-next/drivers/net/wireless /realtek/rtw88/phy.c:1789:34 el \u00edndice 5 est\u00e1 fuera de rango para el tipo \u0027u8 [5]\u0027 CPU: 2 PID: 84 Comm: kworker/u16:3 Tainted: GO 5.12.0-rc5-00086- gd88bba47038e-dirty #651 Nombre del hardware: TOSHIBA TECRA A50-A/TECRA A50-A, BIOS versi\u00f3n 4.50 29/09/2014 Cola de trabajo: phy0 ieee80211_scan_work [mac80211] Seguimiento de llamadas: dump_stack+0x64/0x7c ubsan_epilogue+0x5/0x40 __ubsan _handle_out_of_bounds.cold +0x43/0x48 rtw_get_tx_power_params+0x83a/drivers/net/wireless/realtek/rtw88/0xad0 [rtw_core] ? rtw_pci_read16+0x20/0x20 [rtw_pci] ? check_hw_ready+0x50/0x90 [rtw_core] rtw_phy_get_tx_power_index+0x4d/0xd0 [rtw_core] rtw_phy_set_tx_power_level+0xee/0x1b0 [rtw_core] rtw_set_channel+0xab/0x110 [rtw_core] rtw_ops_config+0x87/0xc 0 [rtw_core] ieee80211_hw_config+0x9d/0x130 [mac80211] ieee80211_scan_state_set_channel+ 0x81/0x170 [mac80211] ieee80211_scan_work+0x19f/0x2a0 [mac80211] Process_one_work+0x1dd/0x3a0 trabajador_thread+0x49/0x330? hilo_rescate+0x3a0/0x3a0 kthread+0x134/0x150 ? kthread_create_worker_on_cpu+0x70/0x70 ret_from_fork+0x22/0x30 ========================================== ========================================= Se muestra la declaraci\u00f3n donde se est\u00e1 invadiendo una matriz en el siguiente fragmento: if (rate \u0026lt;= DESC_RATE11M) tx_power = pwr_idx_2g-\u0026gt;cck_base[group]; else ====\u0026gt; tx_power = pwr_idx_2g-\u0026gt;bw40_base[grupo]; Las matrices asociadas se definen en main.h de la siguiente manera: struct rtw_2g_txpwr_idx { u8 cck_base[6]; u8 bw40_base[5]; estructura rtw_2g_1s_pwr_idx_diff ht_1s_diff; estructura rtw_2g_ns_pwr_idx_diff ht_2s_diff; estructura rtw_2g_ns_pwr_idx_diff ht_3s_diff; estructura rtw_2g_ns_pwr_idx_diff ht_4s_diff; }; El problema surge porque el valor del grupo es 5 para el canal 14. El aumento trivial en la dimensi\u00f3n de bw40_base falla ya que esta estructura debe coincidir con el dise\u00f1o de efuse. La soluci\u00f3n es agregar la tasa como argumento a rtw_get_channel_group() y configurar el grupo para el canal 14 en 4 si la tasa \u0026lt;= DESC_RATE11M. Este parche corrige la confirmaci\u00f3n fa6dfe6bff24 (\"rtw88: resolver el orden de las rutinas de configuraci\u00f3n de energ\u00eda de transmisi\u00f3n\")" } ], "id": "CVE-2021-47065", "lastModified": "2024-03-01T14:04:26.010", "metrics": {}, "published": "2024-02-29T23:15:08.000", "references": [ { "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2ff25985ea9ccc6c9af2c77b0b49045adcc62e0e" }, { "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5f3dbced8eaa5c9ed7d6943f3fea99f235a6516a" }, { "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6b5aa0cf321c25f41e09a61c83ee4dc7ab9549cb" }, { "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/95fb153c6027924cda3422120169d1890737f3a0" }, { "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9cd09722e18a08b6a3d68b8bccfac39ddc22434c" } ], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis" } } } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.