Action not permitted
Modal body text goes here.
wid-sec-w-2024-1008
Vulnerability from csaf_certbund
Published
2024-05-01 22:00
Modified
2024-07-24 22:00
Summary
Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder sonstige Auswirkungen zu verursachen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder sonstige Auswirkungen zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1008 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1008.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1008 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1008"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2627 vom 2024-05-01",
"url": "https://access.redhat.com/errata/RHSA-2024:2627"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2628 vom 2024-05-01",
"url": "https://access.redhat.com/errata/RHSA-2024:2628"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2022-48669 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050131-CVE-2022-48669-15cf@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2023-52647 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050119-CVE-2023-52647-82e4@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2023-52648 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050122-CVE-2023-52648-4e0d@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2023-52649 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050109-CVE-2023-52649-4614@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2023-52650 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050109-CVE-2023-52650-e2d1@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2023-52651 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050110-CVE-2023-52651-5907@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2023-52652 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050131-CVE-2023-52652-9e84@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2023-52653 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050131-CVE-2023-52653-a5c2@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26929 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050122-CVE-2024-26929-07f0@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26930 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050122-CVE-2024-26930-4f3e@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26931 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050123-CVE-2024-26931-01d9@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26932 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050123-CVE-2024-26932-587d@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26933 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050123-CVE-2024-26933-c18d@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26934 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050123-CVE-2024-26934-e2fc@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26935 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050124-CVE-2024-26935-8b4e@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26936 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050141-CVE-2024-26936-0264@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26937 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050124-CVE-2024-26937-3d21@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26938 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050124-CVE-2024-26938-b3f9@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26939 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050124-CVE-2024-26939-5314@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26940 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050125-CVE-2024-26940-1785@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26941 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050125-CVE-2024-26941-7c68@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26942 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050125-CVE-2024-26942-2f72@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26943 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050125-CVE-2024-26943-9ea5@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26944 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050125-CVE-2024-26944-598c@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26945 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050126-CVE-2024-26945-bf47@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26946 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050126-CVE-2024-26946-ad5d@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26947 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050126-CVE-2024-26947-c9b8@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26948 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050126-CVE-2024-26948-43bb@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26949 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050127-CVE-2024-26949-cf74@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26950 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050127-CVE-2024-26950-4424@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26951 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050127-CVE-2024-26951-5cbe@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26952 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050127-CVE-2024-26952-7f65@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26953 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050128-CVE-2024-26953-8304@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26954 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050128-CVE-2024-26954-18d5@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26955 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050128-CVE-2024-26955-3205@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26956 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050128-CVE-2024-26956-94b7@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26957 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26957-9e6b@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26958 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26958-6c15@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26959 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26959-cbbc@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26960 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26960-ad6b@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26961 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26961-408d@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26962 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-26962-cbb0@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26963 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-26963-3eac@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26964 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-26964-54c8@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26965 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-26965-a43f@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26966 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050131-CVE-2024-26966-1afc@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26967 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050131-CVE-2024-26967-3ccc@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26968 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050131-CVE-2024-26968-bd35@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26969 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050131-CVE-2024-26969-13cf@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26970 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-26970-ad9a@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26971 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-26971-6e28@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26972 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-26972-bf6c@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26973 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-26973-54a3@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26974 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-26974-13eb@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26975 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050133-CVE-2024-26975-d184@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26976 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050133-CVE-2024-26976-60d4@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26977 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050133-CVE-2024-26977-cf63@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26978 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050133-CVE-2024-26978-cc0d@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26979 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050134-CVE-2024-26979-43e8@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26980 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050141-CVE-2024-26980-4b16@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26981 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050141-CVE-2024-26981-db53@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26982 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050141-CVE-2024-26982-8675@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26983 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050142-CVE-2024-26983-9424@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26984 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050142-CVE-2024-26984-3028@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26985 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050142-CVE-2024-26985-37ac@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26986 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050142-CVE-2024-26986-4650@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26987 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050143-CVE-2024-26987-507c@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26988 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050143-CVE-2024-26988-c304@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26989 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050143-CVE-2024-26989-851d@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26990 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050143-CVE-2024-26990-0a1f@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26991 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050144-CVE-2024-26991-f6d3@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26992 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050144-CVE-2024-26992-4f0e@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26993 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050144-CVE-2024-26993-fe52@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26994 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050144-CVE-2024-26994-43c6@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26995 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050144-CVE-2024-26995-ac9b@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26996 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050145-CVE-2024-26996-ff2f@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26997 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050145-CVE-2024-26997-b8bf@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26998 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050145-CVE-2024-26998-2262@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-26999 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050145-CVE-2024-26999-057f@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27000 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050146-CVE-2024-27000-c789@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27001 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050146-CVE-2024-27001-16ca@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27002 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050146-CVE-2024-27002-3b11@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27003 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050146-CVE-2024-27003-c862@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27004 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050147-CVE-2024-27004-c429@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27005 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050147-CVE-2024-27005-e630@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27006 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050147-CVE-2024-27006-3b6f@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27007 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050147-CVE-2024-27007-686b@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27008 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050148-CVE-2024-27008-5964@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27009 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050148-CVE-2024-27009-d63d@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27010 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050148-CVE-2024-27010-5a68@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27011 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050148-CVE-2024-27011-2c70@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27012 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050148-CVE-2024-27012-5564@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27013 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050149-CVE-2024-27013-2c26@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27014 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050149-CVE-2024-27014-d2dc@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27015 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050149-CVE-2024-27015-9ce1@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27016 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050149-CVE-2024-27016-5114@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27017 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050150-CVE-2024-27017-d867@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27018 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050150-CVE-2024-27018-d8a7@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27019 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050150-CVE-2024-27019-e3d4@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27020 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050150-CVE-2024-27020-5158@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27021 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050151-CVE-2024-27021-6a83@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27022 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050143-CVE-2024-27022-4325@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27023 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050105-CVE-2024-27023-4810@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27024 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050107-CVE-2024-27024-efbd@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27025 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050107-CVE-2024-27025-babd@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27026 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050108-CVE-2024-27026-189b@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27027 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050108-CVE-2024-27027-ba6a@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27028 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050110-CVE-2024-27028-42f0@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27029 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050110-CVE-2024-27029-69f0@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27030 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050110-CVE-2024-27030-d75a@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27031 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050110-CVE-2024-27031-2e85@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27032 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050111-CVE-2024-27032-97a9@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27033 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050111-CVE-2024-27033-d152@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27034 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050111-CVE-2024-27034-5872@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27035 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050111-CVE-2024-27035-1628@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27036 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050111-CVE-2024-27036-6ba3@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27037 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050112-CVE-2024-27037-d54a@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27038 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050112-CVE-2024-27038-3af3@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27039 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050112-CVE-2024-27039-3730@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27040 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050112-CVE-2024-27040-e45b@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27041 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050112-CVE-2024-27041-7bf4@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27042 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050113-CVE-2024-27042-e812@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27043 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050113-CVE-2024-27043-f2fb@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27044 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050113-CVE-2024-27044-7e0e@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27045 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050113-CVE-2024-27045-6680@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27046 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050113-CVE-2024-27046-4694@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27047 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050114-CVE-2024-27047-8aad@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27048 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050114-CVE-2024-27048-016f@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27049 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050114-CVE-2024-27049-a5a1@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27050 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050114-CVE-2024-27050-b829@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27051 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050114-CVE-2024-27051-07ce@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27052 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050115-CVE-2024-27052-fb6d@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27053 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050115-CVE-2024-27053-a8e9@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27054 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050115-CVE-2024-27054-b0ff@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27055 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050115-CVE-2024-27055-449e@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27056 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050115-CVE-2024-27056-98c0@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27057 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050116-CVE-2024-27057-c0fb@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27058 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-27058-e8f6@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27059 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-27059-baaa@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27060 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-27060-8a1c@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27061 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-27061-fef2@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27062 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-27062-3291@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27063 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050131-CVE-2024-27063-c356@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27064 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-27064-8046@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27065 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-27065-8c9d@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27066 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-27066-686a@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27067 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-27067-38e7@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27068 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-27068-c844@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27069 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050133-CVE-2024-27069-5b70@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27070 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050133-CVE-2024-27070-a43e@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27071 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050133-CVE-2024-27071-3b1b@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27072 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050133-CVE-2024-27072-301d@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27073 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050133-CVE-2024-27073-967c@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27074 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050133-CVE-2024-27074-a9b3@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27075 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050134-CVE-2024-27075-5e4f@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27076 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050134-CVE-2024-27076-5a2e@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27077 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050134-CVE-2024-27077-3482@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27078 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050134-CVE-2024-27078-6a54@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27079 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050134-CVE-2024-27079-f478@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27080 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050135-CVE-2024-27080-46f0@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27388 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050135-CVE-2024-27388-04eb@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27389 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050135-CVE-2024-27389-fb3a@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27390 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050135-CVE-2024-27390-e55f@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27391 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050135-CVE-2024-27391-6014@gregkh/T/"
},
{
"category": "external",
"summary": "Linux CVE Announce Mailing List CVE-2024-27392 vom 2024-05-01",
"url": "https://lore.kernel.org/linux-cve-announce/2024050136-CVE-2024-27392-b84b@gregkh/T/"
},
{
"category": "external",
"summary": "Kernel Updates vom 2024-05-01",
"url": "https://kernel.org/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1490-1 vom 2024-05-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018445.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5681 vom 2024-05-06",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00090.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5680 vom 2024-05-06",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00089.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2758 vom 2024-05-08",
"url": "https://access.redhat.com/errata/RHSA-2024:2758"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-2758 vom 2024-05-09",
"url": "https://linux.oracle.com/errata/ELSA-2024-2758.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1644-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018528.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1648-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018524.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1643-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018529.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1646-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018526.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1645-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018527.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1647-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018525.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1642-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018530.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1641-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018531.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1650-1 vom 2024-05-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018533.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1659-1 vom 2024-05-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018538.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1648-2 vom 2024-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018572.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3138 vom 2024-05-22",
"url": "https://access.redhat.com/errata/RHSA-2024:3138"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2950 vom 2024-05-22",
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3421 vom 2024-05-28",
"url": "https://access.redhat.com/errata/RHSA-2024:3421"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3461 vom 2024-05-29",
"url": "https://access.redhat.com/errata/RHSA-2024:3461"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3460 vom 2024-05-29",
"url": "https://access.redhat.com/errata/RHSA-2024:3460"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1870-1 vom 2024-05-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018634.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3618 vom 2024-06-05",
"url": "https://access.redhat.com/errata/RHSA-2024:3618"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3619 vom 2024-06-05",
"url": "https://access.redhat.com/errata/RHSA-2024:3619"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12377 vom 2024-06-05",
"url": "https://oss.oracle.com/pipermail/el-errata/2024-June/015802.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3627 vom 2024-06-05",
"url": "https://access.redhat.com/errata/RHSA-2024:3627"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12385 vom 2024-06-05",
"url": "https://oss.oracle.com/pipermail/el-errata/2024-June/015807.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-3619 vom 2024-06-07",
"url": "http://linux.oracle.com/errata/ELSA-2024-3619.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-3618 vom 2024-06-06",
"url": "https://linux.oracle.com/errata/ELSA-2024-3618.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6821-1 vom 2024-06-08",
"url": "https://ubuntu.com/security/notices/USN-6821-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6817-1 vom 2024-06-08",
"url": "https://ubuntu.com/security/notices/USN-6817-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6820-1 vom 2024-06-08",
"url": "https://ubuntu.com/security/notices/USN-6820-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6816-1 vom 2024-06-08",
"url": "https://ubuntu.com/security/notices/USN-6816-1"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7156774 vom 2024-06-07",
"url": "https://www.ibm.com/support/pages/node/7156774"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6821-2 vom 2024-06-10",
"url": "https://ubuntu.com/security/notices/USN-6821-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1979-1 vom 2024-06-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018685.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1978-1 vom 2024-06-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018686.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6828-1 vom 2024-06-11",
"url": "https://ubuntu.com/security/notices/USN-6828-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6817-2 vom 2024-06-11",
"url": "https://ubuntu.com/security/notices/USN-6817-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1983-1 vom 2024-06-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018700.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3810 vom 2024-06-11",
"url": "https://access.redhat.com/errata/RHSA-2024:3810"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6821-3 vom 2024-06-11",
"url": "https://ubuntu.com/security/notices/USN-6821-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6820-2 vom 2024-06-11",
"url": "https://ubuntu.com/security/notices/USN-6820-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2008-1 vom 2024-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018706.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2010-1 vom 2024-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018711.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2011-1 vom 2024-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018710.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6821-4 vom 2024-06-14",
"url": "https://ubuntu.com/security/notices/USN-6821-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6817-3 vom 2024-06-14",
"url": "https://ubuntu.com/security/notices/USN-6817-3"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2135-1 vom 2024-06-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018783.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2183-1 vom 2024-06-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018808.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2184-1 vom 2024-06-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018807.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2185-1 vom 2024-06-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018809.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2189-1 vom 2024-06-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018811.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3842 vom 2024-06-25",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2190-1 vom 2024-06-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018819.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4107 vom 2024-06-26",
"url": "https://access.redhat.com/errata/RHSA-2024:4107"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3840 vom 2024-06-27",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-639 vom 2024-07-02",
"url": "https://alas.aws.amazon.com/AL2023/ALAS-2024-639.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4211 vom 2024-07-02",
"url": "https://access.redhat.com/errata/RHSA-2024:4211"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-022 vom 2024-07-03",
"url": "https://www.dell.com/support/kbdoc/de-de/000226633/dsa-2024-022-security-update-for-dell-networker-vproxy-multiple-component-vulnerabilities"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-4211 vom 2024-07-03",
"url": "https://linux.oracle.com/errata/ELSA-2024-4211.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6871-1 vom 2024-07-04",
"url": "https://ubuntu.com/security/notices/USN-6871-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6878-1 vom 2024-07-04",
"url": "https://ubuntu.com/security/notices/USN-6878-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4349 vom 2024-07-08",
"url": "https://access.redhat.com/errata/RHSA-2024:4349"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4352 vom 2024-07-08",
"url": "https://access.redhat.com/errata/RHSA-2024:4352"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-4349 vom 2024-07-09",
"url": "https://linux.oracle.com/errata/ELSA-2024-4349.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2337-1 vom 2024-07-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018881.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2326-1 vom 2024-07-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018883.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2372-1 vom 2024-07-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018901.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2360-1 vom 2024-07-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018907.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2358-1 vom 2024-07-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018898.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2381-1 vom 2024-07-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018916.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2382-1 vom 2024-07-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018917.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2394-1 vom 2024-07-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018922.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6892-1 vom 2024-07-10",
"url": "https://ubuntu.com/security/notices/USN-6892-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4321 vom 2024-07-10",
"url": "https://access.redhat.com/errata/RHSA-2024:4321"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6893-1 vom 2024-07-11",
"url": "https://ubuntu.com/security/notices/USN-6893-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2472-1 vom 2024-07-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018943.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6896-1 vom 2024-07-12",
"url": "https://ubuntu.com/security/notices/USN-6896-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2446-1 vom 2024-07-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018947.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2447-1 vom 2024-07-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018946.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2437-1 vom 2024-07-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018948.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2448-1 vom 2024-07-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018945.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2449-1 vom 2024-07-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018944.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6898-1 vom 2024-07-15",
"url": "https://ubuntu.com/security/notices/USN-6898-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2488-1 vom 2024-07-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018970.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:4211 vom 2024-07-15",
"url": "https://errata.build.resf.org/RLSA-2024:4211"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:4349 vom 2024-07-15",
"url": "https://errata.build.resf.org/RLSA-2024:4349"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:4352 vom 2024-07-15",
"url": "https://errata.build.resf.org/RLSA-2024:4352"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5730 vom 2024-07-16",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00141.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6893-2 vom 2024-07-16",
"url": "https://ubuntu.com/security/notices/USN-6893-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6896-2 vom 2024-07-16",
"url": "https://ubuntu.com/security/notices/USN-6896-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2530-1 vom 2024-07-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018985.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6898-2 vom 2024-07-17",
"url": "https://ubuntu.com/security/notices/USN-6898-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6896-3 vom 2024-07-17",
"url": "https://ubuntu.com/security/notices/USN-6896-3"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4631 vom 2024-07-18",
"url": "https://access.redhat.com/errata/RHSA-2024:4631"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2561-1 vom 2024-07-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019001.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2558-1 vom 2024-07-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018999.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2549-1 vom 2024-07-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019000.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6898-3 vom 2024-07-19",
"url": "https://ubuntu.com/security/notices/USN-6898-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6896-4 vom 2024-07-19",
"url": "https://ubuntu.com/security/notices/USN-6896-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6898-4 vom 2024-07-23",
"url": "https://ubuntu.com/security/notices/USN-6898-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6893-3 vom 2024-07-23",
"url": "https://ubuntu.com/security/notices/USN-6893-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6896-5 vom 2024-07-23",
"url": "https://ubuntu.com/security/notices/USN-6896-5"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4823 vom 2024-07-24",
"url": "https://access.redhat.com/errata/RHSA-2024:4823"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4831 vom 2024-07-24",
"url": "https://access.redhat.com/errata/RHSA-2024:4831"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
"tracking": {
"current_release_date": "2024-07-24T22:00:00.000+00:00",
"generator": {
"date": "2024-07-25T08:34:36.022+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2024-1008",
"initial_release_date": "2024-05-01T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-05-01T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-05-02T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-06T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2024-05-07T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-05-09T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-05-14T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-15T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-21T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-28T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-05-30T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-06-04T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-06-05T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-06-06T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-06-09T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Ubuntu und IBM aufgenommen"
},
{
"date": "2024-06-10T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-06-11T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Ubuntu, SUSE und Red Hat aufgenommen"
},
{
"date": "2024-06-12T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-06-16T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-06-23T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-06-24T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-06-25T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Debian, SUSE und Red Hat aufgenommen"
},
{
"date": "2024-06-27T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2024-07-01T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-07-02T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Dell und Oracle Linux aufgenommen"
},
{
"date": "2024-07-03T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-07-04T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-07-07T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-08T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Oracle Linux und SUSE aufgenommen"
},
{
"date": "2024-07-09T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-07-10T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von SUSE, Ubuntu und Red Hat aufgenommen"
},
{
"date": "2024-07-11T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-07-14T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
},
{
"date": "2024-07-15T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Ubuntu, SUSE, Rocky Enterprise Software Foundation und Debian aufgenommen"
},
{
"date": "2024-07-16T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
},
{
"date": "2024-07-17T22:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-07-18T22:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Red Hat und SUSE aufgenommen"
},
{
"date": "2024-07-22T22:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-07-24T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "38"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c19.11",
"product": {
"name": "Dell NetWorker \u003c19.11",
"product_id": "T035785",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.11"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM QRadar SIEM",
"product": {
"name": "IBM QRadar SIEM",
"product_id": "T021415",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.9-rc2",
"product": {
"name": "Open Source Linux Kernel \u003c6.9-rc2",
"product_id": "T034472",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:6.9-rc2"
}
}
}
],
"category": "product_name",
"name": "Linux Kernel"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-48669",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2022-48669"
},
{
"cve": "CVE-2023-52647",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2023-52647"
},
{
"cve": "CVE-2023-52648",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2023-52648"
},
{
"cve": "CVE-2023-52649",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2023-52649"
},
{
"cve": "CVE-2023-52650",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2023-52650"
},
{
"cve": "CVE-2023-52651",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2023-52651"
},
{
"cve": "CVE-2023-52652",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2023-52652"
},
{
"cve": "CVE-2023-52653",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2023-52653"
},
{
"cve": "CVE-2024-25742",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-25742"
},
{
"cve": "CVE-2024-25743",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-25743"
},
{
"cve": "CVE-2024-26929",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26929"
},
{
"cve": "CVE-2024-26930",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26930"
},
{
"cve": "CVE-2024-26931",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26931"
},
{
"cve": "CVE-2024-26932",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26932"
},
{
"cve": "CVE-2024-26933",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26933"
},
{
"cve": "CVE-2024-26934",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26934"
},
{
"cve": "CVE-2024-26935",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26935"
},
{
"cve": "CVE-2024-26936",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26936"
},
{
"cve": "CVE-2024-26937",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26937"
},
{
"cve": "CVE-2024-26938",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26938"
},
{
"cve": "CVE-2024-26939",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26939"
},
{
"cve": "CVE-2024-26940",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26940"
},
{
"cve": "CVE-2024-26941",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26941"
},
{
"cve": "CVE-2024-26942",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26942"
},
{
"cve": "CVE-2024-26943",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26943"
},
{
"cve": "CVE-2024-26944",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26944"
},
{
"cve": "CVE-2024-26945",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26945"
},
{
"cve": "CVE-2024-26946",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26946"
},
{
"cve": "CVE-2024-26947",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26947"
},
{
"cve": "CVE-2024-26948",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26948"
},
{
"cve": "CVE-2024-26949",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26949"
},
{
"cve": "CVE-2024-26950",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26950"
},
{
"cve": "CVE-2024-26951",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26951"
},
{
"cve": "CVE-2024-26952",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26952"
},
{
"cve": "CVE-2024-26953",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26953"
},
{
"cve": "CVE-2024-26954",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26954"
},
{
"cve": "CVE-2024-26955",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26955"
},
{
"cve": "CVE-2024-26956",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26956"
},
{
"cve": "CVE-2024-26957",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26957"
},
{
"cve": "CVE-2024-26958",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26958"
},
{
"cve": "CVE-2024-26959",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26959"
},
{
"cve": "CVE-2024-26960",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26960"
},
{
"cve": "CVE-2024-26961",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26961"
},
{
"cve": "CVE-2024-26962",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26962"
},
{
"cve": "CVE-2024-26963",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26963"
},
{
"cve": "CVE-2024-26964",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26964"
},
{
"cve": "CVE-2024-26965",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26965"
},
{
"cve": "CVE-2024-26966",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26966"
},
{
"cve": "CVE-2024-26967",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26967"
},
{
"cve": "CVE-2024-26968",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26968"
},
{
"cve": "CVE-2024-26969",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26969"
},
{
"cve": "CVE-2024-26970",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26970"
},
{
"cve": "CVE-2024-26971",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26971"
},
{
"cve": "CVE-2024-26972",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26972"
},
{
"cve": "CVE-2024-26973",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26973"
},
{
"cve": "CVE-2024-26974",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26974"
},
{
"cve": "CVE-2024-26975",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26975"
},
{
"cve": "CVE-2024-26976",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26976"
},
{
"cve": "CVE-2024-26977",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26977"
},
{
"cve": "CVE-2024-26978",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26978"
},
{
"cve": "CVE-2024-26979",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26979"
},
{
"cve": "CVE-2024-26980",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26980"
},
{
"cve": "CVE-2024-26981",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26981"
},
{
"cve": "CVE-2024-26982",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26982"
},
{
"cve": "CVE-2024-26983",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26983"
},
{
"cve": "CVE-2024-26984",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26984"
},
{
"cve": "CVE-2024-26985",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26985"
},
{
"cve": "CVE-2024-26986",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26986"
},
{
"cve": "CVE-2024-26987",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26987"
},
{
"cve": "CVE-2024-26988",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26988"
},
{
"cve": "CVE-2024-26989",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26989"
},
{
"cve": "CVE-2024-26990",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26990"
},
{
"cve": "CVE-2024-26991",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26991"
},
{
"cve": "CVE-2024-26992",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26992"
},
{
"cve": "CVE-2024-26993",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26993"
},
{
"cve": "CVE-2024-26994",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26994"
},
{
"cve": "CVE-2024-26995",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26995"
},
{
"cve": "CVE-2024-26996",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26996"
},
{
"cve": "CVE-2024-26997",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26997"
},
{
"cve": "CVE-2024-26998",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26998"
},
{
"cve": "CVE-2024-26999",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-26999"
},
{
"cve": "CVE-2024-27000",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27000"
},
{
"cve": "CVE-2024-27001",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27001"
},
{
"cve": "CVE-2024-27002",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27002"
},
{
"cve": "CVE-2024-27003",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27003"
},
{
"cve": "CVE-2024-27004",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27004"
},
{
"cve": "CVE-2024-27005",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27005"
},
{
"cve": "CVE-2024-27006",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27006"
},
{
"cve": "CVE-2024-27007",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27007"
},
{
"cve": "CVE-2024-27008",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27008"
},
{
"cve": "CVE-2024-27009",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27009"
},
{
"cve": "CVE-2024-27010",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27010"
},
{
"cve": "CVE-2024-27011",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27011"
