cvelistv5 - CVE-2023-52613

▼	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/15ef92e9c41124ee9d88b01208364f3fe1f45f84
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/6010a9fc14eb1feab5cafd84422001134fe8ec58
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/70481755ed77400e783200e2d022e5fea16060ce

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

wid-sec-w-2024-0654

Vulnerability from csaf_certbund

Published

2024-03-17 23:00

Modified

2024-07-04 22:00

Summary

Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen oder einen nicht spezifizierten Angriff durchzuführen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0654 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0654.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0654 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0654"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/20240318101458.2835626-10-lee@kernel.org/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/20240318101458.2835626-11-lee@kernel.org/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/20240318101458.2835626-15-lee@kernel.org/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/20240318101458.2835626-16-lee@kernel.org/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/20240318102117.2839904-10-lee@kernel.org/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/20240318102117.2839904-11-lee@kernel.org/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/20240318102117.2839904-12-lee@kernel.org/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/20240318102117.2839904-7-lee@kernel.org/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/20240318102117.2839904-8-lee@kernel.org/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/20240318102117.2839904-9-lee@kernel.org/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/20240318101458.2835626-12-lee@kernel.org/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/20240318101458.2835626-13-lee@kernel.org/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/20240318101458.2835626-14-lee@kernel.org/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/20240318101458.2835626-9-lee@kernel.org/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6725-1 vom 2024-04-09",
        "url": "https://ubuntu.com/security/notices/USN-6725-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6726-1 vom 2024-04-09",
        "url": "https://ubuntu.com/security/notices/USN-6726-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6725-2 vom 2024-04-16",
        "url": "https://ubuntu.com/security/notices/USN-6725-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6726-2 vom 2024-04-16",
        "url": "https://ubuntu.com/security/notices/USN-6726-2"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1322-1 vom 2024-04-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018374.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6726-3 vom 2024-04-17",
        "url": "https://ubuntu.com/security/notices/USN-6726-3"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1332-1 vom 2024-04-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018376.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1332-2 vom 2024-04-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018378.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1322-2 vom 2024-04-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018377.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1466-1 vom 2024-04-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018438.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2394 vom 2024-04-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:2394"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1480-1 vom 2024-04-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018444.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1490-1 vom 2024-05-03",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018445.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5681 vom 2024-05-06",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00090.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6765-1 vom 2024-05-07",
        "url": "https://ubuntu.com/security/notices/USN-6765-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6766-1 vom 2024-05-07",
        "url": "https://ubuntu.com/security/notices/USN-6766-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6767-1 vom 2024-05-07",
        "url": "https://ubuntu.com/security/notices/USN-6767-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6767-2 vom 2024-05-14",
        "url": "https://ubuntu.com/security/notices/USN-6767-2"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1644-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018528.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1648-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018524.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1641-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018531.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1647-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018525.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1646-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018526.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1643-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018529.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1659-1 vom 2024-05-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018538.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6766-2 vom 2024-05-15",
        "url": "https://ubuntu.com/security/notices/USN-6766-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6778-1 vom 2024-05-16",
        "url": "https://ubuntu.com/security/notices/USN-6778-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6774-1 vom 2024-05-16",
        "url": "https://ubuntu.com/security/notices/USN-6774-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6777-1 vom 2024-05-16",
        "url": "https://ubuntu.com/security/notices/USN-6777-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6766-3 vom 2024-05-20",
        "url": "https://ubuntu.com/security/notices/USN-6766-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6777-2 vom 2024-05-20",
        "url": "https://ubuntu.com/security/notices/USN-6777-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6777-3 vom 2024-05-22",
        "url": "https://ubuntu.com/security/notices/USN-6777-3"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1648-2 vom 2024-05-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018572.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6777-4 vom 2024-05-23",
        "url": "https://ubuntu.com/security/notices/USN-6777-4"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6795-1 vom 2024-05-28",
        "url": "https://ubuntu.com/security/notices/USN-6795-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1870-1 vom 2024-05-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018634.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3618 vom 2024-06-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:3618"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3627 vom 2024-06-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:3627"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-3618 vom 2024-06-06",
        "url": "https://linux.oracle.com/errata/ELSA-2024-3618.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6818-1 vom 2024-06-08",
        "url": "https://ubuntu.com/security/notices/USN-6818-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6819-1 vom 2024-06-08",
        "url": "https://ubuntu.com/security/notices/USN-6819-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6818-2 vom 2024-06-10",
        "url": "https://ubuntu.com/security/notices/USN-6818-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6828-1 vom 2024-06-11",
        "url": "https://ubuntu.com/security/notices/USN-6828-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6819-2 vom 2024-06-12",
        "url": "https://ubuntu.com/security/notices/USN-6819-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6819-3 vom 2024-06-12",
        "url": "https://ubuntu.com/security/notices/USN-6819-3"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2008-1 vom 2024-06-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018706.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6818-3 vom 2024-06-14",
        "url": "https://ubuntu.com/security/notices/USN-6818-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6818-4 vom 2024-06-19",
        "url": "https://ubuntu.com/security/notices/USN-6818-4"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2135-1 vom 2024-06-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018783.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3842 vom 2024-06-25",
        "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3841 vom 2024-06-25",
        "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2190-1 vom 2024-06-25",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018819.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6819-4 vom 2024-06-26",
        "url": "https://ubuntu.com/security/notices/USN-6819-4"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3840 vom 2024-06-27",
        "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4211 vom 2024-07-02",
        "url": "https://access.redhat.com/errata/RHSA-2024:4211"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-4211 vom 2024-07-03",
        "url": "https://linux.oracle.com/errata/ELSA-2024-4211.html"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2024-022 vom 2024-07-03",
        "url": "https://www.dell.com/support/kbdoc/de-de/000226633/dsa-2024-022-security-update-for-dell-networker-vproxy-multiple-component-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6865-1 vom 2024-07-04",
        "url": "https://ubuntu.com/security/notices/USN-6865-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6866-1 vom 2024-07-04",
        "url": "https://ubuntu.com/security/notices/USN-6866-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6866-2 vom 2024-07-04",
        "url": "https://ubuntu.com/security/notices/USN-6866-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6865-2 vom 2024-07-04",
        "url": "https://ubuntu.com/security/notices/USN-6865-2"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen erm\u00f6glichen Denial of Service und unspezifische Angriffe",
    "tracking": {
      "current_release_date": "2024-07-04T22:00:00.000+00:00",
      "generator": {
        "date": "2024-07-05T08:04:32.748+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2024-0654",
      "initial_release_date": "2024-03-17T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-03-17T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-03-18T23:00:00.000+00:00",
          "number": "2",
          "summary": "doppelten Eintrag entfernt"
        },
        {
          "date": "2024-04-09T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-04-16T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-04-17T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-04-18T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-04-29T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-05-01T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-05-02T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-05-06T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-05-07T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-05-13T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-05-14T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-05-15T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
        },
        {
          "date": "2024-05-16T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-05-20T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-05-21T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
        },
        {
          "date": "2024-05-23T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-05-28T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-05-30T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-06-04T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-06-06T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-06-09T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-06-10T22:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-06-11T22:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-06-12T22:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
        },
        {
          "date": "2024-06-16T22:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-06-18T22:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-06-23T22:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-06-25T22:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von Debian und SUSE aufgenommen"
        },
        {
          "date": "2024-06-26T22:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-06-27T22:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-07-01T22:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-02T22:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von Oracle Linux und Dell aufgenommen"
        },
        {
          "date": "2024-07-03T22:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-07-04T22:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        }
      ],
      "status": "final",
      "version": "36"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c19.11",
                "product": {
                  "name": "Dell NetWorker \u003c19.11",
                  "product_id": "T035785",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:networker:19.11"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "NetWorker"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T033522",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-52609",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2023-52609"
    },
    {
      "cve": "CVE-2023-52610",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2023-52610"
    },
    {
      "cve": "CVE-2023-52611",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2023-52611"
    },
    {
      "cve": "CVE-2023-52612",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2023-52612"
    },
    {
      "cve": "CVE-2023-52613",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2023-52613"
    },
    {
      "cve": "CVE-2023-52614",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2023-52614"
    },
    {
      "cve": "CVE-2023-52615",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2023-52615"
    },
    {
      "cve": "CVE-2023-52616",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2023-52616"
    },
    {
      "cve": "CVE-2023-52617",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2023-52617"
    },
    {
      "cve": "CVE-2023-52618",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2023-52618"
    },
    {
      "cve": "CVE-2023-52619",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2023-52619"
    },
    {
      "cve": "CVE-2024-26631",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2024-26631"
    },
    {
      "cve": "CVE-2024-26632",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2024-26632"
    },
    {
      "cve": "CVE-2024-26633",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2024-26633"
    },
    {
      "cve": "CVE-2024-26634",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2024-26634"
    },
    {
      "cve": "CVE-2024-26635",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2024-26635"
    },
    {
      "cve": "CVE-2024-26636",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2024-26636"
    },
    {
      "cve": "CVE-2024-26637",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2024-26637"
    },
    {
      "cve": "CVE-2024-26638",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2024-26638"
    },
    {
      "cve": "CVE-2024-26639",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2024-26639"
    },
    {
      "cve": "CVE-2024-26640",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2024-26640"
    },
    {
      "cve": "CVE-2024-26641",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie dem ip6_tunnel, dem PCI oder dem llc, unter anderem aufgrund von mehreren Problemen wie einem Buffer Overflows, unerwarteten Zeigerzugriffen oder Deadlocks. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033522",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T004914",
          "T035785"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2024-26641"
    }
  ]
}