},
{
"cve": "CVE-2024-27012",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27012"
},
{
"cve": "CVE-2024-27013",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27013"
},
{
"cve": "CVE-2024-27014",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27014"
},
{
"cve": "CVE-2024-27015",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27015"
},
{
"cve": "CVE-2024-27016",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27016"
},
{
"cve": "CVE-2024-27017",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27017"
},
{
"cve": "CVE-2024-27018",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27018"
},
{
"cve": "CVE-2024-27019",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27019"
},
{
"cve": "CVE-2024-27020",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27020"
},
{
"cve": "CVE-2024-27021",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27021"
},
{
"cve": "CVE-2024-27022",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27022"
},
{
"cve": "CVE-2024-27023",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27023"
},
{
"cve": "CVE-2024-27024",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27024"
},
{
"cve": "CVE-2024-27025",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27025"
},
{
"cve": "CVE-2024-27026",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27026"
},
{
"cve": "CVE-2024-27027",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27027"
},
{
"cve": "CVE-2024-27028",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27028"
},
{
"cve": "CVE-2024-27029",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27029"
},
{
"cve": "CVE-2024-27030",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27030"
},
{
"cve": "CVE-2024-27031",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27031"
},
{
"cve": "CVE-2024-27032",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27032"
},
{
"cve": "CVE-2024-27033",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27033"
},
{
"cve": "CVE-2024-27034",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27034"
},
{
"cve": "CVE-2024-27035",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27035"
},
{
"cve": "CVE-2024-27036",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27036"
},
{
"cve": "CVE-2024-27037",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27037"
},
{
"cve": "CVE-2024-27038",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27038"
},
{
"cve": "CVE-2024-27039",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27039"
},
{
"cve": "CVE-2024-27040",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27040"
},
{
"cve": "CVE-2024-27041",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27041"
},
{
"cve": "CVE-2024-27042",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27042"
},
{
"cve": "CVE-2024-27043",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27043"
},
{
"cve": "CVE-2024-27044",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27044"
},
{
"cve": "CVE-2024-27045",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27045"
},
{
"cve": "CVE-2024-27046",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27046"
},
{
"cve": "CVE-2024-27047",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27047"
},
{
"cve": "CVE-2024-27048",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27048"
},
{
"cve": "CVE-2024-27049",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27049"
},
{
"cve": "CVE-2024-27050",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27050"
},
{
"cve": "CVE-2024-27051",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27051"
},
{
"cve": "CVE-2024-27052",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27052"
},
{
"cve": "CVE-2024-27053",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27053"
},
{
"cve": "CVE-2024-27054",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27054"
},
{
"cve": "CVE-2024-27055",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27055"
},
{
"cve": "CVE-2024-27056",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27056"
},
{
"cve": "CVE-2024-27057",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27057"
},
{
"cve": "CVE-2024-27058",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27058"
},
{
"cve": "CVE-2024-27059",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27059"
},
{
"cve": "CVE-2024-27060",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27060"
},
{
"cve": "CVE-2024-27061",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27061"
},
{
"cve": "CVE-2024-27062",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27062"
},
{
"cve": "CVE-2024-27063",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27063"
},
{
"cve": "CVE-2024-27064",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27064"
},
{
"cve": "CVE-2024-27065",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27065"
},
{
"cve": "CVE-2024-27066",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27066"
},
{
"cve": "CVE-2024-27067",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27067"
},
{
"cve": "CVE-2024-27068",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27068"
},
{
"cve": "CVE-2024-27069",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27069"
},
{
"cve": "CVE-2024-27070",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27070"
},
{
"cve": "CVE-2024-27071",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27071"
},
{
"cve": "CVE-2024-27072",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27072"
},
{
"cve": "CVE-2024-27073",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27073"
},
{
"cve": "CVE-2024-27074",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27074"
},
{
"cve": "CVE-2024-27075",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27075"
},
{
"cve": "CVE-2024-27076",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27076"
},
{
"cve": "CVE-2024-27077",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27077"
},
{
"cve": "CVE-2024-27078",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27078"
},
{
"cve": "CVE-2024-27079",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27079"
},
{
"cve": "CVE-2024-27080",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27080"
},
{
"cve": "CVE-2024-27388",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27388"
},
{
"cve": "CVE-2024-27389",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27389"
},
{
"cve": "CVE-2024-27390",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27390"
},
{
"cve": "CVE-2024-27391",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27391"
},
{
"cve": "CVE-2024-27392",
"notes": [
{
"category": "description",
"text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese sind auf verschiedene Fehler, z.B. Use-after-Free, Double-Free, NULL Pointer sowie andere Speicherfehler zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T021415",
"398363",
"T004914",
"T032255",
"T035785"
]
},
"release_date": "2024-05-01T22:00:00Z",
"title": "CVE-2024-27392"
}
]
}
cve-2024-26998
Vulnerability from cvelistv5
Published
2024-05-01 05:28
Modified
2024-08-02 00:21
Severity
Summary
serial: core: Clearing the circular buffer before NULLifying it
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26998",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-09T18:39:13.227309Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:46.551Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7ae7104d54342433a3a73975f6569beefdd86350"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bb1118905e875c111d7ccef9aee86ac5e4e7f985"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9cf7ea2eeb745213dc2a04103e426b960e807940"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/tty/serial/serial_core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7ae7104d5434",
"status": "affected",
"version": "434beb66368d",
"versionType": "git"
},
{
"lessThan": "bb1118905e87",
"status": "affected",
"version": "43066e32227e",
"versionType": "git"
},
{
"lessThan": "9cf7ea2eeb74",
"status": "affected",
"version": "43066e32227e",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/tty/serial/serial_core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: core: Clearing the circular buffer before NULLifying it\n\nThe circular buffer is NULLified in uart_tty_port_shutdown()\nunder the spin lock. However, the PM or other timer based callbacks\nmay still trigger after this event without knowning that buffer pointer\nis not valid. Since the serial code is a bit inconsistent in checking\nthe buffer state (some rely on the head-tail positions, some on the\nbuffer pointer), it\u0027s better to have both aligned, i.e. buffer pointer\nto be NULL and head-tail possitions to be the same, meaning it\u0027s empty.\nThis will prevent asynchronous calls to dereference NULL pointer as\nreported recently in 8250 case:\n\n BUG: kernel NULL pointer dereference, address: 00000cf5\n Workqueue: pm pm_runtime_work\n EIP: serial8250_tx_chars (drivers/tty/serial/8250/8250_port.c:1809)\n ...\n ? serial8250_tx_chars (drivers/tty/serial/8250/8250_port.c:1809)\n __start_tx (drivers/tty/serial/8250/8250_port.c:1551)\n serial8250_start_tx (drivers/tty/serial/8250/8250_port.c:1654)\n serial_port_runtime_suspend (include/linux/serial_core.h:667 drivers/tty/serial/serial_port.c:63)\n __rpm_callback (drivers/base/power/runtime.c:393)\n ? serial_port_remove (drivers/tty/serial/serial_port.c:50)\n rpm_suspend (drivers/base/power/runtime.c:447)\n\nThe proposed change will prevent -\u003estart_tx() to be called during\nsuspend on shut down port."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:41.917Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7ae7104d54342433a3a73975f6569beefdd86350"
},
{
"url": "https://git.kernel.org/stable/c/bb1118905e875c111d7ccef9aee86ac5e4e7f985"
},
{
"url": "https://git.kernel.org/stable/c/9cf7ea2eeb745213dc2a04103e426b960e807940"
}
],
"title": "serial: core: Clearing the circular buffer before NULLifying it",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26998",
"datePublished": "2024-05-01T05:28:25.905Z",
"dateReserved": "2024-02-19T14:20:24.206Z",
"dateUpdated": "2024-08-02T00:21:05.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27030
Vulnerability from cvelistv5
Published
2024-05-01 12:53
Modified
2024-08-02 00:21
Severity
Summary
octeontx2-af: Use separate handlers for interrupts
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.937Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/94cb17e5cf3a3c484063abc0ce4b8a2b2e8c1cb2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/766c2627acb2d9d1722cce2e24837044d52d888a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/772f18ded0e240cc1fa2b7020cc640e3e5c32b70"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/29d2550d79a8cbd31e0fbaa5c0e2a2efdc444e44"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dc29dd00705a62c77de75b6d752259b869aac49d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ad6759e233db6fcc131055f8e23b4eafbe81053c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4fedae8f9eafa2ac8cdaca58e315f52a7e2a8701"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/50e60de381c342008c0956fd762e1c26408f372c"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/marvell/octeontx2/af/rvu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "94cb17e5cf3a",
"status": "affected",
"version": "7304ac4567bc",
"versionType": "git"
},
{
"lessThan": "766c2627acb2",
"status": "affected",
"version": "7304ac4567bc",
"versionType": "git"
},
{
"lessThan": "772f18ded0e2",
"status": "affected",
"version": "7304ac4567bc",
"versionType": "git"
},
{
"lessThan": "29d2550d79a8",
"status": "affected",
"version": "7304ac4567bc",
"versionType": "git"
},
{
"lessThan": "dc29dd00705a",
"status": "affected",
"version": "7304ac4567bc",
"versionType": "git"
},
{
"lessThan": "ad6759e233db",
"status": "affected",
"version": "7304ac4567bc",
"versionType": "git"
},
{
"lessThan": "4fedae8f9eaf",
"status": "affected",
"version": "7304ac4567bc",
"versionType": "git"
},
{
"lessThan": "50e60de381c3",
"status": "affected",
"version": "7304ac4567bc",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/marvell/octeontx2/af/rvu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.20"
},
{
"lessThan": "4.20",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.273",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Use separate handlers for interrupts\n\nFor PF to AF interrupt vector and VF to AF vector same\ninterrupt handler is registered which is causing race condition.\nWhen two interrupts are raised to two CPUs at same time\nthen two cores serve same event corrupting the data."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:19.329Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/94cb17e5cf3a3c484063abc0ce4b8a2b2e8c1cb2"
},
{
"url": "https://git.kernel.org/stable/c/766c2627acb2d9d1722cce2e24837044d52d888a"
},
{
"url": "https://git.kernel.org/stable/c/772f18ded0e240cc1fa2b7020cc640e3e5c32b70"
},
{
"url": "https://git.kernel.org/stable/c/29d2550d79a8cbd31e0fbaa5c0e2a2efdc444e44"
},
{
"url": "https://git.kernel.org/stable/c/dc29dd00705a62c77de75b6d752259b869aac49d"
},
{
"url": "https://git.kernel.org/stable/c/ad6759e233db6fcc131055f8e23b4eafbe81053c"
},
{
"url": "https://git.kernel.org/stable/c/4fedae8f9eafa2ac8cdaca58e315f52a7e2a8701"
},
{
"url": "https://git.kernel.org/stable/c/50e60de381c342008c0956fd762e1c26408f372c"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "octeontx2-af: Use separate handlers for interrupts",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27030",
"datePublished": "2024-05-01T12:53:25.954Z",
"dateReserved": "2024-02-19T14:20:24.211Z",
"dateUpdated": "2024-08-02T00:21:05.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27063
Vulnerability from cvelistv5
Published
2024-05-01 13:00
Modified
2024-08-02 00:21
Severity
Summary
leds: trigger: netdev: Fix kernel panic on interface rename trig notify
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/10f2af1af8ab8a7064f193446abd5579d3def7e3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/acd025c7a7d151261533016a6ca2d38f2de04e87"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3f360227cb46edb2cd2494128e1e06ed5768a62e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/415798bc07dd1c1ae3a656aa026580816e0b9fe8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/leds/trigger/ledtrig-netdev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "10f2af1af8ab",
"status": "affected",
"version": "d5e01266e7f5",
"versionType": "git"
},
{
"lessThan": "acd025c7a7d1",
"status": "affected",
"version": "d5e01266e7f5",
"versionType": "git"
},
{
"lessThan": "3f360227cb46",
"status": "affected",
"version": "d5e01266e7f5",
"versionType": "git"
},
{
"lessThan": "415798bc07dd",
"status": "affected",
"version": "d5e01266e7f5",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/leds/trigger/ledtrig-netdev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.5"
},
{
"lessThan": "6.5",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nleds: trigger: netdev: Fix kernel panic on interface rename trig notify\n\nCommit d5e01266e7f5 (\"leds: trigger: netdev: add additional specific link\nspeed mode\") in the various changes, reworked the way to set the LINKUP\nmode in commit cee4bd16c319 (\"leds: trigger: netdev: Recheck\nNETDEV_LED_MODE_LINKUP on dev rename\") and moved it to a generic function.\n\nThis changed the logic where, in the previous implementation the dev\nfrom the trigger event was used to check if the carrier was ok, but in\nthe new implementation with the generic function, the dev in\ntrigger_data is used instead.\n\nThis is problematic and cause a possible kernel panic due to the fact\nthat the dev in the trigger_data still reference the old one as the\nnew one (passed from the trigger event) still has to be hold and saved\nin the trigger_data struct (done in the NETDEV_REGISTER case).\n\nOn calling of get_device_state(), an invalid net_dev is used and this\ncause a kernel panic.\n\nTo handle this correctly, move the call to get_device_state() after the\nnew net_dev is correctly set in trigger_data (in the NETDEV_REGISTER\ncase) and correctly parse the new dev."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:53.600Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/10f2af1af8ab8a7064f193446abd5579d3def7e3"
},
{
"url": "https://git.kernel.org/stable/c/acd025c7a7d151261533016a6ca2d38f2de04e87"
},
{
"url": "https://git.kernel.org/stable/c/3f360227cb46edb2cd2494128e1e06ed5768a62e"
},
{
"url": "https://git.kernel.org/stable/c/415798bc07dd1c1ae3a656aa026580816e0b9fe8"
}
],
"title": "leds: trigger: netdev: Fix kernel panic on interface rename trig notify",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27063",
"datePublished": "2024-05-01T13:00:24.506Z",
"dateReserved": "2024-02-19T14:20:24.215Z",
"dateUpdated": "2024-08-02T00:21:05.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27055
Vulnerability from cvelistv5
Published
2024-05-01 12:54
Modified
2024-08-02 00:21
Severity
Summary
workqueue: Don't call cpumask_test_cpu() with -1 CPU in wq_update_node_max_active()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27055",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T17:40:08.235778Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:45:22.413Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7df62b8cca38aa452b508b477b16544cba615084"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a75ac2693d734d20724f0e10e039ca85f1fcfc4e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/38c19c44cc05ec1e84d2e31a9a289b83b6c7ec85"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9fc557d489f8163c1aabcb89114b8eba960f4097"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/adc646d2126988a64234502f579e4bc2b080d7cf"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/15930da42f8981dc42c19038042947b475b19f47"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/workqueue.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7df62b8cca38",
"status": "affected",
"version": "5a70baec2294",
"versionType": "git"
},
{
"lessThan": "a75ac2693d73",
"status": "affected",
"version": "5a70baec2294",
"versionType": "git"
},
{
"lessThan": "38c19c44cc05",
"status": "affected",
"version": "fc67aebe34f2",
"versionType": "git"
},
{
"lessThan": "9fc557d489f8",
"status": "affected",
"version": "843288afd3cc",
"versionType": "git"
},
{
"lessThan": "adc646d21269",
"status": "affected",
"version": "843288afd3cc",
"versionType": "git"
},
{
"lessThan": "15930da42f89",
"status": "affected",
"version": "5797b1c18919",
"versionType": "git"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/workqueue.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6.6.25",
"status": "affected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThan": "6.8.4",
"status": "affected",
"version": "6.8.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nworkqueue: Don\u0027t call cpumask_test_cpu() with -1 CPU in wq_update_node_max_active()\n\nFor wq_update_node_max_active(), @off_cpu of -1 indicates that no CPU is\ngoing down. The function was incorrectly calling cpumask_test_cpu() with -1\nCPU leading to oopses like the following on some archs:\n\n Unable to handle kernel paging request at virtual address ffff0002100296e0\n ..\n pc : wq_update_node_max_active+0x50/0x1fc\n lr : wq_update_node_max_active+0x1f0/0x1fc\n ...\n Call trace:\n wq_update_node_max_active+0x50/0x1fc\n apply_wqattrs_commit+0xf0/0x114\n apply_workqueue_attrs_locked+0x58/0xa0\n alloc_workqueue+0x5ac/0x774\n workqueue_init_early+0x460/0x540\n start_kernel+0x258/0x684\n __primary_switched+0xb8/0xc0\n Code: 9100a273 35000d01 53067f00 d0016dc1 (f8607a60)\n ---[ end trace 0000000000000000 ]---\n Kernel panic - not syncing: Attempted to kill the idle task!\n ---[ end Kernel panic - not syncing: Attempted to kill the idle task! ]---\n\nFix it."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:45.212Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7df62b8cca38aa452b508b477b16544cba615084"
},
{
"url": "https://git.kernel.org/stable/c/a75ac2693d734d20724f0e10e039ca85f1fcfc4e"
},
{
"url": "https://git.kernel.org/stable/c/38c19c44cc05ec1e84d2e31a9a289b83b6c7ec85"
},
{
"url": "https://git.kernel.org/stable/c/9fc557d489f8163c1aabcb89114b8eba960f4097"
},
{
"url": "https://git.kernel.org/stable/c/adc646d2126988a64234502f579e4bc2b080d7cf"
},
{
"url": "https://git.kernel.org/stable/c/15930da42f8981dc42c19038042947b475b19f47"
}
],
"title": "workqueue: Don\u0027t call cpumask_test_cpu() with -1 CPU in wq_update_node_max_active()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27055",
"datePublished": "2024-05-01T12:54:52.938Z",
"dateReserved": "2024-02-19T14:20:24.214Z",
"dateUpdated": "2024-08-02T00:21:05.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26982
Vulnerability from cvelistv5
Published
2024-05-01 05:27
Modified
2024-08-02 00:21
Severity
Summary
Squashfs: check the inode number is not the invalid value of zero
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.866Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/be383effaee3d89034f0828038f95065b518772e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7def00ebc9f2d6a581ddf46ce4541f84a10680e5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9253c54e01b6505d348afbc02abaa4d9f8a01395"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/squashfs/inode.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "be383effaee3",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "7def00ebc9f2",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "9253c54e01b6",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/squashfs/inode.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.30",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nSquashfs: check the inode number is not the invalid value of zero\n\nSyskiller has produced an out of bounds access in fill_meta_index().\n\nThat out of bounds access is ultimately caused because the inode\nhas an inode number with the invalid value of zero, which was not checked.\n\nThe reason this causes the out of bounds access is due to following\nsequence of events:\n\n1. Fill_meta_index() is called to allocate (via empty_meta_index())\n and fill a metadata index. It however suffers a data read error\n and aborts, invalidating the newly returned empty metadata index.\n It does this by setting the inode number of the index to zero,\n which means unused (zero is not a valid inode number).\n\n2. When fill_meta_index() is subsequently called again on another\n read operation, locate_meta_index() returns the previous index\n because it matches the inode number of 0. Because this index\n has been returned it is expected to have been filled, and because\n it hasn\u0027t been, an out of bounds access is performed.\n\nThis patch adds a sanity check which checks that the inode number\nis not zero when the inode is created and returns -EINVAL if it is.\n\n[phillip@squashfs.org.uk: whitespace fix]\n Link: https://lkml.kernel.org/r/20240409204723.446925-1-phillip@squashfs.org.uk"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:23.404Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/be383effaee3d89034f0828038f95065b518772e"
},
{
"url": "https://git.kernel.org/stable/c/7def00ebc9f2d6a581ddf46ce4541f84a10680e5"
},
{
"url": "https://git.kernel.org/stable/c/9253c54e01b6505d348afbc02abaa4d9f8a01395"
}
],
"title": "Squashfs: check the inode number is not the invalid value of zero",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26982",
"datePublished": "2024-05-01T05:27:11.032Z",
"dateReserved": "2024-02-19T14:20:24.204Z",
"dateUpdated": "2024-08-02T00:21:05.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27062
Vulnerability from cvelistv5
Published
2024-05-01 13:00
Modified
2024-08-02 00:21
Severity
Summary
nouveau: lock the client object tree.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27062",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T18:29:48.801156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T18:30:09.658Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.884Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6887314f5356389fc219b8152e951ac084a10ef7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/96c8751844171af4b3898fee3857ee180586f589"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b7cc4ff787a572edf2c55caeffaa88cd801eb135"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/nouveau/include/nvkm/core/client.h",
"drivers/gpu/drm/nouveau/nvkm/core/client.c",
"drivers/gpu/drm/nouveau/nvkm/core/object.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6887314f5356",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "96c875184417",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "b7cc4ff787a5",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/nouveau/include/nvkm/core/client.h",
"drivers/gpu/drm/nouveau/nvkm/core/client.c",
"drivers/gpu/drm/nouveau/nvkm/core/object.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau: lock the client object tree.\n\nIt appears the client object tree has no locking unless I\u0027ve missed\nsomething else. Fix races around adding/removing client objects,\nmostly vram bar mappings.\n\n 4562.099306] general protection fault, probably for non-canonical address 0x6677ed422bceb80c: 0000 [#1] PREEMPT SMP PTI\n[ 4562.099314] CPU: 2 PID: 23171 Comm: deqp-vk Not tainted 6.8.0-rc6+ #27\n[ 4562.099324] Hardware name: Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI/Z390 I AORUS PRO WIFI-CF, BIOS F8 11/05/2021\n[ 4562.099330] RIP: 0010:nvkm_object_search+0x1d/0x70 [nouveau]\n[ 4562.099503] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00 00 48 89 f8 48 85 f6 74 39 48 8b 87 a0 00 00 00 48 85 c0 74 12 \u003c48\u003e 8b 48 f8 48 39 ce 73 15 48 8b 40 10 48 85 c0 75 ee 48 c7 c0 fe\n[ 4562.099506] RSP: 0000:ffffa94cc420bbf8 EFLAGS: 00010206\n[ 4562.099512] RAX: 6677ed422bceb814 RBX: ffff98108791f400 RCX: ffff9810f26b8f58\n[ 4562.099517] RDX: 0000000000000000 RSI: ffff9810f26b9158 RDI: ffff98108791f400\n[ 4562.099519] RBP: ffff9810f26b9158 R08: 0000000000000000 R09: 0000000000000000\n[ 4562.099521] R10: ffffa94cc420bc48 R11: 0000000000000001 R12: ffff9810f02a7cc0\n[ 4562.099526] R13: 0000000000000000 R14: 00000000000000ff R15: 0000000000000007\n[ 4562.099528] FS: 00007f629c5017c0(0000) GS:ffff98142c700000(0000) knlGS:0000000000000000\n[ 4562.099534] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 4562.099536] CR2: 00007f629a882000 CR3: 000000017019e004 CR4: 00000000003706f0\n[ 4562.099541] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 4562.099542] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 4562.099544] Call Trace:\n[ 4562.099555] \u003cTASK\u003e\n[ 4562.099573] ? die_addr+0x36/0x90\n[ 4562.099583] ? exc_general_protection+0x246/0x4a0\n[ 4562.099593] ? asm_exc_general_protection+0x26/0x30\n[ 4562.099600] ? nvkm_object_search+0x1d/0x70 [nouveau]\n[ 4562.099730] nvkm_ioctl+0xa1/0x250 [nouveau]\n[ 4562.099861] nvif_object_map_handle+0xc8/0x180 [nouveau]\n[ 4562.099986] nouveau_ttm_io_mem_reserve+0x122/0x270 [nouveau]\n[ 4562.100156] ? dma_resv_test_signaled+0x26/0xb0\n[ 4562.100163] ttm_bo_vm_fault_reserved+0x97/0x3c0 [ttm]\n[ 4562.100182] ? __mutex_unlock_slowpath+0x2a/0x270\n[ 4562.100189] nouveau_ttm_fault+0x69/0xb0 [nouveau]\n[ 4562.100356] __do_fault+0x32/0x150\n[ 4562.100362] do_fault+0x7c/0x560\n[ 4562.100369] __handle_mm_fault+0x800/0xc10\n[ 4562.100382] handle_mm_fault+0x17c/0x3e0\n[ 4562.100388] do_user_addr_fault+0x208/0x860\n[ 4562.100395] exc_page_fault+0x7f/0x200\n[ 4562.100402] asm_exc_page_fault+0x26/0x30\n[ 4562.100412] RIP: 0033:0x9b9870\n[ 4562.100419] Code: 85 a8 f7 ff ff 8b 8d 80 f7 ff ff 89 08 e9 18 f2 ff ff 0f 1f 84 00 00 00 00 00 44 89 32 e9 90 fa ff ff 0f 1f 84 00 00 00 00 00 \u003c44\u003e 89 32 e9 f8 f1 ff ff 0f 1f 84 00 00 00 00 00 66 44 89 32 e9 e7\n[ 4562.100422] RSP: 002b:00007fff9ba2dc70 EFLAGS: 00010246\n[ 4562.100426] RAX: 0000000000000004 RBX: 000000000dd65e10 RCX: 000000fff0000000\n[ 4562.100428] RDX: 00007f629a882000 RSI: 00007f629a882000 RDI: 0000000000000066\n[ 4562.100432] RBP: 00007fff9ba2e570 R08: 0000000000000000 R09: 0000000123ddf000\n[ 4562.100434] R10: 0000000000000001 R11: 0000000000000246 R12: 000000007fffffff\n[ 4562.100436] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n[ 4562.100446] \u003c/TASK\u003e\n[ 4562.100448] Modules linked in: nf_conntrack_netbios_ns nf_conntrack_broadcast nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables libcrc32c nfnetlink cmac bnep sunrpc iwlmvm intel_rapl_msr intel_rapl_common snd_sof_pci_intel_cnl x86_pkg_temp_thermal intel_powerclamp snd_sof_intel_hda_common mac80211 coretemp snd_soc_acpi_intel_match kvm_intel snd_soc_acpi snd_soc_hdac_hda snd_sof_pci snd_sof_xtensa_dsp snd_sof_intel_hda_mlink \n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:52.592Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/6887314f5356389fc219b8152e951ac084a10ef7"
},
{
"url": "https://git.kernel.org/stable/c/96c8751844171af4b3898fee3857ee180586f589"
},
{
"url": "https://git.kernel.org/stable/c/b7cc4ff787a572edf2c55caeffaa88cd801eb135"
}
],
"title": "nouveau: lock the client object tree.",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27062",
"datePublished": "2024-05-01T13:00:21.052Z",
"dateReserved": "2024-02-19T14:20:24.215Z",
"dateUpdated": "2024-08-02T00:21:05.884Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26968
Vulnerability from cvelistv5
Published
2024-05-01 05:19
Modified
2024-08-02 00:21
Severity
Summary
clk: qcom: gcc-ipq9574: fix terminating of frequency table arrays
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26968",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T13:37:22.804753Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:44.263Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0204247cf3669b6021fb745c3b7f37ae392ab19c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1723629fea8a4e75333196866e10d395463dca72"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/604f2d7c46727c5e24fc7faddc980bc1cc0b1011"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bd2b6395671d823caa38d8e4d752de2448ae61e1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/clk/qcom/gcc-ipq9574.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0204247cf366",
"status": "affected",
"version": "d75b82cff488",
"versionType": "git"
},
{
"lessThan": "1723629fea8a",
"status": "affected",
"version": "d75b82cff488",
"versionType": "git"
},
{
"lessThan": "604f2d7c4672",
"status": "affected",
"version": "d75b82cff488",
"versionType": "git"
},
{
"lessThan": "bd2b6395671d",
"status": "affected",
"version": "d75b82cff488",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/clk/qcom/gcc-ipq9574.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"lessThan": "6.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-ipq9574: fix terminating of frequency table arrays\n\nThe frequency table arrays are supposed to be terminated with an\nempty element. Add such entry to the end of the arrays where it\nis missing in order to avoid possible out-of-bound access when\nthe table is traversed by functions like qcom_find_freq() or\nqcom_find_freq_floor().\n\nOnly compile tested."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:04.334Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0204247cf3669b6021fb745c3b7f37ae392ab19c"
},
{
"url": "https://git.kernel.org/stable/c/1723629fea8a4e75333196866e10d395463dca72"
},
{
"url": "https://git.kernel.org/stable/c/604f2d7c46727c5e24fc7faddc980bc1cc0b1011"
},
{
"url": "https://git.kernel.org/stable/c/bd2b6395671d823caa38d8e4d752de2448ae61e1"
}
],
"title": "clk: qcom: gcc-ipq9574: fix terminating of frequency table arrays",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26968",
"datePublished": "2024-05-01T05:19:45.880Z",
"dateReserved": "2024-02-19T14:20:24.202Z",
"dateUpdated": "2024-08-02T00:21:05.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27074
Vulnerability from cvelistv5
Published
2024-05-01 13:04
Modified
2024-08-02 00:27
Severity
Summary
media: go7007: fix a memleak in go7007_load_encoder
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27074",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-09T18:38:34.857728Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:45.741Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:59.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7f11dd3d165b178e738fe73dfeea513e383bedb5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/291cda0b805fc0d6e90d201710311630c8667159"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b49fe84c6cefcc1c2336d793b53442e716c95073"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/790fa2c04dfb9f095ec372bf17909424d6e864b3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e04d15c8bb3e111dd69f98894acd92d63e87aac3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f31c1cc37411f5f7bcb266133f9a7e1b4bdf2975"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d43988a23c32588ccd0c74219637afb96cd78661"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7405a0d4442792988e9ae834e7d84f9d163731a4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b9b683844b01d171a72b9c0419a2d760d946ee12"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/media/usb/go7007/go7007-driver.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7f11dd3d165b",
"status": "affected",
"version": "95ef39403f89",
"versionType": "git"
},
{
"lessThan": "291cda0b805f",
"status": "affected",
"version": "95ef39403f89",
"versionType": "git"
},
{
"lessThan": "b49fe84c6cef",
"status": "affected",
"version": "95ef39403f89",
"versionType": "git"
},
{
"lessThan": "790fa2c04dfb",
"status": "affected",
"version": "95ef39403f89",
"versionType": "git"
},
{
"lessThan": "e04d15c8bb3e",
"status": "affected",
"version": "95ef39403f89",
"versionType": "git"
},
{
"lessThan": "f31c1cc37411",
"status": "affected",
"version": "95ef39403f89",
"versionType": "git"
},
{
"lessThan": "d43988a23c32",
"status": "affected",
"version": "95ef39403f89",
"versionType": "git"
},
{
"lessThan": "7405a0d44427",
"status": "affected",
"version": "95ef39403f89",
"versionType": "git"
},
{
"lessThan": "b9b683844b01",
"status": "affected",
"version": "95ef39403f89",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/media/usb/go7007/go7007-driver.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.10"
},
{
"lessThan": "3.10",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.311",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.273",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: go7007: fix a memleak in go7007_load_encoder\n\nIn go7007_load_encoder, bounce(i.e. go-\u003eboot_fw), is allocated without\na deallocation thereafter. After the following call chain:\n\nsaa7134_go7007_init\n |-\u003e go7007_boot_encoder\n |-\u003e go7007_load_encoder\n |-\u003e kfree(go)\n\ngo is freed and thus bounce is leaked."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:28:05.331Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7f11dd3d165b178e738fe73dfeea513e383bedb5"
},
{
"url": "https://git.kernel.org/stable/c/291cda0b805fc0d6e90d201710311630c8667159"
},
{
"url": "https://git.kernel.org/stable/c/b49fe84c6cefcc1c2336d793b53442e716c95073"
},
{
"url": "https://git.kernel.org/stable/c/790fa2c04dfb9f095ec372bf17909424d6e864b3"
},
{
"url": "https://git.kernel.org/stable/c/e04d15c8bb3e111dd69f98894acd92d63e87aac3"
},
{
"url": "https://git.kernel.org/stable/c/f31c1cc37411f5f7bcb266133f9a7e1b4bdf2975"
},
{
"url": "https://git.kernel.org/stable/c/d43988a23c32588ccd0c74219637afb96cd78661"
},
{
"url": "https://git.kernel.org/stable/c/7405a0d4442792988e9ae834e7d84f9d163731a4"
},
{
"url": "https://git.kernel.org/stable/c/b9b683844b01d171a72b9c0419a2d760d946ee12"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "media: go7007: fix a memleak in go7007_load_encoder",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27074",
"datePublished": "2024-05-01T13:04:41.079Z",
"dateReserved": "2024-02-19T14:20:24.217Z",
"dateUpdated": "2024-08-02T00:27:59.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26930
Vulnerability from cvelistv5
Published
2024-05-01 05:17
Modified
2024-08-02 00:21
Severity
Summary
scsi: qla2xxx: Fix double free of the ha->vp_map pointer
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26930",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T17:40:52.767633Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:46:59.086Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.520Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f14cee7a882cb79528f17a2335f53e9fd1848467"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b7deb675d674f44e0ddbab87fee8f9f098925e73"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/825d63164a2e6bacb059a9afb5605425b485413f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e288285d47784fdcf7c81be56df7d65c6f10c58b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/scsi/qla2xxx/qla_os.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f14cee7a882c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "b7deb675d674",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "825d63164a2e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "e288285d4778",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/scsi/qla2xxx/qla_os.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer\n\nCoverity scan reported potential risk of double free of the pointer\nha-\u003evp_map. ha-\u003evp_map was freed in qla2x00_mem_alloc(), and again freed\nin function qla2x00_mem_free(ha).\n\nAssign NULL to vp_map and kfree take care of NULL."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:12.921Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/f14cee7a882cb79528f17a2335f53e9fd1848467"
},
{
"url": "https://git.kernel.org/stable/c/b7deb675d674f44e0ddbab87fee8f9f098925e73"
},
{
"url": "https://git.kernel.org/stable/c/825d63164a2e6bacb059a9afb5605425b485413f"
},
{
"url": "https://git.kernel.org/stable/c/e288285d47784fdcf7c81be56df7d65c6f10c58b"
}
],
"title": "scsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26930",
"datePublished": "2024-05-01T05:17:10.685Z",
"dateReserved": "2024-02-19T14:20:24.195Z",
"dateUpdated": "2024-08-02T00:21:05.520Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27080
Vulnerability from cvelistv5
Published
2024-05-01 13:05
Modified
2024-08-02 00:27
Severity
Summary
btrfs: fix race when detecting delalloc ranges during fiemap
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27080",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T17:43:15.725119Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:46:25.000Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:57.834Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/49d640d2946c35a17b051d54171a032dd95b0f50"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ced63fffd63072c0ca55d5a451010d71bf08c0b3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/978b63f7464abcfd364a6c95f734282c50f3decf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/btrfs/extent_io.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "49d640d2946c",
"status": "affected",
"version": "ded566b4637f",
"versionType": "git"
},
{
"lessThan": "ced63fffd630",
"status": "affected",
"version": "b0ad381fa769",
"versionType": "git"
},
{
"lessThan": "978b63f7464a",
"status": "affected",
"version": "b0ad381fa769",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/btrfs/extent_io.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.26",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix race when detecting delalloc ranges during fiemap\n\nFor fiemap we recently stopped locking the target extent range for the\nwhole duration of the fiemap call, in order to avoid a deadlock in a\nscenario where the fiemap buffer happens to be a memory mapped range of\nthe same file. This use case is very unlikely to be useful in practice but\nit may be triggered by fuzz testing (syzbot, etc).\n\nThis however introduced a race that makes us miss delalloc ranges for\nfile regions that are currently holes, so the caller of fiemap will not\nbe aware that there\u0027s data for some file regions. This can be quite\nserious for some use cases - for example in coreutils versions before 9.0,\nthe cp program used fiemap to detect holes and data in the source file,\ncopying only regions with data (extents or delalloc) from the source file\nto the destination file in order to preserve holes (see the documentation\nfor its --sparse command line option). This means that if cp was used\nwith a source file that had delalloc in a hole, the destination file could\nend up without that data, which is effectively a data loss issue, if it\nhappened to hit the race described below.\n\nThe race happens like this:\n\n1) Fiemap is called, without the FIEMAP_FLAG_SYNC flag, for a file that\n has delalloc in the file range [64M, 65M[, which is currently a hole;\n\n2) Fiemap locks the inode in shared mode, then starts iterating the\n inode\u0027s subvolume tree searching for file extent items, without having\n the whole fiemap target range locked in the inode\u0027s io tree - the\n change introduced recently by commit b0ad381fa769 (\"btrfs: fix\n deadlock with fiemap and extent locking\"). It only locks ranges in\n the io tree when it finds a hole or prealloc extent since that\n commit;\n\n3) Note that fiemap clones each leaf before using it, and this is to\n avoid deadlocks when locking a file range in the inode\u0027s io tree and\n the fiemap buffer is memory mapped to some file, because writing\n to the page with btrfs_page_mkwrite() will wait on any ordered extent\n for the page\u0027s range and the ordered extent needs to lock the range\n and may need to modify the same leaf, therefore leading to a deadlock\n on the leaf;\n\n4) While iterating the file extent items in the cloned leaf before\n finding the hole in the range [64M, 65M[, the delalloc in that range\n is flushed and its ordered extent completes - meaning the corresponding\n file extent item is in the inode\u0027s subvolume tree, but not present in\n the cloned leaf that fiemap is iterating over;\n\n5) When fiemap finds the hole in the [64M, 65M[ range by seeing the gap in\n the cloned leaf (or a file extent item with disk_bytenr == 0 in case\n the NO_HOLES feature is not enabled), it will lock that file range in\n the inode\u0027s io tree and then search for delalloc by checking for the\n EXTENT_DELALLOC bit in the io tree for that range and ordered extents\n (with btrfs_find_delalloc_in_range()). But it finds nothing since the\n delalloc in that range was already flushed and the ordered extent\n completed and is gone - as a result fiemap will not report that there\u0027s\n delalloc or an extent for the range [64M, 65M[, so user space will be\n mislead into thinking that there\u0027s a hole in that range.\n\nThis could actually be sporadically triggered with test case generic/094\nfrom fstests, which reports a missing extent/delalloc range like this:\n\n generic/094 2s ... - output mismatch (see /home/fdmanana/git/hub/xfstests/results//generic/094.out.bad)\n --- tests/generic/094.out\t2020-06-10 19:29:03.830519425 +0100\n +++ /home/fdmanana/git/hub/xfstests/results//generic/094.out.bad\t2024-02-28 11:00:00.381071525 +0000\n @@ -1,3 +1,9 @@\n QA output created by 094\n fiemap run with sync\n fiemap run without sync\n +ERROR: couldn\u0027t find extent at 7\n +map is \u0027HHDDHPPDPHPH\u0027\n +logical: [ 5.. 6] phys:\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:28:12.260Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/49d640d2946c35a17b051d54171a032dd95b0f50"
},
{
"url": "https://git.kernel.org/stable/c/ced63fffd63072c0ca55d5a451010d71bf08c0b3"
},
{
"url": "https://git.kernel.org/stable/c/978b63f7464abcfd364a6c95f734282c50f3decf"
}
],
"title": "btrfs: fix race when detecting delalloc ranges during fiemap",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27080",
"datePublished": "2024-05-01T13:05:02.022Z",
"dateReserved": "2024-02-19T14:20:24.217Z",
"dateUpdated": "2024-08-02T00:27:57.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27046
Vulnerability from cvelistv5
Published
2024-05-01 12:54
Modified
2024-08-02 00:21
Severity
Summary
nfp: flower: handle acti_netdevs allocation failure
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27046",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T17:40:11.581706Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:45:28.272Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d746889db75a76aeee95fb705b8e1ac28c684a2e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3b1e8a617eb0f4cdc19def530047a95b5abde07d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/928705e341010dd910fdece61ccb974f494a758f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0d387dc503f9a53e6d1f6e9dd0292d38f083eba5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c9b4e220dd18f79507803f38a55d53b483f6c9c3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/408ba7fd04f959c61b50db79c983484312fea642"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c8df9203bf22c66fa26e8d8c7f8ce181cf88099d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9d8eb1238377cd994829f9162ae396a84ae037b2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/84e95149bd341705f0eca6a7fcb955c548805002"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/netronome/nfp/flower/lag_conf.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d746889db75a",
"status": "affected",
"version": "bb9a8d031140",
"versionType": "git"
},
{
"lessThan": "3b1e8a617eb0",
"status": "affected",
"version": "bb9a8d031140",
"versionType": "git"
},
{
"lessThan": "928705e34101",
"status": "affected",
"version": "bb9a8d031140",
"versionType": "git"
},
{
"lessThan": "0d387dc503f9",
"status": "affected",
"version": "bb9a8d031140",
"versionType": "git"
},
{
"lessThan": "c9b4e220dd18",
"status": "affected",
"version": "bb9a8d031140",
"versionType": "git"
},
{
"lessThan": "408ba7fd04f9",
"status": "affected",
"version": "bb9a8d031140",
"versionType": "git"
},
{
"lessThan": "c8df9203bf22",
"status": "affected",
"version": "bb9a8d031140",
"versionType": "git"
},
{
"lessThan": "9d8eb1238377",
"status": "affected",
"version": "bb9a8d031140",
"versionType": "git"
},
{
"lessThan": "84e95149bd34",
"status": "affected",
"version": "bb9a8d031140",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/netronome/nfp/flower/lag_conf.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.18"
},
{
"lessThan": "4.18",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.311",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.273",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: flower: handle acti_netdevs allocation failure\n\nThe kmalloc_array() in nfp_fl_lag_do_work() will return null, if\nthe physical memory has run out. As a result, if we dereference\nthe acti_netdevs, the null pointer dereference bugs will happen.\n\nThis patch adds a check to judge whether allocation failure occurs.\nIf it happens, the delayed work will be rescheduled and try again."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:35.634Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d746889db75a76aeee95fb705b8e1ac28c684a2e"
},
{
"url": "https://git.kernel.org/stable/c/3b1e8a617eb0f4cdc19def530047a95b5abde07d"
},
{
"url": "https://git.kernel.org/stable/c/928705e341010dd910fdece61ccb974f494a758f"
},
{
"url": "https://git.kernel.org/stable/c/0d387dc503f9a53e6d1f6e9dd0292d38f083eba5"
},
{
"url": "https://git.kernel.org/stable/c/c9b4e220dd18f79507803f38a55d53b483f6c9c3"
},
{
"url": "https://git.kernel.org/stable/c/408ba7fd04f959c61b50db79c983484312fea642"
},
{
"url": "https://git.kernel.org/stable/c/c8df9203bf22c66fa26e8d8c7f8ce181cf88099d"
},
{
"url": "https://git.kernel.org/stable/c/9d8eb1238377cd994829f9162ae396a84ae037b2"
},
{
"url": "https://git.kernel.org/stable/c/84e95149bd341705f0eca6a7fcb955c548805002"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "nfp: flower: handle acti_netdevs allocation failure",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27046",
"datePublished": "2024-05-01T12:54:21.725Z",
"dateReserved": "2024-02-19T14:20:24.213Z",
"dateUpdated": "2024-08-02T00:21:05.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26975
Vulnerability from cvelistv5
Published
2024-05-01 05:20
Modified
2024-08-02 00:21
Severity
Summary
powercap: intel_rapl: Fix a NULL pointer dereference
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.847Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0641908b906a133f1494c312a71f9fecbe2b6c78"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9b254feb249981b66ccdb1dae54e757789a15ba1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2f73cf2ae5e0f4e629db5be3a4380ff7807148e6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2d1f5006ff95770da502f8cee2a224a1ff83866e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/powercap/intel_rapl_common.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0641908b906a",
"status": "affected",
"version": "1488ac990ac8",
"versionType": "git"
},
{
"lessThan": "9b254feb2499",
"status": "affected",
"version": "1488ac990ac8",
"versionType": "git"
},
{
"lessThan": "2f73cf2ae5e0",
"status": "affected",
"version": "1488ac990ac8",
"versionType": "git"
},
{
"lessThan": "2d1f5006ff95",
"status": "affected",
"version": "1488ac990ac8",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/powercap/intel_rapl_common.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.5"