ghsa-rw5h-h7xq-wc78

Vulnerability from github

Published

2024-03-18 12:30

Modified

2024-10-31 21:31

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

In the Linux kernel, the following vulnerability has been resolved:

drivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment

PTR_ERR() returns -ENODEV when thermal-zones are undefined, and we need -ENODEV as the right value for comparison.

Otherwise, tz->type is NULL when thermal-zones is undefined, resulting in the following error:

[ 12.290030] CPU 1 Unable to handle kernel paging request at virtual address fffffffffffffff1, era == 900000000355f410, ra == 90000000031579b8 [ 12.302877] Oops[#1]: [ 12.305190] CPU: 1 PID: 181 Comm: systemd-udevd Not tainted 6.6.0-rc7+ #5385 [ 12.312304] pc 900000000355f410 ra 90000000031579b8 tp 90000001069e8000 sp 90000001069eba10 [ 12.320739] a0 0000000000000000 a1 fffffffffffffff1 a2 0000000000000014 a3 0000000000000001 [ 12.329173] a4 90000001069eb990 a5 0000000000000001 a6 0000000000001001 a7 900000010003431c [ 12.337606] t0 fffffffffffffff1 t1 54567fd5da9b4fd4 t2 900000010614ec40 t3 00000000000dc901 [ 12.346041] t4 0000000000000000 t5 0000000000000004 t6 900000010614ee20 t7 900000000d00b790 [ 12.354472] t8 00000000000dc901 u0 54567fd5da9b4fd4 s9 900000000402ae10 s0 900000010614ec40 [ 12.362916] s1 90000000039fced0 s2 ffffffffffffffed s3 ffffffffffffffed s4 9000000003acc000 [ 12.362931] s5 0000000000000004 s6 fffffffffffff000 s7 0000000000000490 s8 90000001028b2ec8 [ 12.362938] ra: 90000000031579b8 thermal_add_hwmon_sysfs+0x258/0x300 [ 12.386411] ERA: 900000000355f410 strscpy+0xf0/0x160 [ 12.391626] CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE) [ 12.397898] PRMD: 00000004 (PPLV0 +PIE -PWE) [ 12.403678] EUEN: 00000000 (-FPE -SXE -ASXE -BTE) [ 12.409859] ECFG: 00071c1c (LIE=2-4,10-12 VS=7) [ 12.415882] ESTAT: 00010000 [PIL] (IS= ECode=1 EsubCode=0) [ 12.415907] BADV: fffffffffffffff1 [ 12.415911] PRID: 0014a000 (Loongson-64bit, Loongson-2K1000) [ 12.415917] Modules linked in: loongson2_thermal(+) vfat fat uio_pdrv_genirq uio fuse zram zsmalloc [ 12.415950] Process systemd-udevd (pid: 181, threadinfo=00000000358b9718, task=00000000ace72fe3) [ 12.415961] Stack : 0000000000000dc0 54567fd5da9b4fd4 900000000402ae10 9000000002df9358 [ 12.415982] ffffffffffffffed 0000000000000004 9000000107a10aa8 90000001002a3410 [ 12.415999] ffffffffffffffed ffffffffffffffed 9000000107a11268 9000000003157ab0 [ 12.416016] 9000000107a10aa8 ffffff80020fc0c8 90000001002a3410 ffffffffffffffed [ 12.416032] 0000000000000024 ffffff80020cc1e8 900000000402b2a0 9000000003acc000 [ 12.416048] 90000001002a3410 0000000000000000 ffffff80020f4030 90000001002a3410 [ 12.416065] 0000000000000000 9000000002df6808 90000001002a3410 0000000000000000 [ 12.416081] ffffff80020f4030 0000000000000000 90000001002a3410 9000000002df2ba8 [ 12.416097] 00000000000000b4 90000001002a34f4 90000001002a3410 0000000000000002 [ 12.416114] ffffff80020f4030 fffffffffffffff0 90000001002a3410 9000000002df2f30 [ 12.416131] ... [ 12.416138] Call Trace: [ 12.416142] [<900000000355f410>] strscpy+0xf0/0x160 [ 12.416167] [<90000000031579b8>] thermal_add_hwmon_sysfs+0x258/0x300 [ 12.416183] [<9000000003157ab0>] devm_thermal_add_hwmon_sysfs+0x50/0xe0 [ 12.416200] [] loongson2_thermal_probe+0x128/0x200 [loongson2_thermal] [ 12.416232] [<9000000002df6808>] platform_probe+0x68/0x140 [ 12.416249] [<9000000002df2ba8>] really_probe+0xc8/0x3c0 [ 12.416269] [<9000000002df2f30>] __driver_probe_device+0x90/0x180 [ 12.416286] [<9000000002df3058>] driver_probe_device+0x38/0x160 [ 12.416302] [<9000000002df33a8>] __driver_attach+0xa8/0x200 [ 12.416314] [<9000000002deffec>] bus_for_each_dev+0x8c/0x120 [ 12.416330] [<9000000002df198c>] bus_add_driver+0x10c/0x2a0 [ 12.416346] [<9000000002df46b4>] driver_register+0x74/0x160 [ 12.416358] [<90000000022201a4>] do_one_initcall+0x84/0x220 [ 12.416372] [<90000000022f3ab8>] do_init_module+0x58/0x2c0 [ ---truncated---

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-52613"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-18T11:15:08Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment\n\nPTR_ERR() returns -ENODEV when thermal-zones are undefined, and we need\n-ENODEV as the right value for comparison.\n\nOtherwise, tz-\u003etype is NULL when thermal-zones is undefined, resulting\nin the following error:\n\n[   12.290030] CPU 1 Unable to handle kernel paging request at virtual address fffffffffffffff1, era == 900000000355f410, ra == 90000000031579b8\n[   12.302877] Oops[#1]:\n[   12.305190] CPU: 1 PID: 181 Comm: systemd-udevd Not tainted 6.6.0-rc7+ #5385\n[   12.312304] pc 900000000355f410 ra 90000000031579b8 tp 90000001069e8000 sp 90000001069eba10\n[   12.320739] a0 0000000000000000 a1 fffffffffffffff1 a2 0000000000000014 a3 0000000000000001\n[   12.329173] a4 90000001069eb990 a5 0000000000000001 a6 0000000000001001 a7 900000010003431c\n[   12.337606] t0 fffffffffffffff1 t1 54567fd5da9b4fd4 t2 900000010614ec40 t3 00000000000dc901\n[   12.346041] t4 0000000000000000 t5 0000000000000004 t6 900000010614ee20 t7 900000000d00b790\n[   12.354472] t8 00000000000dc901 u0 54567fd5da9b4fd4 s9 900000000402ae10 s0 900000010614ec40\n[   12.362916] s1 90000000039fced0 s2 ffffffffffffffed s3 ffffffffffffffed s4 9000000003acc000\n[   12.362931] s5 0000000000000004 s6 fffffffffffff000 s7 0000000000000490 s8 90000001028b2ec8\n[   12.362938]    ra: 90000000031579b8 thermal_add_hwmon_sysfs+0x258/0x300\n[   12.386411]   ERA: 900000000355f410 strscpy+0xf0/0x160\n[   12.391626]  CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE)\n[   12.397898]  PRMD: 00000004 (PPLV0 +PIE -PWE)\n[   12.403678]  EUEN: 00000000 (-FPE -SXE -ASXE -BTE)\n[   12.409859]  ECFG: 00071c1c (LIE=2-4,10-12 VS=7)\n[   12.415882] ESTAT: 00010000 [PIL] (IS= ECode=1 EsubCode=0)\n[   12.415907]  BADV: fffffffffffffff1\n[   12.415911]  PRID: 0014a000 (Loongson-64bit, Loongson-2K1000)\n[   12.415917] Modules linked in: loongson2_thermal(+) vfat fat uio_pdrv_genirq uio fuse zram zsmalloc\n[   12.415950] Process systemd-udevd (pid: 181, threadinfo=00000000358b9718, task=00000000ace72fe3)\n[   12.415961] Stack : 0000000000000dc0 54567fd5da9b4fd4 900000000402ae10 9000000002df9358\n[   12.415982]         ffffffffffffffed 0000000000000004 9000000107a10aa8 90000001002a3410\n[   12.415999]         ffffffffffffffed ffffffffffffffed 9000000107a11268 9000000003157ab0\n[   12.416016]         9000000107a10aa8 ffffff80020fc0c8 90000001002a3410 ffffffffffffffed\n[   12.416032]         0000000000000024 ffffff80020cc1e8 900000000402b2a0 9000000003acc000\n[   12.416048]         90000001002a3410 0000000000000000 ffffff80020f4030 90000001002a3410\n[   12.416065]         0000000000000000 9000000002df6808 90000001002a3410 0000000000000000\n[   12.416081]         ffffff80020f4030 0000000000000000 90000001002a3410 9000000002df2ba8\n[   12.416097]         00000000000000b4 90000001002a34f4 90000001002a3410 0000000000000002\n[   12.416114]         ffffff80020f4030 fffffffffffffff0 90000001002a3410 9000000002df2f30\n[   12.416131]         ...\n[   12.416138] Call Trace:\n[   12.416142] [\u003c900000000355f410\u003e] strscpy+0xf0/0x160\n[   12.416167] [\u003c90000000031579b8\u003e] thermal_add_hwmon_sysfs+0x258/0x300\n[   12.416183] [\u003c9000000003157ab0\u003e] devm_thermal_add_hwmon_sysfs+0x50/0xe0\n[   12.416200] [\u003cffffff80020cc1e8\u003e] loongson2_thermal_probe+0x128/0x200 [loongson2_thermal]\n[   12.416232] [\u003c9000000002df6808\u003e] platform_probe+0x68/0x140\n[   12.416249] [\u003c9000000002df2ba8\u003e] really_probe+0xc8/0x3c0\n[   12.416269] [\u003c9000000002df2f30\u003e] __driver_probe_device+0x90/0x180\n[   12.416286] [\u003c9000000002df3058\u003e] driver_probe_device+0x38/0x160\n[   12.416302] [\u003c9000000002df33a8\u003e] __driver_attach+0xa8/0x200\n[   12.416314] [\u003c9000000002deffec\u003e] bus_for_each_dev+0x8c/0x120\n[   12.416330] [\u003c9000000002df198c\u003e] bus_add_driver+0x10c/0x2a0\n[   12.416346] [\u003c9000000002df46b4\u003e] driver_register+0x74/0x160\n[   12.416358] [\u003c90000000022201a4\u003e] do_one_initcall+0x84/0x220\n[   12.416372] [\u003c90000000022f3ab8\u003e] do_init_module+0x58/0x2c0\n[\n---truncated---",
  "id": "GHSA-rw5h-h7xq-wc78",
  "modified": "2024-10-31T21:31:44Z",
  "published": "2024-03-18T12:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52613"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/15ef92e9c41124ee9d88b01208364f3fe1f45f84"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6010a9fc14eb1feab5cafd84422001134fe8ec58"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/70481755ed77400e783200e2d022e5fea16060ce"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