},
{
"lessThan": "6.5",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowercap: intel_rapl: Fix a NULL pointer dereference\n\nA NULL pointer dereference is triggered when probing the MMIO RAPL\ndriver on platforms with CPU ID not listed in intel_rapl_common CPU\nmodel list.\n\nThis is because the intel_rapl_common module still probes on such\nplatforms even if \u0027defaults_msr\u0027 is not set after commit 1488ac990ac8\n(\"powercap: intel_rapl: Allow probing without CPUID match\"). Thus the\nMMIO RAPL rp-\u003epriv-\u003edefaults is NULL when registering to RAPL framework.\n\nFix the problem by adding sanity check to ensure rp-\u003epriv-\u003erapl_defaults\nis always valid."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:14.287Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0641908b906a133f1494c312a71f9fecbe2b6c78"
},
{
"url": "https://git.kernel.org/stable/c/9b254feb249981b66ccdb1dae54e757789a15ba1"
},
{
"url": "https://git.kernel.org/stable/c/2f73cf2ae5e0f4e629db5be3a4380ff7807148e6"
},
{
"url": "https://git.kernel.org/stable/c/2d1f5006ff95770da502f8cee2a224a1ff83866e"
}
],
"title": "powercap: intel_rapl: Fix a NULL pointer dereference",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26975",
"datePublished": "2024-05-01T05:20:19.130Z",
"dateReserved": "2024-02-19T14:20:24.203Z",
"dateUpdated": "2024-08-02T00:21:05.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27045
Vulnerability from cvelistv5
Published
2024-05-01 12:54
Modified
2024-08-02 00:21
Severity
Summary
drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()'
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ff28893c96c5e0927a4da10cd24a3522ca663515"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/440f059837418fac1695b65d3ebc6080d33be877"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d346b3e5b25c95d504478507eb867cd3818775ab"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ad76fd30557d6a106c481e4606a981221ca525f7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/eb9327af3621d26b1d83f767c97a3fe8191a3a65"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cf114d8d4a8d78df272116a745bb43b48cef65f4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4b09715f1504f1b6e8dff0e9643630610bc05141"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ff28893c96c5",
"status": "affected",
"version": "c06e09b76639",
"versionType": "git"
},
{
"lessThan": "440f05983741",
"status": "affected",
"version": "c06e09b76639",
"versionType": "git"
},
{
"lessThan": "d346b3e5b25c",
"status": "affected",
"version": "c06e09b76639",
"versionType": "git"
},
{
"lessThan": "ad76fd30557d",
"status": "affected",
"version": "c06e09b76639",
"versionType": "git"
},
{
"lessThan": "eb9327af3621",
"status": "affected",
"version": "c06e09b76639",
"versionType": "git"
},
{
"lessThan": "cf114d8d4a8d",
"status": "affected",
"version": "c06e09b76639",
"versionType": "git"
},
{
"lessThan": "4b09715f1504",
"status": "affected",
"version": "c06e09b76639",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.9"
},
{
"lessThan": "5.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix a potential buffer overflow in \u0027dp_dsc_clock_en_read()\u0027\n\nTell snprintf() to store at most 10 bytes in the output buffer\ninstead of 30.\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm_debugfs.c:1508 dp_dsc_clock_en_read() error: snprintf() is printing too much 30 vs 10"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:34.621Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ff28893c96c5e0927a4da10cd24a3522ca663515"
},
{
"url": "https://git.kernel.org/stable/c/440f059837418fac1695b65d3ebc6080d33be877"
},
{
"url": "https://git.kernel.org/stable/c/d346b3e5b25c95d504478507eb867cd3818775ab"
},
{
"url": "https://git.kernel.org/stable/c/ad76fd30557d6a106c481e4606a981221ca525f7"
},
{
"url": "https://git.kernel.org/stable/c/eb9327af3621d26b1d83f767c97a3fe8191a3a65"
},
{
"url": "https://git.kernel.org/stable/c/cf114d8d4a8d78df272116a745bb43b48cef65f4"
},
{
"url": "https://git.kernel.org/stable/c/4b09715f1504f1b6e8dff0e9643630610bc05141"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "drm/amd/display: Fix a potential buffer overflow in \u0027dp_dsc_clock_en_read()\u0027",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27045",
"datePublished": "2024-05-01T12:54:18.138Z",
"dateReserved": "2024-02-19T14:20:24.213Z",
"dateUpdated": "2024-08-02T00:21:05.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26964
Vulnerability from cvelistv5
Published
2024-05-01 05:19
Modified
2024-08-02 00:21
Severity
Summary
usb: xhci: Add error handling in xhci_map_urb_for_dma
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26964",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T14:41:33.785567Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T14:41:41.475Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.629Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4a49d24fdec0a802aa686a567a3989a9fdf4e5dd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b2c898469dfc388f619c6c972a28466cbb1442ea"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/620b6cf2f1a270f48d38e6b8ce199c1acb3e90f4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/962300a360d24c5be5a188cda48da58a37e4304d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7b6cc33593d7ccfc3011b290849cfa899db46757"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/be95cc6d71dfd0cba66e3621c65413321b398052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/usb/host/xhci.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "4a49d24fdec0",
"status": "affected",
"version": "2017a1e58472",
"versionType": "git"
},
{
"lessThan": "b2c898469dfc",
"status": "affected",
"version": "2017a1e58472",
"versionType": "git"
},
{
"lessThan": "620b6cf2f1a2",
"status": "affected",
"version": "2017a1e58472",
"versionType": "git"
},
{
"lessThan": "962300a360d2",
"status": "affected",
"version": "2017a1e58472",
"versionType": "git"
},
{
"lessThan": "7b6cc33593d7",
"status": "affected",
"version": "2017a1e58472",
"versionType": "git"
},
{
"lessThan": "be95cc6d71df",
"status": "affected",
"version": "2017a1e58472",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/usb/host/xhci.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.11"
},
{
"lessThan": "5.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Add error handling in xhci_map_urb_for_dma\n\nCurrently xhci_map_urb_for_dma() creates a temporary buffer and copies\nthe SG list to the new linear buffer. But if the kzalloc_node() fails,\nthen the following sg_pcopy_to_buffer() can lead to crash since it\ntries to memcpy to NULL pointer.\n\nSo return -ENOMEM if kzalloc returns null pointer."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:58.764Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/4a49d24fdec0a802aa686a567a3989a9fdf4e5dd"
},
{
"url": "https://git.kernel.org/stable/c/b2c898469dfc388f619c6c972a28466cbb1442ea"
},
{
"url": "https://git.kernel.org/stable/c/620b6cf2f1a270f48d38e6b8ce199c1acb3e90f4"
},
{
"url": "https://git.kernel.org/stable/c/962300a360d24c5be5a188cda48da58a37e4304d"
},
{
"url": "https://git.kernel.org/stable/c/7b6cc33593d7ccfc3011b290849cfa899db46757"
},
{
"url": "https://git.kernel.org/stable/c/be95cc6d71dfd0cba66e3621c65413321b398052"
}
],
"title": "usb: xhci: Add error handling in xhci_map_urb_for_dma",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26964",
"datePublished": "2024-05-01T05:19:28.437Z",
"dateReserved": "2024-02-19T14:20:24.201Z",
"dateUpdated": "2024-08-02T00:21:05.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26970
Vulnerability from cvelistv5
Published
2024-05-01 05:19
Modified
2024-08-02 00:21
Severity
Summary
clk: qcom: gcc-ipq6018: fix terminating of frequency table arrays
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "ae60e3342296",
"status": "affected",
"version": "d9db07f088af",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "b4527ee3de36",
"status": "affected",
"version": "d9db07f088af",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "852db52b45ea",
"status": "affected",
"version": "d9db07f088af",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "421b135aceac",
"status": "affected",
"version": "d9db07f088af",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "dcb13b5c9ae8",
"status": "affected",
"version": "d9db07f088af",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "db4066e3ab6b",
"status": "affected",
"version": "d9db07f088af",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "cdbc6e2d8108",
"status": "affected",
"version": "d9db07f088af",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "5.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "5.11",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "5.16",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "6.7",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "6.8",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "6.9",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unaffected",
"version": "6.9"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:5.6:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "5.6"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "6.2",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-26970",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-04T20:38:58.645625Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T15:00:25.401Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.800Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ae60e3342296f766f88911d39199f77b05f657a6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b4527ee3de365a742215773d20f07db3e2c06f3b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/852db52b45ea96dac2720f108e7c7331cd3738bb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/421b135aceace99789c982f6a77ce9476564fb52"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dcb13b5c9ae8743f99a96f392186527c3df89198"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/db4066e3ab6b3d918ae2b92734a89c04fe82cc1d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cdbc6e2d8108bc47895e5a901cfcaf799b00ca8d"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/clk/qcom/gcc-ipq6018.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ae60e3342296",
"status": "affected",
"version": "d9db07f088af",
"versionType": "git"
},
{
"lessThan": "b4527ee3de36",
"status": "affected",
"version": "d9db07f088af",
"versionType": "git"
},
{
"lessThan": "852db52b45ea",
"status": "affected",
"version": "d9db07f088af",
"versionType": "git"
},
{
"lessThan": "421b135aceac",
"status": "affected",
"version": "d9db07f088af",
"versionType": "git"
},
{
"lessThan": "dcb13b5c9ae8",
"status": "affected",
"version": "d9db07f088af",
"versionType": "git"
},
{
"lessThan": "db4066e3ab6b",
"status": "affected",
"version": "d9db07f088af",
"versionType": "git"
},
{
"lessThan": "cdbc6e2d8108",
"status": "affected",
"version": "d9db07f088af",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/clk/qcom/gcc-ipq6018.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.6"
},
{
"lessThan": "5.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-ipq6018: fix terminating of frequency table arrays\n\nThe frequency table arrays are supposed to be terminated with an\nempty element. Add such entry to the end of the arrays where it\nis missing in order to avoid possible out-of-bound access when\nthe table is traversed by functions like qcom_find_freq() or\nqcom_find_freq_floor().\n\nOnly compile tested."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:08.181Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ae60e3342296f766f88911d39199f77b05f657a6"
},
{
"url": "https://git.kernel.org/stable/c/b4527ee3de365a742215773d20f07db3e2c06f3b"
},
{
"url": "https://git.kernel.org/stable/c/852db52b45ea96dac2720f108e7c7331cd3738bb"
},
{
"url": "https://git.kernel.org/stable/c/421b135aceace99789c982f6a77ce9476564fb52"
},
{
"url": "https://git.kernel.org/stable/c/dcb13b5c9ae8743f99a96f392186527c3df89198"
},
{
"url": "https://git.kernel.org/stable/c/db4066e3ab6b3d918ae2b92734a89c04fe82cc1d"
},
{
"url": "https://git.kernel.org/stable/c/cdbc6e2d8108bc47895e5a901cfcaf799b00ca8d"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "clk: qcom: gcc-ipq6018: fix terminating of frequency table arrays",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26970",
"datePublished": "2024-05-01T05:19:55.293Z",
"dateReserved": "2024-02-19T14:20:24.202Z",
"dateUpdated": "2024-08-02T00:21:05.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26965
Vulnerability from cvelistv5
Published
2024-05-01 05:19
Modified
2024-08-02 00:21
Severity
Summary
clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26965",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T17:50:48.637005Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:49:04.278Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.666Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/99740c4791dc8019b0d758c5389ca6d1c0604d95"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/86bf75d9158f511db7530bc82a84b19a5134d089"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3ff4a0f6a8f0ad4b4ee9e908bdfc3cacb7be4060"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8f562f3b25177c2055b20fd8cf000496f6fa9194"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/537040c257ab4cd0673fbae048f3940c8ea2e589"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7e9926fef71e514b4a8ea9d11d5a84d52b181362"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ae99e199037c580b7350bfa3596f447a53bcf01f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ca2cf98d46748373e830a13d85d215d64a2d9bf2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e2c02a85bf53ae86d79b5fccf0a75ac0b78e0c96"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/clk/qcom/mmcc-msm8974.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "99740c4791dc",
"status": "affected",
"version": "d8b212014e69",
"versionType": "git"
},
{
"lessThan": "86bf75d9158f",
"status": "affected",
"version": "d8b212014e69",
"versionType": "git"
},
{
"lessThan": "3ff4a0f6a8f0",
"status": "affected",
"version": "d8b212014e69",
"versionType": "git"
},
{
"lessThan": "8f562f3b2517",
"status": "affected",
"version": "d8b212014e69",
"versionType": "git"
},
{
"lessThan": "537040c257ab",
"status": "affected",
"version": "d8b212014e69",
"versionType": "git"
},
{
"lessThan": "7e9926fef71e",
"status": "affected",
"version": "d8b212014e69",
"versionType": "git"
},
{
"lessThan": "ae99e199037c",
"status": "affected",
"version": "d8b212014e69",
"versionType": "git"
},
{
"lessThan": "ca2cf98d4674",
"status": "affected",
"version": "d8b212014e69",
"versionType": "git"
},
{
"lessThan": "e2c02a85bf53",
"status": "affected",
"version": "d8b212014e69",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/clk/qcom/mmcc-msm8974.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.14"
},
{
"lessThan": "3.14",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.312",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.274",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: mmcc-msm8974: fix terminating of frequency table arrays\n\nThe frequency table arrays are supposed to be terminated with an\nempty element. Add such entry to the end of the arrays where it\nis missing in order to avoid possible out-of-bound access when\nthe table is traversed by functions like qcom_find_freq() or\nqcom_find_freq_floor().\n\nOnly compile tested."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:59.807Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/99740c4791dc8019b0d758c5389ca6d1c0604d95"
},
{
"url": "https://git.kernel.org/stable/c/86bf75d9158f511db7530bc82a84b19a5134d089"
},
{
"url": "https://git.kernel.org/stable/c/3ff4a0f6a8f0ad4b4ee9e908bdfc3cacb7be4060"
},
{
"url": "https://git.kernel.org/stable/c/8f562f3b25177c2055b20fd8cf000496f6fa9194"
},
{
"url": "https://git.kernel.org/stable/c/537040c257ab4cd0673fbae048f3940c8ea2e589"
},
{
"url": "https://git.kernel.org/stable/c/7e9926fef71e514b4a8ea9d11d5a84d52b181362"
},
{
"url": "https://git.kernel.org/stable/c/ae99e199037c580b7350bfa3596f447a53bcf01f"
},
{
"url": "https://git.kernel.org/stable/c/ca2cf98d46748373e830a13d85d215d64a2d9bf2"
},
{
"url": "https://git.kernel.org/stable/c/e2c02a85bf53ae86d79b5fccf0a75ac0b78e0c96"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26965",
"datePublished": "2024-05-01T05:19:32.635Z",
"dateReserved": "2024-02-19T14:20:24.201Z",
"dateUpdated": "2024-08-02T00:21:05.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26971
Vulnerability from cvelistv5
Published
2024-05-01 05:19
Modified
2024-08-02 00:21
Severity
Summary
clk: qcom: gcc-ipq5018: fix terminating of frequency table arrays
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26971",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T13:37:17.172214Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:44.592Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.667Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b0cf3d200e8a72b6d28e6e088c062b4a98cb5eaf"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c8f4bef0667947b826848db1c45a645f751357c1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/50c3acd460551cdf9d8ac6fe0c04f2de0e8e0872"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/90ad946fff70f312b8d23226afc38c13ddd88c4b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/clk/qcom/gcc-ipq5018.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b0cf3d200e8a",
"status": "affected",
"version": "e3fdbef1bab8",
"versionType": "git"
},
{
"lessThan": "c8f4bef06679",
"status": "affected",
"version": "e3fdbef1bab8",
"versionType": "git"
},
{
"lessThan": "50c3acd46055",
"status": "affected",
"version": "e3fdbef1bab8",
"versionType": "git"
},
{
"lessThan": "90ad946fff70",
"status": "affected",
"version": "e3fdbef1bab8",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/clk/qcom/gcc-ipq5018.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.6"
},
{
"lessThan": "6.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-ipq5018: fix terminating of frequency table arrays\n\nThe frequency table arrays are supposed to be terminated with an\nempty element. Add such entry to the end of the arrays where it\nis missing in order to avoid possible out-of-bound access when\nthe table is traversed by functions like qcom_find_freq() or\nqcom_find_freq_floor()."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:09.461Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b0cf3d200e8a72b6d28e6e088c062b4a98cb5eaf"
},
{
"url": "https://git.kernel.org/stable/c/c8f4bef0667947b826848db1c45a645f751357c1"
},
{
"url": "https://git.kernel.org/stable/c/50c3acd460551cdf9d8ac6fe0c04f2de0e8e0872"
},
{
"url": "https://git.kernel.org/stable/c/90ad946fff70f312b8d23226afc38c13ddd88c4b"
}
],
"title": "clk: qcom: gcc-ipq5018: fix terminating of frequency table arrays",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26971",
"datePublished": "2024-05-01T05:19:59.773Z",
"dateReserved": "2024-02-19T14:20:24.202Z",
"dateUpdated": "2024-08-02T00:21:05.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26978
Vulnerability from cvelistv5
Published
2024-05-01 05:20
Modified
2024-08-02 00:21
Severity
Summary
serial: max310x: fix NULL pointer dereference in I2C instantiation
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26978",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T18:50:02.480775Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T18:50:27.641Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.869Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7d271b798add90c6196539167c019d0817285cf0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c45e53c27b78afd6c81fc25608003576f27b5735"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/12609c76b755dbeb1645c0aacc0f0f4743b2eff3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2160ad6861c4a21d3fa553d7b2aaec6634a37f8a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5cd8af02b466e1beeae13e2de3dc58fcc7925e5a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/aeca49661fd02fd56fb026768b580ce301b45733"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0d27056c24efd3d63a03f3edfbcfc4827086b110"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/tty/serial/max310x.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7d271b798add",
"status": "affected",
"version": "f5c252aaa1be",
"versionType": "git"
},
{
"lessThan": "c45e53c27b78",
"status": "affected",
"version": "85d79478710a",
"versionType": "git"
},
{
"lessThan": "12609c76b755",
"status": "affected",
"version": "2e1f2d9a9bdb",
"versionType": "git"
},
{
"lessThan": "2160ad6861c4",
"status": "affected",
"version": "2e1f2d9a9bdb",
"versionType": "git"
},
{
"lessThan": "5cd8af02b466",
"status": "affected",
"version": "2e1f2d9a9bdb",
"versionType": "git"
},
{
"lessThan": "aeca49661fd0",
"status": "affected",
"version": "2e1f2d9a9bdb",
"versionType": "git"
},
{
"lessThan": "0d27056c24ef",
"status": "affected",
"version": "2e1f2d9a9bdb",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/tty/serial/max310x.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"lessThan": "6.0",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.274",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: max310x: fix NULL pointer dereference in I2C instantiation\n\nWhen trying to instantiate a max14830 device from userspace:\n\n echo max14830 0x60 \u003e /sys/bus/i2c/devices/i2c-2/new_device\n\nwe get the following error:\n\n Unable to handle kernel NULL pointer dereference at virtual address...\n ...\n Call trace:\n max310x_i2c_probe+0x48/0x170 [max310x]\n i2c_device_probe+0x150/0x2a0\n ...\n\nAdd check for validity of devtype to prevent the error, and abort probe\nwith a meaningful error message."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:18.408Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7d271b798add90c6196539167c019d0817285cf0"
},
{
"url": "https://git.kernel.org/stable/c/c45e53c27b78afd6c81fc25608003576f27b5735"
},
{
"url": "https://git.kernel.org/stable/c/12609c76b755dbeb1645c0aacc0f0f4743b2eff3"
},
{
"url": "https://git.kernel.org/stable/c/2160ad6861c4a21d3fa553d7b2aaec6634a37f8a"
},
{
"url": "https://git.kernel.org/stable/c/5cd8af02b466e1beeae13e2de3dc58fcc7925e5a"
},
{
"url": "https://git.kernel.org/stable/c/aeca49661fd02fd56fb026768b580ce301b45733"
},
{
"url": "https://git.kernel.org/stable/c/0d27056c24efd3d63a03f3edfbcfc4827086b110"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "serial: max310x: fix NULL pointer dereference in I2C instantiation",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26978",
"datePublished": "2024-05-01T05:20:33.457Z",
"dateReserved": "2024-02-19T14:20:24.203Z",
"dateUpdated": "2024-08-02T00:21:05.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27006
Vulnerability from cvelistv5
Published
2024-05-01 05:29
Modified
2024-08-02 00:21
Severity
Summary
thermal/debugfs: Add missing count increment to thermal_debug_tz_trip_up()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27006",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T20:04:05.646240Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T20:04:14.110Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9c8215d32e730b597c809a9d2090bf8ec1b79fcf"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b552f63cd43735048bbe9bfbb7a9dcfce166fbdd"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/thermal/thermal_debugfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "9c8215d32e73",
"status": "affected",
"version": "7ef01f228c9f",
"versionType": "git"
},
{
"lessThan": "b552f63cd437",
"status": "affected",
"version": "7ef01f228c9f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/thermal/thermal_debugfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal/debugfs: Add missing count increment to thermal_debug_tz_trip_up()\n\nThe count field in struct trip_stats, representing the number of times\nthe zone temperature was above the trip point, needs to be incremented\nin thermal_debug_tz_trip_up(), for two reasons.\n\nFirst, if a trip point is crossed on the way up for the first time,\nthermal_debug_update_temp() called from update_temperature() does\nnot see it because it has not been added to trips_crossed[] array\nin the thermal zone\u0027s struct tz_debugfs object yet. Therefore, when\nthermal_debug_tz_trip_up() is called after that, the trip point\u0027s\ncount value is 0, and the attempt to divide by it during the average\ntemperature computation leads to a divide error which causes the kernel\nto crash. Setting the count to 1 before the division by incrementing it\nfixes this problem.\n\nSecond, if a trip point is crossed on the way up, but it has been\ncrossed on the way up already before, its count value needs to be\nincremented to make a record of the fact that the zone temperature is\nabove the trip now. Without doing that, if the mitigations applied\nafter crossing the trip cause the zone temperature to drop below its\nthreshold, the count will not be updated for this episode at all and\nthe average temperature in the trip statistics record will be somewhat\nhigher than it should be.\n\nCc :6.8+ \u003cstable@vger.kernel.org\u003e # 6.8+"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:53.639Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/9c8215d32e730b597c809a9d2090bf8ec1b79fcf"
},
{
"url": "https://git.kernel.org/stable/c/b552f63cd43735048bbe9bfbb7a9dcfce166fbdd"
}
],
"title": "thermal/debugfs: Add missing count increment to thermal_debug_tz_trip_up()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27006",
"datePublished": "2024-05-01T05:29:03.797Z",
"dateReserved": "2024-02-19T14:20:24.208Z",
"dateUpdated": "2024-08-02T00:21:05.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26967
Vulnerability from cvelistv5
Published
2024-05-01 05:19
Modified
2024-08-02 00:21
Severity
Summary
clk: qcom: camcc-sc8280xp: fix terminating of frequency table arrays
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.625Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/93ff48729211dae55df5d216023be4528d29babb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6a3d70f7802a98e6c28a74f997a264118b9f50cd"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/clk/qcom/camcc-sc8280xp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "93ff48729211",
"status": "affected",
"version": "ff93872a9c61",
"versionType": "git"
},
{
"lessThan": "6a3d70f7802a",
"status": "affected",
"version": "ff93872a9c61",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/clk/qcom/camcc-sc8280xp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: camcc-sc8280xp: fix terminating of frequency table arrays\n\nThe frequency table arrays are supposed to be terminated with an\nempty element. Add such entry to the end of the arrays where it\nis missing in order to avoid possible out-of-bound access when\nthe table is traversed by functions like qcom_find_freq() or\nqcom_find_freq_floor().\n\nOnly compile tested."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:02.923Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/93ff48729211dae55df5d216023be4528d29babb"
},
{
"url": "https://git.kernel.org/stable/c/6a3d70f7802a98e6c28a74f997a264118b9f50cd"
}
],
"title": "clk: qcom: camcc-sc8280xp: fix terminating of frequency table arrays",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26967",
"datePublished": "2024-05-01T05:19:41.040Z",
"dateReserved": "2024-02-19T14:20:24.202Z",
"dateUpdated": "2024-08-02T00:21:05.625Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27000
Vulnerability from cvelistv5
Published
2024-05-01 05:28
Modified
2024-08-02 00:21
Severity
Summary
serial: mxs-auart: add spinlock around changing cts state
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27000",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T17:46:24.840669Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:47:26.528Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.866Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/56434e295bd446142025913bfdf1587f5e1970ad"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/21535ef0ac1945080198fe3e4347ea498205c99a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/479244d68f5d94f3903eced52b093c1e01ddb495"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2c9b943e9924cf1269e44289bc5e60e51b0f5270"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/94b0e65c75f4af888ab2dd6c90f060f762924e86"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/54c4ec5f8c471b7c1137a1f769648549c423c026"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/tty/serial/mxs-auart.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "56434e295bd4",
"status": "affected",
"version": "4d90bb147ef6",
"versionType": "git"
},
{
"lessThan": "21535ef0ac19",
"status": "affected",
"version": "4d90bb147ef6",
"versionType": "git"
},
{
"lessThan": "0dc0637e6b16",
"status": "affected",
"version": "4d90bb147ef6",
"versionType": "git"
},
{
"lessThan": "479244d68f5d",
"status": "affected",
"version": "4d90bb147ef6",
"versionType": "git"
},
{
"lessThan": "2c9b943e9924",
"status": "affected",
"version": "4d90bb147ef6",
"versionType": "git"
},
{
"lessThan": "5f40fd6ca2cf",
"status": "affected",
"version": "4d90bb147ef6",
"versionType": "git"
},
{
"lessThan": "94b0e65c75f4",
"status": "affected",
"version": "4d90bb147ef6",
"versionType": "git"
},
{
"lessThan": "54c4ec5f8c47",
"status": "affected",
"version": "4d90bb147ef6",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/tty/serial/mxs-auart.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.18"
},
{
"lessThan": "3.18",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.313",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.275",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.216",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.158",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: mxs-auart: add spinlock around changing cts state\n\nThe uart_handle_cts_change() function in serial_core expects the caller\nto hold uport-\u003elock. For example, I have seen the below kernel splat,\nwhen the Bluetooth driver is loaded on an i.MX28 board.\n\n [ 85.119255] ------------[ cut here ]------------\n [ 85.124413] WARNING: CPU: 0 PID: 27 at /drivers/tty/serial/serial_core.c:3453 uart_handle_cts_change+0xb4/0xec\n [ 85.134694] Modules linked in: hci_uart bluetooth ecdh_generic ecc wlcore_sdio configfs\n [ 85.143314] CPU: 0 PID: 27 Comm: kworker/u3:0 Not tainted 6.6.3-00021-gd62a2f068f92 #1\n [ 85.151396] Hardware name: Freescale MXS (Device Tree)\n [ 85.156679] Workqueue: hci0 hci_power_on [bluetooth]\n (...)\n [ 85.191765] uart_handle_cts_change from mxs_auart_irq_handle+0x380/0x3f4\n [ 85.198787] mxs_auart_irq_handle from __handle_irq_event_percpu+0x88/0x210\n (...)"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:46.591Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/56434e295bd446142025913bfdf1587f5e1970ad"
},
{
"url": "https://git.kernel.org/stable/c/21535ef0ac1945080198fe3e4347ea498205c99a"
},
{
"url": "https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37"
},
{
"url": "https://git.kernel.org/stable/c/479244d68f5d94f3903eced52b093c1e01ddb495"
},
{
"url": "https://git.kernel.org/stable/c/2c9b943e9924cf1269e44289bc5e60e51b0f5270"
},
{
"url": "https://git.kernel.org/stable/c/5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37"
},
{
"url": "https://git.kernel.org/stable/c/94b0e65c75f4af888ab2dd6c90f060f762924e86"
},
{
"url": "https://git.kernel.org/stable/c/54c4ec5f8c471b7c1137a1f769648549c423c026"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "serial: mxs-auart: add spinlock around changing cts state",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27000",
"datePublished": "2024-05-01T05:28:35.749Z",
"dateReserved": "2024-02-19T14:20:24.207Z",
"dateUpdated": "2024-08-02T00:21:05.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26958
Vulnerability from cvelistv5
Published
2024-05-01 05:19
Modified
2024-08-02 00:21
Severity
Summary
nfs: fix UAF in direct writes
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26958",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T13:37:27.589314Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:21:10.748Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.688Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4595d90b5d2ea5fa4d318d13f59055aa4bf3e7f5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/80d24b308b7ee7037fc90d8ac99f6f78df0a256f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3abc2d160ed8213948b147295d77d44a22c88fa3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e25447c35f8745337ea8bc0c9697fcac14df8605"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1daf52b5ffb24870fbeda20b4967526d8f9e12ab"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cf54f66e1dd78990ec6b32177bca7e6ea2144a95"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/17f46b803d4f23c66cacce81db35fef3adb8f2af"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/nfs/direct.c",
"fs/nfs/write.c",
"include/linux/nfs_fs.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "4595d90b5d2e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "80d24b308b7e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "3abc2d160ed8",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "e25447c35f87",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "1daf52b5ffb2",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "cf54f66e1dd7",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "17f46b803d4f",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/nfs/direct.c",
"fs/nfs/write.c",
"include/linux/nfs_fs.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: fix UAF in direct writes\n\nIn production we have been hitting the following warning consistently\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28 refcount_warn_saturate+0x9c/0xe0\nWorkqueue: nfsiod nfs_direct_write_schedule_work [nfs]\nRIP: 0010:refcount_warn_saturate+0x9c/0xe0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __warn+0x9f/0x130\n ? refcount_warn_saturate+0x9c/0xe0\n ? report_bug+0xcc/0x150\n ? handle_bug+0x3d/0x70\n ? exc_invalid_op+0x16/0x40\n ? asm_exc_invalid_op+0x16/0x20\n ? refcount_warn_saturate+0x9c/0xe0\n nfs_direct_write_schedule_work+0x237/0x250 [nfs]\n process_one_work+0x12f/0x4a0\n worker_thread+0x14e/0x3b0\n ? ZSTD_getCParams_internal+0x220/0x220\n kthread+0xdc/0x120\n ? __btf_name_valid+0xa0/0xa0\n ret_from_fork+0x1f/0x30\n\nThis is because we\u0027re completing the nfs_direct_request twice in a row.\n\nThe source of this is when we have our commit requests to submit, we\nprocess them and send them off, and then in the completion path for the\ncommit requests we have\n\nif (nfs_commit_end(cinfo.mds))\n\tnfs_direct_write_complete(dreq);\n\nHowever since we\u0027re submitting asynchronous requests we sometimes have\none that completes before we submit the next one, so we end up calling\ncomplete on the nfs_direct_request twice.\n\nThe only other place we use nfs_generic_commit_list() is in\n__nfs_commit_inode, which wraps this call in a\n\nnfs_commit_begin();\nnfs_commit_end();\n\nWhich is a common pattern for this style of completion handling, one\nthat is also repeated in the direct code with get_dreq()/put_dreq()\ncalls around where we process events as well as in the completion paths.\n\nFix this by using the same pattern for the commit requests.\n\nBefore with my 200 node rocksdb stress running this warning would pop\nevery 10ish minutes. With my patch the stress test has been running for\nseveral hours without popping."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:52.185Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/4595d90b5d2ea5fa4d318d13f59055aa4bf3e7f5"
},
{
"url": "https://git.kernel.org/stable/c/80d24b308b7ee7037fc90d8ac99f6f78df0a256f"
},
{
"url": "https://git.kernel.org/stable/c/3abc2d160ed8213948b147295d77d44a22c88fa3"
},
{
"url": "https://git.kernel.org/stable/c/e25447c35f8745337ea8bc0c9697fcac14df8605"
},
{
"url": "https://git.kernel.org/stable/c/1daf52b5ffb24870fbeda20b4967526d8f9e12ab"
},
{
"url": "https://git.kernel.org/stable/c/cf54f66e1dd78990ec6b32177bca7e6ea2144a95"
},
{
"url": "https://git.kernel.org/stable/c/17f46b803d4f23c66cacce81db35fef3adb8f2af"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "nfs: fix UAF in direct writes",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26958",
"datePublished": "2024-05-01T05:19:04.069Z",
"dateReserved": "2024-02-19T14:20:24.200Z",
"dateUpdated": "2024-08-02T00:21:05.688Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26980
Vulnerability from cvelistv5
Published
2024-05-01 05:26
Modified
2024-08-02 00:21
Severity
Summary
ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26980",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T18:49:02.279322Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T18:49:32.653Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.907Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/da21401372607c49972ea87a6edaafb36a17c325"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b80ba648714e6d790d69610cf14656be222d0248"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3160d9734453a40db248487f8204830879c207f1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0977f89722eceba165700ea384f075143f012085"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c119f4ede3fa90a9463f50831761c28f989bfb20"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/smb/server/server.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "da2140137260",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "b80ba648714e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "3160d9734453",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "0977f89722ec",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "c119f4ede3fa",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/smb/server/server.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.159",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf\n\nIf -\u003eProtocolId is SMB2_TRANSFORM_PROTO_NUM, smb2 request size\nvalidation could be skipped. if request size is smaller than\nsizeof(struct smb2_query_info_req), slab-out-of-bounds read can happen in\nsmb2_allocate_rsp_buf(). This patch allocate response buffer after\ndecrypting transform request. smb3_decrypt_req() will validate transform\nrequest size and avoid slab-out-of-bound in smb2_allocate_rsp_buf()."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:20.472Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/da21401372607c49972ea87a6edaafb36a17c325"
},
{
"url": "https://git.kernel.org/stable/c/b80ba648714e6d790d69610cf14656be222d0248"
},
{
"url": "https://git.kernel.org/stable/c/3160d9734453a40db248487f8204830879c207f1"
},
{
"url": "https://git.kernel.org/stable/c/0977f89722eceba165700ea384f075143f012085"
},
{
"url": "https://git.kernel.org/stable/c/c119f4ede3fa90a9463f50831761c28f989bfb20"
}
],
"title": "ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26980",
"datePublished": "2024-05-01T05:26:56.744Z",
"dateReserved": "2024-02-19T14:20:24.204Z",
"dateUpdated": "2024-08-02T00:21:05.907Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26941
Vulnerability from cvelistv5
Published
2024-05-01 05:17
Modified
2024-08-02 00:21
Severity
Summary
drm/dp: Fix divide-by-zero regression on DP MST unplug with nouveau
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/828862071a6ca0c52655e6e62ac7abfef3e5c578"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9cbd1dae842737bfafa4b10a87909fa209dde250"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/display/drm_dp_helper.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "828862071a6c",
"status": "affected",
"version": "c1d6a22b7219",
"versionType": "git"
},
{
"lessThan": "9cbd1dae8427",
"status": "affected",
"version": "c1d6a22b7219",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/display/drm_dp_helper.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/dp: Fix divide-by-zero regression on DP MST unplug with nouveau\n\nFix a regression when using nouveau and unplugging a StarTech MSTDP122DP\nDisplayPort 1.2 MST hub (the same regression does not appear when using\na Cable Matters DisplayPort 1.4 MST hub). Trace:\n\n divide error: 0000 [#1] PREEMPT SMP PTI\n CPU: 7 PID: 2962 Comm: Xorg Not tainted 6.8.0-rc3+ #744\n Hardware name: Razer Blade/DANA_MB, BIOS 01.01 08/31/2018\n RIP: 0010:drm_dp_bw_overhead+0xb4/0x110 [drm_display_helper]\n Code: c6 b8 01 00 00 00 75 61 01 c6 41 0f af f3 41 0f af f1 c1 e1 04 48 63 c7 31 d2 89 ff 48 8b 5d f8 c9 48 0f af f1 48 8d 44 06 ff \u003c48\u003e f7 f7 31 d2 31 c9 31 f6 31 ff 45 31 c0 45 31 c9 45 31 d2 45 31\n RSP: 0018:ffffb2c5c211fa30 EFLAGS: 00010206\n RAX: ffffffffffffffff RBX: 0000000000000000 RCX: 0000000000f59b00\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffb2c5c211fa48 R08: 0000000000000001 R09: 0000000000000020\n R10: 0000000000000004 R11: 0000000000000000 R12: 0000000000023b4a\n R13: ffff91d37d165800 R14: ffff91d36fac6d80 R15: ffff91d34a764010\n FS: 00007f4a1ca3fa80(0000) GS:ffff91d6edbc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000559491d49000 CR3: 000000011d180002 CR4: 00000000003706f0\n Call Trace:\n \u003cTASK\u003e\n ? show_regs+0x6d/0x80\n ? die+0x37/0xa0\n ? do_trap+0xd4/0xf0\n ? do_error_trap+0x71/0xb0\n ? drm_dp_bw_overhead+0xb4/0x110 [drm_display_helper]\n ? exc_divide_error+0x3a/0x70\n ? drm_dp_bw_overhead+0xb4/0x110 [drm_display_helper]\n ? asm_exc_divide_error+0x1b/0x20\n ? drm_dp_bw_overhead+0xb4/0x110 [drm_display_helper]\n ? drm_dp_calc_pbn_mode+0x2e/0x70 [drm_display_helper]\n nv50_msto_atomic_check+0xda/0x120 [nouveau]\n drm_atomic_helper_check_modeset+0xa87/0xdf0 [drm_kms_helper]\n drm_atomic_helper_check+0x19/0xa0 [drm_kms_helper]\n nv50_disp_atomic_check+0x13f/0x2f0 [nouveau]\n drm_atomic_check_only+0x668/0xb20 [drm]\n ? drm_connector_list_iter_next+0x86/0xc0 [drm]\n drm_atomic_commit+0x58/0xd0 [drm]\n ? __pfx___drm_printfn_info+0x10/0x10 [drm]\n drm_atomic_connector_commit_dpms+0xd7/0x100 [drm]\n drm_mode_obj_set_property_ioctl+0x1c5/0x450 [drm]\n ? __pfx_drm_connector_property_set_ioctl+0x10/0x10 [drm]\n drm_connector_property_set_ioctl+0x3b/0x60 [drm]\n drm_ioctl_kernel+0xb9/0x120 [drm]\n drm_ioctl+0x2d0/0x550 [drm]\n ? __pfx_drm_connector_property_set_ioctl+0x10/0x10 [drm]\n nouveau_drm_ioctl+0x61/0xc0 [nouveau]\n __x64_sys_ioctl+0xa0/0xf0\n do_syscall_64+0x76/0x140\n ? do_syscall_64+0x85/0x140\n ? do_syscall_64+0x85/0x140\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n RIP: 0033:0x7f4a1cd1a94f\n Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 \u003c41\u003e 89 c0 3d 00 f0 ff ff 77 1f 48 8b 44 24 18 64 48 2b 04 25 28 00\n RSP: 002b:00007ffd2f1df520 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n RAX: ffffffffffffffda RBX: 00007ffd2f1df5b0 RCX: 00007f4a1cd1a94f\n RDX: 00007ffd2f1df5b0 RSI: 00000000c01064ab RDI: 000000000000000f\n RBP: 00000000c01064ab R08: 000056347932deb8 R09: 000056347a7d99c0\n R10: 0000000000000000 R11: 0000000000000246 R12: 000056347938a220\n R13: 000000000000000f R14: 0000563479d9f3f0 R15: 0000000000000000\n \u003c/TASK\u003e\n Modules linked in: rfcomm xt_conntrack nft_chain_nat xt_MASQUERADE nf_nat nf_conntrack_netlink nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xfrm_user xfrm_algo xt_addrtype nft_compat nf_tables nfnetlink br_netfilter bridge stp llc ccm cmac algif_hash overlay algif_skcipher af_alg bnep binfmt_misc snd_sof_pci_intel_cnl snd_sof_intel_hda_common snd_soc_hdac_hda snd_sof_pci snd_sof_xtensa_dsp snd_sof_intel_hda snd_sof snd_sof_utils snd_soc_acpi_intel_match snd_soc_acpi snd_soc_core snd_compress snd_sof_intel_hda_mlink snd_hda_ext_core iwlmvm intel_rapl_msr intel_rapl_common intel_tcc_cooling x86_pkg_temp_thermal intel_powerclamp mac80211 coretemp kvm_intel snd_hda_codec_hdmi kvm snd_hda_\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:34.278Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/828862071a6ca0c52655e6e62ac7abfef3e5c578"
},
{
"url": "https://git.kernel.org/stable/c/9cbd1dae842737bfafa4b10a87909fa209dde250"
}
],
"title": "drm/dp: Fix divide-by-zero regression on DP MST unplug with nouveau",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26941",
"datePublished": "2024-05-01T05:17:52.810Z",
"dateReserved": "2024-02-19T14:20:24.197Z",
"dateUpdated": "2024-08-02T00:21:05.703Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26994
Vulnerability from cvelistv5
Published
2024-05-01 05:28
Modified
2024-08-02 00:21
Severity
Summary
speakup: Avoid crash on very long word
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26994",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T14:52:12.815212Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T14:52:25.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/756c5cb7c09e537b87b5d3acafcb101b2ccf394f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8f6b62125befe1675446923e4171eac2c012959c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6401038acfa24cba9c28cce410b7505efadd0222"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0d130158db29f5e0b3893154908cf618896450a8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/89af25bd4b4bf6a71295f07e07a8ae7dc03c6595"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8defb1d22ba0395b81feb963b96e252b097ba76f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0efb15c14c493263cb3a5f65f5ddfd4603d19a76"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c8d2f34ea96ea3bce6ba2535f867f0d4ee3b22e1"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/accessibility/speakup/main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "756c5cb7c09e",
"status": "affected",
"version": "c6e3fd22cd53",
"versionType": "git"
},
{
"lessThan": "8f6b62125bef",
"status": "affected",
"version": "c6e3fd22cd53",
"versionType": "git"
},
{
"lessThan": "6401038acfa2",
"status": "affected",
"version": "c6e3fd22cd53",
"versionType": "git"
},
{
"lessThan": "0d130158db29",
"status": "affected",
"version": "c6e3fd22cd53",
"versionType": "git"
},
{
"lessThan": "89af25bd4b4b",
"status": "affected",
"version": "c6e3fd22cd53",
"versionType": "git"
},
{
"lessThan": "8defb1d22ba0",
"status": "affected",
"version": "c6e3fd22cd53",
"versionType": "git"
},
{
"lessThan": "0efb15c14c49",
"status": "affected",
"version": "c6e3fd22cd53",
"versionType": "git"
},
{
"lessThan": "c8d2f34ea96e",
"status": "affected",
"version": "c6e3fd22cd53",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/accessibility/speakup/main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.37"
},
{
"lessThan": "2.6.37",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.313",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.275",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.216",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspeakup: Avoid crash on very long word\n\nIn case a console is set up really large and contains a really long word\n(\u003e 256 characters), we have to stop before the length of the word buffer."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:37.488Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/756c5cb7c09e537b87b5d3acafcb101b2ccf394f"
},
{
"url": "https://git.kernel.org/stable/c/8f6b62125befe1675446923e4171eac2c012959c"
},
{
"url": "https://git.kernel.org/stable/c/6401038acfa24cba9c28cce410b7505efadd0222"
},
{
"url": "https://git.kernel.org/stable/c/0d130158db29f5e0b3893154908cf618896450a8"
},
{
"url": "https://git.kernel.org/stable/c/89af25bd4b4bf6a71295f07e07a8ae7dc03c6595"
},
{
"url": "https://git.kernel.org/stable/c/8defb1d22ba0395b81feb963b96e252b097ba76f"
},
{
"url": "https://git.kernel.org/stable/c/0efb15c14c493263cb3a5f65f5ddfd4603d19a76"
},
{
"url": "https://git.kernel.org/stable/c/c8d2f34ea96ea3bce6ba2535f867f0d4ee3b22e1"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "speakup: Avoid crash on very long word",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26994",
"datePublished": "2024-05-01T05:28:07.350Z",
"dateReserved": "2024-02-19T14:20:24.206Z",
"dateUpdated": "2024-08-02T00:21:05.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27388
Vulnerability from cvelistv5
Published
2024-05-01 13:05
Modified
2024-08-02 00:34
Severity
Summary
SUNRPC: fix some memleaks in gssx_dec_option_array
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:34:52.507Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b97c37978ca825557d331c9012e0c1ddc0e42364"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bfa9d86d39a0fe4685f90c3529aa9bd62a9d97a8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bb336cd8d5ecb69c430ebe3e7bcff68471d93fa8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dd292e884c649f9b1c18af0ec75ca90b390cd044"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/934212a623cbab851848b6de377eb476718c3e4c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5e6013ae2c8d420faea553d363935f65badd32c3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9806c2393cd2ab0a8e7bb9ffae02ce20e3112ec4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/996997d1fb2126feda550d6adcedcbd94911fc69"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3cfcfc102a5e57b021b786a755a38935e357797d"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/sunrpc/auth_gss/gss_rpc_xdr.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b97c37978ca8",
"status": "affected",
"version": "1d658336b05f",
"versionType": "git"
},
{
"lessThan": "bfa9d86d39a0",
"status": "affected",