gsd-2023-52613

Vulnerability from gsd

Modified

2024-03-07 06:01

Details

In the Linux kernel, the following vulnerability has been resolved: drivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment PTR_ERR() returns -ENODEV when thermal-zones are undefined, and we need -ENODEV as the right value for comparison. Otherwise, tz->type is NULL when thermal-zones is undefined, resulting in the following error: [ 12.290030] CPU 1 Unable to handle kernel paging request at virtual address fffffffffffffff1, era == 900000000355f410, ra == 90000000031579b8 [ 12.302877] Oops[#1]: [ 12.305190] CPU: 1 PID: 181 Comm: systemd-udevd Not tainted 6.6.0-rc7+ #5385 [ 12.312304] pc 900000000355f410 ra 90000000031579b8 tp 90000001069e8000 sp 90000001069eba10 [ 12.320739] a0 0000000000000000 a1 fffffffffffffff1 a2 0000000000000014 a3 0000000000000001 [ 12.329173] a4 90000001069eb990 a5 0000000000000001 a6 0000000000001001 a7 900000010003431c [ 12.337606] t0 fffffffffffffff1 t1 54567fd5da9b4fd4 t2 900000010614ec40 t3 00000000000dc901 [ 12.346041] t4 0000000000000000 t5 0000000000000004 t6 900000010614ee20 t7 900000000d00b790 [ 12.354472] t8 00000000000dc901 u0 54567fd5da9b4fd4 s9 900000000402ae10 s0 900000010614ec40 [ 12.362916] s1 90000000039fced0 s2 ffffffffffffffed s3 ffffffffffffffed s4 9000000003acc000 [ 12.362931] s5 0000000000000004 s6 fffffffffffff000 s7 0000000000000490 s8 90000001028b2ec8 [ 12.362938] ra: 90000000031579b8 thermal_add_hwmon_sysfs+0x258/0x300 [ 12.386411] ERA: 900000000355f410 strscpy+0xf0/0x160 [ 12.391626] CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE) [ 12.397898] PRMD: 00000004 (PPLV0 +PIE -PWE) [ 12.403678] EUEN: 00000000 (-FPE -SXE -ASXE -BTE) [ 12.409859] ECFG: 00071c1c (LIE=2-4,10-12 VS=7) [ 12.415882] ESTAT: 00010000 [PIL] (IS= ECode=1 EsubCode=0) [ 12.415907] BADV: fffffffffffffff1 [ 12.415911] PRID: 0014a000 (Loongson-64bit, Loongson-2K1000) [ 12.415917] Modules linked in: loongson2_thermal(+) vfat fat uio_pdrv_genirq uio fuse zram zsmalloc [ 12.415950] Process systemd-udevd (pid: 181, threadinfo=00000000358b9718, task=00000000ace72fe3) [ 12.415961] Stack : 0000000000000dc0 54567fd5da9b4fd4 900000000402ae10 9000000002df9358 [ 12.415982] ffffffffffffffed 0000000000000004 9000000107a10aa8 90000001002a3410 [ 12.415999] ffffffffffffffed ffffffffffffffed 9000000107a11268 9000000003157ab0 [ 12.416016] 9000000107a10aa8 ffffff80020fc0c8 90000001002a3410 ffffffffffffffed [ 12.416032] 0000000000000024 ffffff80020cc1e8 900000000402b2a0 9000000003acc000 [ 12.416048] 90000001002a3410 0000000000000000 ffffff80020f4030 90000001002a3410 [ 12.416065] 0000000000000000 9000000002df6808 90000001002a3410 0000000000000000 [ 12.416081] ffffff80020f4030 0000000000000000 90000001002a3410 9000000002df2ba8 [ 12.416097] 00000000000000b4 90000001002a34f4 90000001002a3410 0000000000000002 [ 12.416114] ffffff80020f4030 fffffffffffffff0 90000001002a3410 9000000002df2f30 [ 12.416131] ... [ 12.416138] Call Trace: [ 12.416142] [<900000000355f410>] strscpy+0xf0/0x160 [ 12.416167] [<90000000031579b8>] thermal_add_hwmon_sysfs+0x258/0x300 [ 12.416183] [<9000000003157ab0>] devm_thermal_add_hwmon_sysfs+0x50/0xe0 [ 12.416200] [<ffffff80020cc1e8>] loongson2_thermal_probe+0x128/0x200 [loongson2_thermal] [ 12.416232] [<9000000002df6808>] platform_probe+0x68/0x140 [ 12.416249] [<9000000002df2ba8>] really_probe+0xc8/0x3c0 [ 12.416269] [<9000000002df2f30>] __driver_probe_device+0x90/0x180 [ 12.416286] [<9000000002df3058>] driver_probe_device+0x38/0x160 [ 12.416302] [<9000000002df33a8>] __driver_attach+0xa8/0x200 [ 12.416314] [<9000000002deffec>] bus_for_each_dev+0x8c/0x120 [ 12.416330] [<9000000002df198c>] bus_add_driver+0x10c/0x2a0 [ 12.416346] [<9000000002df46b4>] driver_register+0x74/0x160 [ 12.416358] [<90000000022201a4>] do_one_initcall+0x84/0x220 [ 12.416372] [<90000000022f3ab8>] do_init_module+0x58/0x2c0 [ ---truncated---