"version": "1d658336b05f",
"versionType": "git"
},
{
"lessThan": "bb336cd8d5ec",
"status": "affected",
"version": "1d658336b05f",
"versionType": "git"
},
{
"lessThan": "dd292e884c64",
"status": "affected",
"version": "1d658336b05f",
"versionType": "git"
},
{
"lessThan": "934212a623cb",
"status": "affected",
"version": "1d658336b05f",
"versionType": "git"
},
{
"lessThan": "5e6013ae2c8d",
"status": "affected",
"version": "1d658336b05f",
"versionType": "git"
},
{
"lessThan": "9806c2393cd2",
"status": "affected",
"version": "1d658336b05f",
"versionType": "git"
},
{
"lessThan": "996997d1fb21",
"status": "affected",
"version": "1d658336b05f",
"versionType": "git"
},
{
"lessThan": "3cfcfc102a5e",
"status": "affected",
"version": "1d658336b05f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/sunrpc/auth_gss/gss_rpc_xdr.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.10"
},
{
"lessThan": "3.10",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.311",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.273",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix some memleaks in gssx_dec_option_array\n\nThe creds and oa-\u003edata need to be freed in the error-handling paths after\ntheir allocation. So this patch add these deallocations in the\ncorresponding paths."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:28:13.411Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b97c37978ca825557d331c9012e0c1ddc0e42364"
},
{
"url": "https://git.kernel.org/stable/c/bfa9d86d39a0fe4685f90c3529aa9bd62a9d97a8"
},
{
"url": "https://git.kernel.org/stable/c/bb336cd8d5ecb69c430ebe3e7bcff68471d93fa8"
},
{
"url": "https://git.kernel.org/stable/c/dd292e884c649f9b1c18af0ec75ca90b390cd044"
},
{
"url": "https://git.kernel.org/stable/c/934212a623cbab851848b6de377eb476718c3e4c"
},
{
"url": "https://git.kernel.org/stable/c/5e6013ae2c8d420faea553d363935f65badd32c3"
},
{
"url": "https://git.kernel.org/stable/c/9806c2393cd2ab0a8e7bb9ffae02ce20e3112ec4"
},
{
"url": "https://git.kernel.org/stable/c/996997d1fb2126feda550d6adcedcbd94911fc69"
},
{
"url": "https://git.kernel.org/stable/c/3cfcfc102a5e57b021b786a755a38935e357797d"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "SUNRPC: fix some memleaks in gssx_dec_option_array",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27388",
"datePublished": "2024-05-01T13:05:05.518Z",
"dateReserved": "2024-02-25T13:47:42.676Z",
"dateUpdated": "2024-08-02T00:34:52.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27017
Vulnerability from cvelistv5
Published
2024-05-01 05:30
Modified
2024-08-02 00:21
Severity
Summary
netfilter: nft_set_pipapo: walk over current view on netlink dump
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27017",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T16:20:37.656440Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:47:29.908Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/721715655c72640567e8742567520c99801148ed"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/29b359cf6d95fd60730533f7f10464e95bd17c73"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"include/net/netfilter/nf_tables.h",
"net/netfilter/nf_tables_api.c",
"net/netfilter/nft_set_pipapo.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "721715655c72",
"status": "affected",
"version": "2b84e215f874",
"versionType": "git"
},
{
"lessThan": "29b359cf6d95",
"status": "affected",
"version": "2b84e215f874",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"include/net/netfilter/nf_tables.h",
"net/netfilter/nf_tables_api.c",
"net/netfilter/nft_set_pipapo.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"lessThan": "6.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: walk over current view on netlink dump\n\nThe generation mask can be updated while netlink dump is in progress.\nThe pipapo set backend walk iterator cannot rely on it to infer what\nview of the datastructure is to be used. Add notation to specify if user\nwants to read/update the set.\n\nBased on patch from Florian Westphal."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:05.579Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/721715655c72640567e8742567520c99801148ed"
},
{
"url": "https://git.kernel.org/stable/c/29b359cf6d95fd60730533f7f10464e95bd17c73"
}
],
"title": "netfilter: nft_set_pipapo: walk over current view on netlink dump",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27017",
"datePublished": "2024-05-01T05:30:01.888Z",
"dateReserved": "2024-02-19T14:20:24.209Z",
"dateUpdated": "2024-08-02T00:21:05.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52653
Vulnerability from cvelistv5
Published
2024-05-01 13:04
Modified
2024-08-02 23:03
Severity
Summary
SUNRPC: fix a memleak in gss_import_v2_context
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52653",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T18:26:34.838791Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T18:26:57.970Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:03:21.363Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/99044c01ed5329e73651c054d8a4baacdbb1a27c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/47ac11db93e74ac49cd6c3fc69bcbc5964c4a8b4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d111e30d9cd846bb368faf3637dc0f71fcbcf822"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e67b652d8e8591d3b1e569dbcdfcee15993e91fa"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "99044c01ed53",
"status": "affected",
"version": "47d848077629",
"versionType": "git"
},
{
"lessThan": "47ac11db93e7",
"status": "affected",
"version": "47d848077629",
"versionType": "git"
},
{
"lessThan": "d111e30d9cd8",
"status": "affected",
"version": "47d848077629",
"versionType": "git"
},
{
"lessThan": "e67b652d8e85",
"status": "affected",
"version": "47d848077629",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.35"
},
{
"lessThan": "2.6.35",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix a memleak in gss_import_v2_context\n\nThe ctx-\u003emech_used.data allocated by kmemdup is not freed in neither\ngss_import_v2_context nor it only caller gss_krb5_import_sec_context,\nwhich frees ctx on error.\n\nThus, this patch reform the last call of gss_import_v2_context to the\ngss_krb5_import_ctx_v2, preventing the memleak while keepping the return\nformation."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-13T07:14:55.073Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/99044c01ed5329e73651c054d8a4baacdbb1a27c"
},
{
"url": "https://git.kernel.org/stable/c/47ac11db93e74ac49cd6c3fc69bcbc5964c4a8b4"
},
{
"url": "https://git.kernel.org/stable/c/d111e30d9cd846bb368faf3637dc0f71fcbcf822"
},
{
"url": "https://git.kernel.org/stable/c/e67b652d8e8591d3b1e569dbcdfcee15993e91fa"
}
],
"title": "SUNRPC: fix a memleak in gss_import_v2_context",
"x_generator": {
"engine": "bippy-d175d3acf727"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-52653",
"datePublished": "2024-05-01T13:04:02.055Z",
"dateReserved": "2024-03-06T09:52:12.098Z",
"dateUpdated": "2024-08-02T23:03:21.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27026
Vulnerability from cvelistv5
Published
2024-05-01 12:49
Modified
2024-08-02 00:21
Severity
Summary
vmxnet3: Fix missing reserved tailroom
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.850Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/aba8659caf88017507419feea06069f529329ea6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7c8505ecc2d15473d679b8e06335434b84fffe86"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/91d017d19d5a9ad153e2dc23ed3c0e2e79ef5262"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e127ce7699c1e05279ee5ee61f00893e7bfa9671"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/vmxnet3/vmxnet3_xdp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "aba8659caf88",
"status": "affected",
"version": "54f00cce1178",
"versionType": "git"
},
{
"lessThan": "7c8505ecc2d1",
"status": "affected",
"version": "54f00cce1178",
"versionType": "git"
},
{
"lessThan": "91d017d19d5a",
"status": "affected",
"version": "54f00cce1178",
"versionType": "git"
},
{
"lessThan": "e127ce7699c1",
"status": "affected",
"version": "54f00cce1178",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/vmxnet3/vmxnet3_xdp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.6"
},
{
"lessThan": "6.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix missing reserved tailroom\n\nUse rbi-\u003elen instead of rcd-\u003elen for non-dataring packet.\n\nFound issue:\n XDP_WARN: xdp_update_frame_from_buff(line:278): Driver BUG: missing reserved tailroom\n WARNING: CPU: 0 PID: 0 at net/core/xdp.c:586 xdp_warn+0xf/0x20\n CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W O 6.5.1 #1\n RIP: 0010:xdp_warn+0xf/0x20\n ...\n ? xdp_warn+0xf/0x20\n xdp_do_redirect+0x15f/0x1c0\n vmxnet3_run_xdp+0x17a/0x400 [vmxnet3]\n vmxnet3_process_xdp+0xe4/0x760 [vmxnet3]\n ? vmxnet3_tq_tx_complete.isra.0+0x21e/0x2c0 [vmxnet3]\n vmxnet3_rq_rx_complete+0x7ad/0x1120 [vmxnet3]\n vmxnet3_poll_rx_only+0x2d/0xa0 [vmxnet3]\n __napi_poll+0x20/0x180\n net_rx_action+0x177/0x390"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:15.265Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/aba8659caf88017507419feea06069f529329ea6"
},
{
"url": "https://git.kernel.org/stable/c/7c8505ecc2d15473d679b8e06335434b84fffe86"
},
{
"url": "https://git.kernel.org/stable/c/91d017d19d5a9ad153e2dc23ed3c0e2e79ef5262"
},
{
"url": "https://git.kernel.org/stable/c/e127ce7699c1e05279ee5ee61f00893e7bfa9671"
}
],
"title": "vmxnet3: Fix missing reserved tailroom",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27026",
"datePublished": "2024-05-01T12:49:31.685Z",
"dateReserved": "2024-02-19T14:20:24.210Z",
"dateUpdated": "2024-08-02T00:21:05.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27027
Vulnerability from cvelistv5
Published
2024-05-01 12:49
Modified
2024-08-02 00:21
Severity
Summary
dpll: fix dpll_xa_ref_*_del() for multiple registrations
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/769324eb35143462542cdb15483cdaf4877bf661"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b27e32e9367dac024cd6f61f22655714f483fd67"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b446631f355ece73b13c311dd712c47381a23172"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/dpll/dpll_core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "769324eb3514",
"status": "affected",
"version": "9431063ad323",
"versionType": "git"
},
{
"lessThan": "b27e32e9367d",
"status": "affected",
"version": "9431063ad323",
"versionType": "git"
},
{
"lessThan": "b446631f355e",
"status": "affected",
"version": "9431063ad323",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/dpll/dpll_core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.7"
},
{
"lessThan": "6.7",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndpll: fix dpll_xa_ref_*_del() for multiple registrations\n\nCurrently, if there are multiple registrations of the same pin on the\nsame dpll device, following warnings are observed:\nWARNING: CPU: 5 PID: 2212 at drivers/dpll/dpll_core.c:143 dpll_xa_ref_pin_del.isra.0+0x21e/0x230\nWARNING: CPU: 5 PID: 2212 at drivers/dpll/dpll_core.c:223 __dpll_pin_unregister+0x2b3/0x2c0\n\nThe problem is, that in both dpll_xa_ref_dpll_del() and\ndpll_xa_ref_pin_del() registration is only removed from list in case the\nreference count drops to zero. That is wrong, the registration has to\nbe removed always.\n\nTo fix this, remove the registration from the list and free\nit unconditionally, instead of doing it only when the ref reference\ncounter reaches zero."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:16.302Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/769324eb35143462542cdb15483cdaf4877bf661"
},
{
"url": "https://git.kernel.org/stable/c/b27e32e9367dac024cd6f61f22655714f483fd67"
},
{
"url": "https://git.kernel.org/stable/c/b446631f355ece73b13c311dd712c47381a23172"
}
],
"title": "dpll: fix dpll_xa_ref_*_del() for multiple registrations",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27027",
"datePublished": "2024-05-01T12:49:35.130Z",
"dateReserved": "2024-02-19T14:20:24.210Z",
"dateUpdated": "2024-08-02T00:21:05.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27003
Vulnerability from cvelistv5
Published
2024-05-01 05:28
Modified
2024-08-02 00:21
Severity
Summary
clk: Get runtime PM before walking tree for clk_summary
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27003",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T17:40:36.499958Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:46:23.697Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.828Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/83ada89e4a86e2b28ea2b5113c76d6dc7560a4d0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2c077fdfd09dffb31a890e5095c8ab205138a42e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b457105309d388e4081c716cf7b81d517ff74db4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9d1e795f754db1ac3344528b7af0b17b8146f321"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/clk/clk.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "83ada89e4a86",
"status": "affected",
"version": "1bb294a7981c",
"versionType": "git"
},
{
"lessThan": "2c077fdfd09d",
"status": "affected",
"version": "1bb294a7981c",
"versionType": "git"
},
{
"lessThan": "b457105309d3",
"status": "affected",
"version": "1bb294a7981c",
"versionType": "git"
},
{
"lessThan": "9d1e795f754d",
"status": "affected",
"version": "1bb294a7981c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/clk/clk.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.17"
},
{
"lessThan": "5.17",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: Get runtime PM before walking tree for clk_summary\n\nSimilar to the previous commit, we should make sure that all devices are\nruntime resumed before printing the clk_summary through debugfs. Failure\nto do so would result in a deadlock if the thread is resuming a device\nto print clk state and that device is also runtime resuming in another\nthread, e.g the screen is turning on and the display driver is starting\nup. We remove the calls to clk_pm_runtime_{get,put}() in this path\nbecause they\u0027re superfluous now that we know the devices are runtime\nresumed. This also squashes a bug where the return value of\nclk_pm_runtime_get() wasn\u0027t checked, leading to an RPM count underflow\non error paths."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:49.901Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/83ada89e4a86e2b28ea2b5113c76d6dc7560a4d0"
},
{
"url": "https://git.kernel.org/stable/c/2c077fdfd09dffb31a890e5095c8ab205138a42e"
},
{
"url": "https://git.kernel.org/stable/c/b457105309d388e4081c716cf7b81d517ff74db4"
},
{
"url": "https://git.kernel.org/stable/c/9d1e795f754db1ac3344528b7af0b17b8146f321"
}
],
"title": "clk: Get runtime PM before walking tree for clk_summary",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27003",
"datePublished": "2024-05-01T05:28:49.732Z",
"dateReserved": "2024-02-19T14:20:24.207Z",
"dateUpdated": "2024-08-02T00:21:05.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27075
Vulnerability from cvelistv5
Published
2024-05-01 13:04
Modified
2024-08-02 00:27
Severity
Summary
media: dvb-frontends: avoid stack overflow warnings with clang
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27075",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-18T19:39:34.512362Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-18T19:39:53.100Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:57.815Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c073c8cede5abd3836e83d70d72606d11d0759d4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fa8b472952ef46eb632825051078c21ce0cafe55"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fb07104a02e87c06c39914d13ed67fd8f839ca82"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d20b64f156de5d10410963fe238d82a4e7e97a2f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/107052a8cfeff3a97326277192b4f052e4860a8a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8fad9c5bb00d3a9508d18bbfe832e33a47377730"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d6b4895197ab5a47cb81c6852d49320b05052960"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ed514ecf4f29c80a2f09ae3c877059b401efe893"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7a4cf27d1f0538f779bf31b8c99eda394e277119"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/media/dvb-frontends/stv0367.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "c073c8cede5a",
"status": "affected",
"version": "3cd890dbe2a4",
"versionType": "git"
},
{
"lessThan": "fa8b472952ef",
"status": "affected",
"version": "3cd890dbe2a4",
"versionType": "git"
},
{
"lessThan": "fb07104a02e8",
"status": "affected",
"version": "3cd890dbe2a4",
"versionType": "git"
},
{
"lessThan": "d20b64f156de",
"status": "affected",
"version": "3cd890dbe2a4",
"versionType": "git"
},
{
"lessThan": "107052a8cfef",
"status": "affected",
"version": "3cd890dbe2a4",
"versionType": "git"
},
{
"lessThan": "8fad9c5bb00d",
"status": "affected",
"version": "3cd890dbe2a4",
"versionType": "git"
},
{
"lessThan": "d6b4895197ab",
"status": "affected",
"version": "3cd890dbe2a4",
"versionType": "git"
},
{
"lessThan": "ed514ecf4f29",
"status": "affected",
"version": "3cd890dbe2a4",
"versionType": "git"
},
{
"lessThan": "7a4cf27d1f05",
"status": "affected",
"version": "3cd890dbe2a4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/media/dvb-frontends/stv0367.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.16"
},
{
"lessThan": "4.16",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.311",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.273",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-frontends: avoid stack overflow warnings with clang\n\nA previous patch worked around a KASAN issue in stv0367, now a similar\nproblem showed up with clang:\n\ndrivers/media/dvb-frontends/stv0367.c:1222:12: error: stack frame size (3624) exceeds limit (2048) in \u0027stv0367ter_set_frontend\u0027 [-Werror,-Wframe-larger-than]\n 1214 | static int stv0367ter_set_frontend(struct dvb_frontend *fe)\n\nRework the stv0367_writereg() function to be simpler and mark both\nregister access functions as noinline_for_stack so the temporary\ni2c_msg structures do not get duplicated on the stack when KASAN_STACK\nis enabled."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:28:06.357Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/c073c8cede5abd3836e83d70d72606d11d0759d4"
},
{
"url": "https://git.kernel.org/stable/c/fa8b472952ef46eb632825051078c21ce0cafe55"
},
{
"url": "https://git.kernel.org/stable/c/fb07104a02e87c06c39914d13ed67fd8f839ca82"
},
{
"url": "https://git.kernel.org/stable/c/d20b64f156de5d10410963fe238d82a4e7e97a2f"
},
{
"url": "https://git.kernel.org/stable/c/107052a8cfeff3a97326277192b4f052e4860a8a"
},
{
"url": "https://git.kernel.org/stable/c/8fad9c5bb00d3a9508d18bbfe832e33a47377730"
},
{
"url": "https://git.kernel.org/stable/c/d6b4895197ab5a47cb81c6852d49320b05052960"
},
{
"url": "https://git.kernel.org/stable/c/ed514ecf4f29c80a2f09ae3c877059b401efe893"
},
{
"url": "https://git.kernel.org/stable/c/7a4cf27d1f0538f779bf31b8c99eda394e277119"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "media: dvb-frontends: avoid stack overflow warnings with clang",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27075",
"datePublished": "2024-05-01T13:04:44.494Z",
"dateReserved": "2024-02-19T14:20:24.217Z",
"dateUpdated": "2024-08-02T00:27:57.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27060
Vulnerability from cvelistv5
Published
2024-05-01 13:00
Modified
2024-08-02 00:21
Severity
Summary
thunderbolt: Fix NULL pointer dereference in tb_port_update_credits()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ce64ba1f6ec3439e4b4d880b4db99673f4507228"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d3d17e23d1a0d1f959b4fa55b35f1802d9c584fa"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/thunderbolt/switch.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ce64ba1f6ec3",
"status": "affected",
"version": "81af2952e606",
"versionType": "git"
},
{
"lessThan": "d3d17e23d1a0",
"status": "affected",
"version": "81af2952e606",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/thunderbolt/switch.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.7"
},
{
"lessThan": "6.7",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nthunderbolt: Fix NULL pointer dereference in tb_port_update_credits()\n\nOlliver reported that his system crashes when plugging in Thunderbolt 1\ndevice:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000020\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n RIP: 0010:tb_port_do_update_credits+0x1b/0x130 [thunderbolt]\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x171/0x4e0\n ? exc_page_fault+0x7f/0x180\n ? asm_exc_page_fault+0x26/0x30\n ? tb_port_do_update_credits+0x1b/0x130\n ? tb_switch_update_link_attributes+0x83/0xd0\n tb_switch_add+0x7a2/0xfe0\n tb_scan_port+0x236/0x6f0\n tb_handle_hotplug+0x6db/0x900\n process_one_work+0x171/0x340\n worker_thread+0x27b/0x3a0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xe5/0x120\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e\n\nThis is due the fact that some Thunderbolt 1 devices only have one lane\nadapter. Fix this by checking for the lane 1 before we read its credits."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:50.554Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ce64ba1f6ec3439e4b4d880b4db99673f4507228"
},
{
"url": "https://git.kernel.org/stable/c/d3d17e23d1a0d1f959b4fa55b35f1802d9c584fa"
}
],
"title": "thunderbolt: Fix NULL pointer dereference in tb_port_update_credits()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27060",
"datePublished": "2024-05-01T13:00:13.995Z",
"dateReserved": "2024-02-19T14:20:24.215Z",
"dateUpdated": "2024-08-02T00:21:05.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26957
Vulnerability from cvelistv5
Published
2024-05-01 05:19
Modified
2024-08-02 00:21
Severity
Summary
s390/zcrypt: fix reference counting on zcrypt card objects
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "7e500849fa55",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
},
{
"lessThan": "9daddee03de3",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
},
{
"lessThan": "6470078ab3d8",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
},
{
"lessThan": "a55677878b93",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
},
{
"lessThan": "b7f6c3630eb3",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
},
{
"lessThan": "a64ab862e84e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
},
{
"lessThan": "befb7f889594",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
},
{
"lessThan": "394b6d8bbdf9",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
},
{
"lessThan": "50ed48c80fec",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26957",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T15:58:32.988246Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T15:58:36.584Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7e500849fa558879a1cde43f80c7c048c2437058"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9daddee03de3f231012014dab8ab2b277a116a55"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6470078ab3d8f222115e11c4ec67351f3031b3dd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a55677878b93e9ebc31f66d0e2fb93be5e7836a6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b7f6c3630eb3f103115ab0d7613588064f665d0d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a64ab862e84e3e698cd351a87cdb504c7fc575ca"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/befb7f889594d23e1b475720cf93efd2f77df000"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/394b6d8bbdf9ddee6d5bcf3e1f3e9f23eecd6484"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/50ed48c80fecbe17218afed4f8bed005c802976c"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/s390/crypto/zcrypt_api.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7e500849fa55",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "9daddee03de3",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "6470078ab3d8",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "a55677878b93",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "b7f6c3630eb3",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "a64ab862e84e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "befb7f889594",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "394b6d8bbdf9",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "50ed48c80fec",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/s390/crypto/zcrypt_api.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.312",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.274",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/zcrypt: fix reference counting on zcrypt card objects\n\nTests with hot-plugging crytpo cards on KVM guests with debug\nkernel build revealed an use after free for the load field of\nthe struct zcrypt_card. The reason was an incorrect reference\nhandling of the zcrypt card object which could lead to a free\nof the zcrypt card object while it was still in use.\n\nThis is an example of the slab message:\n\n kernel: 0x00000000885a7512-0x00000000885a7513 @offset=1298. First byte 0x68 instead of 0x6b\n kernel: Allocated in zcrypt_card_alloc+0x36/0x70 [zcrypt] age=18046 cpu=3 pid=43\n kernel: kmalloc_trace+0x3f2/0x470\n kernel: zcrypt_card_alloc+0x36/0x70 [zcrypt]\n kernel: zcrypt_cex4_card_probe+0x26/0x380 [zcrypt_cex4]\n kernel: ap_device_probe+0x15c/0x290\n kernel: really_probe+0xd2/0x468\n kernel: driver_probe_device+0x40/0xf0\n kernel: __device_attach_driver+0xc0/0x140\n kernel: bus_for_each_drv+0x8c/0xd0\n kernel: __device_attach+0x114/0x198\n kernel: bus_probe_device+0xb4/0xc8\n kernel: device_add+0x4d2/0x6e0\n kernel: ap_scan_adapter+0x3d0/0x7c0\n kernel: ap_scan_bus+0x5a/0x3b0\n kernel: ap_scan_bus_wq_callback+0x40/0x60\n kernel: process_one_work+0x26e/0x620\n kernel: worker_thread+0x21c/0x440\n kernel: Freed in zcrypt_card_put+0x54/0x80 [zcrypt] age=9024 cpu=3 pid=43\n kernel: kfree+0x37e/0x418\n kernel: zcrypt_card_put+0x54/0x80 [zcrypt]\n kernel: ap_device_remove+0x4c/0xe0\n kernel: device_release_driver_internal+0x1c4/0x270\n kernel: bus_remove_device+0x100/0x188\n kernel: device_del+0x164/0x3c0\n kernel: device_unregister+0x30/0x90\n kernel: ap_scan_adapter+0xc8/0x7c0\n kernel: ap_scan_bus+0x5a/0x3b0\n kernel: ap_scan_bus_wq_callback+0x40/0x60\n kernel: process_one_work+0x26e/0x620\n kernel: worker_thread+0x21c/0x440\n kernel: kthread+0x150/0x168\n kernel: __ret_from_fork+0x3c/0x58\n kernel: ret_from_fork+0xa/0x30\n kernel: Slab 0x00000372022169c0 objects=20 used=18 fp=0x00000000885a7c88 flags=0x3ffff00000000a00(workingset|slab|node=0|zone=1|lastcpupid=0x1ffff)\n kernel: Object 0x00000000885a74b8 @offset=1208 fp=0x00000000885a7c88\n kernel: Redzone 00000000885a74b0: bb bb bb bb bb bb bb bb ........\n kernel: Object 00000000885a74b8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74c8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74d8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74e8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74f8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a7508: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 68 4b 6b 6b 6b a5 kkkkkkkkkkhKkkk.\n kernel: Redzone 00000000885a7518: bb bb bb bb bb bb bb bb ........\n kernel: Padding 00000000885a756c: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZ\n kernel: CPU: 0 PID: 387 Comm: systemd-udevd Not tainted 6.8.0-HF #2\n kernel: Hardware name: IBM 3931 A01 704 (KVM/Linux)\n kernel: Call Trace:\n kernel: [\u003c00000000ca5ab5b8\u003e] dump_stack_lvl+0x90/0x120\n kernel: [\u003c00000000c99d78bc\u003e] check_bytes_and_report+0x114/0x140\n kernel: [\u003c00000000c99d53cc\u003e] check_object+0x334/0x3f8\n kernel: [\u003c00000000c99d820c\u003e] alloc_debug_processing+0xc4/0x1f8\n kernel: [\u003c00000000c99d852e\u003e] get_partial_node.part.0+0x1ee/0x3e0\n kernel: [\u003c00000000c99d94ec\u003e] ___slab_alloc+0xaf4/0x13c8\n kernel: [\u003c00000000c99d9e38\u003e] __slab_alloc.constprop.0+0x78/0xb8\n kernel: [\u003c00000000c99dc8dc\u003e] __kmalloc+0x434/0x590\n kernel: [\u003c00000000c9b4c0ce\u003e] ext4_htree_store_dirent+0x4e/0x1c0\n kernel: [\u003c00000000c9b908a2\u003e] htree_dirblock_to_tree+0x17a/0x3f0\n kernel: \n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:51.152Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7e500849fa558879a1cde43f80c7c048c2437058"
},
{
"url": "https://git.kernel.org/stable/c/9daddee03de3f231012014dab8ab2b277a116a55"
},
{
"url": "https://git.kernel.org/stable/c/6470078ab3d8f222115e11c4ec67351f3031b3dd"
},
{
"url": "https://git.kernel.org/stable/c/a55677878b93e9ebc31f66d0e2fb93be5e7836a6"
},
{
"url": "https://git.kernel.org/stable/c/b7f6c3630eb3f103115ab0d7613588064f665d0d"
},
{
"url": "https://git.kernel.org/stable/c/a64ab862e84e3e698cd351a87cdb504c7fc575ca"
},
{
"url": "https://git.kernel.org/stable/c/befb7f889594d23e1b475720cf93efd2f77df000"
},
{
"url": "https://git.kernel.org/stable/c/394b6d8bbdf9ddee6d5bcf3e1f3e9f23eecd6484"
},
{
"url": "https://git.kernel.org/stable/c/50ed48c80fecbe17218afed4f8bed005c802976c"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "s390/zcrypt: fix reference counting on zcrypt card objects",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26957",
"datePublished": "2024-05-01T05:19:00.134Z",
"dateReserved": "2024-02-19T14:20:24.200Z",
"dateUpdated": "2024-08-02T00:21:05.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27023
Vulnerability from cvelistv5
Published
2024-05-01 12:49
Modified
2024-08-02 00:21
Severity
Summary
md: Fix missing release of 'active_io' for flush
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.884Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6b2ff10390b19a2364af622b6666b690443f9f3f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/02dad157ba11064d073f5499dc33552b227d5d3a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/11f81438927f84edfaaeb5d5f10856c3a1c1fc82"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/855678ed8534518e2b428bcbcec695de9ba248e8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/md/md.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6b2ff10390b1",
"status": "affected",
"version": "f9f2d957a8ea",
"versionType": "git"
},
{
"lessThan": "02dad157ba11",
"status": "affected",
"version": "530cec617f5a",
"versionType": "git"
},
{
"lessThan": "11f81438927f",
"status": "affected",
"version": "c4c2345214b6",
"versionType": "git"
},
{
"lessThan": "855678ed8534",
"status": "affected",
"version": "fa2bbff7b0b4",
"versionType": "git"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/md/md.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6.1.80",
"status": "affected",
"version": "6.1.75",
"versionType": "custom"
},
{
"lessThan": "6.6.19",
"status": "affected",
"version": "6.6.14",
"versionType": "custom"
},
{
"lessThan": "6.7.7",
"status": "affected",
"version": "6.7.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: Fix missing release of \u0027active_io\u0027 for flush\n\nsubmit_flushes\n atomic_set(\u0026mddev-\u003eflush_pending, 1);\n rdev_for_each_rcu(rdev, mddev)\n atomic_inc(\u0026mddev-\u003eflush_pending);\n bi-\u003ebi_end_io = md_end_flush\n submit_bio(bi);\n /* flush io is done first */\n md_end_flush\n if (atomic_dec_and_test(\u0026mddev-\u003eflush_pending))\n percpu_ref_put(\u0026mddev-\u003eactive_io)\n -\u003e active_io is not released\n\n if (atomic_dec_and_test(\u0026mddev-\u003eflush_pending))\n -\u003e missing release of active_io\n\nFor consequence, mddev_suspend() will wait for \u0027active_io\u0027 to be zero\nforever.\n\nFix this problem by releasing \u0027active_io\u0027 in submit_flushes() if\n\u0027flush_pending\u0027 is decreased to zero."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:11.763Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/6b2ff10390b19a2364af622b6666b690443f9f3f"
},
{
"url": "https://git.kernel.org/stable/c/02dad157ba11064d073f5499dc33552b227d5d3a"
},
{
"url": "https://git.kernel.org/stable/c/11f81438927f84edfaaeb5d5f10856c3a1c1fc82"
},
{
"url": "https://git.kernel.org/stable/c/855678ed8534518e2b428bcbcec695de9ba248e8"
}
],
"title": "md: Fix missing release of \u0027active_io\u0027 for flush",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27023",
"datePublished": "2024-05-01T12:49:21.063Z",
"dateReserved": "2024-02-19T14:20:24.210Z",
"dateUpdated": "2024-08-02T00:21:05.884Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26973
Vulnerability from cvelistv5
Published
2024-05-01 05:20
Modified
2024-08-02 00:21
Severity
Summary
fat: fix uninitialized field in nostale filehandles
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.673Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9840d1897e28f8733cc1e38f97e044f987dc0a63"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f52d7663a10a1266a2d3871a6dd8fd111edc549f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a276c595c3a629170b0f052a3724f755d7c6adc6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b7fb63e807c6dadf7ecc1d43448c4f1711d7eeee"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c8cc05de8e6b5612b6e9f92c385c1a064b0db375"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/03a7e3f2ba3ca25f1da1d3898709a08db14c1abb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/74f852654b8b7866f15323685f1e178d3386c688"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cdd33d54e789d229d6d5007cbf3f53965ca1a5c6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fde2497d2bc3a063d8af88b258dbadc86bd7b57c"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/fat/nfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "9840d1897e28",
"status": "affected",
"version": "ea3983ace6b7",
"versionType": "git"
},
{
"lessThan": "f52d7663a10a",
"status": "affected",
"version": "ea3983ace6b7",
"versionType": "git"
},
{
"lessThan": "a276c595c3a6",
"status": "affected",
"version": "ea3983ace6b7",
"versionType": "git"
},
{
"lessThan": "b7fb63e807c6",
"status": "affected",
"version": "ea3983ace6b7",
"versionType": "git"
},
{
"lessThan": "c8cc05de8e6b",
"status": "affected",
"version": "ea3983ace6b7",
"versionType": "git"
},
{
"lessThan": "03a7e3f2ba3c",
"status": "affected",
"version": "ea3983ace6b7",
"versionType": "git"
},
{
"lessThan": "74f852654b8b",
"status": "affected",
"version": "ea3983ace6b7",
"versionType": "git"
},
{
"lessThan": "cdd33d54e789",
"status": "affected",
"version": "ea3983ace6b7",
"versionType": "git"
},
{
"lessThan": "fde2497d2bc3",
"status": "affected",
"version": "ea3983ace6b7",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/fat/nfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.10"
},
{
"lessThan": "3.10",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.312",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.274",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfat: fix uninitialized field in nostale filehandles\n\nWhen fat_encode_fh_nostale() encodes file handle without a parent it\nstores only first 10 bytes of the file handle. However the length of the\nfile handle must be a multiple of 4 so the file handle is actually 12\nbytes long and the last two bytes remain uninitialized. This is not\ngreat at we potentially leak uninitialized information with the handle\nto userspace. Properly initialize the full handle length."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:11.504Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/9840d1897e28f8733cc1e38f97e044f987dc0a63"
},
{
"url": "https://git.kernel.org/stable/c/f52d7663a10a1266a2d3871a6dd8fd111edc549f"
},
{
"url": "https://git.kernel.org/stable/c/a276c595c3a629170b0f052a3724f755d7c6adc6"
},
{
"url": "https://git.kernel.org/stable/c/b7fb63e807c6dadf7ecc1d43448c4f1711d7eeee"
},
{
"url": "https://git.kernel.org/stable/c/c8cc05de8e6b5612b6e9f92c385c1a064b0db375"
},
{
"url": "https://git.kernel.org/stable/c/03a7e3f2ba3ca25f1da1d3898709a08db14c1abb"
},
{
"url": "https://git.kernel.org/stable/c/74f852654b8b7866f15323685f1e178d3386c688"
},
{
"url": "https://git.kernel.org/stable/c/cdd33d54e789d229d6d5007cbf3f53965ca1a5c6"
},
{
"url": "https://git.kernel.org/stable/c/fde2497d2bc3a063d8af88b258dbadc86bd7b57c"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "fat: fix uninitialized field in nostale filehandles",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26973",
"datePublished": "2024-05-01T05:20:09.420Z",
"dateReserved": "2024-02-19T14:20:24.203Z",
"dateUpdated": "2024-08-02T00:21:05.673Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26997
Vulnerability from cvelistv5
Published
2024-05-01 05:28
Modified
2024-08-02 00:21
Severity
Summary
usb: dwc2: host: Fix dereference issue in DDMA completion flow.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26997",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T17:40:39.519356Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:46:29.335Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/257d313e37d66c3bcc87197fb5b8549129c45dfe"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/75bf5e78b2a27cb1bca6fa826e3ab685015165e1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/26fde0ea40dda1b08fad3bc0a43f122f6dd8bddf"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8aa5c28ac65cb5e7f1b9c0c3238c00b661dd2b8c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9de10b59d16880a0a3ae2876c142fe54ce45d816"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8a139fa44870e84ac228b7b76423a49610e5ba9a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/55656b2afd5f1efcec4245f3e7e814c2a9ef53f6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/eed04fa96c48790c1cce73c8a248e9d460b088f8"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/usb/dwc2/hcd_ddma.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "257d313e37d6",
"status": "affected",
"version": "dca1dc1e99e0",
"versionType": "git"
},
{
"lessThan": "75bf5e78b2a2",
"status": "affected",
"version": "693bbbccd9c7",
"versionType": "git"
},
{
"lessThan": "26fde0ea40dd",
"status": "affected",
"version": "db4fa0c8e811",
"versionType": "git"
},
{
"lessThan": "8aa5c28ac65c",
"status": "affected",
"version": "32d3f2f108eb",
"versionType": "git"
},
{
"lessThan": "9de10b59d168",
"status": "affected",
"version": "bc48eb1b53ce",
"versionType": "git"
},
{
"lessThan": "8a139fa44870",
"status": "affected",
"version": "8d310e5d702c",
"versionType": "git"
},
{
"lessThan": "55656b2afd5f",
"status": "affected",
"version": "8b7c57ab6f6b",
"versionType": "git"
},
{
"lessThan": "eed04fa96c48",
"status": "affected",
"version": "b258e4268850",
"versionType": "git"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/usb/dwc2/hcd_ddma.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "4.19.313",
"status": "affected",
"version": "4.19.312",
"versionType": "custom"
},
{
"lessThan": "5.4.275",
"status": "affected",
"version": "5.4.274",
"versionType": "custom"
},
{
"lessThan": "5.10.216",
"status": "affected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThan": "5.15.157",
"status": "affected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThan": "6.1.88",
"status": "affected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThan": "6.6.29",
"status": "affected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThan": "6.8.8",
"status": "affected",
"version": "6.8.3",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: host: Fix dereference issue in DDMA completion flow.\n\nFixed variable dereference issue in DDMA completion flow."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:40.576Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/257d313e37d66c3bcc87197fb5b8549129c45dfe"
},
{
"url": "https://git.kernel.org/stable/c/75bf5e78b2a27cb1bca6fa826e3ab685015165e1"
},
{
"url": "https://git.kernel.org/stable/c/26fde0ea40dda1b08fad3bc0a43f122f6dd8bddf"
},
{
"url": "https://git.kernel.org/stable/c/8aa5c28ac65cb5e7f1b9c0c3238c00b661dd2b8c"
},
{
"url": "https://git.kernel.org/stable/c/9de10b59d16880a0a3ae2876c142fe54ce45d816"
},
{
"url": "https://git.kernel.org/stable/c/8a139fa44870e84ac228b7b76423a49610e5ba9a"
},
{
"url": "https://git.kernel.org/stable/c/55656b2afd5f1efcec4245f3e7e814c2a9ef53f6"
},
{
"url": "https://git.kernel.org/stable/c/eed04fa96c48790c1cce73c8a248e9d460b088f8"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "usb: dwc2: host: Fix dereference issue in DDMA completion flow.",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26997",
"datePublished": "2024-05-01T05:28:21.226Z",
"dateReserved": "2024-02-19T14:20:24.206Z",
"dateUpdated": "2024-08-02T00:21:05.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26946
Vulnerability from cvelistv5
Published
2024-05-01 05:18
Modified
2024-08-02 00:21
Severity
Summary
kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26946",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-10T18:35:25.300440Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:47.208Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6417684315087904fffe8966d27ca74398c57dd6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f13edd1871d4fb4ab829aff629d47914e251bae3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/20fdb21eabaeb8f78f8f701f56d14ea0836ec861"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b69f577308f1070004cafac106dd1a44099e5483"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4e51653d5d871f40f1bd5cf95cc7f2d8b33d063b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/x86/kernel/kprobes/core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "641768431508",
"status": "affected",
"version": "cc66bb914578",
"versionType": "git"
},
{
"lessThan": "f13edd1871d4",
"status": "affected",
"version": "cc66bb914578",
"versionType": "git"
},
{
"lessThan": "20fdb21eabae",
"status": "affected",
"version": "cc66bb914578",
"versionType": "git"
},
{
"lessThan": "b69f577308f1",
"status": "affected",
"version": "cc66bb914578",
"versionType": "git"
},
{
"lessThan": "4e51653d5d87",
"status": "affected",
"version": "cc66bb914578",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/x86/kernel/kprobes/core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.18"
},
{
"lessThan": "5.18",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address\n\nRead from an unsafe address with copy_from_kernel_nofault() in\narch_adjust_kprobe_addr() because this function is used before checking\nthe address is in text or not. Syzcaller bot found a bug and reported\nthe case if user specifies inaccessible data area,\narch_adjust_kprobe_addr() will cause a kernel panic.\n\n[ mingo: Clarified the comment. ]"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:39.388Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/6417684315087904fffe8966d27ca74398c57dd6"
},
{
"url": "https://git.kernel.org/stable/c/f13edd1871d4fb4ab829aff629d47914e251bae3"
},
{
"url": "https://git.kernel.org/stable/c/20fdb21eabaeb8f78f8f701f56d14ea0836ec861"
},
{
"url": "https://git.kernel.org/stable/c/b69f577308f1070004cafac106dd1a44099e5483"
},
{
"url": "https://git.kernel.org/stable/c/4e51653d5d871f40f1bd5cf95cc7f2d8b33d063b"
}
],
"title": "kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26946",
"datePublished": "2024-05-01T05:18:13.192Z",
"dateReserved": "2024-02-19T14:20:24.197Z",
"dateUpdated": "2024-08-02T00:21:05.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27050
Vulnerability from cvelistv5
Published
2024-05-01 12:54
Modified
2024-08-02 00:21
Severity
Summary
libbpf: Use OPTS_SET() macro in bpf_xdp_query()
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unknown",
"version": "6.9"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-27050",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-16T18:27:13.162013Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:47:10.362Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.913Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fa5bef5e80c6a3321b2b1a7070436f3bc5daf07c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/682ddd62abd4bdcee7584246903e7a2df005fe0d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cd3be9843247edb8fc6fcd8d8237cbce2bc19f5e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/92a871ab9fa59a74d013bc04f321026a057618e7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"tools/lib/bpf/netlink.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "fa5bef5e80c6",
"status": "affected",
"version": "13ce2daa259a",
"versionType": "git"
},
{
"lessThan": "682ddd62abd4",
"status": "affected",
"version": "13ce2daa259a",
"versionType": "git"
},
{
"lessThan": "cd3be9843247",
"status": "affected",
"version": "13ce2daa259a",
"versionType": "git"
},
{
"lessThan": "92a871ab9fa5",
"status": "affected",
"version": "13ce2daa259a",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"tools/lib/bpf/netlink.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.6"
},
{
"lessThan": "6.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibbpf: Use OPTS_SET() macro in bpf_xdp_query()\n\nWhen the feature_flags and xdp_zc_max_segs fields were added to the libbpf\nbpf_xdp_query_opts, the code writing them did not use the OPTS_SET() macro.\nThis causes libbpf to write to those fields unconditionally, which means\nthat programs compiled against an older version of libbpf (with a smaller\nsize of the bpf_xdp_query_opts struct) will have its stack corrupted by\nlibbpf writing out of bounds.\n\nThe patch adding the feature_flags field has an early bail out if the\nfeature_flags field is not part of the opts struct (via the OPTS_HAS)\nmacro, but the patch adding xdp_zc_max_segs does not. For consistency, this\nfix just changes the assignments to both fields to use the OPTS_SET()\nmacro."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:39.673Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/fa5bef5e80c6a3321b2b1a7070436f3bc5daf07c"
},
{
"url": "https://git.kernel.org/stable/c/682ddd62abd4bdcee7584246903e7a2df005fe0d"
},
{
"url": "https://git.kernel.org/stable/c/cd3be9843247edb8fc6fcd8d8237cbce2bc19f5e"
},
{
"url": "https://git.kernel.org/stable/c/92a871ab9fa59a74d013bc04f321026a057618e7"
}
],
"title": "libbpf: Use OPTS_SET() macro in bpf_xdp_query()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27050",
"datePublished": "2024-05-01T12:54:35.555Z",
"dateReserved": "2024-02-19T14:20:24.213Z",
"dateUpdated": "2024-08-02T00:21:05.913Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27072
Vulnerability from cvelistv5
Published
2024-05-01 13:04
Modified
2024-08-08 15:05
Severity
Summary
media: usbtv: Remove useless locks in usbtv_video_free()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:58.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3e7d82ebb86e94643bdb30b0b5b077ed27dce1c2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/65e6a2773d655172143cc0b927cdc89549842895"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27072",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T18:51:09.728947Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T15:05:07.254Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/media/usb/usbtv/usbtv-video.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3e7d82ebb86e",
"status": "affected",
"version": "f3d27f34fdd7",
"versionType": "git"
},
{
"lessThan": "65e6a2773d65",
"status": "affected",
"version": "f3d27f34fdd7",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/media/usb/usbtv/usbtv-video.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.11"
},
{
"lessThan": "3.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: usbtv: Remove useless locks in usbtv_video_free()\n\nRemove locks calls in usbtv_video_free() because\nare useless and may led to a deadlock as reported here:\nhttps://syzkaller.appspot.com/x/bisect.txt?x=166dc872180000\nAlso remove usbtv_stop() call since it will be called when\nunregistering the device.\n\nBefore \u0027c838530d230b\u0027 this issue would only be noticed if you\ndisconnect while streaming and now it is noticeable even when\ndisconnecting while not streaming.\n\n\n[hverkuil: fix minor spelling mistake in log message]"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:28:03.212Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3e7d82ebb86e94643bdb30b0b5b077ed27dce1c2"
},
{
"url": "https://git.kernel.org/stable/c/65e6a2773d655172143cc0b927cdc89549842895"
}
],
"title": "media: usbtv: Remove useless locks in usbtv_video_free()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27072",
"datePublished": "2024-05-01T13:04:34.169Z",
"dateReserved": "2024-02-19T14:20:24.216Z",
"dateUpdated": "2024-08-08T15:05:07.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52649
Vulnerability from cvelistv5
Published
2024-05-01 12:53
Modified
2024-08-02 23:03
Severity
Summary
drm/vkms: Avoid reading beyond LUT array
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52649",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T18:55:01.102324Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T18:55:20.144Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:03:21.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9556c167673057d48ce4a0da675026fe046654c1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/046c1184ce60b0a37d48134f17ddbc1f32ce02bd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/92800aaeff51b8358d1e0a7eb74daf8aa2d7ce9d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2fee84030d12d9fddfa874e4562d71761a129277"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/vkms/vkms_composer.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "9556c1676730",
"status": "affected",
"version": "db1f254f2cfa",
"versionType": "git"
},
{
"lessThan": "046c1184ce60",
"status": "affected",
"version": "db1f254f2cfa",
"versionType": "git"
},
{
"lessThan": "92800aaeff51",
"status": "affected",
"version": "db1f254f2cfa",
"versionType": "git"
},
{
"lessThan": "2fee84030d12",
"status": "affected",
"version": "db1f254f2cfa",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/vkms/vkms_composer.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.6"
},
{
"lessThan": "6.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vkms: Avoid reading beyond LUT array\n\nWhen the floor LUT index (drm_fixp2int(lut_index) is the last\nindex of the array the ceil LUT index will point to an entry\nbeyond the array. Make sure we guard against it and use the\nvalue of the floor LUT index.\n\nv3:\n - Drop bits from commit description that didn\u0027t contribute\n anything of value"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:15:06.643Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/9556c167673057d48ce4a0da675026fe046654c1"
},
{
"url": "https://git.kernel.org/stable/c/046c1184ce60b0a37d48134f17ddbc1f32ce02bd"
},
{
"url": "https://git.kernel.org/stable/c/92800aaeff51b8358d1e0a7eb74daf8aa2d7ce9d"
},
{
"url": "https://git.kernel.org/stable/c/2fee84030d12d9fddfa874e4562d71761a129277"
}
],
"title": "drm/vkms: Avoid reading beyond LUT array",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-52649",
"datePublished": "2024-05-01T12:53:08.534Z",
"dateReserved": "2024-03-06T09:52:12.096Z",
"dateUpdated": "2024-08-02T23:03:21.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52651
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2024-05-02T10:07:14.570Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"rejectedReasons": [
{
"lang": "en",
"value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-52651",
"datePublished": "2024-05-01T12:53:15.604Z",
"dateRejected": "2024-05-02T10:07:14.570Z",
"dateReserved": "2024-03-06T09:52:12.097Z",
"dateUpdated": "2024-05-02T10:07:14.570Z",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.0"
}
cve-2024-26929
Vulnerability from cvelistv5
Published
2024-05-01 05:17
Modified
2024-08-08 15:21
Severity
Summary
scsi: qla2xxx: Fix double free of fcport
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.480Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b03e626bd6d3f0684f56ee1890d70fc9ca991c04"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/282877633b25d67021a34169c5b5519b1d4ef65e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f85af9f1aa5e2f53694a6cbe72010f754b5ff862"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9b43d2884b54d415caab48878b526dfe2ae9921b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/846fb9f112f618ec6ae181d8dae7961652574774"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/82f522ae0d97119a43da53e0f729275691b9c525"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "b03e626bd6d3",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
},
{
"lessThan": "282877633b25",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
},
{
"lessThan": "f85af9f1aa5e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
},
{
"lessThan": "9b43d2884b54",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
},
{
"lessThan": "846fb9f112f6",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
},
{
"lessThan": "82f522ae0d97",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.2",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-26929",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T15:09:34.055497Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-415",
"description": "CWE-415 Double Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T15:21:42.305Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/scsi/qla2xxx/qla_iocb.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b03e626bd6d3",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "282877633b25",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "f85af9f1aa5e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "9b43d2884b54",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "846fb9f112f6",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "82f522ae0d97",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/scsi/qla2xxx/qla_iocb.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix double free of fcport\n\nThe server was crashing after LOGO because fcport was getting freed twice.\n\n -----------[ cut here ]-----------\n kernel BUG at mm/slub.c:371!\n invalid opcode: 0000 1 SMP PTI\n CPU: 35 PID: 4610 Comm: bash Kdump: loaded Tainted: G OE --------- - - 4.18.0-425.3.1.el8.x86_64 #1\n Hardware name: HPE ProLiant DL360 Gen10/ProLiant DL360 Gen10, BIOS U32 09/03/2021\n RIP: 0010:set_freepointer.part.57+0x0/0x10\n RSP: 0018:ffffb07107027d90 EFLAGS: 00010246\n RAX: ffff9cb7e3150000 RBX: ffff9cb7e332b9c0 RCX: ffff9cb7e3150400\n RDX: 0000000000001f37 RSI: 0000000000000000 RDI: ffff9cb7c0005500\n RBP: fffff693448c5400 R08: 0000000080000000 R09: 0000000000000009\n R10: 0000000000000000 R11: 0000000000132af0 R12: ffff9cb7c0005500\n R13: ffff9cb7e3150000 R14: ffffffffc06990e0 R15: ffff9cb7ea85ea58\n FS: 00007ff6b79c2740(0000) GS:ffff9cb8f7ec0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000055b426b7d700 CR3: 0000000169c18002 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n kfree+0x238/0x250\n qla2x00_els_dcmd_sp_free+0x20/0x230 [qla2xxx]\n ? qla24xx_els_dcmd_iocb+0x607/0x690 [qla2xxx]\n qla2x00_issue_logo+0x28c/0x2a0 [qla2xxx]\n ? qla2x00_issue_logo+0x28c/0x2a0 [qla2xxx]\n ? kernfs_fop_write+0x11e/0x1a0\n\nRemove one of the free calls and add check for valid fcport. Also use\nfunction qla2x00_free_fcport() instead of kfree()."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:11.884Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b03e626bd6d3f0684f56ee1890d70fc9ca991c04"
},
{
"url": "https://git.kernel.org/stable/c/282877633b25d67021a34169c5b5519b1d4ef65e"
},
{
"url": "https://git.kernel.org/stable/c/f85af9f1aa5e2f53694a6cbe72010f754b5ff862"
},
{
"url": "https://git.kernel.org/stable/c/9b43d2884b54d415caab48878b526dfe2ae9921b"
},
{
"url": "https://git.kernel.org/stable/c/846fb9f112f618ec6ae181d8dae7961652574774"
},
{
"url": "https://git.kernel.org/stable/c/82f522ae0d97119a43da53e0f729275691b9c525"
}
],
"title": "scsi: qla2xxx: Fix double free of fcport",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26929",
"datePublished": "2024-05-01T05:17:06.418Z",
"dateReserved": "2024-02-19T14:20:24.195Z",
"dateUpdated": "2024-08-08T15:21:42.305Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27019
Vulnerability from cvelistv5
Published
2024-05-01 05:30
Modified
2024-08-02 00:21
Severity
Summary
netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27019",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T17:40:24.038886Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:46:01.245Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cade34279c2249eafe528564bd2e203e4ff15f88"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/379bf7257bc5f2a1b1ca8514e08a871b7bf6d920"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/df7c0fb8c2b9f9cac65659332581b19682a71349"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ad333578f736d56920e090d7db1f8dec891d815e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4ca946b19caf655a08d5e2266d4d5526025ebb73"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d78d867dcea69c328db30df665be5be7d0148484"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/netfilter/nf_tables_api.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "cade34279c22",
"status": "affected",
"version": "e50092404c1b",
"versionType": "git"
},
{
"lessThan": "379bf7257bc5",
"status": "affected",
"version": "e50092404c1b",
"versionType": "git"
},
{
"lessThan": "df7c0fb8c2b9",
"status": "affected",
"version": "e50092404c1b",
"versionType": "git"
},
{
"lessThan": "ad333578f736",
"status": "affected",
"version": "e50092404c1b",
"versionType": "git"
},
{
"lessThan": "4ca946b19caf",
"status": "affected",
"version": "e50092404c1b",
"versionType": "git"
},
{
"lessThan": "d78d867dcea6",
"status": "affected",
"version": "e50092404c1b",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/netfilter/nf_tables_api.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.10"
},
{
"lessThan": "4.10",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()\n\nnft_unregister_obj() can concurrent with __nft_obj_type_get(),\nand there is not any protection when iterate over nf_tables_objects\nlist in __nft_obj_type_get(). Therefore, there is potential data-race\nof nf_tables_objects list entry.\n\nUse list_for_each_entry_rcu() to iterate over nf_tables_objects\nlist in __nft_obj_type_get(), and use rcu_read_lock() in the caller\nnft_obj_type_get() to protect the entire type query process."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-16T12:20:38.146Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/cade34279c2249eafe528564bd2e203e4ff15f88"
},
{
"url": "https://git.kernel.org/stable/c/379bf7257bc5f2a1b1ca8514e08a871b7bf6d920"
},
{
"url": "https://git.kernel.org/stable/c/df7c0fb8c2b9f9cac65659332581b19682a71349"
},
{
"url": "https://git.kernel.org/stable/c/ad333578f736d56920e090d7db1f8dec891d815e"
},
{
"url": "https://git.kernel.org/stable/c/4ca946b19caf655a08d5e2266d4d5526025ebb73"
},
{
"url": "https://git.kernel.org/stable/c/d78d867dcea69c328db30df665be5be7d0148484"
}
],
"title": "netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27019",
"datePublished": "2024-05-01T05:30:11.319Z",
"dateReserved": "2024-02-19T14:20:24.209Z",
"dateUpdated": "2024-08-02T00:21:05.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27042
Vulnerability from cvelistv5
Published
2024-05-01 12:54
Modified
2024-08-02 00:21
Severity
Summary
drm/amdgpu: Fix potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()'
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27042",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-09T18:38:54.992056Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:46.280Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8f3e68c6a3fff53c2240762a47a0045d89371775"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b33d4af102b9c1f7a83d3f0ad3cab7d2bab8f058"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8db10cee51e3e11a6658742465edc21986cf1e8d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cdb637d339572398821204a1142d8d615668f1e9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8f3e68c6a3ff",
"status": "affected",
"version": "a0ccc717c4ab",
"versionType": "git"
},
{
"lessThan": "b33d4af102b9",
"status": "affected",
"version": "a0ccc717c4ab",
"versionType": "git"
},
{
"lessThan": "8db10cee51e3",
"status": "affected",
"version": "a0ccc717c4ab",
"versionType": "git"
},
{
"lessThan": "cdb637d33957",
"status": "affected",
"version": "a0ccc717c4ab",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.19"
},
{
"lessThan": "5.19",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential out-of-bounds access in \u0027amdgpu_discovery_reg_base_init()\u0027\n\nThe issue arises when the array \u0027adev-\u003evcn.vcn_config\u0027 is accessed\nbefore checking if the index \u0027adev-\u003evcn.num_vcn_inst\u0027 is within the\nbounds of the array.\n\nThe fix involves moving the bounds check before the array access. This\nensures that \u0027adev-\u003evcn.num_vcn_inst\u0027 is within the bounds of the array\nbefore it is used as an index.\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c:1289 amdgpu_discovery_reg_base_init() error: testing array offset \u0027adev-\u003evcn.num_vcn_inst\u0027 after use."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:31.569Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8f3e68c6a3fff53c2240762a47a0045d89371775"
},
{
"url": "https://git.kernel.org/stable/c/b33d4af102b9c1f7a83d3f0ad3cab7d2bab8f058"
},
{
"url": "https://git.kernel.org/stable/c/8db10cee51e3e11a6658742465edc21986cf1e8d"
},
{
"url": "https://git.kernel.org/stable/c/cdb637d339572398821204a1142d8d615668f1e9"
}
],
"title": "drm/amdgpu: Fix potential out-of-bounds access in \u0027amdgpu_discovery_reg_base_init()\u0027",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27042",
"datePublished": "2024-05-01T12:54:07.719Z",
"dateReserved": "2024-02-19T14:20:24.212Z",
"dateUpdated": "2024-08-02T00:21:05.883Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26996
Vulnerability from cvelistv5
Published
2024-05-01 05:28
Modified
2024-08-02 00:21
Severity
Summary
usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26996",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-10T18:35:08.216292Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:50.015Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.862Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7f67c2020cb08499c400abf0fc32c65e4d9a09ca"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0588bbbd718a8130b98c54518f1e0b569ce60a93"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f356fd0cbd9c9cbd0854657a80d1608d0d732db3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7250326cbb1f4f90391ac511a126b936cefb5bb7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6334b8e4553cc69f51e383c9de545082213d785e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/usb/gadget/function/f_ncm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7f67c2020cb0",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "0588bbbd718a",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "f356fd0cbd9c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "7250326cbb1f",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "6334b8e4553c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/usb/gadget/function/f_ncm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error\n\nWhen ncm function is working and then stop usb0 interface for link down,\neth_stop() is called. At this piont, accidentally if usb transport error\nshould happen in usb_ep_enable(), \u0027in_ep\u0027 and/or \u0027out_ep\u0027 may not be enabled.\n\nAfter that, ncm_disable() is called to disable for ncm unbind\nbut gether_disconnect() is never called since \u0027in_ep\u0027 is not enabled.\n\nAs the result, ncm object is released in ncm unbind\nbut \u0027dev-\u003eport_usb\u0027 associated to \u0027ncm-\u003eport\u0027 is not NULL.\n\nAnd when ncm bind again to recover netdev, ncm object is reallocated\nbut usb0 interface is already associated to previous released ncm object.\n\nTherefore, once usb0 interface is up and eth_start_xmit() is called,\nreleased ncm object is dereferrenced and it might cause use-after-free memory.\n\n[function unlink via configfs]\n usb0: eth_stop dev-\u003eport_usb=ffffff9b179c3200\n --\u003e error happens in usb_ep_enable().\n NCM: ncm_disable: ncm=ffffff9b179c3200\n --\u003e no gether_disconnect() since ncm-\u003eport.in_ep-\u003eenabled is false.\n NCM: ncm_unbind: ncm unbind ncm=ffffff9b179c3200\n NCM: ncm_free: ncm free ncm=ffffff9b179c3200 \u003c-- released ncm\n\n[function link via configfs]\n NCM: ncm_alloc: ncm alloc ncm=ffffff9ac4f8a000\n NCM: ncm_bind: ncm bind ncm=ffffff9ac4f8a000\n NCM: ncm_set_alt: ncm=ffffff9ac4f8a000 alt=0\n usb0: eth_open dev-\u003eport_usb=ffffff9b179c3200 \u003c-- previous released ncm\n usb0: eth_start dev-\u003eport_usb=ffffff9b179c3200 \u003c--\n eth_start_xmit()\n --\u003e dev-\u003ewrap()\n Unable to handle kernel paging request at virtual address dead00000000014f\n\nThis patch addresses the issue by checking if \u0027ncm-\u003enetdev\u0027 is not NULL at\nncm_disable() to call gether_disconnect() to deassociate \u0027dev-\u003eport_usb\u0027.\nIt\u0027s more reasonable to check \u0027ncm-\u003enetdev\u0027 to call gether_connect/disconnect\nrather than check \u0027ncm-\u003eport.in_ep-\u003eenabled\u0027 since it might not be enabled\nbut the gether connection might be established."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:39.555Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7f67c2020cb08499c400abf0fc32c65e4d9a09ca"
},
{
"url": "https://git.kernel.org/stable/c/0588bbbd718a8130b98c54518f1e0b569ce60a93"
},
{
"url": "https://git.kernel.org/stable/c/f356fd0cbd9c9cbd0854657a80d1608d0d732db3"
},
{
"url": "https://git.kernel.org/stable/c/7250326cbb1f4f90391ac511a126b936cefb5bb7"
},
{
"url": "https://git.kernel.org/stable/c/6334b8e4553cc69f51e383c9de545082213d785e"
}
],
"title": "usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26996",
"datePublished": "2024-05-01T05:28:16.652Z",
"dateReserved": "2024-02-19T14:20:24.206Z",
"dateUpdated": "2024-08-02T00:21:05.862Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27048
Vulnerability from cvelistv5
Published
2024-05-01 12:54
Modified
2024-08-02 00:21
Severity
Summary
wifi: brcm80211: handle pmk_op allocation failure
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/df62e22c2e27420e8990a4f09e30d7bf56c2036f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9975908315c13bae2f2ed5ba92870fa935180b0e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6138a82f3bccfc67ed7ac059493579fc326c02e5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b4152222e04cb8afeeca239c90e3fcaf4c553b42"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "df62e22c2e27",
"status": "affected",
"version": "a96202acaea4",
"versionType": "git"
},
{
"lessThan": "9975908315c1",
"status": "affected",
"version": "a96202acaea4",
"versionType": "git"
},
{
"lessThan": "6138a82f3bcc",
"status": "affected",
"version": "a96202acaea4",
"versionType": "git"
},
{
"lessThan": "b4152222e04c",
"status": "affected",
"version": "a96202acaea4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"lessThan": "6.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: handle pmk_op allocation failure\n\nThe kzalloc() in brcmf_pmksa_v3_op() will return null if the\nphysical memory has run out. As a result, if we dereference\nthe null value, the null pointer dereference bug will happen.\n\nReturn -ENOMEM from brcmf_pmksa_v3_op() if kzalloc() fails\nfor pmk_op."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:37.664Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/df62e22c2e27420e8990a4f09e30d7bf56c2036f"
},
{
"url": "https://git.kernel.org/stable/c/9975908315c13bae2f2ed5ba92870fa935180b0e"
},
{
"url": "https://git.kernel.org/stable/c/6138a82f3bccfc67ed7ac059493579fc326c02e5"
},
{
"url": "https://git.kernel.org/stable/c/b4152222e04cb8afeeca239c90e3fcaf4c553b42"
}
],
"title": "wifi: brcm80211: handle pmk_op allocation failure",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27048",
"datePublished": "2024-05-01T12:54:28.644Z",
"dateReserved": "2024-02-19T14:20:24.213Z",
"dateUpdated": "2024-08-02T00:21:05.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27052
Vulnerability from cvelistv5
Published
2024-05-01 12:54
Modified
2024-08-02 00:21
Severity
Summary
wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:5.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "5.5"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "58fe3bbddfec",
"status": "affected",
"version": "e542e66b7c2e",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-27052",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T15:54:30.303932Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:46:59.357Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.987Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dddedfa3b29a63c2ca4336663806a6128b8545b4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ac512507ac89c01ed6cd4ca53032f52cdb23ea59"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3518cea837de4d106efa84ddac18a07b6de1384e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/156012667b85ca7305cb363790d3ae8519a6f41e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7059cdb69f8e1a2707dd1e2f363348b507ed7707"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/58fe3bbddfec10c6b216096d8c0e517cd8463e3a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1213acb478a7181cd73eeaf00db430f1e45b1361"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "dddedfa3b29a",
"status": "affected",
"version": "e542e66b7c2e",
"versionType": "git"
},
{
"lessThan": "ac512507ac89",
"status": "affected",
"version": "e542e66b7c2e",
"versionType": "git"
},
{
"lessThan": "3518cea837de",
"status": "affected",
"version": "e542e66b7c2e",
"versionType": "git"
},
{
"lessThan": "156012667b85",
"status": "affected",
"version": "e542e66b7c2e",
"versionType": "git"
},
{
"lessThan": "7059cdb69f8e",
"status": "affected",
"version": "e542e66b7c2e",
"versionType": "git"
},
{
"lessThan": "58fe3bbddfec",
"status": "affected",
"version": "e542e66b7c2e",
"versionType": "git"
},
{
"lessThan": "1213acb478a7",
"status": "affected",
"version": "e542e66b7c2e",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.5"
},
{
"lessThan": "5.5",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work\n\nThe workqueue might still be running, when the driver is stopped. To\navoid a use-after-free, call cancel_work_sync() in rtl8xxxu_stop()."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:42.117Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/dddedfa3b29a63c2ca4336663806a6128b8545b4"
},
{
"url": "https://git.kernel.org/stable/c/ac512507ac89c01ed6cd4ca53032f52cdb23ea59"
},
{
"url": "https://git.kernel.org/stable/c/3518cea837de4d106efa84ddac18a07b6de1384e"
},
{
"url": "https://git.kernel.org/stable/c/156012667b85ca7305cb363790d3ae8519a6f41e"
},
{
"url": "https://git.kernel.org/stable/c/7059cdb69f8e1a2707dd1e2f363348b507ed7707"
},
{
"url": "https://git.kernel.org/stable/c/58fe3bbddfec10c6b216096d8c0e517cd8463e3a"
},
{
"url": "https://git.kernel.org/stable/c/1213acb478a7181cd73eeaf00db430f1e45b1361"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27052",
"datePublished": "2024-05-01T12:54:42.547Z",
"dateReserved": "2024-02-19T14:20:24.214Z",
"dateUpdated": "2024-08-02T00:21:05.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27053
Vulnerability from cvelistv5
Published
2024-05-01 12:54
Modified
2024-08-02 00:21
Severity
Summary
wifi: wilc1000: fix RCU usage in connect path
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "e556006de4ea ",
"status": "affected",
"version": "c460495ee072",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": " b4bbf38c350a ",
"status": "affected",
"version": "c460495ee072",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "d80fc436751c ",
"status": "affected",
"version": "c460495ee072",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "745003b5917b ",
"status": "affected",
"version": "c460495ee072",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "4bfd20d5f5c",
"status": "affected",
"version": "c460495ee072",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "5800ec78775c ",
"status": "affected",
"version": "c460495ee072",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": " dd50d3ead6e3 ",
"status": "affected",
"version": "c460495ee072",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "205c50306acf ",
"status": "affected",
"version": "c460495ee072",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.5",
"status": "unaffected",
"version": "5.4.273",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.16",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.2",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.7",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.8",
"status": "unaffected",
"version": " 6.7.11 ",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unaffected",
"version": "6.9"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "5.1",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:5.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "5.1"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.11",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.9",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-27053",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T19:19:44.872226Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T15:21:04.231Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.869Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e556006de4ea93abe2b46cba202a2556c544b8b2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b4bbf38c350acb6500cbe667b1e2e68f896e4b38"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d80fc436751cfa6b02a8eda74eb6cce7dadfe5a2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/745003b5917b610352f52fe0d11ef658d6471ec2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4bfd20d5f5c62b5495d6c0016ee6933bd3add7ce"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5800ec78775c0cd646f71eb9bf8402fb794807de"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dd50d3ead6e3707bb0a5df7cc832730c93ace3a7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/205c50306acf58a335eb19fa84e40140f4fe814f"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/microchip/wilc1000/hif.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e556006de4ea",
"status": "affected",
"version": "c460495ee072",
"versionType": "git"
},
{
"lessThan": "b4bbf38c350a",
"status": "affected",
"version": "c460495ee072",
"versionType": "git"
},
{
"lessThan": "d80fc436751c",
"status": "affected",
"version": "c460495ee072",
"versionType": "git"
},
{
"lessThan": "745003b5917b",
"status": "affected",
"version": "c460495ee072",
"versionType": "git"
},
{
"lessThan": "4bfd20d5f5c6",
"status": "affected",
"version": "c460495ee072",
"versionType": "git"
},
{
"lessThan": "5800ec78775c",
"status": "affected",
"version": "c460495ee072",
"versionType": "git"
},
{
"lessThan": "dd50d3ead6e3",
"status": "affected",
"version": "c460495ee072",
"versionType": "git"
},
{
"lessThan": "205c50306acf",
"status": "affected",
"version": "c460495ee072",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/microchip/wilc1000/hif.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.1"
},
{
"lessThan": "5.1",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.273",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: fix RCU usage in connect path\n\nWith lockdep enabled, calls to the connect function from cfg802.11 layer\nlead to the following warning:\n\n=============================\nWARNING: suspicious RCU usage\n6.7.0-rc1-wt+ #333 Not tainted\n-----------------------------\ndrivers/net/wireless/microchip/wilc1000/hif.c:386\nsuspicious rcu_dereference_check() usage!\n[...]\nstack backtrace:\nCPU: 0 PID: 100 Comm: wpa_supplicant Not tainted 6.7.0-rc1-wt+ #333\nHardware name: Atmel SAMA5\n unwind_backtrace from show_stack+0x18/0x1c\n show_stack from dump_stack_lvl+0x34/0x48\n dump_stack_lvl from wilc_parse_join_bss_param+0x7dc/0x7f4\n wilc_parse_join_bss_param from connect+0x2c4/0x648\n connect from cfg80211_connect+0x30c/0xb74\n cfg80211_connect from nl80211_connect+0x860/0xa94\n nl80211_connect from genl_rcv_msg+0x3fc/0x59c\n genl_rcv_msg from netlink_rcv_skb+0xd0/0x1f8\n netlink_rcv_skb from genl_rcv+0x2c/0x3c\n genl_rcv from netlink_unicast+0x3b0/0x550\n netlink_unicast from netlink_sendmsg+0x368/0x688\n netlink_sendmsg from ____sys_sendmsg+0x190/0x430\n ____sys_sendmsg from ___sys_sendmsg+0x110/0x158\n ___sys_sendmsg from sys_sendmsg+0xe8/0x150\n sys_sendmsg from ret_fast_syscall+0x0/0x1c\n\nThis warning is emitted because in the connect path, when trying to parse\ntarget BSS parameters, we dereference a RCU pointer whithout being in RCU\ncritical section.\nFix RCU dereference usage by moving it to a RCU read critical section. To\navoid wrapping the whole wilc_parse_join_bss_param under the critical\nsection, just use the critical section to copy ies data"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:43.132Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e556006de4ea93abe2b46cba202a2556c544b8b2"
},
{
"url": "https://git.kernel.org/stable/c/b4bbf38c350acb6500cbe667b1e2e68f896e4b38"
},
{
"url": "https://git.kernel.org/stable/c/d80fc436751cfa6b02a8eda74eb6cce7dadfe5a2"
},
{
"url": "https://git.kernel.org/stable/c/745003b5917b610352f52fe0d11ef658d6471ec2"
},
{
"url": "https://git.kernel.org/stable/c/4bfd20d5f5c62b5495d6c0016ee6933bd3add7ce"
},
{
"url": "https://git.kernel.org/stable/c/5800ec78775c0cd646f71eb9bf8402fb794807de"
},
{
"url": "https://git.kernel.org/stable/c/dd50d3ead6e3707bb0a5df7cc832730c93ace3a7"
},
{
"url": "https://git.kernel.org/stable/c/205c50306acf58a335eb19fa84e40140f4fe814f"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "wifi: wilc1000: fix RCU usage in connect path",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27053",
"datePublished": "2024-05-01T12:54:45.964Z",
"dateReserved": "2024-02-19T14:20:24.214Z",
"dateUpdated": "2024-08-02T00:21:05.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27034
Vulnerability from cvelistv5
Published
2024-05-01 12:53
Modified
2024-08-02 00:21
Severity
Summary
f2fs: compress: fix to cover normal cluster write with cp_rwsem
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27034",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-09T18:39:02.187775Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:46.153Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.902Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7d420eaaa18ec8e2bb4eeab8c65c00492ef6f416"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/542c8b3c774a480bfd0804291a12f6f2391b0cd1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/75abfd61392b1db391bde6d738a30d685b843286"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2b1b14d9fc94b8feae20808684c8af28ec80f45b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/52982edfcefd475cc34af663d5c47c0cddaa5739"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fd244524c2cf07b5f4c3fe8abd6a99225c76544b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/f2fs/compress.c",
"fs/f2fs/data.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7d420eaaa18e",
"status": "affected",
"version": "4c8ff7095bef",
"versionType": "git"
},
{
"lessThan": "542c8b3c774a",
"status": "affected",
"version": "4c8ff7095bef",
"versionType": "git"
},
{
"lessThan": "75abfd61392b",
"status": "affected",
"version": "4c8ff7095bef",
"versionType": "git"
},
{
"lessThan": "2b1b14d9fc94",
"status": "affected",
"version": "4c8ff7095bef",
"versionType": "git"
},
{
"lessThan": "52982edfcefd",
"status": "affected",
"version": "4c8ff7095bef",
"versionType": "git"
},
{
"lessThan": "fd244524c2cf",
"status": "affected",
"version": "4c8ff7095bef",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/f2fs/compress.c",
"fs/f2fs/data.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.6"
},
{
"lessThan": "5.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: compress: fix to cover normal cluster write with cp_rwsem\n\nWhen we overwrite compressed cluster w/ normal cluster, we should\nnot unlock cp_rwsem during f2fs_write_raw_pages(), otherwise data\nwill be corrupted if partial blocks were persisted before CP \u0026 SPOR,\ndue to cluster metadata wasn\u0027t updated atomically."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:23.380Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7d420eaaa18ec8e2bb4eeab8c65c00492ef6f416"
},
{
"url": "https://git.kernel.org/stable/c/542c8b3c774a480bfd0804291a12f6f2391b0cd1"
},
{
"url": "https://git.kernel.org/stable/c/75abfd61392b1db391bde6d738a30d685b843286"
},
{
"url": "https://git.kernel.org/stable/c/2b1b14d9fc94b8feae20808684c8af28ec80f45b"
},
{
"url": "https://git.kernel.org/stable/c/52982edfcefd475cc34af663d5c47c0cddaa5739"
},
{
"url": "https://git.kernel.org/stable/c/fd244524c2cf07b5f4c3fe8abd6a99225c76544b"
}
],
"title": "f2fs: compress: fix to cover normal cluster write with cp_rwsem",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27034",
"datePublished": "2024-05-01T12:53:39.767Z",
"dateReserved": "2024-02-19T14:20:24.211Z",
"dateUpdated": "2024-08-02T00:21:05.902Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26995
Vulnerability from cvelistv5
Published
2024-05-01 05:28
Modified
2024-08-02 00:21
Severity
Summary
usb: typec: tcpm: Correct the PDO counting in pd_set
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26995",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T17:40:42.913629Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:46:42.248Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f3da3192cdd3fefe213390e976eec424a8e270b5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c4128304c2169b4664ed6fb6200f228cead2ab70"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/usb/typec/tcpm/tcpm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f3da3192cdd3",
"status": "affected",
"version": "cd099cde4ed2",
"versionType": "git"
},
{
"lessThan": "c4128304c216",
"status": "affected",
"version": "cd099cde4ed2",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/usb/typec/tcpm/tcpm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tcpm: Correct the PDO counting in pd_set\n\nOff-by-one errors happen because nr_snk_pdo and nr_src_pdo are\nincorrectly added one. The index of the loop is equal to the number of\nPDOs to be updated when leaving the loop and it doesn\u0027t need to be added\none.\n\nWhen doing the power negotiation, TCPM relies on the \"nr_snk_pdo\" as\nthe size of the local sink PDO array to match the Source capabilities\nof the partner port. If the off-by-one overflow occurs, a wrong RDO\nmight be sent and unexpected power transfer might happen such as over\nvoltage or over current (than expected).\n\n\"nr_src_pdo\" is used to set the Rp level when the port is in Source\nrole. It is also the array size of the local Source capabilities when\nfilling up the buffer which will be sent as the Source PDOs (such as\nin Power Negotiation). If the off-by-one overflow occurs, a wrong Rp\nlevel might be set and wrong Source PDOs will be sent to the partner\nport. This could potentially cause over current or port resets."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:38.525Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/f3da3192cdd3fefe213390e976eec424a8e270b5"
},
{
"url": "https://git.kernel.org/stable/c/c4128304c2169b4664ed6fb6200f228cead2ab70"
}
],
"title": "usb: typec: tcpm: Correct the PDO counting in pd_set",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26995",
"datePublished": "2024-05-01T05:28:12.105Z",
"dateReserved": "2024-02-19T14:20:24.206Z",
"dateUpdated": "2024-08-02T00:21:05.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48669
Vulnerability from cvelistv5
Published
2024-05-01 13:03
Modified
2024-08-03 15:17
Severity
Summary
powerpc/pseries: Fix potential memleak in papr_get_attr()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48669",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T18:28:26.103975Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T18:29:23.651Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:17:55.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a3f22feb2220a945d1c3282e34199e8bcdc5afc4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1699fb915b9f61794d559b55114c09a390aaf234"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7f7d39fe3d80d6143404940b2413010cf6527029"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d0647c3e81eff62b66d46fd4e475318cb8cb3610"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cda9c0d556283e2d4adaa9960b2dc19b16156bae"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/powerpc/platforms/pseries/papr_platform_attributes.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a3f22feb2220",
"status": "affected",
"version": "3c14b73454cf",
"versionType": "git"
},
{
"lessThan": "1699fb915b9f",
"status": "affected",
"version": "3c14b73454cf",
"versionType": "git"
},
{
"lessThan": "7f7d39fe3d80",
"status": "affected",
"version": "3c14b73454cf",
"versionType": "git"
},
{
"lessThan": "d0647c3e81ef",
"status": "affected",
"version": "3c14b73454cf",
"versionType": "git"
},
{
"lessThan": "cda9c0d55628",
"status": "affected",
"version": "3c14b73454cf",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/powerpc/platforms/pseries/papr_platform_attributes.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.18"
},
{
"lessThan": "5.18",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries: Fix potential memleak in papr_get_attr()\n\n`buf` is allocated in papr_get_attr(), and krealloc() of `buf`\ncould fail. We need to free the original `buf` in the case of failure."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:11:12.627Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a3f22feb2220a945d1c3282e34199e8bcdc5afc4"
},
{
"url": "https://git.kernel.org/stable/c/1699fb915b9f61794d559b55114c09a390aaf234"
},
{
"url": "https://git.kernel.org/stable/c/7f7d39fe3d80d6143404940b2413010cf6527029"
},
{
"url": "https://git.kernel.org/stable/c/d0647c3e81eff62b66d46fd4e475318cb8cb3610"
},
{
"url": "https://git.kernel.org/stable/c/cda9c0d556283e2d4adaa9960b2dc19b16156bae"
}
],
"title": "powerpc/pseries: Fix potential memleak in papr_get_attr()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48669",
"datePublished": "2024-05-01T13:03:55.005Z",
"dateReserved": "2024-02-25T13:44:28.321Z",
"dateUpdated": "2024-08-03T15:17:55.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27071
Vulnerability from cvelistv5
Published
2024-05-01 13:04
Modified
2024-08-02 00:27
Severity
Summary
backlight: hx8357: Fix potential NULL pointer dereference
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27071",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T15:20:04.758036Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:49.344Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:59.538Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/67e578c8ff2d7df03bf8ca9a7f5436b1796f6ad1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b1ba8bcb2d1ffce11b308ce166c9cc28d989e3b9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/video/backlight/hx8357.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "67e578c8ff2d",
"status": "affected",
"version": "7d84a63a39b7",
"versionType": "git"
},
{
"lessThan": "b1ba8bcb2d1f",
"status": "affected",
"version": "7d84a63a39b7",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/video/backlight/hx8357.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbacklight: hx8357: Fix potential NULL pointer dereference\n\nThe \"im\" pins are optional. Add missing check in the hx8357_probe()."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:28:01.740Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/67e578c8ff2d7df03bf8ca9a7f5436b1796f6ad1"
},
{
"url": "https://git.kernel.org/stable/c/b1ba8bcb2d1ffce11b308ce166c9cc28d989e3b9"
}
],
"title": "backlight: hx8357: Fix potential NULL pointer dereference",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27071",
"datePublished": "2024-05-01T13:04:30.489Z",
"dateReserved": "2024-02-19T14:20:24.216Z",
"dateUpdated": "2024-08-02T00:27:59.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27059
Vulnerability from cvelistv5
Published
2024-05-01 13:00
Modified
2024-08-02 00:21
Severity
Summary
USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27059",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-09T18:38:40.955330Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:46:17.539Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.855Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9968c701cba7eda42e5f0052b040349d6222ae34"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/eb7b01ca778170654e1c76950024270ba74b121f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/284fb1003d5da111019b9e0bf99b084fd71ac133"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6c1f36d92c0a8799569055012665d2bb066fb964"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f42ba916689f5c7b1642092266d2f53cf527aaaa"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/871fd7b10b56d280990b7e754f43d888382ca325"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3a67d4ab9e730361d183086dfb0ddd8c61f01636"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/014bcf41d946b36a8f0b8e9b5d9529efbb822f49"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/usb/storage/isd200.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "9968c701cba7",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "eb7b01ca7781",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "284fb1003d5d",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "6c1f36d92c0a",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "f42ba916689f",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "871fd7b10b56",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "3a67d4ab9e73",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "014bcf41d946",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/usb/storage/isd200.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.12"
},
{
"lessThan": "2.6.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.312",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.274",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: usb-storage: Prevent divide-by-0 error in isd200_ata_command\n\nThe isd200 sub-driver in usb-storage uses the HEADS and SECTORS values\nin the ATA ID information to calculate cylinder and head values when\ncreating a CDB for READ or WRITE commands. The calculation involves\ndivision and modulus operations, which will cause a crash if either of\nthese values is 0. While this never happens with a genuine device, it\ncould happen with a flawed or subversive emulation, as reported by the\nsyzbot fuzzer.\n\nProtect against this possibility by refusing to bind to the device if\neither the ATA_ID_HEADS or ATA_ID_SECTORS value in the device\u0027s ID\ninformation is 0. This requires isd200_Initialization() to return a\nnegative error code when initialization fails; currently it always\nreturns 0 (even when there is an error)."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:49.548Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/9968c701cba7eda42e5f0052b040349d6222ae34"
},
{
"url": "https://git.kernel.org/stable/c/eb7b01ca778170654e1c76950024270ba74b121f"
},
{
"url": "https://git.kernel.org/stable/c/284fb1003d5da111019b9e0bf99b084fd71ac133"
},
{
"url": "https://git.kernel.org/stable/c/6c1f36d92c0a8799569055012665d2bb066fb964"
},
{
"url": "https://git.kernel.org/stable/c/f42ba916689f5c7b1642092266d2f53cf527aaaa"
},
{
"url": "https://git.kernel.org/stable/c/871fd7b10b56d280990b7e754f43d888382ca325"
},
{
"url": "https://git.kernel.org/stable/c/3a67d4ab9e730361d183086dfb0ddd8c61f01636"
},
{
"url": "https://git.kernel.org/stable/c/014bcf41d946b36a8f0b8e9b5d9529efbb822f49"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27059",
"datePublished": "2024-05-01T13:00:10.571Z",
"dateReserved": "2024-02-19T14:20:24.214Z",
"dateUpdated": "2024-08-02T00:21:05.855Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27073
Vulnerability from cvelistv5
Published
2024-05-01 13:04
Modified
2024-08-02 00:27
Severity
Summary
media: ttpci: fix two memleaks in budget_av_attach
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27073",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T18:09:11.753345Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T18:09:26.724Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:57.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/af37aed04997e644f7e1b52b696b62dcae3cc016"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/910363473e4bf97da3c350e08d915546dd6cc30b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/24e51d6eb578b82ff292927f14b9f5ec05a46beb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/55ca0c7eae8499bb96f4e5d9b26af95e89c4e6a0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7393c681f9aa05ffe2385e8716989565eed2fe06"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1597cd1a88cfcdc4bf8b1b44cd458fed9a5a5d63"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/656b8cc123d7635dd399d9f02594f27aa797ac3c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d0b07f712bf61e1a3cf23c87c663791c42e50837"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/media/pci/ttpci/budget-av.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "af37aed04997",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "910363473e4b",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "24e51d6eb578",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "55ca0c7eae84",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "7393c681f9aa",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "1597cd1a88cf",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "656b8cc123d7",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "d0b07f712bf6",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/media/pci/ttpci/budget-av.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.12"
},
{
"lessThan": "2.6.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.273",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ttpci: fix two memleaks in budget_av_attach\n\nWhen saa7146_register_device and saa7146_vv_init fails, budget_av_attach\nshould free the resources it allocates, like the error-handling of\nttpci_budget_init does. Besides, there are two fixme comment refers to\nsuch deallocations."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:28:04.322Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/af37aed04997e644f7e1b52b696b62dcae3cc016"
},
{
"url": "https://git.kernel.org/stable/c/910363473e4bf97da3c350e08d915546dd6cc30b"
},
{
"url": "https://git.kernel.org/stable/c/24e51d6eb578b82ff292927f14b9f5ec05a46beb"
},
{
"url": "https://git.kernel.org/stable/c/55ca0c7eae8499bb96f4e5d9b26af95e89c4e6a0"
},
{
"url": "https://git.kernel.org/stable/c/7393c681f9aa05ffe2385e8716989565eed2fe06"
},
{
"url": "https://git.kernel.org/stable/c/1597cd1a88cfcdc4bf8b1b44cd458fed9a5a5d63"
},
{
"url": "https://git.kernel.org/stable/c/656b8cc123d7635dd399d9f02594f27aa797ac3c"
},
{
"url": "https://git.kernel.org/stable/c/d0b07f712bf61e1a3cf23c87c663791c42e50837"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "media: ttpci: fix two memleaks in budget_av_attach",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27073",
"datePublished": "2024-05-01T13:04:37.653Z",
"dateReserved": "2024-02-19T14:20:24.216Z",
"dateUpdated": "2024-08-02T00:27:57.810Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27031
Vulnerability from cvelistv5
Published
2024-05-01 12:53
Modified
2024-08-02 00:21
Severity
Summary
NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.884Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ad27382f8495f8ef6d2c66c413d756bfd13c0598"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8df1678c021ffeb20ef8a203bd9413f3ed9b0e9a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8a2e5977cecd3cde6a0e3e86b7b914d00240e5dc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fd5860ab6341506004219b080aea40213b299d2e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/nfs/fscache.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ad27382f8495",
"status": "affected",
"version": "000dbe0bec05",
"versionType": "git"
},
{
"lessThan": "8df1678c021f",
"status": "affected",
"version": "000dbe0bec05",
"versionType": "git"
},
{
"lessThan": "8a2e5977cecd",
"status": "affected",
"version": "000dbe0bec05",
"versionType": "git"
},
{
"lessThan": "fd5860ab6341",
"status": "affected",
"version": "000dbe0bec05",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/nfs/fscache.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"lessThan": "6.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt\n\nThe loop inside nfs_netfs_issue_read() currently does not disable\ninterrupts while iterating through pages in the xarray to submit\nfor NFS read. This is not safe though since after taking xa_lock,\nanother page in the mapping could be processed for writeback inside\nan interrupt, and deadlock can occur. The fix is simple and clean\nif we use xa_for_each_range(), which handles the iteration with RCU\nwhile reducing code complexity.\n\nThe problem is easily reproduced with the following test:\n mount -o vers=3,fsc 127.0.0.1:/export /mnt/nfs\n dd if=/dev/zero of=/mnt/nfs/file1.bin bs=4096 count=1\n echo 3 \u003e /proc/sys/vm/drop_caches\n dd if=/mnt/nfs/file1.bin of=/dev/null\n umount /mnt/nfs\n\nOn the console with a lockdep-enabled kernel a message similar to\nthe following will be seen:\n\n ================================\n WARNING: inconsistent lock state\n 6.7.0-lockdbg+ #10 Not tainted\n --------------------------------\n inconsistent {IN-SOFTIRQ-W} -\u003e {SOFTIRQ-ON-W} usage.\n test5/1708 [HC0[0]:SC0[0]:HE1:SE1] takes:\n ffff888127baa598 (\u0026xa-\u003exa_lock#4){+.?.}-{3:3}, at:\nnfs_netfs_issue_read+0x1b2/0x4b0 [nfs]\n {IN-SOFTIRQ-W} state was registered at:\n lock_acquire+0x144/0x380\n _raw_spin_lock_irqsave+0x4e/0xa0\n __folio_end_writeback+0x17e/0x5c0\n folio_end_writeback+0x93/0x1b0\n iomap_finish_ioend+0xeb/0x6a0\n blk_update_request+0x204/0x7f0\n blk_mq_end_request+0x30/0x1c0\n blk_complete_reqs+0x7e/0xa0\n __do_softirq+0x113/0x544\n __irq_exit_rcu+0xfe/0x120\n irq_exit_rcu+0xe/0x20\n sysvec_call_function_single+0x6f/0x90\n asm_sysvec_call_function_single+0x1a/0x20\n pv_native_safe_halt+0xf/0x20\n default_idle+0x9/0x20\n default_idle_call+0x67/0xa0\n do_idle+0x2b5/0x300\n cpu_startup_entry+0x34/0x40\n start_secondary+0x19d/0x1c0\n secondary_startup_64_no_verify+0x18f/0x19b\n irq event stamp: 176891\n hardirqs last enabled at (176891): [\u003cffffffffa67a0be4\u003e]\n_raw_spin_unlock_irqrestore+0x44/0x60\n hardirqs last disabled at (176890): [\u003cffffffffa67a0899\u003e]\n_raw_spin_lock_irqsave+0x79/0xa0\n softirqs last enabled at (176646): [\u003cffffffffa515d91e\u003e]\n__irq_exit_rcu+0xfe/0x120\n softirqs last disabled at (176633): [\u003cffffffffa515d91e\u003e]\n__irq_exit_rcu+0xfe/0x120\n\n other info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(\u0026xa-\u003exa_lock#4);\n \u003cInterrupt\u003e\n lock(\u0026xa-\u003exa_lock#4);\n\n *** DEADLOCK ***\n\n 2 locks held by test5/1708:\n #0: ffff888127baa498 (\u0026sb-\u003es_type-\u003ei_mutex_key#22){++++}-{4:4}, at:\n nfs_start_io_read+0x28/0x90 [nfs]\n #1: ffff888127baa650 (mapping.invalidate_lock#3){.+.+}-{4:4}, at:\n page_cache_ra_unbounded+0xa4/0x280\n\n stack backtrace:\n CPU: 6 PID: 1708 Comm: test5 Kdump: loaded Not tainted 6.7.0-lockdbg+\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-1.fc39\n04/01/2014\n Call Trace:\n dump_stack_lvl+0x5b/0x90\n mark_lock+0xb3f/0xd20\n __lock_acquire+0x77b/0x3360\n _raw_spin_lock+0x34/0x80\n nfs_netfs_issue_read+0x1b2/0x4b0 [nfs]\n netfs_begin_read+0x77f/0x980 [netfs]\n nfs_netfs_readahead+0x45/0x60 [nfs]\n nfs_readahead+0x323/0x5a0 [nfs]\n read_pages+0xf3/0x5c0\n page_cache_ra_unbounded+0x1c8/0x280\n filemap_get_pages+0x38c/0xae0\n filemap_read+0x206/0x5e0\n nfs_file_read+0xb7/0x140 [nfs]\n vfs_read+0x2a9/0x460\n ksys_read+0xb7/0x140"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:20.342Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ad27382f8495f8ef6d2c66c413d756bfd13c0598"