Aliases

CVE-2023-52613

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-52613"
      ],
      "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment\n\nPTR_ERR() returns -ENODEV when thermal-zones are undefined, and we need\n-ENODEV as the right value for comparison.\n\nOtherwise, tz-\u003etype is NULL when thermal-zones is undefined, resulting\nin the following error:\n\n[   12.290030] CPU 1 Unable to handle kernel paging request at virtual address fffffffffffffff1, era == 900000000355f410, ra == 90000000031579b8\n[   12.302877] Oops[#1]:\n[   12.305190] CPU: 1 PID: 181 Comm: systemd-udevd Not tainted 6.6.0-rc7+ #5385\n[   12.312304] pc 900000000355f410 ra 90000000031579b8 tp 90000001069e8000 sp 90000001069eba10\n[   12.320739] a0 0000000000000000 a1 fffffffffffffff1 a2 0000000000000014 a3 0000000000000001\n[   12.329173] a4 90000001069eb990 a5 0000000000000001 a6 0000000000001001 a7 900000010003431c\n[   12.337606] t0 fffffffffffffff1 t1 54567fd5da9b4fd4 t2 900000010614ec40 t3 00000000000dc901\n[   12.346041] t4 0000000000000000 t5 0000000000000004 t6 900000010614ee20 t7 900000000d00b790\n[   12.354472] t8 00000000000dc901 u0 54567fd5da9b4fd4 s9 900000000402ae10 s0 900000010614ec40\n[   12.362916] s1 90000000039fced0 s2 ffffffffffffffed s3 ffffffffffffffed s4 9000000003acc000\n[   12.362931] s5 0000000000000004 s6 fffffffffffff000 s7 0000000000000490 s8 90000001028b2ec8\n[   12.362938]    ra: 90000000031579b8 thermal_add_hwmon_sysfs+0x258/0x300\n[   12.386411]   ERA: 900000000355f410 strscpy+0xf0/0x160\n[   12.391626]  CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE)\n[   12.397898]  PRMD: 00000004 (PPLV0 +PIE -PWE)\n[   12.403678]  EUEN: 00000000 (-FPE -SXE -ASXE -BTE)\n[   12.409859]  ECFG: 00071c1c (LIE=2-4,10-12 VS=7)\n[   12.415882] ESTAT: 00010000 [PIL] (IS= ECode=1 EsubCode=0)\n[   12.415907]  BADV: fffffffffffffff1\n[   12.415911]  PRID: 0014a000 (Loongson-64bit, Loongson-2K1000)\n[   12.415917] Modules linked in: loongson2_thermal(+) vfat fat uio_pdrv_genirq uio fuse zram zsmalloc\n[   12.415950] Process systemd-udevd (pid: 181, threadinfo=00000000358b9718, task=00000000ace72fe3)\n[   12.415961] Stack : 0000000000000dc0 54567fd5da9b4fd4 900000000402ae10 9000000002df9358\n[   12.415982]         ffffffffffffffed 0000000000000004 9000000107a10aa8 90000001002a3410\n[   12.415999]         ffffffffffffffed ffffffffffffffed 9000000107a11268 9000000003157ab0\n[   12.416016]         9000000107a10aa8 ffffff80020fc0c8 90000001002a3410 ffffffffffffffed\n[   12.416032]         0000000000000024 ffffff80020cc1e8 900000000402b2a0 9000000003acc000\n[   12.416048]         90000001002a3410 0000000000000000 ffffff80020f4030 90000001002a3410\n[   12.416065]         0000000000000000 9000000002df6808 90000001002a3410 0000000000000000\n[   12.416081]         ffffff80020f4030 0000000000000000 90000001002a3410 9000000002df2ba8\n[   12.416097]         00000000000000b4 90000001002a34f4 90000001002a3410 0000000000000002\n[   12.416114]         ffffff80020f4030 fffffffffffffff0 90000001002a3410 9000000002df2f30\n[   12.416131]         ...\n[   12.416138] Call Trace:\n[   12.416142] [\u003c900000000355f410\u003e] strscpy+0xf0/0x160\n[   12.416167] [\u003c90000000031579b8\u003e] thermal_add_hwmon_sysfs+0x258/0x300\n[   12.416183] [\u003c9000000003157ab0\u003e] devm_thermal_add_hwmon_sysfs+0x50/0xe0\n[   12.416200] [\u003cffffff80020cc1e8\u003e] loongson2_thermal_probe+0x128/0x200 [loongson2_thermal]\n[   12.416232] [\u003c9000000002df6808\u003e] platform_probe+0x68/0x140\n[   12.416249] [\u003c9000000002df2ba8\u003e] really_probe+0xc8/0x3c0\n[   12.416269] [\u003c9000000002df2f30\u003e] __driver_probe_device+0x90/0x180\n[   12.416286] [\u003c9000000002df3058\u003e] driver_probe_device+0x38/0x160\n[   12.416302] [\u003c9000000002df33a8\u003e] __driver_attach+0xa8/0x200\n[   12.416314] [\u003c9000000002deffec\u003e] bus_for_each_dev+0x8c/0x120\n[   12.416330] [\u003c9000000002df198c\u003e] bus_add_driver+0x10c/0x2a0\n[   12.416346] [\u003c9000000002df46b4\u003e] driver_register+0x74/0x160\n[   12.416358] [\u003c90000000022201a4\u003e] do_one_initcall+0x84/0x220\n[   12.416372] [\u003c90000000022f3ab8\u003e] do_init_module+0x58/0x2c0\n[\n---truncated---",
      "id": "GSD-2023-52613",
      "modified": "2024-03-07T06:01:45.211520Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@kernel.org",
        "ID": "CVE-2023-52613",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Linux",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "e7e3a7c35791",
                          "version_value": "70481755ed77"
                        },
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "affected",
                            "versions": [
                              {
                                "status": "affected",
                                "version": "6.6"
                              },
                              {
                                "lessThan": "6.6",
                                "status": "unaffected",