},
{
"url": "https://git.kernel.org/stable/c/8df1678c021ffeb20ef8a203bd9413f3ed9b0e9a"
},
{
"url": "https://git.kernel.org/stable/c/8a2e5977cecd3cde6a0e3e86b7b914d00240e5dc"
},
{
"url": "https://git.kernel.org/stable/c/fd5860ab6341506004219b080aea40213b299d2e"
}
],
"title": "NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27031",
"datePublished": "2024-05-01T12:53:29.362Z",
"dateReserved": "2024-02-19T14:20:24.211Z",
"dateUpdated": "2024-08-02T00:21:05.884Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27039
Vulnerability from cvelistv5
Published
2024-05-01 12:53
Modified
2024-08-02 00:21
Severity
Summary
clk: hisilicon: hi3559a: Fix an erroneous devm_kfree()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27039",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T16:17:48.442556Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:46:32.395Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3f8445f1c746fda180a7f75372ed06b24e9cefe2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e0b0d1c46a2ce1e46b79d004a7270fdef872e097"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/95d1f1228c1bb54803ae57525b76db60e99b37e4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2cc572e0085ebd4b662b74a0f43222bc00df9a00"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d575765b1b62e8bdb00af11caa1aabeb01763d9f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/64c6a38136b74a2f18c42199830975edd9fbc379"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/clk/hisilicon/clk-hi3559a.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3f8445f1c746",
"status": "affected",
"version": "6c81966107dc",
"versionType": "git"
},
{
"lessThan": "e0b0d1c46a2c",
"status": "affected",
"version": "6c81966107dc",
"versionType": "git"
},
{
"lessThan": "95d1f1228c1b",
"status": "affected",
"version": "6c81966107dc",
"versionType": "git"
},
{
"lessThan": "2cc572e0085e",
"status": "affected",
"version": "6c81966107dc",
"versionType": "git"
},
{
"lessThan": "d575765b1b62",
"status": "affected",
"version": "6c81966107dc",
"versionType": "git"
},
{
"lessThan": "64c6a38136b7",
"status": "affected",
"version": "6c81966107dc",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/clk/hisilicon/clk-hi3559a.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.14"
},
{
"lessThan": "5.14",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: hisilicon: hi3559a: Fix an erroneous devm_kfree()\n\n\u0027p_clk\u0027 is an array allocated just before the for loop for all clk that\nneed to be registered.\nIt is incremented at each loop iteration.\n\nIf a clk_register() call fails, \u0027p_clk\u0027 may point to something different\nfrom what should be freed.\n\nThe best we can do, is to avoid this wrong release of memory."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:28.507Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3f8445f1c746fda180a7f75372ed06b24e9cefe2"
},
{
"url": "https://git.kernel.org/stable/c/e0b0d1c46a2ce1e46b79d004a7270fdef872e097"
},
{
"url": "https://git.kernel.org/stable/c/95d1f1228c1bb54803ae57525b76db60e99b37e4"
},
{
"url": "https://git.kernel.org/stable/c/2cc572e0085ebd4b662b74a0f43222bc00df9a00"
},
{
"url": "https://git.kernel.org/stable/c/d575765b1b62e8bdb00af11caa1aabeb01763d9f"
},
{
"url": "https://git.kernel.org/stable/c/64c6a38136b74a2f18c42199830975edd9fbc379"
}
],
"title": "clk: hisilicon: hi3559a: Fix an erroneous devm_kfree()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27039",
"datePublished": "2024-05-01T12:53:57.126Z",
"dateReserved": "2024-02-19T14:20:24.212Z",
"dateUpdated": "2024-08-02T00:21:05.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27009
Vulnerability from cvelistv5
Published
2024-05-01 05:29
Modified
2024-08-02 00:21
Severity
Summary
s390/cio: fix race condition during online processing
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3076b3c38a704e10df5e143c213653309d532538"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/559f3a6333397ab6cd4a696edd65a70b6be62c6e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2df56f4ea769ff81e51bbb05699989603bde9c49"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a4234decd0fe429832ca81c4637be7248b88b49e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2d8527f2f911fab84aec04df4788c0c23af3df48"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/s390/cio/device.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3076b3c38a70",
"status": "affected",
"version": "2297791c92d0",
"versionType": "git"
},
{
"lessThan": "559f3a633339",
"status": "affected",
"version": "2297791c92d0",
"versionType": "git"
},
{
"lessThan": "2df56f4ea769",
"status": "affected",
"version": "2297791c92d0",
"versionType": "git"
},
{
"lessThan": "a4234decd0fe",
"status": "affected",
"version": "2297791c92d0",
"versionType": "git"
},
{
"lessThan": "2d8527f2f911",
"status": "affected",
"version": "2297791c92d0",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/s390/cio/device.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.15"
},
{
"lessThan": "5.15",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/cio: fix race condition during online processing\n\nA race condition exists in ccw_device_set_online() that can cause the\nonline process to fail, leaving the affected device in an inconsistent\nstate. As a result, subsequent attempts to set that device online fail\nwith return code ENODEV.\n\nThe problem occurs when a path verification request arrives after\na wait for final device state completed, but before the result state\nis evaluated.\n\nFix this by ensuring that the CCW-device lock is held between\ndetermining final state and checking result state.\n\nNote that since:\n\ncommit 2297791c92d0 (\"s390/cio: dont unregister subchannel from child-drivers\")\n\npath verification requests are much more likely to occur during boot,\nresulting in an increased chance of this race condition occurring."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:56.830Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3076b3c38a704e10df5e143c213653309d532538"
},
{
"url": "https://git.kernel.org/stable/c/559f3a6333397ab6cd4a696edd65a70b6be62c6e"
},
{
"url": "https://git.kernel.org/stable/c/2df56f4ea769ff81e51bbb05699989603bde9c49"
},
{
"url": "https://git.kernel.org/stable/c/a4234decd0fe429832ca81c4637be7248b88b49e"
},
{
"url": "https://git.kernel.org/stable/c/2d8527f2f911fab84aec04df4788c0c23af3df48"
}
],
"title": "s390/cio: fix race condition during online processing",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27009",
"datePublished": "2024-05-01T05:29:18.671Z",
"dateReserved": "2024-02-19T14:20:24.208Z",
"dateUpdated": "2024-08-02T00:21:05.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26937
Vulnerability from cvelistv5
Published
2024-05-01 05:17
Modified
2024-08-02 00:21
Severity
Summary
drm/i915/gt: Reset queue_priority_hint on parking
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26937",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-10T18:35:30.171766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:50.154Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.613Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/67944e6db656bf1e986aa2a359f866f851091f8a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fe34587acc995e7b1d7a5d3444a0736721ec32b3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ac9b6b3e8d1237136c8ebf0fa1ce037dd7e2948f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7eab7b021835ae422c38b968d5cc60e99408fb62"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3b031e4fcb2740988143c303f81f69f18ce86325"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/aed034866a08bb7e6e34d50a5629a4d23fe83703"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8fd9b0ce8c26533fe4d5d15ea15bbf7b904b611c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4a3859ea5240365d21f6053ee219bb240d520895"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/i915/gt/intel_engine_pm.c",
"drivers/gpu/drm/i915/gt/intel_execlists_submission.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "67944e6db656",
"status": "affected",
"version": "22b7a426bbe1",
"versionType": "git"
},
{
"lessThan": "fe34587acc99",
"status": "affected",
"version": "22b7a426bbe1",
"versionType": "git"
},
{
"lessThan": "ac9b6b3e8d12",
"status": "affected",
"version": "22b7a426bbe1",
"versionType": "git"
},
{
"lessThan": "7eab7b021835",
"status": "affected",
"version": "22b7a426bbe1",
"versionType": "git"
},
{
"lessThan": "3b031e4fcb27",
"status": "affected",
"version": "22b7a426bbe1",
"versionType": "git"
},
{
"lessThan": "aed034866a08",
"status": "affected",
"version": "22b7a426bbe1",
"versionType": "git"
},
{
"lessThan": "8fd9b0ce8c26",
"status": "affected",
"version": "22b7a426bbe1",
"versionType": "git"
},
{
"lessThan": "4a3859ea5240",
"status": "affected",
"version": "22b7a426bbe1",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/i915/gt/intel_engine_pm.c",
"drivers/gpu/drm/i915/gt/intel_execlists_submission.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.4"
},
{
"lessThan": "5.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.274",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gt: Reset queue_priority_hint on parking\n\nOriginally, with strict in order execution, we could complete execution\nonly when the queue was empty. Preempt-to-busy allows replacement of an\nactive request that may complete before the preemption is processed by\nHW. If that happens, the request is retired from the queue, but the\nqueue_priority_hint remains set, preventing direct submission until\nafter the next CS interrupt is processed.\n\nThis preempt-to-busy race can be triggered by the heartbeat, which will\nalso act as the power-management barrier and upon completion allow us to\nidle the HW. We may process the completion of the heartbeat, and begin\nparking the engine before the CS event that restores the\nqueue_priority_hint, causing us to fail the assertion that it is MIN.\n\n\u003c3\u003e[ 166.210729] __engine_park:283 GEM_BUG_ON(engine-\u003esched_engine-\u003equeue_priority_hint != (-((int)(~0U \u003e\u003e 1)) - 1))\n\u003c0\u003e[ 166.210781] Dumping ftrace buffer:\n\u003c0\u003e[ 166.210795] ---------------------------------\n...\n\u003c0\u003e[ 167.302811] drm_fdin-1097 2..s1. 165741070us : trace_ports: 0000:00:02.0 rcs0: promote { ccid:20 1217:2 prio 0 }\n\u003c0\u003e[ 167.302861] drm_fdin-1097 2d.s2. 165741072us : execlists_submission_tasklet: 0000:00:02.0 rcs0: preempting last=1217:2, prio=0, hint=2147483646\n\u003c0\u003e[ 167.302928] drm_fdin-1097 2d.s2. 165741072us : __i915_request_unsubmit: 0000:00:02.0 rcs0: fence 1217:2, current 0\n\u003c0\u003e[ 167.302992] drm_fdin-1097 2d.s2. 165741073us : __i915_request_submit: 0000:00:02.0 rcs0: fence 3:4660, current 4659\n\u003c0\u003e[ 167.303044] drm_fdin-1097 2d.s1. 165741076us : execlists_submission_tasklet: 0000:00:02.0 rcs0: context:3 schedule-in, ccid:40\n\u003c0\u003e[ 167.303095] drm_fdin-1097 2d.s1. 165741077us : trace_ports: 0000:00:02.0 rcs0: submit { ccid:40 3:4660* prio 2147483646 }\n\u003c0\u003e[ 167.303159] kworker/-89 11..... 165741139us : i915_request_retire.part.0: 0000:00:02.0 rcs0: fence c90:2, current 2\n\u003c0\u003e[ 167.303208] kworker/-89 11..... 165741148us : __intel_context_do_unpin: 0000:00:02.0 rcs0: context:c90 unpin\n\u003c0\u003e[ 167.303272] kworker/-89 11..... 165741159us : i915_request_retire.part.0: 0000:00:02.0 rcs0: fence 1217:2, current 2\n\u003c0\u003e[ 167.303321] kworker/-89 11..... 165741166us : __intel_context_do_unpin: 0000:00:02.0 rcs0: context:1217 unpin\n\u003c0\u003e[ 167.303384] kworker/-89 11..... 165741170us : i915_request_retire.part.0: 0000:00:02.0 rcs0: fence 3:4660, current 4660\n\u003c0\u003e[ 167.303434] kworker/-89 11d..1. 165741172us : __intel_context_retire: 0000:00:02.0 rcs0: context:1216 retire runtime: { total:56028ns, avg:56028ns }\n\u003c0\u003e[ 167.303484] kworker/-89 11..... 165741198us : __engine_park: 0000:00:02.0 rcs0: parked\n\u003c0\u003e[ 167.303534] \u003cidle\u003e-0 5d.H3. 165741207us : execlists_irq_handler: 0000:00:02.0 rcs0: semaphore yield: 00000040\n\u003c0\u003e[ 167.303583] kworker/-89 11..... 165741397us : __intel_context_retire: 0000:00:02.0 rcs0: context:1217 retire runtime: { total:325575ns, avg:0ns }\n\u003c0\u003e[ 167.303756] kworker/-89 11..... 165741777us : __intel_context_retire: 0000:00:02.0 rcs0: context:c90 retire runtime: { total:0ns, avg:0ns }\n\u003c0\u003e[ 167.303806] kworker/-89 11..... 165742017us : __engine_park: __engine_park:283 GEM_BUG_ON(engine-\u003esched_engine-\u003equeue_priority_hint != (-((int)(~0U \u003e\u003e 1)) - 1))\n\u003c0\u003e[ 167.303811] ---------------------------------\n\u003c4\u003e[ 167.304722] ------------[ cut here ]------------\n\u003c2\u003e[ 167.304725] kernel BUG at drivers/gpu/drm/i915/gt/intel_engine_pm.c:283!\n\u003c4\u003e[ 167.304731] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n\u003c4\u003e[ 167.304734] CPU: 11 PID: 89 Comm: kworker/11:1 Tainted: G W 6.8.0-rc2-CI_DRM_14193-gc655e0fd2804+ #1\n\u003c4\u003e[ 167.304736] Hardware name: Intel Corporation Rocket Lake Client Platform/RocketLake S UDIMM 6L RVP, BIOS RKLSFWI1.R00.3173.A03.2204210138 04/21/2022\n\u003c4\u003e[ 167.304738] Workqueue: i915-unordered retire_work_handler [i915]\n\u003c4\u003e[ 16\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:30.162Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/67944e6db656bf1e986aa2a359f866f851091f8a"
},
{
"url": "https://git.kernel.org/stable/c/fe34587acc995e7b1d7a5d3444a0736721ec32b3"
},
{
"url": "https://git.kernel.org/stable/c/ac9b6b3e8d1237136c8ebf0fa1ce037dd7e2948f"
},
{
"url": "https://git.kernel.org/stable/c/7eab7b021835ae422c38b968d5cc60e99408fb62"
},
{
"url": "https://git.kernel.org/stable/c/3b031e4fcb2740988143c303f81f69f18ce86325"
},
{
"url": "https://git.kernel.org/stable/c/aed034866a08bb7e6e34d50a5629a4d23fe83703"
},
{
"url": "https://git.kernel.org/stable/c/8fd9b0ce8c26533fe4d5d15ea15bbf7b904b611c"
},
{
"url": "https://git.kernel.org/stable/c/4a3859ea5240365d21f6053ee219bb240d520895"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "drm/i915/gt: Reset queue_priority_hint on parking",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26937",
"datePublished": "2024-05-01T05:17:35.555Z",
"dateReserved": "2024-02-19T14:20:24.196Z",
"dateUpdated": "2024-08-02T00:21:05.613Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26948
Vulnerability from cvelistv5
Published
2024-05-01 05:18
Modified
2024-08-02 00:21
Severity
Summary
drm/amd/display: Add a dc_state NULL check in dc_state_release
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.670Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d37a08f840485995e3fb91dad95e441b9d28a269"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/334b56cea5d9df5989be6cf1a5898114fa70ad98"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/dc/core/dc_state.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d37a08f84048",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "334b56cea5d9",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/dc/core/dc_state.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add a dc_state NULL check in dc_state_release\n\n[How]\nCheck wheather state is NULL before releasing it."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:41.416Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d37a08f840485995e3fb91dad95e441b9d28a269"
},
{
"url": "https://git.kernel.org/stable/c/334b56cea5d9df5989be6cf1a5898114fa70ad98"
}
],
"title": "drm/amd/display: Add a dc_state NULL check in dc_state_release",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26948",
"datePublished": "2024-05-01T05:18:21.547Z",
"dateReserved": "2024-02-19T14:20:24.198Z",
"dateUpdated": "2024-08-02T00:21:05.670Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26989
Vulnerability from cvelistv5
Published
2024-05-01 05:27
Modified
2024-08-02 00:21
Severity
Summary
arm64: hibernate: Fix level3 translation fault in swsusp_save()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26989",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T17:47:11.804526Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:48:47.225Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/813f5213f2c612dc800054859aaa396ec8ad7069"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f7e71a7cf399f53ff9fc314ca3836dc913b05bd6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/31f815cb436082e72d34ed2e8a182140a73ebdf4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/022b19ebc31cce369c407617041a3db810db23b3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/50449ca66cc5a8cbc64749cf4b9f3d3fc5f4b457"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/arm64/mm/pageattr.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "813f5213f2c6",
"status": "affected",
"version": "a7d9f306ba70",
"versionType": "git"
},
{
"lessThan": "f7e71a7cf399",
"status": "affected",
"version": "a7d9f306ba70",
"versionType": "git"
},
{
"lessThan": "31f815cb4360",
"status": "affected",
"version": "a7d9f306ba70",
"versionType": "git"
},
{
"lessThan": "022b19ebc31c",
"status": "affected",
"version": "a7d9f306ba70",
"versionType": "git"
},
{
"lessThan": "50449ca66cc5",
"status": "affected",
"version": "a7d9f306ba70",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/arm64/mm/pageattr.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.14"
},
{
"lessThan": "5.14",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: hibernate: Fix level3 translation fault in swsusp_save()\n\nOn arm64 machines, swsusp_save() faults if it attempts to access\nMEMBLOCK_NOMAP memory ranges. This can be reproduced in QEMU using UEFI\nwhen booting with rodata=off debug_pagealloc=off and CONFIG_KFENCE=n:\n\n Unable to handle kernel paging request at virtual address ffffff8000000000\n Mem abort info:\n ESR = 0x0000000096000007\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x07: level 3 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000007, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n swapper pgtable: 4k pages, 39-bit VAs, pgdp=00000000eeb0b000\n [ffffff8000000000] pgd=180000217fff9803, p4d=180000217fff9803, pud=180000217fff9803, pmd=180000217fff8803, pte=0000000000000000\n Internal error: Oops: 0000000096000007 [#1] SMP\n Internal error: Oops: 0000000096000007 [#1] SMP\n Modules linked in: xt_multiport ipt_REJECT nf_reject_ipv4 xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c iptable_filter bpfilter rfkill at803x snd_hda_codec_hdmi snd_hda_intel snd_intel_dspcfg dwmac_generic stmmac_platform snd_hda_codec stmmac joydev pcs_xpcs snd_hda_core phylink ppdev lp parport ramoops reed_solomon ip_tables x_tables nls_iso8859_1 vfat multipath linear amdgpu amdxcp drm_exec gpu_sched drm_buddy hid_generic usbhid hid radeon video drm_suballoc_helper drm_ttm_helper ttm i2c_algo_bit drm_display_helper cec drm_kms_helper drm\n CPU: 0 PID: 3663 Comm: systemd-sleep Not tainted 6.6.2+ #76\n Source Version: 4e22ed63a0a48e7a7cff9b98b7806d8d4add7dc0\n Hardware name: Greatwall GW-XXXXXX-XXX/GW-XXXXXX-XXX, BIOS KunLun BIOS V4.0 01/19/2021\n pstate: 600003c5 (nZCv DAIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : swsusp_save+0x280/0x538\n lr : swsusp_save+0x280/0x538\n sp : ffffffa034a3fa40\n x29: ffffffa034a3fa40 x28: ffffff8000001000 x27: 0000000000000000\n x26: ffffff8001400000 x25: ffffffc08113e248 x24: 0000000000000000\n x23: 0000000000080000 x22: ffffffc08113e280 x21: 00000000000c69f2\n x20: ffffff8000000000 x19: ffffffc081ae2500 x18: 0000000000000000\n x17: 6666662074736420 x16: 3030303030303030 x15: 3038666666666666\n x14: 0000000000000b69 x13: ffffff9f89088530 x12: 00000000ffffffea\n x11: 00000000ffff7fff x10: 00000000ffff7fff x9 : ffffffc08193f0d0\n x8 : 00000000000bffe8 x7 : c0000000ffff7fff x6 : 0000000000000001\n x5 : ffffffa0fff09dc8 x4 : 0000000000000000 x3 : 0000000000000027\n x2 : 0000000000000000 x1 : 0000000000000000 x0 : 000000000000004e\n Call trace:\n swsusp_save+0x280/0x538\n swsusp_arch_suspend+0x148/0x190\n hibernation_snapshot+0x240/0x39c\n hibernate+0xc4/0x378\n state_store+0xf0/0x10c\n kobj_attr_store+0x14/0x24\n\nThe reason is swsusp_save() -\u003e copy_data_pages() -\u003e page_is_saveable()\n-\u003e kernel_page_present() assuming that a page is always present when\ncan_set_direct_map() is false (all of rodata_full,\ndebug_pagealloc_enabled() and arm64_kfence_can_set_direct_map() false),\nirrespective of the MEMBLOCK_NOMAP ranges. Such MEMBLOCK_NOMAP regions\nshould not be saved during hibernation.\n\nThis problem was introduced by changes to the pfn_valid() logic in\ncommit a7d9f306ba70 (\"arm64: drop pfn_valid_within() and simplify\npfn_valid()\").\n\nSimilar to other architectures, drop the !can_set_direct_map() check in\nkernel_page_present() so that page_is_savable() skips such pages.\n\n[catalin.marinas@arm.com: rework commit message]"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:30.905Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/813f5213f2c612dc800054859aaa396ec8ad7069"
},
{
"url": "https://git.kernel.org/stable/c/f7e71a7cf399f53ff9fc314ca3836dc913b05bd6"
},
{
"url": "https://git.kernel.org/stable/c/31f815cb436082e72d34ed2e8a182140a73ebdf4"
},
{
"url": "https://git.kernel.org/stable/c/022b19ebc31cce369c407617041a3db810db23b3"
},
{
"url": "https://git.kernel.org/stable/c/50449ca66cc5a8cbc64749cf4b9f3d3fc5f4b457"
}
],
"title": "arm64: hibernate: Fix level3 translation fault in swsusp_save()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26989",
"datePublished": "2024-05-01T05:27:44.067Z",
"dateReserved": "2024-02-19T14:20:24.205Z",
"dateUpdated": "2024-08-02T00:21:05.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27061
Vulnerability from cvelistv5
Published
2024-05-01 13:00
Modified
2024-08-02 00:21
Severity
Summary
crypto: sun8i-ce - Fix use after free in unprepare
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27061",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T15:06:02.450614Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T15:06:18.867Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dc60b25540c82fc4baa95d1458ae96ead21859e0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/51a7d338c212e0640b1aca52ba6590d5bea49879"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/183420038444547c149a0fc5f58e792c2752860c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "dc60b25540c8",
"status": "affected",
"version": "4136212ab18e",
"versionType": "git"
},
{
"lessThan": "51a7d338c212",
"status": "affected",
"version": "4136212ab18e",
"versionType": "git"
},
{
"lessThan": "183420038444",
"status": "affected",
"version": "4136212ab18e",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.6"
},
{
"lessThan": "6.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: sun8i-ce - Fix use after free in unprepare\n\nsun8i_ce_cipher_unprepare should be called before\ncrypto_finalize_skcipher_request, because client callbacks may\nimmediately free memory, that isn\u0027t needed anymore. But it will be\nused by unprepare after free. Before removing prepare/unprepare\ncallbacks it was handled by crypto engine in crypto_finalize_request.\n\nUsually that results in a pointer dereference problem during a in\ncrypto selftest.\n Unable to handle kernel NULL pointer dereference at\n virtual address 0000000000000030\n Mem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n user pgtable: 4k pages, 48-bit VAs, pgdp=000000004716d000\n [0000000000000030] pgd=0000000000000000, p4d=0000000000000000\n Internal error: Oops: 0000000096000004 [#1] SMP\n\nThis problem is detected by KASAN as well.\n ==================================================================\n BUG: KASAN: slab-use-after-free in sun8i_ce_cipher_do_one+0x6e8/0xf80 [sun8i_ce]\n Read of size 8 at addr ffff00000dcdc040 by task 1c15000.crypto-/373\n\n Hardware name: Pine64 PinePhone (1.2) (DT)\n Call trace:\n dump_backtrace+0x9c/0x128\n show_stack+0x20/0x38\n dump_stack_lvl+0x48/0x60\n print_report+0xf8/0x5d8\n kasan_report+0x90/0xd0\n __asan_load8+0x9c/0xc0\n sun8i_ce_cipher_do_one+0x6e8/0xf80 [sun8i_ce]\n crypto_pump_work+0x354/0x620 [crypto_engine]\n kthread_worker_fn+0x244/0x498\n kthread+0x168/0x178\n ret_from_fork+0x10/0x20\n\n Allocated by task 379:\n kasan_save_stack+0x3c/0x68\n kasan_set_track+0x2c/0x40\n kasan_save_alloc_info+0x24/0x38\n __kasan_kmalloc+0xd4/0xd8\n __kmalloc+0x74/0x1d0\n alg_test_skcipher+0x90/0x1f0\n alg_test+0x24c/0x830\n cryptomgr_test+0x38/0x60\n kthread+0x168/0x178\n ret_from_fork+0x10/0x20\n\n Freed by task 379:\n kasan_save_stack+0x3c/0x68\n kasan_set_track+0x2c/0x40\n kasan_save_free_info+0x38/0x60\n __kasan_slab_free+0x100/0x170\n slab_free_freelist_hook+0xd4/0x1e8\n __kmem_cache_free+0x15c/0x290\n kfree+0x74/0x100\n kfree_sensitive+0x80/0xb0\n alg_test_skcipher+0x12c/0x1f0\n alg_test+0x24c/0x830\n cryptomgr_test+0x38/0x60\n kthread+0x168/0x178\n ret_from_fork+0x10/0x20\n\n The buggy address belongs to the object at ffff00000dcdc000\n which belongs to the cache kmalloc-256 of size 256\n The buggy address is located 64 bytes inside of\n freed 256-byte region [ffff00000dcdc000, ffff00000dcdc100)"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:51.573Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/dc60b25540c82fc4baa95d1458ae96ead21859e0"
},
{
"url": "https://git.kernel.org/stable/c/51a7d338c212e0640b1aca52ba6590d5bea49879"
},
{
"url": "https://git.kernel.org/stable/c/183420038444547c149a0fc5f58e792c2752860c"
}
],
"title": "crypto: sun8i-ce - Fix use after free in unprepare",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27061",
"datePublished": "2024-05-01T13:00:17.611Z",
"dateReserved": "2024-02-19T14:20:24.215Z",
"dateUpdated": "2024-08-02T00:21:05.883Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27040
Vulnerability from cvelistv5
Published
2024-05-01 12:54
Modified
2024-08-02 00:21
Severity
Summary
drm/amd/display: Add 'replay' NULL check in 'edp_set_replay_allow_active()'
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27040",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T18:32:42.758321Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T18:32:50.739Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.887Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f610c46771ef1047e46d61807aa7c69cd29e63d8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e7cadd5d3a8ffe334d0229ba9eda4290138d56e7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d0e94f4807ff0df66cf447d6b4bbb8ac830e99c3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f6aed043ee5d75b3d1bfc452b1a9584b63c8f76b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/dc/link/protocols/link_edp_panel_control.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f610c46771ef",
"status": "affected",
"version": "c7ddc0a800bc",
"versionType": "git"
},
{
"lessThan": "e7cadd5d3a8f",
"status": "affected",
"version": "c7ddc0a800bc",
"versionType": "git"
},
{
"lessThan": "d0e94f4807ff",
"status": "affected",
"version": "c7ddc0a800bc",
"versionType": "git"
},
{
"lessThan": "f6aed043ee5d",
"status": "affected",
"version": "c7ddc0a800bc",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/dc/link/protocols/link_edp_panel_control.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.6"
},
{
"lessThan": "6.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add \u0027replay\u0027 NULL check in \u0027edp_set_replay_allow_active()\u0027\n\nIn the first if statement, we\u0027re checking if \u0027replay\u0027 is NULL. But in\nthe second if statement, we\u0027re not checking if \u0027replay\u0027 is NULL again\nbefore calling replay-\u003efuncs-\u003ereplay_set_power_opt().\n\nif (replay == NULL \u0026\u0026 force_static)\n return false;\n\n...\n\nif (link-\u003ereplay_settings.replay_feature_enabled \u0026\u0026\n replay-\u003efuncs-\u003ereplay_set_power_opt) {\n\treplay-\u003efuncs-\u003ereplay_set_power_opt(replay, *power_opts, panel_inst);\n\tlink-\u003ereplay_settings.replay_power_opt_active = *power_opts;\n}\n\nIf \u0027replay\u0027 is NULL, this will cause a null pointer dereference.\n\nFixes the below found by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/link/protocols/link_edp_panel_control.c:895 edp_set_replay_allow_active() error: we previously assumed \u0027replay\u0027 could be null (see line 887)"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:29.517Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/f610c46771ef1047e46d61807aa7c69cd29e63d8"
},
{
"url": "https://git.kernel.org/stable/c/e7cadd5d3a8ffe334d0229ba9eda4290138d56e7"
},
{
"url": "https://git.kernel.org/stable/c/d0e94f4807ff0df66cf447d6b4bbb8ac830e99c3"
},
{
"url": "https://git.kernel.org/stable/c/f6aed043ee5d75b3d1bfc452b1a9584b63c8f76b"
}
],
"title": "drm/amd/display: Add \u0027replay\u0027 NULL check in \u0027edp_set_replay_allow_active()\u0027",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27040",
"datePublished": "2024-05-01T12:54:00.645Z",
"dateReserved": "2024-02-19T14:20:24.212Z",
"dateUpdated": "2024-08-02T00:21:05.887Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27051
Vulnerability from cvelistv5
Published
2024-05-01 12:54
Modified
2024-08-02 00:21
Severity
Summary
cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27051",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T16:15:35.545255Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:47:03.499Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9127599c075caff234359950117018a010dd01db"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d951cf510fb0df91d3abac0121a59ebbc63c0567"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e72160cb6e23b78b41999d6885a34ce8db536095"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b25b64a241d769e932a022e5c780cf135ef56035"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/74b84d0d71180330efe67c82f973a87f828323e5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e6e3e51ffba0784782b1a076d7441605697ea3c6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f661017e6d326ee187db24194cabb013d81bc2a6"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/cpufreq/brcmstb-avs-cpufreq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "9127599c075c",
"status": "affected",
"version": "de322e085995",
"versionType": "git"
},
{
"lessThan": "d951cf510fb0",
"status": "affected",
"version": "de322e085995",
"versionType": "git"
},
{
"lessThan": "e72160cb6e23",
"status": "affected",
"version": "de322e085995",
"versionType": "git"
},
{
"lessThan": "b25b64a241d7",
"status": "affected",
"version": "de322e085995",
"versionType": "git"
},
{
"lessThan": "74b84d0d7118",
"status": "affected",
"version": "de322e085995",
"versionType": "git"
},
{
"lessThan": "e6e3e51ffba0",
"status": "affected",
"version": "de322e085995",
"versionType": "git"
},
{
"lessThan": "f661017e6d32",
"status": "affected",
"version": "de322e085995",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/cpufreq/brcmstb-avs-cpufreq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.10"
},
{
"lessThan": "4.10",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get\u0027s return value\n\ncpufreq_cpu_get may return NULL. To avoid NULL-dereference check it\nand return 0 in case of error.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:41.089Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/9127599c075caff234359950117018a010dd01db"
},
{
"url": "https://git.kernel.org/stable/c/d951cf510fb0df91d3abac0121a59ebbc63c0567"
},
{
"url": "https://git.kernel.org/stable/c/e72160cb6e23b78b41999d6885a34ce8db536095"
},
{
"url": "https://git.kernel.org/stable/c/b25b64a241d769e932a022e5c780cf135ef56035"
},
{
"url": "https://git.kernel.org/stable/c/74b84d0d71180330efe67c82f973a87f828323e5"
},
{
"url": "https://git.kernel.org/stable/c/e6e3e51ffba0784782b1a076d7441605697ea3c6"
},
{
"url": "https://git.kernel.org/stable/c/f661017e6d326ee187db24194cabb013d81bc2a6"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get\u0027s return value",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27051",
"datePublished": "2024-05-01T12:54:39.024Z",
"dateReserved": "2024-02-19T14:20:24.213Z",
"dateUpdated": "2024-08-02T00:21:05.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52650
Vulnerability from cvelistv5
Published
2024-05-01 12:53
Modified
2024-08-02 23:03
Severity
Summary
drm/tegra: dsi: Add missing check for of_find_device_by_node
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52650",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-13T19:31:29.279840Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T19:31:41.334Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:03:21.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/47a13d0b9d8527518639ab5c39667f69d6203e80"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f05631a8525c3b5e5994ecb1304d2d878956c0f5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/92003981a6df5dc84af8a5904f8ee112fa324129"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/93128052bf832359531c3c0a9e3567b2b8682a2d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/50c0ad785a780c72a2fdaba10b38c645ffb4eae6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/52aa507148c4aad41436e2005d742ffcafad9976"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c5d2342d24ef6e08fc90a529fe3dc59de421a2b9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3169eaf1365541fd8e521091010c44fbe14691fc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/afe6fcb9775882230cd29b529203eabd5d2a638d"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/tegra/dsi.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "47a13d0b9d85",
"status": "affected",
"version": "e94236cde4d5",
"versionType": "git"
},
{
"lessThan": "f05631a8525c",
"status": "affected",
"version": "e94236cde4d5",
"versionType": "git"
},
{
"lessThan": "92003981a6df",
"status": "affected",
"version": "e94236cde4d5",
"versionType": "git"
},
{
"lessThan": "93128052bf83",
"status": "affected",
"version": "e94236cde4d5",
"versionType": "git"
},
{
"lessThan": "50c0ad785a78",
"status": "affected",
"version": "e94236cde4d5",
"versionType": "git"
},
{
"lessThan": "52aa507148c4",
"status": "affected",
"version": "e94236cde4d5",
"versionType": "git"
},
{
"lessThan": "c5d2342d24ef",
"status": "affected",
"version": "e94236cde4d5",
"versionType": "git"
},
{
"lessThan": "3169eaf13655",
"status": "affected",
"version": "e94236cde4d5",
"versionType": "git"
},
{
"lessThan": "afe6fcb97758",
"status": "affected",
"version": "e94236cde4d5",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/tegra/dsi.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.19"
},
{
"lessThan": "3.19",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.311",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.273",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: dsi: Add missing check for of_find_device_by_node\n\nAdd check for the return value of of_find_device_by_node() and return\nthe error if it fails in order to avoid NULL pointer dereference."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:15:07.665Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/47a13d0b9d8527518639ab5c39667f69d6203e80"
},
{
"url": "https://git.kernel.org/stable/c/f05631a8525c3b5e5994ecb1304d2d878956c0f5"
},
{
"url": "https://git.kernel.org/stable/c/92003981a6df5dc84af8a5904f8ee112fa324129"
},
{
"url": "https://git.kernel.org/stable/c/93128052bf832359531c3c0a9e3567b2b8682a2d"
},
{
"url": "https://git.kernel.org/stable/c/50c0ad785a780c72a2fdaba10b38c645ffb4eae6"
},
{
"url": "https://git.kernel.org/stable/c/52aa507148c4aad41436e2005d742ffcafad9976"
},
{
"url": "https://git.kernel.org/stable/c/c5d2342d24ef6e08fc90a529fe3dc59de421a2b9"
},
{
"url": "https://git.kernel.org/stable/c/3169eaf1365541fd8e521091010c44fbe14691fc"
},
{
"url": "https://git.kernel.org/stable/c/afe6fcb9775882230cd29b529203eabd5d2a638d"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "drm/tegra: dsi: Add missing check for of_find_device_by_node",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-52650",
"datePublished": "2024-05-01T12:53:12.145Z",
"dateReserved": "2024-03-06T09:52:12.097Z",
"dateUpdated": "2024-08-02T23:03:21.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26943
Vulnerability from cvelistv5
Published
2024-05-01 05:18
Modified
2024-08-02 00:21
Severity
Summary
nouveau/dmem: handle kcalloc() allocation failure
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26943",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T14:21:43.677577Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T14:21:55.983Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9acfd8b083a0ffbd387566800d89f55058a68af2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2a84744a037b8a511d6a9055f3defddc28ff4a4d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5e81773757a95fc298e96cfd6d4700f07b6192a2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3e82f7383e0b82a835e6b6b06a348b2bc4e2c2ee"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/16e87fe23d4af6df920406494ced5c0f4354567b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/nouveau/nouveau_dmem.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "9acfd8b083a0",
"status": "affected",
"version": "249881232e14",
"versionType": "git"
},
{
"lessThan": "2a84744a037b",
"status": "affected",
"version": "249881232e14",
"versionType": "git"
},
{
"lessThan": "5e81773757a9",
"status": "affected",
"version": "249881232e14",
"versionType": "git"
},
{
"lessThan": "3e82f7383e0b",
"status": "affected",
"version": "249881232e14",
"versionType": "git"
},
{
"lessThan": "16e87fe23d4a",
"status": "affected",
"version": "249881232e14",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/nouveau/nouveau_dmem.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"lessThan": "6.1",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau/dmem: handle kcalloc() allocation failure\n\nThe kcalloc() in nouveau_dmem_evict_chunk() will return null if\nthe physical memory has run out. As a result, if we dereference\nsrc_pfns, dst_pfns or dma_addrs, the null pointer dereference bugs\nwill happen.\n\nMoreover, the GPU is going away. If the kcalloc() fails, we could not\nevict all pages mapping a chunk. So this patch adds a __GFP_NOFAIL\nflag in kcalloc().\n\nFinally, as there is no need to have physically contiguous memory,\nthis patch switches kcalloc() to kvcalloc() in order to avoid\nfailing allocations."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:36.347Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/9acfd8b083a0ffbd387566800d89f55058a68af2"
},
{
"url": "https://git.kernel.org/stable/c/2a84744a037b8a511d6a9055f3defddc28ff4a4d"
},
{
"url": "https://git.kernel.org/stable/c/5e81773757a95fc298e96cfd6d4700f07b6192a2"
},
{
"url": "https://git.kernel.org/stable/c/3e82f7383e0b82a835e6b6b06a348b2bc4e2c2ee"
},
{
"url": "https://git.kernel.org/stable/c/16e87fe23d4af6df920406494ced5c0f4354567b"
}
],
"title": "nouveau/dmem: handle kcalloc() allocation failure",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26943",
"datePublished": "2024-05-01T05:18:00.713Z",
"dateReserved": "2024-02-19T14:20:24.197Z",
"dateUpdated": "2024-08-02T00:21:05.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27004
Vulnerability from cvelistv5
Published
2024-05-01 05:28
Modified
2024-08-02 00:21
Severity
Summary
clk: Get runtime PM before walking tree during disable_unused
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27004",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T17:40:33.489522Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:46:18.836Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.882Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/253ab38d1ee652a596942156978a233970d185ba"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4af115f1a20a3d9093586079206ee37c2ac55123"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a29ec0465dce0b871003698698ac6fa92c9a5034"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a424e713e0cc33d4b969cfda25b9f46df4d7b5bc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/60ff482c4205a5aac3b0595ab794cfd62295dab5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/115554862294397590088ba02f11f2aba6d5016c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e581cf5d216289ef292d1a4036d53ce90e122469"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/clk/clk.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "253ab38d1ee6",
"status": "affected",
"version": "9a34b45397e5",
"versionType": "git"
},
{
"lessThan": "4af115f1a20a",
"status": "affected",
"version": "9a34b45397e5",
"versionType": "git"
},
{
"lessThan": "a29ec0465dce",
"status": "affected",
"version": "9a34b45397e5",
"versionType": "git"
},
{
"lessThan": "a424e713e0cc",
"status": "affected",
"version": "9a34b45397e5",
"versionType": "git"
},
{
"lessThan": "60ff482c4205",
"status": "affected",
"version": "9a34b45397e5",
"versionType": "git"
},
{
"lessThan": "115554862294",
"status": "affected",
"version": "9a34b45397e5",
"versionType": "git"
},
{
"lessThan": "e581cf5d2162",
"status": "affected",
"version": "9a34b45397e5",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/clk/clk.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.15"
},
{
"lessThan": "4.15",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.275",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.216",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: Get runtime PM before walking tree during disable_unused\n\nDoug reported [1] the following hung task:\n\n INFO: task swapper/0:1 blocked for more than 122 seconds.\n Not tainted 5.15.149-21875-gf795ebc40eb8 #1\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:swapper/0 state:D stack: 0 pid: 1 ppid: 0 flags:0x00000008\n Call trace:\n __switch_to+0xf4/0x1f4\n __schedule+0x418/0xb80\n schedule+0x5c/0x10c\n rpm_resume+0xe0/0x52c\n rpm_resume+0x178/0x52c\n __pm_runtime_resume+0x58/0x98\n clk_pm_runtime_get+0x30/0xb0\n clk_disable_unused_subtree+0x58/0x208\n clk_disable_unused_subtree+0x38/0x208\n clk_disable_unused_subtree+0x38/0x208\n clk_disable_unused_subtree+0x38/0x208\n clk_disable_unused_subtree+0x38/0x208\n clk_disable_unused+0x4c/0xe4\n do_one_initcall+0xcc/0x2d8\n do_initcall_level+0xa4/0x148\n do_initcalls+0x5c/0x9c\n do_basic_setup+0x24/0x30\n kernel_init_freeable+0xec/0x164\n kernel_init+0x28/0x120\n ret_from_fork+0x10/0x20\n INFO: task kworker/u16:0:9 blocked for more than 122 seconds.\n Not tainted 5.15.149-21875-gf795ebc40eb8 #1\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:kworker/u16:0 state:D stack: 0 pid: 9 ppid: 2 flags:0x00000008\n Workqueue: events_unbound deferred_probe_work_func\n Call trace:\n __switch_to+0xf4/0x1f4\n __schedule+0x418/0xb80\n schedule+0x5c/0x10c\n schedule_preempt_disabled+0x2c/0x48\n __mutex_lock+0x238/0x488\n __mutex_lock_slowpath+0x1c/0x28\n mutex_lock+0x50/0x74\n clk_prepare_lock+0x7c/0x9c\n clk_core_prepare_lock+0x20/0x44\n clk_prepare+0x24/0x30\n clk_bulk_prepare+0x40/0xb0\n mdss_runtime_resume+0x54/0x1c8\n pm_generic_runtime_resume+0x30/0x44\n __genpd_runtime_resume+0x68/0x7c\n genpd_runtime_resume+0x108/0x1f4\n __rpm_callback+0x84/0x144\n rpm_callback+0x30/0x88\n rpm_resume+0x1f4/0x52c\n rpm_resume+0x178/0x52c\n __pm_runtime_resume+0x58/0x98\n __device_attach+0xe0/0x170\n device_initial_probe+0x1c/0x28\n bus_probe_device+0x3c/0x9c\n device_add+0x644/0x814\n mipi_dsi_device_register_full+0xe4/0x170\n devm_mipi_dsi_device_register_full+0x28/0x70\n ti_sn_bridge_probe+0x1dc/0x2c0\n auxiliary_bus_probe+0x4c/0x94\n really_probe+0xcc/0x2c8\n __driver_probe_device+0xa8/0x130\n driver_probe_device+0x48/0x110\n __device_attach_driver+0xa4/0xcc\n bus_for_each_drv+0x8c/0xd8\n __device_attach+0xf8/0x170\n device_initial_probe+0x1c/0x28\n bus_probe_device+0x3c/0x9c\n deferred_probe_work_func+0x9c/0xd8\n process_one_work+0x148/0x518\n worker_thread+0x138/0x350\n kthread+0x138/0x1e0\n ret_from_fork+0x10/0x20\n\nThe first thread is walking the clk tree and calling\nclk_pm_runtime_get() to power on devices required to read the clk\nhardware via struct clk_ops::is_enabled(). This thread holds the clk\nprepare_lock, and is trying to runtime PM resume a device, when it finds\nthat the device is in the process of resuming so the thread schedule()s\naway waiting for the device to finish resuming before continuing. The\nsecond thread is runtime PM resuming the same device, but the runtime\nresume callback is calling clk_prepare(), trying to grab the\nprepare_lock waiting on the first thread.\n\nThis is a classic ABBA deadlock. To properly fix the deadlock, we must\nnever runtime PM resume or suspend a device with the clk prepare_lock\nheld. Actually doing that is near impossible today because the global\nprepare_lock would have to be dropped in the middle of the tree, the\ndevice runtime PM resumed/suspended, and then the prepare_lock grabbed\nagain to ensure consistency of the clk tree topology. If anything\nchanges with the clk tree in the meantime, we\u0027ve lost and will need to\nstart the operation all over again.\n\nLuckily, most of the time we\u0027re simply incrementing or decrementing the\nruntime PM count on an active device, so we don\u0027t have the chance to\nschedule away with the prepare_lock held. Let\u0027s fix this immediate\nproblem that can be\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:51.608Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/253ab38d1ee652a596942156978a233970d185ba"
},
{
"url": "https://git.kernel.org/stable/c/4af115f1a20a3d9093586079206ee37c2ac55123"
},
{
"url": "https://git.kernel.org/stable/c/a29ec0465dce0b871003698698ac6fa92c9a5034"
},
{
"url": "https://git.kernel.org/stable/c/a424e713e0cc33d4b969cfda25b9f46df4d7b5bc"
},
{
"url": "https://git.kernel.org/stable/c/60ff482c4205a5aac3b0595ab794cfd62295dab5"
},
{
"url": "https://git.kernel.org/stable/c/115554862294397590088ba02f11f2aba6d5016c"
},
{
"url": "https://git.kernel.org/stable/c/e581cf5d216289ef292d1a4036d53ce90e122469"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "clk: Get runtime PM before walking tree during disable_unused",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27004",
"datePublished": "2024-05-01T05:28:54.684Z",
"dateReserved": "2024-02-19T14:20:24.207Z",
"dateUpdated": "2024-08-02T00:21:05.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27389
Vulnerability from cvelistv5
Published
2024-05-01 13:05
Modified
2024-08-02 00:34
Severity
Summary
pstore: inode: Only d_invalidate() is needed
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-09T18:38:29.598548Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:49.585Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:34:52.207Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/db6e5e16f1ee9e3b01d2f71c7f0ba945f4bf0f4e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4cdf9006fc095af71da80e9b5f48a32e991b9ed3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cb9e802e49c24eeb3af35e9e8c04d526f35f112a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/340682ed1932b8e3bd0bfc6c31a0c6354eb57cc6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a43e0fc5e9134a46515de2f2f8d4100b74e50de3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/pstore/inode.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "db6e5e16f1ee",
"status": "affected",
"version": "609e28bb139e",
"versionType": "git"
},
{
"lessThan": "4cdf9006fc09",
"status": "affected",
"version": "609e28bb139e",
"versionType": "git"
},
{
"lessThan": "cb9e802e49c2",
"status": "affected",
"version": "609e28bb139e",
"versionType": "git"
},
{
"lessThan": "340682ed1932",
"status": "affected",
"version": "609e28bb139e",
"versionType": "git"
},
{
"lessThan": "a43e0fc5e913",
"status": "affected",
"version": "609e28bb139e",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/pstore/inode.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.8"
},
{
"lessThan": "5.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore: inode: Only d_invalidate() is needed\n\nUnloading a modular pstore backend with records in pstorefs would\ntrigger the dput() double-drop warning:\n\n WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410\n\nUsing the combo of d_drop()/dput() (as mentioned in\nDocumentation/filesystems/vfs.rst) isn\u0027t the right approach here, and\nleads to the reference counting problem seen above. Use d_invalidate()\nand update the code to not bother checking for error codes that can\nnever happen.\n\n---"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:28:14.677Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/db6e5e16f1ee9e3b01d2f71c7f0ba945f4bf0f4e"
},
{
"url": "https://git.kernel.org/stable/c/4cdf9006fc095af71da80e9b5f48a32e991b9ed3"
},
{
"url": "https://git.kernel.org/stable/c/cb9e802e49c24eeb3af35e9e8c04d526f35f112a"
},
{
"url": "https://git.kernel.org/stable/c/340682ed1932b8e3bd0bfc6c31a0c6354eb57cc6"
},
{
"url": "https://git.kernel.org/stable/c/a43e0fc5e9134a46515de2f2f8d4100b74e50de3"
}
],
"title": "pstore: inode: Only d_invalidate() is needed",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27389",
"datePublished": "2024-05-01T13:05:09.224Z",
"dateReserved": "2024-02-25T13:47:42.676Z",
"dateUpdated": "2024-08-02T00:34:52.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26944
Vulnerability from cvelistv5
Published
2024-05-01 05:18
Modified
2024-08-02 00:21
Severity
Summary
btrfs: zoned: fix use-after-free in do_zone_finish()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26944",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T17:52:17.817601Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:49:14.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.525Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/34ca809e055eca5cfe63d9c7efbf80b7c21b4e57"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1ec17ef59168a1a6f1105f5dc517f783839a5302"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/btrfs/zoned.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "34ca809e055e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "1ec17ef59168",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/btrfs/zoned.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: zoned: fix use-after-free in do_zone_finish()\n\nShinichiro reported the following use-after-free triggered by the device\nreplace operation in fstests btrfs/070.\n\n BTRFS info (device nullb1): scrub: finished on devid 1 with status: 0\n ==================================================================\n BUG: KASAN: slab-use-after-free in do_zone_finish+0x91a/0xb90 [btrfs]\n Read of size 8 at addr ffff8881543c8060 by task btrfs-cleaner/3494007\n\n CPU: 0 PID: 3494007 Comm: btrfs-cleaner Tainted: G W 6.8.0-rc5-kts #1\n Hardware name: Supermicro Super Server/X11SPi-TF, BIOS 3.3 02/21/2020\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5b/0x90\n print_report+0xcf/0x670\n ? __virt_addr_valid+0x200/0x3e0\n kasan_report+0xd8/0x110\n ? do_zone_finish+0x91a/0xb90 [btrfs]\n ? do_zone_finish+0x91a/0xb90 [btrfs]\n do_zone_finish+0x91a/0xb90 [btrfs]\n btrfs_delete_unused_bgs+0x5e1/0x1750 [btrfs]\n ? __pfx_btrfs_delete_unused_bgs+0x10/0x10 [btrfs]\n ? btrfs_put_root+0x2d/0x220 [btrfs]\n ? btrfs_clean_one_deleted_snapshot+0x299/0x430 [btrfs]\n cleaner_kthread+0x21e/0x380 [btrfs]\n ? __pfx_cleaner_kthread+0x10/0x10 [btrfs]\n kthread+0x2e3/0x3c0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x70\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e\n\n Allocated by task 3493983:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n btrfs_alloc_device+0xb3/0x4e0 [btrfs]\n device_list_add.constprop.0+0x993/0x1630 [btrfs]\n btrfs_scan_one_device+0x219/0x3d0 [btrfs]\n btrfs_control_ioctl+0x26e/0x310 [btrfs]\n __x64_sys_ioctl+0x134/0x1b0\n do_syscall_64+0x99/0x190\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\n Freed by task 3494056:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3f/0x60\n poison_slab_object+0x102/0x170\n __kasan_slab_free+0x32/0x70\n kfree+0x11b/0x320\n btrfs_rm_dev_replace_free_srcdev+0xca/0x280 [btrfs]\n btrfs_dev_replace_finishing+0xd7e/0x14f0 [btrfs]\n btrfs_dev_replace_by_ioctl+0x1286/0x25a0 [btrfs]\n btrfs_ioctl+0xb27/0x57d0 [btrfs]\n __x64_sys_ioctl+0x134/0x1b0\n do_syscall_64+0x99/0x190\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\n The buggy address belongs to the object at ffff8881543c8000\n which belongs to the cache kmalloc-1k of size 1024\n The buggy address is located 96 bytes inside of\n freed 1024-byte region [ffff8881543c8000, ffff8881543c8400)\n\n The buggy address belongs to the physical page:\n page:00000000fe2c1285 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1543c8\n head:00000000fe2c1285 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n flags: 0x17ffffc0000840(slab|head|node=0|zone=2|lastcpupid=0x1fffff)\n page_type: 0xffffffff()\n raw: 0017ffffc0000840 ffff888100042dc0 ffffea0019e8f200 dead000000000002\n raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n ffff8881543c7f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff8881543c7f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n \u003effff8881543c8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff8881543c8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff8881543c8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n\nThis UAF happens because we\u0027re accessing stale zone information of a\nalready removed btrfs_device in do_zone_finish().\n\nThe sequence of events is as follows:\n\nbtrfs_dev_replace_start\n btrfs_scrub_dev\n btrfs_dev_replace_finishing\n btrfs_dev_replace_update_device_in_mapping_tree \u003c-- devices replaced\n btrfs_rm_dev_replace_free_srcdev\n btrfs_free_device \u003c-- device freed\n\ncleaner_kthread\n btrfs_delete_unused_bgs\n btrfs_zone_finish\n do_zone_finish \u003c-- refers the freed device\n\nThe reason for this is that we\u0027re using a\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:37.349Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/34ca809e055eca5cfe63d9c7efbf80b7c21b4e57"
},
{
"url": "https://git.kernel.org/stable/c/1ec17ef59168a1a6f1105f5dc517f783839a5302"
}
],
"title": "btrfs: zoned: fix use-after-free in do_zone_finish()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26944",
"datePublished": "2024-05-01T05:18:04.909Z",
"dateReserved": "2024-02-19T14:20:24.197Z",
"dateUpdated": "2024-08-02T00:21:05.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27065
Vulnerability from cvelistv5
Published
2024-05-01 13:04
Modified
2024-08-02 00:27
Severity
Summary
netfilter: nf_tables: do not compare internal table flags on updates
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27065",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-13T19:23:19.271055Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T19:23:29.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:58.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/845083249d6a392f3a88804e1669bdb936ee129f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2531f907d3e40a6173090f10670ae76d117ab27b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fcf32a5bfcb8a57ac0ce717fcfa4d688c91f1005"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/640dbf688ba955e83e03de84fbdda8e570b7cce4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9683cb6c2c6c0f45537bf0b8868b5d38fcb63fc7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4d37f12707ee965d338028732575f0b85f6d9e4f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3443e57654f90c9a843ab6a6040c10709fd033aa"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/df257c435e51651c43b86326d112ddadda76350e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4a0e7f2decbf9bd72461226f1f5f7dcc4b08f139"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/netfilter/nf_tables_api.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "845083249d6a",
"status": "affected",
"version": "bf8083bbf8fa",
"versionType": "git"
},
{
"lessThan": "2531f907d3e4",
"status": "affected",
"version": "e10f661adc55",
"versionType": "git"
},
{
"lessThan": "fcf32a5bfcb8",
"status": "affected",
"version": "d9c4da8cb74e",
"versionType": "git"
},
{
"lessThan": "640dbf688ba9",
"status": "affected",
"version": "179d9ba5559a",
"versionType": "git"
},
{
"lessThan": "9683cb6c2c6c",
"status": "affected",
"version": "179d9ba5559a",
"versionType": "git"
},
{
"lessThan": "4d37f12707ee",
"status": "affected",
"version": "179d9ba5559a",
"versionType": "git"
},
{
"lessThan": "3443e57654f9",
"status": "affected",
"version": "179d9ba5559a",
"versionType": "git"
},
{
"lessThan": "df257c435e51",
"status": "affected",
"version": "179d9ba5559a",
"versionType": "git"
},
{
"lessThan": "4a0e7f2decbf",
"status": "affected",
"version": "179d9ba5559a",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/netfilter/nf_tables_api.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.13"
},
{
"lessThan": "5.13",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.273",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: do not compare internal table flags on updates\n\nRestore skipping transaction if table update does not modify flags."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-16T12:20:39.285Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/845083249d6a392f3a88804e1669bdb936ee129f"
},
{
"url": "https://git.kernel.org/stable/c/2531f907d3e40a6173090f10670ae76d117ab27b"
},
{
"url": "https://git.kernel.org/stable/c/fcf32a5bfcb8a57ac0ce717fcfa4d688c91f1005"
},
{
"url": "https://git.kernel.org/stable/c/640dbf688ba955e83e03de84fbdda8e570b7cce4"
},
{
"url": "https://git.kernel.org/stable/c/9683cb6c2c6c0f45537bf0b8868b5d38fcb63fc7"
},
{
"url": "https://git.kernel.org/stable/c/4d37f12707ee965d338028732575f0b85f6d9e4f"
},
{
"url": "https://git.kernel.org/stable/c/3443e57654f90c9a843ab6a6040c10709fd033aa"
},
{
"url": "https://git.kernel.org/stable/c/df257c435e51651c43b86326d112ddadda76350e"
},
{
"url": "https://git.kernel.org/stable/c/4a0e7f2decbf9bd72461226f1f5f7dcc4b08f139"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "netfilter: nf_tables: do not compare internal table flags on updates",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27065",
"datePublished": "2024-05-01T13:04:09.106Z",
"dateReserved": "2024-02-19T14:20:24.215Z",
"dateUpdated": "2024-08-02T00:27:58.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26985
Vulnerability from cvelistv5
Published
2024-05-01 05:27
Modified
2024-08-02 00:21
Severity
Summary
drm/xe: Fix bo leak in intel_fb_bo_framebuffer_init
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7d8ac0942c312abda43b407eff72d31747a7b472"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/652ead9b746a63e4e79d7ad66d3edf0a8a5b0c2f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/xe/display/intel_fb_bo.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7d8ac0942c31",
"status": "affected",
"version": "44e694958b95",
"versionType": "git"
},
{
"lessThan": "652ead9b746a",
"status": "affected",
"version": "44e694958b95",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/xe/display/intel_fb_bo.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Fix bo leak in intel_fb_bo_framebuffer_init\n\nAdd a unreference bo in the error path, to prevent leaking a bo ref.\n\nReturn 0 on success to clarify the success path.\n\n(cherry picked from commit a2f3d731be3893e730417ae3190760fcaffdf549)"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:26.489Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7d8ac0942c312abda43b407eff72d31747a7b472"
},
{
"url": "https://git.kernel.org/stable/c/652ead9b746a63e4e79d7ad66d3edf0a8a5b0c2f"
}
],
"title": "drm/xe: Fix bo leak in intel_fb_bo_framebuffer_init",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26985",
"datePublished": "2024-05-01T05:27:25.121Z",
"dateReserved": "2024-02-19T14:20:24.204Z",
"dateUpdated": "2024-08-02T00:21:05.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27016
Vulnerability from cvelistv5
Published
2024-05-01 05:29
Modified
2024-08-02 00:21
Severity
Summary
netfilter: flowtable: validate pppoe header
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27016",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T15:04:34.814514Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T15:04:50.051Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d06977b9a4109f8738bb276125eb6a0b772bc433"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8bf7c76a2a207ca2b4cfda0a279192adf27678d7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a2471d271042ea18e8a6babc132a8716bb2f08b9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cf366ee3bc1b7d1c76a882640ba3b3f8f1039163"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/87b3593bed1868b2d9fe096c01bcdf0ea86cbebf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"include/net/netfilter/nf_flow_table.h",
"net/netfilter/nf_flow_table_inet.c",
"net/netfilter/nf_flow_table_ip.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d06977b9a410",
"status": "affected",
"version": "72efd585f714",
"versionType": "git"
},
{
"lessThan": "8bf7c76a2a20",
"status": "affected",
"version": "72efd585f714",
"versionType": "git"
},
{
"lessThan": "a2471d271042",
"status": "affected",
"version": "72efd585f714",
"versionType": "git"
},
{
"lessThan": "cf366ee3bc1b",
"status": "affected",
"version": "72efd585f714",
"versionType": "git"
},
{
"lessThan": "87b3593bed18",
"status": "affected",
"version": "72efd585f714",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"include/net/netfilter/nf_flow_table.h",
"net/netfilter/nf_flow_table_inet.c",
"net/netfilter/nf_flow_table_ip.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.13"
},
{
"lessThan": "5.13",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: validate pppoe header\n\nEnsure there is sufficient room to access the protocol field of the\nPPPoe header. Validate it once before the flowtable lookup, then use a\nhelper function to access protocol field."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:04.563Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d06977b9a4109f8738bb276125eb6a0b772bc433"
},
{
"url": "https://git.kernel.org/stable/c/8bf7c76a2a207ca2b4cfda0a279192adf27678d7"
},
{
"url": "https://git.kernel.org/stable/c/a2471d271042ea18e8a6babc132a8716bb2f08b9"
},
{
"url": "https://git.kernel.org/stable/c/cf366ee3bc1b7d1c76a882640ba3b3f8f1039163"
},
{
"url": "https://git.kernel.org/stable/c/87b3593bed1868b2d9fe096c01bcdf0ea86cbebf"
}
],
"title": "netfilter: flowtable: validate pppoe header",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27016",
"datePublished": "2024-05-01T05:29:57.099Z",
"dateReserved": "2024-02-19T14:20:24.209Z",
"dateUpdated": "2024-08-02T00:21:05.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27069
Vulnerability from cvelistv5
Published
2024-05-01 13:04
Modified
2024-08-02 00:27
Severity
Summary
ovl: relax WARN_ON in ovl_verify_area()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:57.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c3c85aefc0da1e5074a06c682542a54ccc99bdca"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/77a28aa476873048024ad56daf8f4f17d58ee48e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/overlayfs/copy_up.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "c3c85aefc0da",
"status": "affected",
"version": "ca7ab482401c",
"versionType": "git"
},
{
"lessThan": "77a28aa47687",
"status": "affected",
"version": "ca7ab482401c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/overlayfs/copy_up.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: relax WARN_ON in ovl_verify_area()\n\nsyzbot hit an assertion in copy up data loop which looks like it is\nthe result of a lower file whose size is being changed underneath\noverlayfs.\n\nThis type of use case is documented to cause undefined behavior, so\nreturning EIO error for the copy up makes sense, but it should not be\ncausing a WARN_ON assertion."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:59.694Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/c3c85aefc0da1e5074a06c682542a54ccc99bdca"
},
{
"url": "https://git.kernel.org/stable/c/77a28aa476873048024ad56daf8f4f17d58ee48e"
}
],
"title": "ovl: relax WARN_ON in ovl_verify_area()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27069",
"datePublished": "2024-05-01T13:04:23.060Z",
"dateReserved": "2024-02-19T14:20:24.216Z",
"dateUpdated": "2024-08-02T00:27:57.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27070
Vulnerability from cvelistv5
Published
2024-05-01 13:04
Modified
2024-08-02 00:27
Severity
Summary
f2fs: fix to avoid use-after-free issue in f2fs_filemap_fault
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27070",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T16:13:45.773958Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:47:09.114Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:57.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8186e16a766d709a08f188d2f4e84098f364bea1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/eb70d5a6c932d9d23f4bb3e7b83782c21ac4b064"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/f2fs/file.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8186e16a766d",
"status": "affected",
"version": "87f3afd366f7",
"versionType": "git"
},
{
"lessThan": "eb70d5a6c932",
"status": "affected",
"version": "87f3afd366f7",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/f2fs/file.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to avoid use-after-free issue in f2fs_filemap_fault\n\nsyzbot reports a f2fs bug as below:\n\nBUG: KASAN: slab-use-after-free in f2fs_filemap_fault+0xd1/0x2c0 fs/f2fs/file.c:49\nRead of size 8 at addr ffff88807bb22680 by task syz-executor184/5058\n\nCPU: 0 PID: 5058 Comm: syz-executor184 Not tainted 6.7.0-syzkaller-09928-g052d534373b7 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x163/0x540 mm/kasan/report.c:488\n kasan_report+0x142/0x170 mm/kasan/report.c:601\n f2fs_filemap_fault+0xd1/0x2c0 fs/f2fs/file.c:49\n __do_fault+0x131/0x450 mm/memory.c:4376\n do_shared_fault mm/memory.c:4798 [inline]\n do_fault mm/memory.c:4872 [inline]\n do_pte_missing mm/memory.c:3745 [inline]\n handle_pte_fault mm/memory.c:5144 [inline]\n __handle_mm_fault+0x23b7/0x72b0 mm/memory.c:5285\n handle_mm_fault+0x27e/0x770 mm/memory.c:5450\n do_user_addr_fault arch/x86/mm/fault.c:1364 [inline]\n handle_page_fault arch/x86/mm/fault.c:1507 [inline]\n exc_page_fault+0x456/0x870 arch/x86/mm/fault.c:1563\n asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:570\n\nThe root cause is: in f2fs_filemap_fault(), vmf-\u003evma may be not alive after\nfilemap_fault(), so it may cause use-after-free issue when accessing\nvmf-\u003evma-\u003evm_flags in trace_f2fs_filemap_fault(). So it needs to keep vm_flags\nin separated temporary variable for tracepoint use."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:28:00.715Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8186e16a766d709a08f188d2f4e84098f364bea1"
},
{
"url": "https://git.kernel.org/stable/c/eb70d5a6c932d9d23f4bb3e7b83782c21ac4b064"
}
],
"title": "f2fs: fix to avoid use-after-free issue in f2fs_filemap_fault",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27070",
"datePublished": "2024-05-01T13:04:26.824Z",
"dateReserved": "2024-02-19T14:20:24.216Z",
"dateUpdated": "2024-08-02T00:27:57.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27011
Vulnerability from cvelistv5
Published
2024-05-01 05:29
Modified
2024-08-02 00:21
Severity
Summary
netfilter: nf_tables: fix memleak in map from abort path
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27011",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T18:56:26.241509Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T18:56:33.545Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/49d0e656d19dfb2d4d7c230e4a720d37b3decff6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/86a1471d7cde792941109b93b558b5dc078b9ee9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/netfilter/nf_tables_api.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "49d0e656d19d",
"status": "affected",
"version": "591054469b3e",
"versionType": "git"
},
{
"lessThan": "86a1471d7cde",
"status": "affected",
"version": "591054469b3e",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/netfilter/nf_tables_api.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.12"
},
{
"lessThan": "4.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fix memleak in map from abort path\n\nThe delete set command does not rely on the transaction object for\nelement removal, therefore, a combination of delete element + delete set\nfrom the abort path could result in restoring twice the refcount of the\nmapping.\n\nCheck for inactive element in the next generation for the delete element\ncommand in the abort path, skip restoring state if next generation bit\nhas been already cleared. This is similar to the activate logic using\nthe set walk iterator.\n\n[ 6170.286929] ------------[ cut here ]------------\n[ 6170.286939] WARNING: CPU: 6 PID: 790302 at net/netfilter/nf_tables_api.c:2086 nf_tables_chain_destroy+0x1f7/0x220 [nf_tables]\n[ 6170.287071] Modules linked in: [...]\n[ 6170.287633] CPU: 6 PID: 790302 Comm: kworker/6:2 Not tainted 6.9.0-rc3+ #365\n[ 6170.287768] RIP: 0010:nf_tables_chain_destroy+0x1f7/0x220 [nf_tables]\n[ 6170.287886] Code: df 48 8d 7d 58 e8 69 2e 3b df 48 8b 7d 58 e8 80 1b 37 df 48 8d 7d 68 e8 57 2e 3b df 48 8b 7d 68 e8 6e 1b 37 df 48 89 ef eb c4 \u003c0f\u003e 0b 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 0f\n[ 6170.287895] RSP: 0018:ffff888134b8fd08 EFLAGS: 00010202\n[ 6170.287904] RAX: 0000000000000001 RBX: ffff888125bffb28 RCX: dffffc0000000000\n[ 6170.287912] RDX: 0000000000000003 RSI: ffffffffa20298ab RDI: ffff88811ebe4750\n[ 6170.287919] RBP: ffff88811ebe4700 R08: ffff88838e812650 R09: fffffbfff0623a55\n[ 6170.287926] R10: ffffffff8311d2af R11: 0000000000000001 R12: ffff888125bffb10\n[ 6170.287933] R13: ffff888125bffb10 R14: dead000000000122 R15: dead000000000100\n[ 6170.287940] FS: 0000000000000000(0000) GS:ffff888390b00000(0000) knlGS:0000000000000000\n[ 6170.287948] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 6170.287955] CR2: 00007fd31fc00710 CR3: 0000000133f60004 CR4: 00000000001706f0\n[ 6170.287962] Call Trace:\n[ 6170.287967] \u003cTASK\u003e\n[ 6170.287973] ? __warn+0x9f/0x1a0\n[ 6170.287986] ? nf_tables_chain_destroy+0x1f7/0x220 [nf_tables]\n[ 6170.288092] ? report_bug+0x1b1/0x1e0\n[ 6170.287986] ? nf_tables_chain_destroy+0x1f7/0x220 [nf_tables]\n[ 6170.288092] ? report_bug+0x1b1/0x1e0\n[ 6170.288104] ? handle_bug+0x3c/0x70\n[ 6170.288112] ? exc_invalid_op+0x17/0x40\n[ 6170.288120] ? asm_exc_invalid_op+0x1a/0x20\n[ 6170.288132] ? nf_tables_chain_destroy+0x2b/0x220 [nf_tables]\n[ 6170.288243] ? nf_tables_chain_destroy+0x1f7/0x220 [nf_tables]\n[ 6170.288366] ? nf_tables_chain_destroy+0x2b/0x220 [nf_tables]\n[ 6170.288483] nf_tables_trans_destroy_work+0x588/0x590 [nf_tables]"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:59.434Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/49d0e656d19dfb2d4d7c230e4a720d37b3decff6"
},
{
"url": "https://git.kernel.org/stable/c/86a1471d7cde792941109b93b558b5dc078b9ee9"
}
],
"title": "netfilter: nf_tables: fix memleak in map from abort path",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27011",
"datePublished": "2024-05-01T05:29:33.090Z",
"dateReserved": "2024-02-19T14:20:24.208Z",
"dateUpdated": "2024-08-02T00:21:05.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26993
Vulnerability from cvelistv5
Published
2024-05-01 05:28
Modified
2024-08-02 00:21
Severity
Summary
fs: sysfs: Fix reference leak in sysfs_break_active_protection()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26993",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T13:37:12.333218Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:44.436Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.900Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f28bba37fe244889b81bb5c508d3f6e5c6e342c5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/57baab0f376bec8f54b0fe6beb8f77a57c228063"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/84bd4c2ae9c3d0a7d3a5c032ea7efff17af17e17"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/43f00210cb257bcb0387e8caeb4b46375d67f30c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5d43e072285e81b0b63cee7189b3357c7768a43b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ac107356aabc362aaeb77463e814fc067a5d3957"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a4c99b57d43bab45225ba92d574a8683f9edc8e4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a90bca2228c0646fc29a72689d308e5fe03e6d78"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/sysfs/file.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f28bba37fe24",
"status": "affected",
"version": "2afc9166f79b",
"versionType": "git"
},
{
"lessThan": "57baab0f376b",
"status": "affected",
"version": "2afc9166f79b",
"versionType": "git"
},
{
"lessThan": "84bd4c2ae9c3",
"status": "affected",
"version": "2afc9166f79b",
"versionType": "git"
},
{
"lessThan": "43f00210cb25",
"status": "affected",
"version": "2afc9166f79b",
"versionType": "git"
},
{
"lessThan": "5d43e072285e",
"status": "affected",
"version": "2afc9166f79b",
"versionType": "git"
},
{
"lessThan": "ac107356aabc",
"status": "affected",
"version": "2afc9166f79b",
"versionType": "git"
},
{
"lessThan": "a4c99b57d43b",
"status": "affected",
"version": "2afc9166f79b",
"versionType": "git"
},
{
"lessThan": "a90bca2228c0",
"status": "affected",
"version": "2afc9166f79b",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/sysfs/file.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.19"
},
{
"lessThan": "4.19",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.313",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.275",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.216",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: sysfs: Fix reference leak in sysfs_break_active_protection()\n\nThe sysfs_break_active_protection() routine has an obvious reference\nleak in its error path. If the call to kernfs_find_and_get() fails then\nkn will be NULL, so the companion sysfs_unbreak_active_protection()\nroutine won\u0027t get called (and would only cause an access violation by\ntrying to dereference kn-\u003eparent if it was called). As a result, the\nreference to kobj acquired at the start of the function will never be\nreleased.\n\nFix the leak by adding an explicit kobject_put() call when kn is NULL."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:36.463Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/f28bba37fe244889b81bb5c508d3f6e5c6e342c5"
},
{
"url": "https://git.kernel.org/stable/c/57baab0f376bec8f54b0fe6beb8f77a57c228063"
},
{
"url": "https://git.kernel.org/stable/c/84bd4c2ae9c3d0a7d3a5c032ea7efff17af17e17"
},
{
"url": "https://git.kernel.org/stable/c/43f00210cb257bcb0387e8caeb4b46375d67f30c"
},
{
"url": "https://git.kernel.org/stable/c/5d43e072285e81b0b63cee7189b3357c7768a43b"
},
{
"url": "https://git.kernel.org/stable/c/ac107356aabc362aaeb77463e814fc067a5d3957"
},
{
"url": "https://git.kernel.org/stable/c/a4c99b57d43bab45225ba92d574a8683f9edc8e4"
},
{
"url": "https://git.kernel.org/stable/c/a90bca2228c0646fc29a72689d308e5fe03e6d78"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "fs: sysfs: Fix reference leak in sysfs_break_active_protection()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26993",
"datePublished": "2024-05-01T05:28:02.462Z",
"dateReserved": "2024-02-19T14:20:24.206Z",
"dateUpdated": "2024-08-02T00:21:05.900Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26983
Vulnerability from cvelistv5
Published
2024-05-01 05:27
Modified
2024-08-02 00:21
Severity
Summary
bootconfig: use memblock_free_late to free xbc memory to buddy
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.888Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1e7feb31a18c197d63a5e606025ed63c762f8918"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e46d3be714ad9652480c6db129ab8125e2d20ab7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5a7dfb8fcd3f29fc93161100179b27f24f3d5f35"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/89f9a1e876b5a7ad884918c03a46831af202c8a0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"include/linux/bootconfig.h",
"lib/bootconfig.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "1e7feb31a18c",
"status": "affected",
"version": "40caa127f3c7",
"versionType": "git"
},
{
"lessThan": "e46d3be714ad",
"status": "affected",
"version": "40caa127f3c7",
"versionType": "git"
},
{
"lessThan": "5a7dfb8fcd3f",
"status": "affected",
"version": "40caa127f3c7",
"versionType": "git"
},
{
"lessThan": "89f9a1e876b5",
"status": "affected",
"version": "40caa127f3c7",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"include/linux/bootconfig.h",
"lib/bootconfig.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.15"
},
{
"lessThan": "5.15",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbootconfig: use memblock_free_late to free xbc memory to buddy\n\nOn the time to free xbc memory in xbc_exit(), memblock may has handed\nover memory to buddy allocator. So it doesn\u0027t make sense to free memory\nback to memblock. memblock_free() called by xbc_exit() even causes UAF bugs\non architectures with CONFIG_ARCH_KEEP_MEMBLOCK disabled like x86.\nFollowing KASAN logs shows this case.\n\nThis patch fixes the xbc memory free problem by calling memblock_free()\nin early xbc init error rewind path and calling memblock_free_late() in\nxbc exit path to free memory to buddy allocator.\n\n[ 9.410890] ==================================================================\n[ 9.418962] BUG: KASAN: use-after-free in memblock_isolate_range+0x12d/0x260\n[ 9.426850] Read of size 8 at addr ffff88845dd30000 by task swapper/0/1\n\n[ 9.435901] CPU: 9 PID: 1 Comm: swapper/0 Tainted: G U 6.9.0-rc3-00208-g586b5dfb51b9 #5\n[ 9.446403] Hardware name: Intel Corporation RPLP LP5 (CPU:RaptorLake)/RPLP LP5 (ID:13), BIOS IRPPN02.01.01.00.00.19.015.D-00000000 Dec 28 2023\n[ 9.460789] Call Trace:\n[ 9.463518] \u003cTASK\u003e\n[ 9.465859] dump_stack_lvl+0x53/0x70\n[ 9.469949] print_report+0xce/0x610\n[ 9.473944] ? __virt_addr_valid+0xf5/0x1b0\n[ 9.478619] ? memblock_isolate_range+0x12d/0x260\n[ 9.483877] kasan_report+0xc6/0x100\n[ 9.487870] ? memblock_isolate_range+0x12d/0x260\n[ 9.493125] memblock_isolate_range+0x12d/0x260\n[ 9.498187] memblock_phys_free+0xb4/0x160\n[ 9.502762] ? __pfx_memblock_phys_free+0x10/0x10\n[ 9.508021] ? mutex_unlock+0x7e/0xd0\n[ 9.512111] ? __pfx_mutex_unlock+0x10/0x10\n[ 9.516786] ? kernel_init_freeable+0x2d4/0x430\n[ 9.521850] ? __pfx_kernel_init+0x10/0x10\n[ 9.526426] xbc_exit+0x17/0x70\n[ 9.529935] kernel_init+0x38/0x1e0\n[ 9.533829] ? _raw_spin_unlock_irq+0xd/0x30\n[ 9.538601] ret_from_fork+0x2c/0x50\n[ 9.542596] ? __pfx_kernel_init+0x10/0x10\n[ 9.547170] ret_from_fork_asm+0x1a/0x30\n[ 9.551552] \u003c/TASK\u003e\n\n[ 9.555649] The buggy address belongs to the physical page:\n[ 9.561875] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x45dd30\n[ 9.570821] flags: 0x200000000000000(node=0|zone=2)\n[ 9.576271] page_type: 0xffffffff()\n[ 9.580167] raw: 0200000000000000 ffffea0011774c48 ffffea0012ba1848 0000000000000000\n[ 9.588823] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000\n[ 9.597476] page dumped because: kasan: bad access detected\n\n[ 9.605362] Memory state around the buggy address:\n[ 9.610714] ffff88845dd2ff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 9.618786] ffff88845dd2ff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 9.626857] \u003effff88845dd30000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n[ 9.634930] ^\n[ 9.638534] ffff88845dd30080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n[ 9.646605] ffff88845dd30100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n[ 9.654675] =================================================================="
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:24.420Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/1e7feb31a18c197d63a5e606025ed63c762f8918"
},
{
"url": "https://git.kernel.org/stable/c/e46d3be714ad9652480c6db129ab8125e2d20ab7"
},
{
"url": "https://git.kernel.org/stable/c/5a7dfb8fcd3f29fc93161100179b27f24f3d5f35"
},
{
"url": "https://git.kernel.org/stable/c/89f9a1e876b5a7ad884918c03a46831af202c8a0"
}
],
"title": "bootconfig: use memblock_free_late to free xbc memory to buddy",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26983",
"datePublished": "2024-05-01T05:27:15.635Z",
"dateReserved": "2024-02-19T14:20:24.204Z",
"dateUpdated": "2024-08-02T00:21:05.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27018
Vulnerability from cvelistv5
Published
2024-05-01 05:30
Modified
2024-08-02 00:21
Severity
Summary
netfilter: br_netfilter: skip conntrack input hook for promisc packets
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27018",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-23T17:22:22.725918Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:46:18.755Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.873Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dceb683ab87ca3666a9bb5c0158528b646faedc4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b13db0d16bc7b2a52abcf5cb71334f63faa5dbd6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3f59ac29dea0921637053908fe99268d157bbb9d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/43193174510ea4f3ce09b796e559a2fd9f148615"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/751de2012eafa4d46d8081056761fa0e9cc8a178"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/bridge/br_input.c",
"net/bridge/br_netfilter_hooks.c",
"net/bridge/br_private.h",
"net/bridge/netfilter/nf_conntrack_bridge.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "dceb683ab87c",
"status": "affected",
"version": "7c3f28599652",
"versionType": "git"
},
{
"lessThan": "b13db0d16bc7",
"status": "affected",
"version": "2b1414d5e94e",
"versionType": "git"
},
{
"lessThan": "3f59ac29dea0",
"status": "affected",
"version": "80cd0487f630",
"versionType": "git"
},
{
"lessThan": "43193174510e",
"status": "affected",
"version": "62e7151ae3eb",
"versionType": "git"
},
{
"lessThan": "751de2012eaf",
"status": "affected",
"version": "62e7151ae3eb",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/bridge/br_input.c",
"net/bridge/br_netfilter_hooks.c",
"net/bridge/br_private.h",
"net/bridge/netfilter/nf_conntrack_bridge.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: br_netfilter: skip conntrack input hook for promisc packets\n\nFor historical reasons, when bridge device is in promisc mode, packets\nthat are directed to the taps follow bridge input hook path. This patch\nadds a workaround to reset conntrack for these packets.\n\nJianbo Liu reports warning splats in their test infrastructure where\ncloned packets reach the br_netfilter input hook to confirm the\nconntrack object.\n\nScratch one bit from BR_INPUT_SKB_CB to annotate that this packet has\nreached the input hook because it is passed up to the bridge device to\nreach the taps.\n\n[ 57.571874] WARNING: CPU: 1 PID: 0 at net/bridge/br_netfilter_hooks.c:616 br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.572749] Modules linked in: xt_MASQUERADE nf_conntrack_netlink nfnetlink iptable_nat xt_addrtype xt_conntrack nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_isc si ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core mlx5ctl mlx5_core\n[ 57.575158] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.8.0+ #19\n[ 57.575700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[ 57.576662] RIP: 0010:br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.577195] Code: fe ff ff 41 bd 04 00 00 00 be 04 00 00 00 e9 4a ff ff ff be 04 00 00 00 48 89 ef e8 f3 a9 3c e1 66 83 ad b4 00 00 00 04 eb 91 \u003c0f\u003e 0b e9 f1 fe ff ff 0f 0b e9 df fe ff ff 48 89 df e8 b3 53 47 e1\n[ 57.578722] RSP: 0018:ffff88885f845a08 EFLAGS: 00010202\n[ 57.579207] RAX: 0000000000000002 RBX: ffff88812dfe8000 RCX: 0000000000000000\n[ 57.579830] RDX: ffff88885f845a60 RSI: ffff8881022dc300 RDI: 0000000000000000\n[ 57.580454] RBP: ffff88885f845a60 R08: 0000000000000001 R09: 0000000000000003\n[ 57.581076] R10: 00000000ffff1300 R11: 0000000000000002 R12: 0000000000000000\n[ 57.581695] R13: ffff8881047ffe00 R14: ffff888108dbee00 R15: ffff88814519b800\n[ 57.582313] FS: 0000000000000000(0000) GS:ffff88885f840000(0000) knlGS:0000000000000000\n[ 57.583040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 57.583564] CR2: 000000c4206aa000 CR3: 0000000103847001 CR4: 0000000000370eb0\n[ 57.584194] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[ 57.584820] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[ 57.585440] Call Trace:\n[ 57.585721] \u003cIRQ\u003e\n[ 57.585976] ? __warn+0x7d/0x130\n[ 57.586323] ? br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.586811] ? report_bug+0xf1/0x1c0\n[ 57.587177] ? handle_bug+0x3f/0x70\n[ 57.587539] ? exc_invalid_op+0x13/0x60\n[ 57.587929] ? asm_exc_invalid_op+0x16/0x20\n[ 57.588336] ? br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.588825] nf_hook_slow+0x3d/0xd0\n[ 57.589188] ? br_handle_vlan+0x4b/0x110\n[ 57.589579] br_pass_frame_up+0xfc/0x150\n[ 57.589970] ? br_port_flags_change+0x40/0x40\n[ 57.590396] br_handle_frame_finish+0x346/0x5e0\n[ 57.590837] ? ipt_do_table+0x32e/0x430\n[ 57.591221] ? br_handle_local_finish+0x20/0x20\n[ 57.591656] br_nf_hook_thresh+0x4b/0xf0 [br_netfilter]\n[ 57.592286] ? br_handle_local_finish+0x20/0x20\n[ 57.592802] br_nf_pre_routing_finish+0x178/0x480 [br_netfilter]\n[ 57.593348] ? br_handle_local_finish+0x20/0x20\n[ 57.593782] ? nf_nat_ipv4_pre_routing+0x25/0x60 [nf_nat]\n[ 57.594279] br_nf_pre_routing+0x24c/0x550 [br_netfilter]\n[ 57.594780] ? br_nf_hook_thresh+0xf0/0xf0 [br_netfilter]\n[ 57.595280] br_handle_frame+0x1f3/0x3d0\n[ 57.595676] ? br_handle_local_finish+0x20/0x20\n[ 57.596118] ? br_handle_frame_finish+0x5e0/0x5e0\n[ 57.596566] __netif_receive_skb_core+0x25b/0xfc0\n[ 57.597017] ? __napi_build_skb+0x37/0x40\n[ 57.597418] __netif_receive_skb_list_core+0xfb/0x220"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:06.610Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/dceb683ab87ca3666a9bb5c0158528b646faedc4"
},
{
"url": "https://git.kernel.org/stable/c/b13db0d16bc7b2a52abcf5cb71334f63faa5dbd6"
},
{
"url": "https://git.kernel.org/stable/c/3f59ac29dea0921637053908fe99268d157bbb9d"
},
{
"url": "https://git.kernel.org/stable/c/43193174510ea4f3ce09b796e559a2fd9f148615"
},
{
"url": "https://git.kernel.org/stable/c/751de2012eafa4d46d8081056761fa0e9cc8a178"
}
],
"title": "netfilter: br_netfilter: skip conntrack input hook for promisc packets",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27018",
"datePublished": "2024-05-01T05:30:06.472Z",
"dateReserved": "2024-02-19T14:20:24.209Z",
"dateUpdated": "2024-08-02T00:21:05.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27002
Vulnerability from cvelistv5
Published
2024-05-01 05:28
Modified
2024-08-02 00:21
Severity
Summary
clk: mediatek: Do a runtime PM get on controllers during probe
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/165d226472575b213dd90dfda19d1605dd7c19a8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c0dcd5c072e2a3fff886f673e6a5d9bf8090c4cc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b62ed25feb342eab052822eff0c554873799a4f5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2f7b1d8b5505efb0057cd1ab85fca206063ea4c3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/clk/mediatek/clk-mtk.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "165d22647257",
"status": "affected",
"version": "acddfc2c261b",
"versionType": "git"
},
{
"lessThan": "c0dcd5c072e2",
"status": "affected",
"version": "acddfc2c261b",
"versionType": "git"
},
{
"lessThan": "b62ed25feb34",
"status": "affected",
"version": "acddfc2c261b",
"versionType": "git"
},
{
"lessThan": "2f7b1d8b5505",
"status": "affected",
"version": "acddfc2c261b",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/clk/mediatek/clk-mtk.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.2"
},
{
"lessThan": "5.2",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: Do a runtime PM get on controllers during probe\n\nmt8183-mfgcfg has a mutual dependency with genpd during the probing\nstage, which leads to a deadlock in the following call stack:\n\nCPU0: genpd_lock --\u003e clk_prepare_lock\ngenpd_power_off_work_fn()\n genpd_lock()\n generic_pm_domain::power_off()\n clk_unprepare()\n clk_prepare_lock()\n\nCPU1: clk_prepare_lock --\u003e genpd_lock\nclk_register()\n __clk_core_init()\n clk_prepare_lock()\n clk_pm_runtime_get()\n genpd_lock()\n\nDo a runtime PM get at the probe function to make sure clk_register()\nwon\u0027t acquire the genpd lock. Instead of only modifying mt8183-mfgcfg,\ndo this on all mediatek clock controller probings because we don\u0027t\nbelieve this would cause any regression.\n\nVerified on MT8183 and MT8192 Chromebooks."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:48.615Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/165d226472575b213dd90dfda19d1605dd7c19a8"
},
{
"url": "https://git.kernel.org/stable/c/c0dcd5c072e2a3fff886f673e6a5d9bf8090c4cc"
},
{
"url": "https://git.kernel.org/stable/c/b62ed25feb342eab052822eff0c554873799a4f5"
},
{
"url": "https://git.kernel.org/stable/c/2f7b1d8b5505efb0057cd1ab85fca206063ea4c3"
}
],
"title": "clk: mediatek: Do a runtime PM get on controllers during probe",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27002",
"datePublished": "2024-05-01T05:28:44.902Z",
"dateReserved": "2024-02-19T14:20:24.207Z",
"dateUpdated": "2024-08-02T00:21:05.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27024
Vulnerability from cvelistv5
Published
2024-05-01 12:49
Modified
2024-08-02 00:21
Severity
Summary
net/rds: fix WARNING in rds_conn_connect_if_down
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/786854141057751bc08eb26f1b02e97c1631c8f4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/997efea2bf3a4adb96c306b9ad6a91442237bf5b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9dfc15a10dfd44f8ff7f27488651cb5be6af83c2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b562ebe21ed9adcf42242797dd6cb75beef12bf0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/998fd719e6d6468b930ac0c44552ea9ff8b07b80"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2b505d05280739ce31d5708da840f42df827cb85"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/907761307469adecb02461a14120e9a1812a5fb1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c055fc00c07be1f0df7375ab0036cebd1106ed38"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/rds/rdma.c",
"net/rds/send.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "786854141057",
"status": "affected",
"version": "584a8279a44a",
"versionType": "git"
},
{
"lessThan": "997efea2bf3a",
"status": "affected",
"version": "584a8279a44a",
"versionType": "git"
},
{
"lessThan": "9dfc15a10dfd",
"status": "affected",
"version": "584a8279a44a",
"versionType": "git"
},
{
"lessThan": "b562ebe21ed9",
"status": "affected",
"version": "584a8279a44a",
"versionType": "git"
},
{
"lessThan": "998fd719e6d6",
"status": "affected",
"version": "584a8279a44a",
"versionType": "git"
},
{
"lessThan": "2b505d052807",
"status": "affected",
"version": "584a8279a44a",
"versionType": "git"
},
{
"lessThan": "907761307469",
"status": "affected",
"version": "584a8279a44a",
"versionType": "git"
},
{
"lessThan": "c055fc00c07b",
"status": "affected",
"version": "584a8279a44a",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/rds/rdma.c",
"net/rds/send.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.11"
},
{
"lessThan": "4.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.310",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.272",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.213",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.152",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.82",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.10",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rds: fix WARNING in rds_conn_connect_if_down\n\nIf connection isn\u0027t established yet, get_mr() will fail, trigger connection after\nget_mr()."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:13.230Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/786854141057751bc08eb26f1b02e97c1631c8f4"
},
{
"url": "https://git.kernel.org/stable/c/997efea2bf3a4adb96c306b9ad6a91442237bf5b"
},
{
"url": "https://git.kernel.org/stable/c/9dfc15a10dfd44f8ff7f27488651cb5be6af83c2"
},
{
"url": "https://git.kernel.org/stable/c/b562ebe21ed9adcf42242797dd6cb75beef12bf0"
},
{
"url": "https://git.kernel.org/stable/c/998fd719e6d6468b930ac0c44552ea9ff8b07b80"
},
{
"url": "https://git.kernel.org/stable/c/2b505d05280739ce31d5708da840f42df827cb85"
},
{
"url": "https://git.kernel.org/stable/c/907761307469adecb02461a14120e9a1812a5fb1"
},
{
"url": "https://git.kernel.org/stable/c/c055fc00c07be1f0df7375ab0036cebd1106ed38"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "net/rds: fix WARNING in rds_conn_connect_if_down",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27024",
"datePublished": "2024-05-01T12:49:24.696Z",
"dateReserved": "2024-02-19T14:20:24.210Z",
"dateUpdated": "2024-08-02T00:21:05.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27043
Vulnerability from cvelistv5
Published
2024-05-01 12:54
Modified
2024-08-15 19:22
Severity
Summary
media: edia: dvbdev: fix a use-after-free
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d0f5c28333822f9baa5280d813124920720fd856"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f20c3270f3ed5aa6919a87e4de9bf6c05fb57086"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/096237039d00c839f3e3a5fe6d001bf0db45b644"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0d3fe80b6d175c220b3e252efc6c6777e700e98e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/437a111f79a2f5b2a5f21e27fdec6f40c8768712"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/779e8db7efb22316c8581d6c229636d2f5694a62"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/35674111a043b0482a9bc69da8850a83f465b07d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b7586e902128e4fb7bfbb661cb52e4215a65637b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8c64f4cdf4e6cc5682c52523713af8c39c94e6d5"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27043",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T19:22:34.576999Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T19:22:42.564Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/media/dvb-core/dvbdev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d0f5c2833382",
"status": "affected",
"version": "b61901024776",
"versionType": "git"
},
{
"lessThan": "f20c3270f3ed",
"status": "affected",
"version": "b61901024776",
"versionType": "git"
},
{
"lessThan": "096237039d00",
"status": "affected",
"version": "b61901024776",
"versionType": "git"
},
{
"lessThan": "0d3fe80b6d17",
"status": "affected",
"version": "b61901024776",
"versionType": "git"
},
{
"lessThan": "437a111f79a2",
"status": "affected",
"version": "b61901024776",
"versionType": "git"
},
{
"lessThan": "779e8db7efb2",
"status": "affected",
"version": "b61901024776",
"versionType": "git"
},
{
"lessThan": "35674111a043",
"status": "affected",
"version": "b61901024776",
"versionType": "git"
},
{
"lessThan": "b7586e902128",
"status": "affected",
"version": "b61901024776",
"versionType": "git"
},
{
"lessThan": "8c64f4cdf4e6",
"status": "affected",
"version": "b61901024776",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/media/dvb-core/dvbdev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.21"
},
{
"lessThan": "2.6.21",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.311",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.273",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: edia: dvbdev: fix a use-after-free\n\nIn dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed\nin several error-handling paths. However, *pdvbdev is not set to NULL\nafter dvbdev\u0027s deallocation, causing use-after-frees in many places,\nfor example, in the following call chain:\n\nbudget_register\n |-\u003e dvb_dmxdev_init\n |-\u003e dvb_register_device\n |-\u003e dvb_dmxdev_release\n |-\u003e dvb_unregister_device\n |-\u003e dvb_remove_device\n |-\u003e dvb_device_put\n |-\u003e kref_put\n\nWhen calling dvb_unregister_device, dmxdev-\u003edvbdev (i.e. *pdvbdev in\ndvb_register_device) could point to memory that had been freed in\ndvb_register_device. Thereafter, this pointer is transferred to\nkref_put and triggering a use-after-free."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:32.585Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d0f5c28333822f9baa5280d813124920720fd856"
},
{
"url": "https://git.kernel.org/stable/c/f20c3270f3ed5aa6919a87e4de9bf6c05fb57086"
},
{
"url": "https://git.kernel.org/stable/c/096237039d00c839f3e3a5fe6d001bf0db45b644"
},
{
"url": "https://git.kernel.org/stable/c/0d3fe80b6d175c220b3e252efc6c6777e700e98e"
},
{
"url": "https://git.kernel.org/stable/c/437a111f79a2f5b2a5f21e27fdec6f40c8768712"
},
{
"url": "https://git.kernel.org/stable/c/779e8db7efb22316c8581d6c229636d2f5694a62"
},
{
"url": "https://git.kernel.org/stable/c/35674111a043b0482a9bc69da8850a83f465b07d"