                                "version": "0",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "6.6.*",
                                "status": "unaffected",
                                "version": "6.6.14",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "6.7.*",
                                "status": "unaffected",
                                "version": "6.7.2",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "*",
                                "status": "unaffected",
                                "version": "6.8",
                                "versionType": "original_commit_for_fix"
                              }
                            ]
                          }
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Linux"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment\n\nPTR_ERR() returns -ENODEV when thermal-zones are undefined, and we need\n-ENODEV as the right value for comparison.\n\nOtherwise, tz-\u003etype is NULL when thermal-zones is undefined, resulting\nin the following error:\n\n[   12.290030] CPU 1 Unable to handle kernel paging request at virtual address fffffffffffffff1, era == 900000000355f410, ra == 90000000031579b8\n[   12.302877] Oops[#1]:\n[   12.305190] CPU: 1 PID: 181 Comm: systemd-udevd Not tainted 6.6.0-rc7+ #5385\n[   12.312304] pc 900000000355f410 ra 90000000031579b8 tp 90000001069e8000 sp 90000001069eba10\n[   12.320739] a0 0000000000000000 a1 fffffffffffffff1 a2 0000000000000014 a3 0000000000000001\n[   12.329173] a4 90000001069eb990 a5 0000000000000001 a6 0000000000001001 a7 900000010003431c\n[   12.337606] t0 fffffffffffffff1 t1 54567fd5da9b4fd4 t2 900000010614ec40 t3 00000000000dc901\n[   12.346041] t4 0000000000000000 t5 0000000000000004 t6 900000010614ee20 t7 900000000d00b790\n[   12.354472] t8 00000000000dc901 u0 54567fd5da9b4fd4 s9 900000000402ae10 s0 900000010614ec40\n[   12.362916] s1 90000000039fced0 s2 ffffffffffffffed s3 ffffffffffffffed s4 9000000003acc000\n[   12.362931] s5 0000000000000004 s6 fffffffffffff000 s7 0000000000000490 s8 90000001028b2ec8\n[   12.362938]    ra: 90000000031579b8 thermal_add_hwmon_sysfs+0x258/0x300\n[   12.386411]   ERA: 900000000355f410 strscpy+0xf0/0x160\n[   12.391626]  CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE)\n[   12.397898]  PRMD: 00000004 (PPLV0 +PIE -PWE)\n[   12.403678]  EUEN: 00000000 (-FPE -SXE -ASXE -BTE)\n[   12.409859]  ECFG: 00071c1c (LIE=2-4,10-12 VS=7)\n[   12.415882] ESTAT: 00010000 [PIL] (IS= ECode=1 EsubCode=0)\n[   12.415907]  BADV: fffffffffffffff1\n[   12.415911]  PRID: 0014a000 (Loongson-64bit, Loongson-2K1000)\n[   12.415917] Modules linked in: loongson2_thermal(+) vfat fat uio_pdrv_genirq uio fuse zram zsmalloc\n[   12.415950] Process systemd-udevd (pid: 181, threadinfo=00000000358b9718, task=00000000ace72fe3)\n[   12.415961] Stack : 0000000000000dc0 54567fd5da9b4fd4 900000000402ae10 9000000002df9358\n[   12.415982]         ffffffffffffffed 0000000000000004 9000000107a10aa8 90000001002a3410\n[   12.415999]         ffffffffffffffed ffffffffffffffed 9000000107a11268 9000000003157ab0\n[   12.416016]         9000000107a10aa8 ffffff80020fc0c8 90000001002a3410 ffffffffffffffed\n[   12.416032]         0000000000000024 ffffff80020cc1e8 900000000402b2a0 9000000003acc000\n[   12.416048]         90000001002a3410 0000000000000000 ffffff80020f4030 90000001002a3410\n[   12.416065]         0000000000000000 9000000002df6808 90000001002a3410 0000000000000000\n[   12.416081]         ffffff80020f4030 0000000000000000 90000001002a3410 9000000002df2ba8\n[   12.416097]         00000000000000b4 90000001002a34f4 90000001002a3410 0000000000000002\n[   12.416114]         ffffff80020f4030 fffffffffffffff0 90000001002a3410 9000000002df2f30\n[   12.416131]         ...\n[   12.416138] Call Trace:\n[   12.416142] [\u003c900000000355f410\u003e] strscpy+0xf0/0x160\n[   12.416167] [\u003c90000000031579b8\u003e] thermal_add_hwmon_sysfs+0x258/0x300\n[   12.416183] [\u003c9000000003157ab0\u003e] devm_thermal_add_hwmon_sysfs+0x50/0xe0\n[   12.416200] [\u003cffffff80020cc1e8\u003e] loongson2_thermal_probe+0x128/0x200 [loongson2_thermal]\n[   12.416232] [\u003c9000000002df6808\u003e] platform_probe+0x68/0x140\n[   12.416249] [\u003c9000000002df2ba8\u003e] really_probe+0xc8/0x3c0\n[   12.416269] [\u003c9000000002df2f30\u003e] __driver_probe_device+0x90/0x180\n[   12.416286] [\u003c9000000002df3058\u003e] driver_probe_device+0x38/0x160\n[   12.416302] [\u003c9000000002df33a8\u003e] __driver_attach+0xa8/0x200\n[   12.416314] [\u003c9000000002deffec\u003e] bus_for_each_dev+0x8c/0x120\n[   12.416330] [\u003c9000000002df198c\u003e] bus_add_driver+0x10c/0x2a0\n[   12.416346] [\u003c9000000002df46b4\u003e] driver_register+0x74/0x160\n[   12.416358] [\u003c90000000022201a4\u003e] do_one_initcall+0x84/0x220\n[   12.416372] [\u003c90000000022f3ab8\u003e] do_init_module+0x58/0x2c0\n[\n---truncated---"
          }
        ]
      },
      "generator": {
        "engine": "bippy-8df59b4913de"
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://git.kernel.org/stable/c/70481755ed77400e783200e2d022e5fea16060ce",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/70481755ed77400e783200e2d022e5fea16060ce"
          },
          {
            "name": "https://git.kernel.org/stable/c/6010a9fc14eb1feab5cafd84422001134fe8ec58",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/6010a9fc14eb1feab5cafd84422001134fe8ec58"
          },
          {
            "name": "https://git.kernel.org/stable/c/15ef92e9c41124ee9d88b01208364f3fe1f45f84",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/15ef92e9c41124ee9d88b01208364f3fe1f45f84"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "descriptions": [
          {
            "lang": "en",
            "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment\n\nPTR_ERR() returns -ENODEV when thermal-zones are undefined, and we need\n-ENODEV as the right value for comparison.\n\nOtherwise, tz-\u003etype is NULL when thermal-zones is undefined, resulting\nin the following error:\n\n[   12.290030] CPU 1 Unable to handle kernel paging request at virtual address fffffffffffffff1, era == 900000000355f410, ra == 90000000031579b8\n[   12.302877] Oops[#1]:\n[   12.305190] CPU: 1 PID: 181 Comm: systemd-udevd Not tainted 6.6.0-rc7+ #5385\n[   12.312304] pc 900000000355f410 ra 90000000031579b8 tp 90000001069e8000 sp 90000001069eba10\n[   12.320739] a0 0000000000000000 a1 fffffffffffffff1 a2 0000000000000014 a3 0000000000000001\n[   12.329173] a4 90000001069eb990 a5 0000000000000001 a6 0000000000001001 a7 900000010003431c\n[   12.337606] t0 fffffffffffffff1 t1 54567fd5da9b4fd4 t2 900000010614ec40 t3 00000000000dc901\n[   12.346041] t4 0000000000000000 t5 0000000000000004 t6 900000010614ee20 t7 900000000d00b790\n[   12.354472] t8 00000000000dc901 u0 54567fd5da9b4fd4 s9 900000000402ae10 s0 900000010614ec40\n[   12.362916] s1 90000000039fced0 s2 ffffffffffffffed s3 ffffffffffffffed s4 9000000003acc000\n[   12.362931] s5 0000000000000004 s6 fffffffffffff000 s7 0000000000000490 s8 90000001028b2ec8\n[   12.362938]    ra: 90000000031579b8 thermal_add_hwmon_sysfs+0x258/0x300\n[   12.386411]   ERA: 900000000355f410 strscpy+0xf0/0x160\n[   12.391626]  CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE)\n[   12.397898]  PRMD: 00000004 (PPLV0 +PIE -PWE)\n[   12.403678]  EUEN: 00000000 (-FPE -SXE -ASXE -BTE)\n[   12.409859]  ECFG: 00071c1c (LIE=2-4,10-12 VS=7)\n[   12.415882] ESTAT: 00010000 [PIL] (IS= ECode=1 EsubCode=0)\n[   12.415907]  BADV: fffffffffffffff1\n[   12.415911]  PRID: 0014a000 (Loongson-64bit, Loongson-2K1000)\n[   12.415917] Modules linked in: loongson2_thermal(+) vfat fat uio_pdrv_genirq uio fuse zram zsmalloc\n[   12.415950] Process systemd-udevd (pid: 181, threadinfo=00000000358b9718, task=00000000ace72fe3)\n[   12.415961] Stack : 0000000000000dc0 54567fd5da9b4fd4 900000000402ae10 9000000002df9358\n[   12.415982]         ffffffffffffffed 0000000000000004 9000000107a10aa8 90000001002a3410\n[   12.415999]         ffffffffffffffed ffffffffffffffed 9000000107a11268 9000000003157ab0\n[   12.416016]         9000000107a10aa8 ffffff80020fc0c8 90000001002a3410 ffffffffffffffed\n[   12.416032]         0000000000000024 ffffff80020cc1e8 900000000402b2a0 9000000003acc000\n[   12.416048]         90000001002a3410 0000000000000000 ffffff80020f4030 90000001002a3410\n[   12.416065]         0000000000000000 9000000002df6808 90000001002a3410 0000000000000000\n[   12.416081]         ffffff80020f4030 0000000000000000 90000001002a3410 9000000002df2ba8\n[   12.416097]         00000000000000b4 90000001002a34f4 90000001002a3410 0000000000000002\n[   12.416114]         ffffff80020f4030 fffffffffffffff0 90000001002a3410 9000000002df2f30\n[   12.416131]         ...\n[   12.416138] Call Trace:\n[   12.416142] [\u003c900000000355f410\u003e] strscpy+0xf0/0x160\n[   12.416167] [\u003c90000000031579b8\u003e] thermal_add_hwmon_sysfs+0x258/0x300\n[   12.416183] [\u003c9000000003157ab0\u003e] devm_thermal_add_hwmon_sysfs+0x50/0xe0\n[   12.416200] [\u003cffffff80020cc1e8\u003e] loongson2_thermal_probe+0x128/0x200 [loongson2_thermal]\n[   12.416232] [\u003c9000000002df6808\u003e] platform_probe+0x68/0x140\n[   12.416249] [\u003c9000000002df2ba8\u003e] really_probe+0xc8/0x3c0\n[   12.416269] [\u003c9000000002df2f30\u003e] __driver_probe_device+0x90/0x180\n[   12.416286] [\u003c9000000002df3058\u003e] driver_probe_device+0x38/0x160\n[   12.416302] [\u003c9000000002df33a8\u003e] __driver_attach+0xa8/0x200\n[   12.416314] [\u003c9000000002deffec\u003e] bus_for_each_dev+0x8c/0x120\n[   12.416330] [\u003c9000000002df198c\u003e] bus_add_driver+0x10c/0x2a0\n[   12.416346] [\u003c9000000002df46b4\u003e] driver_register+0x74/0x160\n[   12.416358] [\u003c90000000022201a4\u003e] do_one_initcall+0x84/0x220\n[   12.416372] [\u003c90000000022f3ab8\u003e] do_init_module+0x58/0x2c0\n[\n---truncated---"
          },
          {
            "lang": "es",
            "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drivers/thermal/loongson2_thermal: corrige el juicio PTR_ERR() incorrecto. PTR_ERR() devuelve -ENODEV cuando las zonas t\u00e9rmicas no est\u00e1n definidas y necesitamos -ENODEV como el valor correcto para comparar. De lo contrario, tz-\u0026gt;type es NULL cuando las zonas t\u00e9rmicas no est\u00e1n definidas, lo que genera el siguiente error: [12.290030] CPU 1 No se puede manejar la solicitud de paginaci\u00f3n del kernel en la direcci\u00f3n virtual ffffffffffffffff1, era == 900000000355f410, ra == 90000000031579b8 [ 12.302877] Ups [#1]: [ 12.305190] CPU: 1 PID: 181 Comm: systemd-udevd No contaminado 6.6.0-rc7+ #5385 [ 12.312304] pc 900000000355f410 ra 90000000031579b8 tp 90000001069e8000 sp 90000001069eba10 [ 12.320739] a0 0000000000000000 a1 ffffffffffffffff1 a2 0000000000000014 a3 0000000000000001 [ 12.329173] a4 90000001069eb990 a5 0000000000000001 a6 0000000000001001 a7 900000010003431c [ 12.337606] t0 ffffffffffffffff1 t1 54567fd5da9b 4fd4 t2 900000010614ec40 t3 00000000000dc901 [ 12.346041] t4 0000000000000000 t5 00000000000000004 t6 900000010614ee20 t7 900000000d00b 790 [ 12.354472] t8 00000000000dc901 u0 54567fd5da9b4fd4 s9 900000000402ae10 s0 900000010614ec40 [ 12.362916] s1 90000000039fced0 s2 ffffffffffffffff s3 ffffffffffffffff s4 9000000003acc000 [ 12.362931] s5 0000000000000004 s6 fffffffffffff000 s7 0000000000000490 s8 90000001028b2ec8 [ 12.362938] ra: 90000000031579b8 Thermal_add_hwmon_sysfs+0x258/0x300 [ 12.386411] ERA: 900000000355f410 strscpy+0xf0/0x160 [ 12.391626] CRMD: 00000 0b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE) [ 12.397898] PRMD: 00000004 (PPLV0 +PIE -PWE) [ 12.403678] EUEN: 00000000 (-FPE -SXE -ASXE -BTE) [ 12.409859] ECFG: 00071c1c (LIE=2 -4,10-12 vs = 7) [12.415882] ESTAT: 00010000 [PIL] (IS = ECODE = 1 ESUBCODE = 0) [12.415907] BADV: FFFFFFFFFFFFFF1 [12.415911] PRID: 0014A000 (Loongson-64bit, Loongson-24000) [12.415917] M\u00f3dulos vinculados en: loongson2_thermal(+) vfat fat uio_pdrv_genirq uio fuse zram zsmalloc [12.415950] Proceso systemd-udevd (pid: 181, threadinfo=00000000358b9718, task=00000000ace72fe3) [ 12.415961] Pila: 0000000000000dc0 54567fd5da9b4fd4 900000000402ae10 9000000002df9358 [12.415982] ffffffffffffff 0000000000000004 9000000107a10aa8 90000001002a3410 [ 12.415999] ffffffffffffff ffffffffffffff 9000000107a11268 9000000003157ab0 [ 12.416016] 9000000107a10aa8 ffffff80020fc0c8 90000001002a3410 ffffffffffffffed [ 12.416032] 00000000000000024 ffffff80020cc1e8 900000000402b2 a0 9000000003acc000 [ 12.416048] 90000001002a3410 0000000000000000 ffffff80020f4030 90000001002a3410 [ 12.416065] 00000000000000000 9000000002df6808 90000001002a3410 0000000000000000 [ 12.416081] ffffff80020f4030 00000000000000000 90000001002a3410 9000000002df2ba 8 [ 12.416097] 00000000000000b4 90000001002a34f4 90000001002a3410 0000000000000002 [ 12.416114] ffffff80020f4030 ffffffffffffff0 90000001002a3410 9000000002df2f30 [ 12 .416131] ... [ 12.416138] Seguimiento de llamadas: [ 12.416142] [\u0026lt;900000000355f410\u0026gt;] strscpy+0xf0/0x160 [ 12.416167] [\u0026lt;90000000031579b8\u0026gt;] Thermal_add_hwmon_sysfs+0x258/0 x300 [12.416183 ] [\u0026lt;9000000003157ab0\u0026gt;] devm_thermal_add_hwmon_sysfs+0x50/0xe0 [ 12.416200] [] loongson2_thermal_probe+0x128/0x200 [loongson2_thermal] [ 12.416232] [\u0026lt;9 000000002df6808\u0026gt;] plataforma_probe+0x68/0x140 [ 12.416249] [\u0026lt;9000000002df2ba8\u0026gt;] realmente_probe+ 0xc8/0x3c0 [ 12.416269] [\u0026lt;9000000002df2f30\u0026gt;] __driver_probe_device+0x90/0x180 [ 12.416286] [\u0026lt;9000000002df3058\u0026gt;] driver_probe_device+0x38/0x160 [ 12.41630 2] [\u0026lt;9000000002df33a8\u0026gt;] __driver_attach+0xa8/0x200 [ 12.416314] [\u0026lt;9000000002deffec\u0026gt;] bus_for_each_dev+0x8c/0x120 [ 12.416330] [\u0026lt;9000000002df198c\u0026gt;] bus_add_driver+0x10c/0x2a0 [ 12.416346] [\u0026lt;9000000002df46b4\u0026gt;] driver_register+0x74/0x160 [ 12.41 6358] [\u0026lt;90000000022201a4\u0026gt;] do_one_initcall+0x84/0x220 [ 12.416372] [\u0026lt;90000000022f3ab8 \u0026gt;] do_init_module+0x58/0x2c0 [ ---truncado---"
          }
        ],
        "id": "CVE-2023-52613",
        "lastModified": "2024-03-18T12:38:25.490",
        "metrics": {},
        "published": "2024-03-18T11:15:08.477",
        "references": [
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/15ef92e9c41124ee9d88b01208364f3fe1f45f84"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/6010a9fc14eb1feab5cafd84422001134fe8ec58"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/70481755ed77400e783200e2d022e5fea16060ce"
          }
        ],
        "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "vulnStatus": "Awaiting Analysis"
      }
    }
  }
}

CVE-2023-52613

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature

Action not permitted

CVE-2023-52613

Vulnerability from cvelistv5

wid-sec-w-2024-0654

Vulnerability from csaf_certbund

ghsa-rw5h-h7xq-wc78

Vulnerability from github

gsd-2023-52613

Vulnerability from gsd

Tags

Sightings

Nomenclature