},
{
"url": "https://git.kernel.org/stable/c/b7586e902128e4fb7bfbb661cb52e4215a65637b"
},
{
"url": "https://git.kernel.org/stable/c/8c64f4cdf4e6cc5682c52523713af8c39c94e6d5"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "media: edia: dvbdev: fix a use-after-free",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27043",
"datePublished": "2024-05-01T12:54:11.197Z",
"dateReserved": "2024-02-19T14:20:24.212Z",
"dateUpdated": "2024-08-15T19:22:42.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27015
Vulnerability from cvelistv5
Published
2024-05-01 05:29
Modified
2024-08-02 00:21
Severity
Summary
netfilter: flowtable: incorrect pppoe tuple
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27015",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T18:55:50.907431Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T18:55:59.147Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e719b52d0c56989b0f3475a03a6d64f182c85b56"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f1c3c61701a0b12f4906152c1626a5de580ea3d2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4ed82dd368ad883dc4284292937b882f044e625d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e3f078103421642fcd5f05c5e70777feb10f000d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6db5dc7b351b9569940cd1cf445e237c42cd6d27"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/netfilter/nf_flow_table_ip.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e719b52d0c56",
"status": "affected",
"version": "72efd585f714",
"versionType": "git"
},
{
"lessThan": "f1c3c61701a0",
"status": "affected",
"version": "72efd585f714",
"versionType": "git"
},
{
"lessThan": "4ed82dd368ad",
"status": "affected",
"version": "72efd585f714",
"versionType": "git"
},
{
"lessThan": "e3f078103421",
"status": "affected",
"version": "72efd585f714",
"versionType": "git"
},
{
"lessThan": "6db5dc7b351b",
"status": "affected",
"version": "72efd585f714",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/netfilter/nf_flow_table_ip.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.13"
},
{
"lessThan": "5.13",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: incorrect pppoe tuple\n\npppoe traffic reaching ingress path does not match the flowtable entry\nbecause the pppoe header is expected to be at the network header offset.\nThis bug causes a mismatch in the flow table lookup, so pppoe packets\nenter the classical forwarding path."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:03.528Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e719b52d0c56989b0f3475a03a6d64f182c85b56"
},
{
"url": "https://git.kernel.org/stable/c/f1c3c61701a0b12f4906152c1626a5de580ea3d2"
},
{
"url": "https://git.kernel.org/stable/c/4ed82dd368ad883dc4284292937b882f044e625d"
},
{
"url": "https://git.kernel.org/stable/c/e3f078103421642fcd5f05c5e70777feb10f000d"
},
{
"url": "https://git.kernel.org/stable/c/6db5dc7b351b9569940cd1cf445e237c42cd6d27"
}
],
"title": "netfilter: flowtable: incorrect pppoe tuple",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27015",
"datePublished": "2024-05-01T05:29:52.281Z",
"dateReserved": "2024-02-19T14:20:24.209Z",
"dateUpdated": "2024-08-02T00:21:05.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26963
Vulnerability from cvelistv5
Published
2024-05-01 05:19
Modified
2024-08-02 00:21
Severity
Summary
usb: dwc3-am62: fix module unload/reload behavior
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26963",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T14:32:32.392082Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T14:32:40.225Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.692Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6c6a45645a2e6a272dfde14eddbb6706de63c25d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7dfed9855397d0df4c6f748d1f66547ab3bad766"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/629b534c42d04f0797980f2d1ed105fdb8906975"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3895780fabd120d0fbd54354014e85207b25687c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6661befe41009c210efa2c1bcd16a5cc4cff8a06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/usb/dwc3/dwc3-am62.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6c6a45645a2e",
"status": "affected",
"version": "e8784c0aec03",
"versionType": "git"
},
{
"lessThan": "7dfed9855397",
"status": "affected",
"version": "e8784c0aec03",
"versionType": "git"
},
{
"lessThan": "629b534c42d0",
"status": "affected",
"version": "e8784c0aec03",
"versionType": "git"
},
{
"lessThan": "3895780fabd1",
"status": "affected",
"version": "e8784c0aec03",
"versionType": "git"
},
{
"lessThan": "6661befe4100",
"status": "affected",
"version": "e8784c0aec03",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/usb/dwc3/dwc3-am62.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.19"
},
{
"lessThan": "5.19",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3-am62: fix module unload/reload behavior\n\nAs runtime PM is enabled, the module can be runtime\nsuspended when .remove() is called.\n\nDo a pm_runtime_get_sync() to make sure module is active\nbefore doing any register operations.\n\nDoing a pm_runtime_put_sync() should disable the refclk\nso no need to disable it again.\n\nFixes the below warning at module removel.\n\n[ 39.705310] ------------[ cut here ]------------\n[ 39.710004] clk:162:3 already disabled\n[ 39.713941] WARNING: CPU: 0 PID: 921 at drivers/clk/clk.c:1090 clk_core_disable+0xb0/0xb8\n\nWe called of_platform_populate() in .probe() so call the\ncleanup function of_platform_depopulate() in .remove().\nGet rid of the now unnnecessary dwc3_ti_remove_core().\nWithout this, module re-load doesn\u0027t work properly."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:57.486Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/6c6a45645a2e6a272dfde14eddbb6706de63c25d"
},
{
"url": "https://git.kernel.org/stable/c/7dfed9855397d0df4c6f748d1f66547ab3bad766"
},
{
"url": "https://git.kernel.org/stable/c/629b534c42d04f0797980f2d1ed105fdb8906975"
},
{
"url": "https://git.kernel.org/stable/c/3895780fabd120d0fbd54354014e85207b25687c"
},
{
"url": "https://git.kernel.org/stable/c/6661befe41009c210efa2c1bcd16a5cc4cff8a06"
}
],
"title": "usb: dwc3-am62: fix module unload/reload behavior",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26963",
"datePublished": "2024-05-01T05:19:24.573Z",
"dateReserved": "2024-02-19T14:20:24.201Z",
"dateUpdated": "2024-08-02T00:21:05.692Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26981
Vulnerability from cvelistv5
Published
2024-05-01 05:27
Modified
2024-08-02 00:21
Severity
Summary
nilfs2: fix OOB in nilfs_set_de_type
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26981",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T14:33:30.572731Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T14:33:40.696Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.867Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/054f29e9ca05be3906544c5f2a2c7321c30a4243"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/90f43980ea6be4ad903e389be9a27a2a0018f1c8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7061c7efbb9e8f11ce92d6b4646405ea2b0b4de1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bdbe483da21f852c93b22557b146bc4d989260f0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/897ac5306bbeb83e90c437326f7044c79a17c611"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2382eae66b196c31893984a538908c3eb7506ff9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/90823f8d9ecca3d5fa6b102c8e464c62f416975f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c4a7dc9523b59b3e73fd522c73e95e072f876b16"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/nilfs2/dir.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "054f29e9ca05",
"status": "affected",
"version": "2ba466d74ed7",
"versionType": "git"
},
{
"lessThan": "90f43980ea6b",
"status": "affected",
"version": "2ba466d74ed7",
"versionType": "git"
},
{
"lessThan": "7061c7efbb9e",
"status": "affected",
"version": "2ba466d74ed7",
"versionType": "git"
},
{
"lessThan": "bdbe483da21f",
"status": "affected",
"version": "2ba466d74ed7",
"versionType": "git"
},
{
"lessThan": "897ac5306bbe",
"status": "affected",
"version": "2ba466d74ed7",
"versionType": "git"
},
{
"lessThan": "2382eae66b19",
"status": "affected",
"version": "2ba466d74ed7",
"versionType": "git"
},
{
"lessThan": "90823f8d9ecc",
"status": "affected",
"version": "2ba466d74ed7",
"versionType": "git"
},
{
"lessThan": "c4a7dc9523b5",
"status": "affected",
"version": "2ba466d74ed7",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/nilfs2/dir.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.30"
},
{
"lessThan": "2.6.30",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.313",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.275",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.216",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix OOB in nilfs_set_de_type\n\nThe size of the nilfs_type_by_mode array in the fs/nilfs2/dir.c file is\ndefined as \"S_IFMT \u003e\u003e S_SHIFT\", but the nilfs_set_de_type() function,\nwhich uses this array, specifies the index to read from the array in the\nsame way as \"(mode \u0026 S_IFMT) \u003e\u003e S_SHIFT\".\n\nstatic void nilfs_set_de_type(struct nilfs_dir_entry *de, struct inode\n *inode)\n{\n\tumode_t mode = inode-\u003ei_mode;\n\n\tde-\u003efile_type = nilfs_type_by_mode[(mode \u0026 S_IFMT)\u003e\u003eS_SHIFT]; // oob\n}\n\nHowever, when the index is determined this way, an out-of-bounds (OOB)\nerror occurs by referring to an index that is 1 larger than the array size\nwhen the condition \"mode \u0026 S_IFMT == S_IFMT\" is satisfied. Therefore, a\npatch to resize the nilfs_type_by_mode array should be applied to prevent\nOOB errors."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:21.947Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/054f29e9ca05be3906544c5f2a2c7321c30a4243"
},
{
"url": "https://git.kernel.org/stable/c/90f43980ea6be4ad903e389be9a27a2a0018f1c8"
},
{
"url": "https://git.kernel.org/stable/c/7061c7efbb9e8f11ce92d6b4646405ea2b0b4de1"
},
{
"url": "https://git.kernel.org/stable/c/bdbe483da21f852c93b22557b146bc4d989260f0"
},
{
"url": "https://git.kernel.org/stable/c/897ac5306bbeb83e90c437326f7044c79a17c611"
},
{
"url": "https://git.kernel.org/stable/c/2382eae66b196c31893984a538908c3eb7506ff9"
},
{
"url": "https://git.kernel.org/stable/c/90823f8d9ecca3d5fa6b102c8e464c62f416975f"
},
{
"url": "https://git.kernel.org/stable/c/c4a7dc9523b59b3e73fd522c73e95e072f876b16"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "nilfs2: fix OOB in nilfs_set_de_type",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26981",
"datePublished": "2024-05-01T05:27:06.469Z",
"dateReserved": "2024-02-19T14:20:24.204Z",
"dateUpdated": "2024-08-02T00:21:05.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26945
Vulnerability from cvelistv5
Published
2024-05-01 05:18
Modified
2024-08-02 00:21
Severity
Summary
crypto: iaa - Fix nr_cpus < nr_iaa case
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "1da177e4c3f4"
}
]
},
{
"cpes": [
"cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unknown",
"version": "6.8.3"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unknown",
"version": "6.9"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-26945",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-16T18:02:58.634456Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-369",
"description": "CWE-369 Divide By Zero",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:48:55.490Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.633Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a5ca1be7f9817de4e93085778b3ee2219bdc2664"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5a7e89d3315d1be86aff8a8bf849023cda6547f7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/crypto/intel/iaa/iaa_crypto_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a5ca1be7f981",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "5a7e89d3315d",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/crypto/intel/iaa/iaa_crypto_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: iaa - Fix nr_cpus \u003c nr_iaa case\n\nIf nr_cpus \u003c nr_iaa, the calculated cpus_per_iaa will be 0, which\ncauses a divide-by-0 in rebalance_wq_table().\n\nMake sure cpus_per_iaa is 1 in that case, and also in the nr_iaa == 0\ncase, even though cpus_per_iaa is never used if nr_iaa == 0, for\nparanoia."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:38.372Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a5ca1be7f9817de4e93085778b3ee2219bdc2664"
},
{
"url": "https://git.kernel.org/stable/c/5a7e89d3315d1be86aff8a8bf849023cda6547f7"
}
],
"title": "crypto: iaa - Fix nr_cpus \u003c nr_iaa case",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26945",
"datePublished": "2024-05-01T05:18:09.112Z",
"dateReserved": "2024-02-19T14:20:24.197Z",
"dateUpdated": "2024-08-02T00:21:05.633Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27049
Vulnerability from cvelistv5
Published
2024-05-01 12:54
Modified
2024-08-02 00:21
Severity
Summary
wifi: mt76: mt7925e: fix use-after-free in free_irq()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27049",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T16:17:01.567202Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:46:48.855Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.929Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/84470b48af03a818039d587478b415cbcb264ff5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6d9930096e1f13cf6d9aabfbf95d0e05fb04144f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a5a5f4413d91f395cb2d89829d376d7393ad48b9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/mediatek/mt76/mt7925/pci.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "84470b48af03",
"status": "affected",
"version": "c948b5da6bbe",
"versionType": "git"
},
{
"lessThan": "6d9930096e1f",
"status": "affected",
"version": "c948b5da6bbe",
"versionType": "git"
},
{
"lessThan": "a5a5f4413d91",
"status": "affected",
"version": "c948b5da6bbe",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/mediatek/mt76/mt7925/pci.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.7"
},
{
"lessThan": "6.7",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925e: fix use-after-free in free_irq()\n\nFrom commit a304e1b82808 (\"[PATCH] Debug shared irqs\"), there is a test\nto make sure the shared irq handler should be able to handle the unexpected\nevent after deregistration. For this case, let\u0027s apply MT76_REMOVED flag to\nindicate the device was removed and do not run into the resource access\nanymore."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:38.673Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/84470b48af03a818039d587478b415cbcb264ff5"
},
{
"url": "https://git.kernel.org/stable/c/6d9930096e1f13cf6d9aabfbf95d0e05fb04144f"
},
{
"url": "https://git.kernel.org/stable/c/a5a5f4413d91f395cb2d89829d376d7393ad48b9"
}
],
"title": "wifi: mt76: mt7925e: fix use-after-free in free_irq()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27049",
"datePublished": "2024-05-01T12:54:32.122Z",
"dateReserved": "2024-02-19T14:20:24.213Z",
"dateUpdated": "2024-08-02T00:21:05.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26976
Vulnerability from cvelistv5
Published
2024-05-01 05:20
Modified
2024-08-02 00:21
Severity
Summary
KVM: Always flush async #PF workqueue when vCPU is being destroyed
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "ab2c2f5d9576",
"status": "affected",
"version": "af585b921e5d",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "82e25cc1c2e9",
"status": "affected",
"version": "af585b921e5d",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "8730d6335e5",
"status": "affected",
"version": "af585b921e5d",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "83d3c5e30961",
"status": "affected",
"version": "af585b921e5d",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "b54478d20375",
"status": "affected",
"version": "af585b921e5d",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "a75afe480d43",
"status": "affected",
"version": "af585b921e5d",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "4f3a3bce428f",
"status": "affected",
"version": "af585b921e5d",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "caa9af2e27c2",
"status": "affected",
"version": "af585b921e5d",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "3d75b8aa5c29",
"status": "affected",
"version": "af585b921e5d",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "2.6.38"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "2.6.38",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "4.20",
"status": "unaffected",
"version": "4.19.312",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.5",
"status": "unaffected",
"version": "5.4.274",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.11",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.16",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.2",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.7",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.8",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.9",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unaffected",
"version": "6.9"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-26976",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-18T18:39:36.198113Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-18T19:43:43.628Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ab2c2f5d9576112ad22cfd3798071cb74693b1f5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/82e25cc1c2e93c3023da98be282322fc08b61ffb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f8730d6335e5f43d09151fca1f0f41922209a264"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/83d3c5e309611ef593e2fcb78444fc8ceedf9bac"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b54478d20375874aeee257744dedfd3e413432ff"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a75afe480d4349c524d9c659b1a5a544dbc39a98"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4f3a3bce428fb439c66a578adc447afce7b4a750"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/caa9af2e27c275e089d702cfbaaece3b42bca31b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3d75b8aa5c29058a512db29da7cbee8052724157"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"virt/kvm/async_pf.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ab2c2f5d9576",
"status": "affected",
"version": "af585b921e5d",
"versionType": "git"
},
{
"lessThan": "82e25cc1c2e9",
"status": "affected",
"version": "af585b921e5d",
"versionType": "git"
},
{
"lessThan": "f8730d6335e5",
"status": "affected",
"version": "af585b921e5d",
"versionType": "git"
},
{
"lessThan": "83d3c5e30961",
"status": "affected",
"version": "af585b921e5d",
"versionType": "git"
},
{
"lessThan": "b54478d20375",
"status": "affected",
"version": "af585b921e5d",
"versionType": "git"
},
{
"lessThan": "a75afe480d43",
"status": "affected",
"version": "af585b921e5d",
"versionType": "git"
},
{
"lessThan": "4f3a3bce428f",
"status": "affected",
"version": "af585b921e5d",
"versionType": "git"
},
{
"lessThan": "caa9af2e27c2",
"status": "affected",
"version": "af585b921e5d",
"versionType": "git"
},
{
"lessThan": "3d75b8aa5c29",
"status": "affected",
"version": "af585b921e5d",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"virt/kvm/async_pf.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.38"
},
{
"lessThan": "2.6.38",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.312",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.274",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Always flush async #PF workqueue when vCPU is being destroyed\n\nAlways flush the per-vCPU async #PF workqueue when a vCPU is clearing its\ncompletion queue, e.g. when a VM and all its vCPUs is being destroyed.\nKVM must ensure that none of its workqueue callbacks is running when the\nlast reference to the KVM _module_ is put. Gifting a reference to the\nassociated VM prevents the workqueue callback from dereferencing freed\nvCPU/VM memory, but does not prevent the KVM module from being unloaded\nbefore the callback completes.\n\nDrop the misguided VM refcount gifting, as calling kvm_put_kvm() from\nasync_pf_execute() if kvm_put_kvm() flushes the async #PF workqueue will\nresult in deadlock. async_pf_execute() can\u0027t return until kvm_put_kvm()\nfinishes, and kvm_put_kvm() can\u0027t return until async_pf_execute() finishes:\n\n WARNING: CPU: 8 PID: 251 at virt/kvm/kvm_main.c:1435 kvm_put_kvm+0x2d/0x320 [kvm]\n Modules linked in: vhost_net vhost vhost_iotlb tap kvm_intel kvm irqbypass\n CPU: 8 PID: 251 Comm: kworker/8:1 Tainted: G W 6.6.0-rc1-e7af8d17224a-x86/gmem-vm #119\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n Workqueue: events async_pf_execute [kvm]\n RIP: 0010:kvm_put_kvm+0x2d/0x320 [kvm]\n Call Trace:\n \u003cTASK\u003e\n async_pf_execute+0x198/0x260 [kvm]\n process_one_work+0x145/0x2d0\n worker_thread+0x27e/0x3a0\n kthread+0xba/0xe0\n ret_from_fork+0x2d/0x50\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n INFO: task kworker/8:1:251 blocked for more than 120 seconds.\n Tainted: G W 6.6.0-rc1-e7af8d17224a-x86/gmem-vm #119\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:kworker/8:1 state:D stack:0 pid:251 ppid:2 flags:0x00004000\n Workqueue: events async_pf_execute [kvm]\n Call Trace:\n \u003cTASK\u003e\n __schedule+0x33f/0xa40\n schedule+0x53/0xc0\n schedule_timeout+0x12a/0x140\n __wait_for_common+0x8d/0x1d0\n __flush_work.isra.0+0x19f/0x2c0\n kvm_clear_async_pf_completion_queue+0x129/0x190 [kvm]\n kvm_arch_destroy_vm+0x78/0x1b0 [kvm]\n kvm_put_kvm+0x1c1/0x320 [kvm]\n async_pf_execute+0x198/0x260 [kvm]\n process_one_work+0x145/0x2d0\n worker_thread+0x27e/0x3a0\n kthread+0xba/0xe0\n ret_from_fork+0x2d/0x50\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nIf kvm_clear_async_pf_completion_queue() actually flushes the workqueue,\nthen there\u0027s no need to gift async_pf_execute() a reference because all\ninvocations of async_pf_execute() will be forced to complete before the\nvCPU and its VM are destroyed/freed. And that in turn fixes the module\nunloading bug as __fput() won\u0027t do module_put() on the last vCPU reference\nuntil the vCPU has been freed, e.g. if closing the vCPU file also puts the\nlast reference to the KVM module.\n\nNote that kvm_check_async_pf_completion() may also take the work item off\nthe completion queue and so also needs to flush the work queue, as the\nwork will not be seen by kvm_clear_async_pf_completion_queue(). Waiting\non the workqueue could theoretically delay a vCPU due to waiting for the\nwork to complete, but that\u0027s a very, very small chance, and likely a very\nsmall delay. kvm_arch_async_page_present_queued() unconditionally makes a\nnew request, i.e. will effectively delay entering the guest, so the\nremaining work is really just:\n\n trace_kvm_async_pf_completed(addr, cr2_or_gpa);\n\n __kvm_vcpu_wake_up(vcpu);\n\n mmput(mm);\n\nand mmput() can\u0027t drop the last reference to the page tables if the vCPU is\nstill alive, i.e. the vCPU won\u0027t get stuck tearing down page tables.\n\nAdd a helper to do the flushing, specifically to deal with \"wakeup all\"\nwork items, as they aren\u0027t actually work items, i.e. are never placed in a\nworkqueue. Trying to flush a bogus workqueue entry rightly makes\n__flush_work() complain (kudos to whoever added that sanity check).\n\nNote, commit 5f6de5cbebee (\"KVM: Prevent module exit until al\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:16.358Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ab2c2f5d9576112ad22cfd3798071cb74693b1f5"
},
{
"url": "https://git.kernel.org/stable/c/82e25cc1c2e93c3023da98be282322fc08b61ffb"
},
{
"url": "https://git.kernel.org/stable/c/f8730d6335e5f43d09151fca1f0f41922209a264"
},
{
"url": "https://git.kernel.org/stable/c/83d3c5e309611ef593e2fcb78444fc8ceedf9bac"
},
{
"url": "https://git.kernel.org/stable/c/b54478d20375874aeee257744dedfd3e413432ff"
},
{
"url": "https://git.kernel.org/stable/c/a75afe480d4349c524d9c659b1a5a544dbc39a98"
},
{
"url": "https://git.kernel.org/stable/c/4f3a3bce428fb439c66a578adc447afce7b4a750"
},
{
"url": "https://git.kernel.org/stable/c/caa9af2e27c275e089d702cfbaaece3b42bca31b"
},
{
"url": "https://git.kernel.org/stable/c/3d75b8aa5c29058a512db29da7cbee8052724157"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "KVM: Always flush async #PF workqueue when vCPU is being destroyed",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26976",
"datePublished": "2024-05-01T05:20:24.025Z",
"dateReserved": "2024-02-19T14:20:24.203Z",
"dateUpdated": "2024-08-02T00:21:05.782Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26931
Vulnerability from cvelistv5
Published
2024-05-01 05:17
Modified
2024-08-02 00:21
Severity
Summary
scsi: qla2xxx: Fix command flush on cable pull
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.629Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b73377124f56d2fec154737c2f8d2e839c237d5a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d7a68eee87b05d4e29419e6f151aef99314970a9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/67b2d35853c2da25a8ca1c4190a5e96d3083c2ac"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a859f6a8f4234b8ef62862bf7a92f1af5f8cd47a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/09c0ac18cac206ed1218b1fe6c1a0918e5ea9211"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8de1584ec4fe0ebea33c273036e7e0a05e65c81d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8f0d32004e3a572bb77e6c11c2797c87f8c9703d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ec7587eef003cab15a13446d67c3adb88146a150"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a27d4d0e7de305def8a5098a614053be208d1aa1"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/scsi/qla2xxx/qla_target.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b73377124f56",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "d7a68eee87b0",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "67b2d35853c2",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "a859f6a8f423",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "09c0ac18cac2",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "8de1584ec4fe",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "8f0d32004e3a",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "ec7587eef003",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "a27d4d0e7de3",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/scsi/qla2xxx/qla_target.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.312",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.274",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix command flush on cable pull\n\nSystem crash due to command failed to flush back to SCSI layer.\n\n BUG: unable to handle kernel NULL pointer dereference at 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP NOPTI\n CPU: 27 PID: 793455 Comm: kworker/u130:6 Kdump: loaded Tainted: G OE --------- - - 4.18.0-372.9.1.el8.x86_64 #1\n Hardware name: HPE ProLiant DL360 Gen10/ProLiant DL360 Gen10, BIOS U32 09/03/2021\n Workqueue: nvme-wq nvme_fc_connect_ctrl_work [nvme_fc]\n RIP: 0010:__wake_up_common+0x4c/0x190\n Code: 24 10 4d 85 c9 74 0a 41 f6 01 04 0f 85 9d 00 00 00 48 8b 43 08 48 83 c3 08 4c 8d 48 e8 49 8d 41 18 48 39 c3 0f 84 f0 00 00 00 \u003c49\u003e 8b 41 18 89 54 24 08 31 ed 4c 8d 70 e8 45 8b 29 41 f6 c5 04 75\n RSP: 0018:ffff95f3e0cb7cd0 EFLAGS: 00010086\n RAX: 0000000000000000 RBX: ffff8b08d3b26328 RCX: 0000000000000000\n RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff8b08d3b26320\n RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffe8\n R10: 0000000000000000 R11: ffff95f3e0cb7a60 R12: ffff95f3e0cb7d20\n R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8b2fdf6c0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000002f1e410002 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n __wake_up_common_lock+0x7c/0xc0\n qla_nvme_ls_req+0x355/0x4c0 [qla2xxx]\n qla2xxx [0000:12:00.1]-f084:3: qlt_free_session_done: se_sess 0000000000000000 / sess ffff8ae1407ca000 from port 21:32:00:02:ac:07:ee:b8 loop_id 0x02 s_id 01:02:00 logout 1 keep 0 els_logo 0\n ? __nvme_fc_send_ls_req+0x260/0x380 [nvme_fc]\n qla2xxx [0000:12:00.1]-207d:3: FCPort 21:32:00:02:ac:07:ee:b8 state transitioned from ONLINE to LOST - portid=010200.\n ? nvme_fc_send_ls_req.constprop.42+0x1a/0x45 [nvme_fc]\n qla2xxx [0000:12:00.1]-2109:3: qla2x00_schedule_rport_del 21320002ac07eeb8. rport ffff8ae598122000 roles 1\n ? nvme_fc_connect_ctrl_work.cold.63+0x1e3/0xa7d [nvme_fc]\n qla2xxx [0000:12:00.1]-f084:3: qlt_free_session_done: se_sess 0000000000000000 / sess ffff8ae14801e000 from port 21:32:01:02:ad:f7:ee:b8 loop_id 0x04 s_id 01:02:01 logout 1 keep 0 els_logo 0\n ? __switch_to+0x10c/0x450\n ? process_one_work+0x1a7/0x360\n qla2xxx [0000:12:00.1]-207d:3: FCPort 21:32:01:02:ad:f7:ee:b8 state transitioned from ONLINE to LOST - portid=010201.\n ? worker_thread+0x1ce/0x390\n ? create_worker+0x1a0/0x1a0\n qla2xxx [0000:12:00.1]-2109:3: qla2x00_schedule_rport_del 21320102adf7eeb8. rport ffff8ae3b2312800 roles 70\n ? kthread+0x10a/0x120\n qla2xxx [0000:12:00.1]-2112:3: qla_nvme_unregister_remote_port: unregister remoteport on ffff8ae14801e000 21320102adf7eeb8\n ? set_kthread_struct+0x40/0x40\n qla2xxx [0000:12:00.1]-2110:3: remoteport_delete of ffff8ae14801e000 21320102adf7eeb8 completed.\n ? ret_from_fork+0x1f/0x40\n qla2xxx [0000:12:00.1]-f086:3: qlt_free_session_done: waiting for sess ffff8ae14801e000 logout\n\nThe system was under memory stress where driver was not able to allocate an\nSRB to carry out error recovery of cable pull. The failure to flush causes\nupper layer to start modifying scsi_cmnd. When the system frees up some\nmemory, the subsequent cable pull trigger another command flush. At this\npoint the driver access a null pointer when attempting to DMA unmap the\nSGL.\n\nAdd a check to make sure commands are flush back on session tear down to\nprevent the null pointer access."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:13.945Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b73377124f56d2fec154737c2f8d2e839c237d5a"
},
{
"url": "https://git.kernel.org/stable/c/d7a68eee87b05d4e29419e6f151aef99314970a9"
},
{
"url": "https://git.kernel.org/stable/c/67b2d35853c2da25a8ca1c4190a5e96d3083c2ac"
},
{
"url": "https://git.kernel.org/stable/c/a859f6a8f4234b8ef62862bf7a92f1af5f8cd47a"
},
{
"url": "https://git.kernel.org/stable/c/09c0ac18cac206ed1218b1fe6c1a0918e5ea9211"
},
{
"url": "https://git.kernel.org/stable/c/8de1584ec4fe0ebea33c273036e7e0a05e65c81d"
},
{
"url": "https://git.kernel.org/stable/c/8f0d32004e3a572bb77e6c11c2797c87f8c9703d"
},
{
"url": "https://git.kernel.org/stable/c/ec7587eef003cab15a13446d67c3adb88146a150"
},
{
"url": "https://git.kernel.org/stable/c/a27d4d0e7de305def8a5098a614053be208d1aa1"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "scsi: qla2xxx: Fix command flush on cable pull",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26931",
"datePublished": "2024-05-01T05:17:14.823Z",
"dateReserved": "2024-02-19T14:20:24.195Z",
"dateUpdated": "2024-08-02T00:21:05.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-25743
Vulnerability from cvelistv5
Published
Modified
2024-08-15 15:36
Severity
Summary
In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:05.738Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3008.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1223307"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270836"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-25743",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-23T19:06:44.168868Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T15:36:42.796Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T21:13:28.367115",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3008.html"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1223307"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270836"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25743",
"dateUpdated": "2024-08-15T15:36:42.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27068
Vulnerability from cvelistv5
Published
2024-05-01 13:04
Modified
2024-08-02 00:27
Severity
Summary
thermal/drivers/mediatek/lvts_thermal: Fix a memory leak in an error handling path
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27068",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T20:22:13.136610Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:46:56.580Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:57.826Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2db869da91afd48e5b9ec76814709be49662b07d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a37f3652bee468f879d35fe2da9ede3f1dcbb7be"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9b02197596671800dd934609384b1aca7c6ad218"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ca93bf607a44c1f009283dac4af7df0d9ae5e357"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/thermal/mediatek/lvts_thermal.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "2db869da91af",
"status": "affected",
"version": "f5f633b18234",
"versionType": "git"
},
{
"lessThan": "a37f3652bee4",
"status": "affected",
"version": "f5f633b18234",
"versionType": "git"
},
{
"lessThan": "9b0219759667",
"status": "affected",
"version": "f5f633b18234",
"versionType": "git"
},
{
"lessThan": "ca93bf607a44",
"status": "affected",
"version": "f5f633b18234",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/thermal/mediatek/lvts_thermal.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.3"
},
{
"lessThan": "6.3",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal/drivers/mediatek/lvts_thermal: Fix a memory leak in an error handling path\n\nIf devm_krealloc() fails, then \u0027efuse\u0027 is leaking.\nSo free it to avoid a leak."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:58.680Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/2db869da91afd48e5b9ec76814709be49662b07d"
},
{
"url": "https://git.kernel.org/stable/c/a37f3652bee468f879d35fe2da9ede3f1dcbb7be"
},
{
"url": "https://git.kernel.org/stable/c/9b02197596671800dd934609384b1aca7c6ad218"
},
{
"url": "https://git.kernel.org/stable/c/ca93bf607a44c1f009283dac4af7df0d9ae5e357"
}
],
"title": "thermal/drivers/mediatek/lvts_thermal: Fix a memory leak in an error handling path",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27068",
"datePublished": "2024-05-01T13:04:19.518Z",
"dateReserved": "2024-02-19T14:20:24.216Z",
"dateUpdated": "2024-08-02T00:27:57.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52648
Vulnerability from cvelistv5
Published
2024-05-01 05:17
Modified
2024-08-02 23:03
Severity
Summary
drm/vmwgfx: Unmap the surface before resetting it on a plane state
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52648",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-09T18:39:19.903271Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:45.878Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:03:21.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0a23f95af7f28dae7c0f7c82578ca5e1a239d461"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/105f72cc48c4c93f4578fcc61e06276471858e92"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/75baad63c033b3b900d822bffbc96c9d3649bc75"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/27571c64f1855881753e6f33c3186573afbab7ba"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/vmwgfx/vmwgfx_kms.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0a23f95af7f2",
"status": "affected",
"version": "485d98d472d5",
"versionType": "git"
},
{
"lessThan": "105f72cc48c4",
"status": "affected",
"version": "485d98d472d5",
"versionType": "git"
},
{
"lessThan": "75baad63c033",
"status": "affected",
"version": "485d98d472d5",
"versionType": "git"
},
{
"lessThan": "27571c64f185",
"status": "affected",
"version": "485d98d472d5",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/vmwgfx/vmwgfx_kms.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.19"
},
{
"lessThan": "5.19",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Unmap the surface before resetting it on a plane state\n\nSwitch to a new plane state requires unreferencing of all held surfaces.\nIn the work required for mob cursors the mapped surfaces started being\ncached but the variable indicating whether the surface is currently\nmapped was not being reset. This leads to crashes as the duplicated\nstate, incorrectly, indicates the that surface is mapped even when\nno surface is present. That\u0027s because after unreferencing the surface\nit\u0027s perfectly possible for the plane to be backed by a bo instead of a\nsurface.\n\nReset the surface mapped flag when unreferencing the plane state surface\nto fix null derefs in cleanup. Fixes crashes in KDE KWin 6.0 on Wayland:\n\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 4 PID: 2533 Comm: kwin_wayland Not tainted 6.7.0-rc3-vmwgfx #2\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nRIP: 0010:vmw_du_cursor_plane_cleanup_fb+0x124/0x140 [vmwgfx]\nCode: 00 00 00 75 3a 48 83 c4 10 5b 5d c3 cc cc cc cc 48 8b b3 a8 00 00 00 48 c7 c7 99 90 43 c0 e8 93 c5 db ca 48 8b 83 a8 00 00 00 \u003c48\u003e 8b 78 28 e8 e3 f\u003e\nRSP: 0018:ffffb6b98216fa80 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff969d84cdcb00 RCX: 0000000000000027\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff969e75f21600\nRBP: ffff969d4143dc50 R08: 0000000000000000 R09: ffffb6b98216f920\nR10: 0000000000000003 R11: ffff969e7feb3b10 R12: 0000000000000000\nR13: 0000000000000000 R14: 000000000000027b R15: ffff969d49c9fc00\nFS: 00007f1e8f1b4180(0000) GS:ffff969e75f00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000028 CR3: 0000000104006004 CR4: 00000000003706f0\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x171/0x4e0\n ? exc_page_fault+0x7f/0x180\n ? asm_exc_page_fault+0x26/0x30\n ? vmw_du_cursor_plane_cleanup_fb+0x124/0x140 [vmwgfx]\n drm_atomic_helper_cleanup_planes+0x9b/0xc0\n commit_tail+0xd1/0x130\n drm_atomic_helper_commit+0x11a/0x140\n drm_atomic_commit+0x97/0xd0\n ? __pfx___drm_printfn_info+0x10/0x10\n drm_atomic_helper_update_plane+0xf5/0x160\n drm_mode_cursor_universal+0x10e/0x270\n drm_mode_cursor_common+0x102/0x230\n ? __pfx_drm_mode_cursor2_ioctl+0x10/0x10\n drm_ioctl_kernel+0xb2/0x110\n drm_ioctl+0x26d/0x4b0\n ? __pfx_drm_mode_cursor2_ioctl+0x10/0x10\n ? __pfx_drm_ioctl+0x10/0x10\n vmw_generic_ioctl+0xa4/0x110 [vmwgfx]\n __x64_sys_ioctl+0x94/0xd0\n do_syscall_64+0x61/0xe0\n ? __x64_sys_ioctl+0xaf/0xd0\n ? syscall_exit_to_user_mode+0x2b/0x40\n ? do_syscall_64+0x70/0xe0\n ? __x64_sys_ioctl+0xaf/0xd0\n ? syscall_exit_to_user_mode+0x2b/0x40\n ? do_syscall_64+0x70/0xe0\n ? exc_page_fault+0x7f/0x180\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\nRIP: 0033:0x7f1e93f279ed\nCode: 04 25 28 00 00 00 48 89 45 c8 31 c0 48 8d 45 10 c7 45 b0 10 00 00 00 48 89 45 b8 48 8d 45 d0 48 89 45 c0 b8 10 00 00 00 0f 05 \u003c89\u003e c2 3d 00 f0 ff f\u003e\nRSP: 002b:00007ffca0faf600 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 000055db876ed2c0 RCX: 00007f1e93f279ed\nRDX: 00007ffca0faf6c0 RSI: 00000000c02464bb RDI: 0000000000000015\nRBP: 00007ffca0faf650 R08: 000055db87184010 R09: 0000000000000007\nR10: 000055db886471a0 R11: 0000000000000246 R12: 00007ffca0faf6c0\nR13: 00000000c02464bb R14: 0000000000000015 R15: 00007ffca0faf790\n \u003c/TASK\u003e\nModules linked in: snd_seq_dummy snd_hrtimer nf_conntrack_netbios_ns nf_conntrack_broadcast nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_ine\u003e\nCR2: 0000000000000028\n---[ end trace 0000000000000000 ]---\nRIP: 0010:vmw_du_cursor_plane_cleanup_fb+0x124/0x140 [vmwgfx]\nCode: 00 00 00 75 3a 48 83 c4 10 5b 5d c3 cc cc cc cc 48 8b b3 a8 00 00 00 48 c7 c7 99 90 43 c0 e8 93 c5 db ca 48 8b 83 a8 00 00 00 \u003c48\u003e 8b 78 28 e8 e3 f\u003e\nRSP: 0018:ffffb6b98216fa80 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff969d84cdcb00 RCX: 0000000000000027\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff969e75f21600\nRBP: ffff969d4143\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:15:05.411Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0a23f95af7f28dae7c0f7c82578ca5e1a239d461"
},
{
"url": "https://git.kernel.org/stable/c/105f72cc48c4c93f4578fcc61e06276471858e92"
},
{
"url": "https://git.kernel.org/stable/c/75baad63c033b3b900d822bffbc96c9d3649bc75"
},
{
"url": "https://git.kernel.org/stable/c/27571c64f1855881753e6f33c3186573afbab7ba"
}
],
"title": "drm/vmwgfx: Unmap the surface before resetting it on a plane state",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-52648",
"datePublished": "2024-05-01T05:17:02.278Z",
"dateReserved": "2024-03-06T09:52:12.094Z",
"dateUpdated": "2024-08-02T23:03:21.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26977
Vulnerability from cvelistv5
Published
2024-05-01 05:20
Modified
2024-08-02 00:21
Severity
Summary
pci_iounmap(): Fix MMIO mapping leak
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26977",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-18T18:26:41.016262Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-18T18:26:51.976Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.898Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5e4b23e7a7b33a1e56bfa3e5598138a2234d55b6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6d21d0356aa44157a62e39c0d1a13d4c69a8d0c8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b5d40f02e7222da032c2042aebcf2a07de9b342f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f3749345a9b7295dd071d0ed589634cb46364f77"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/af280e137e273935f2e09f4d73169998298792ed"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7626913652cc786c238e2dd7d8740b17d41b2637"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"lib/pci_iomap.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5e4b23e7a7b3",
"status": "affected",
"version": "316e8d79a095",
"versionType": "git"
},
{
"lessThan": "6d21d0356aa4",
"status": "affected",
"version": "316e8d79a095",
"versionType": "git"
},
{
"lessThan": "b5d40f02e722",
"status": "affected",
"version": "316e8d79a095",
"versionType": "git"
},
{
"lessThan": "f3749345a9b7",
"status": "affected",
"version": "316e8d79a095",
"versionType": "git"
},
{
"lessThan": "af280e137e27",
"status": "affected",
"version": "316e8d79a095",
"versionType": "git"
},
{
"lessThan": "7626913652cc",
"status": "affected",
"version": "316e8d79a095",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"lib/pci_iomap.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.15"
},
{
"lessThan": "5.15",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npci_iounmap(): Fix MMIO mapping leak\n\nThe #ifdef ARCH_HAS_GENERIC_IOPORT_MAP accidentally also guards iounmap(),\nwhich means MMIO mappings are leaked.\n\nMove the guard so we call iounmap() for MMIO mappings."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:17.378Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/5e4b23e7a7b33a1e56bfa3e5598138a2234d55b6"
},
{
"url": "https://git.kernel.org/stable/c/6d21d0356aa44157a62e39c0d1a13d4c69a8d0c8"
},
{
"url": "https://git.kernel.org/stable/c/b5d40f02e7222da032c2042aebcf2a07de9b342f"
},
{
"url": "https://git.kernel.org/stable/c/f3749345a9b7295dd071d0ed589634cb46364f77"
},
{
"url": "https://git.kernel.org/stable/c/af280e137e273935f2e09f4d73169998298792ed"
},
{
"url": "https://git.kernel.org/stable/c/7626913652cc786c238e2dd7d8740b17d41b2637"
}
],
"title": "pci_iounmap(): Fix MMIO mapping leak",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26977",
"datePublished": "2024-05-01T05:20:28.830Z",
"dateReserved": "2024-02-19T14:20:24.203Z",
"dateUpdated": "2024-08-02T00:21:05.898Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26936
Vulnerability from cvelistv5
Published
2024-05-01 05:26
Modified
2024-08-02 00:21
Severity
Summary
ksmbd: validate request buffer size in smb2_allocate_rsp_buf()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26936",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-10T18:35:18.289818Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:47.084Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8f3d0bf1d0c62b539d54c5b9108a845cff619b99"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/21ff9d7d223c5c19cb4334009e4c0c83a2f4d674"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5c20b242d4fed73a93591e48bfd9772e2322fb11"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2c27a64a2bc47d9bfc7c3cf8be14be53b1ee7cb6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/17cf0c2794bdb6f39671265aa18aea5c22ee8c4a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/smb/server/smb2pdu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8f3d0bf1d0c6",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "21ff9d7d223c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "5c20b242d4fe",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "2c27a64a2bc4",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "17cf0c2794bd",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/smb/server/smb2pdu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.159",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: validate request buffer size in smb2_allocate_rsp_buf()\n\nThe response buffer should be allocated in smb2_allocate_rsp_buf\nbefore validating request. But the fields in payload as well as smb2 header\nis used in smb2_allocate_rsp_buf(). This patch add simple buffer size\nvalidation to avoid potencial out-of-bounds in request buffer."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:29.143Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8f3d0bf1d0c62b539d54c5b9108a845cff619b99"
},
{
"url": "https://git.kernel.org/stable/c/21ff9d7d223c5c19cb4334009e4c0c83a2f4d674"
},
{
"url": "https://git.kernel.org/stable/c/5c20b242d4fed73a93591e48bfd9772e2322fb11"
},
{
"url": "https://git.kernel.org/stable/c/2c27a64a2bc47d9bfc7c3cf8be14be53b1ee7cb6"
},
{
"url": "https://git.kernel.org/stable/c/17cf0c2794bdb6f39671265aa18aea5c22ee8c4a"
}
],
"title": "ksmbd: validate request buffer size in smb2_allocate_rsp_buf()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26936",
"datePublished": "2024-05-01T05:26:51.773Z",
"dateReserved": "2024-02-19T14:20:24.196Z",
"dateUpdated": "2024-08-02T00:21:05.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27025
Vulnerability from cvelistv5
Published
2024-05-01 12:49
Modified
2024-08-02 00:21
Severity
Summary
nbd: null check for nla_nest_start
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27025",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T17:40:20.868698Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:45:55.898Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.917Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/44214d744be32a4769faebba764510888f1eb19e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4af837db0fd3679fabc7b7758397090b0c06dced"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/98e60b538e66c90b9a856828c71d4e975ebfa797"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/96436365e5d80d0106ea785a4f80a58e7c9edff8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b7f5aed55829f376e4f7e5ea5b80ccdcb023e983"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e803040b368d046434fbc8a91945c690332c4fcf"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ba6a9970ce9e284cbc04099361c58731e308596a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/31edf4bbe0ba27fd03ac7d87eb2ee3d2a231af6d"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/block/nbd.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "44214d744be3",
"status": "affected",
"version": "47d902b90a32",
"versionType": "git"
},
{
"lessThan": "4af837db0fd3",
"status": "affected",
"version": "47d902b90a32",
"versionType": "git"
},
{
"lessThan": "98e60b538e66",
"status": "affected",
"version": "47d902b90a32",
"versionType": "git"
},
{
"lessThan": "96436365e5d8",
"status": "affected",
"version": "47d902b90a32",
"versionType": "git"
},
{
"lessThan": "b7f5aed55829",
"status": "affected",
"version": "47d902b90a32",
"versionType": "git"
},
{
"lessThan": "e803040b368d",
"status": "affected",
"version": "47d902b90a32",
"versionType": "git"
},
{
"lessThan": "ba6a9970ce9e",
"status": "affected",
"version": "47d902b90a32",
"versionType": "git"
},
{
"lessThan": "31edf4bbe0ba",
"status": "affected",
"version": "47d902b90a32",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/block/nbd.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.12"
},
{
"lessThan": "4.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.273",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: null check for nla_nest_start\n\nnla_nest_start() may fail and return NULL. Insert a check and set errno\nbased on other call sites within the same source code."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:14.249Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/44214d744be32a4769faebba764510888f1eb19e"
},
{
"url": "https://git.kernel.org/stable/c/4af837db0fd3679fabc7b7758397090b0c06dced"
},
{
"url": "https://git.kernel.org/stable/c/98e60b538e66c90b9a856828c71d4e975ebfa797"
},
{
"url": "https://git.kernel.org/stable/c/96436365e5d80d0106ea785a4f80a58e7c9edff8"
},
{
"url": "https://git.kernel.org/stable/c/b7f5aed55829f376e4f7e5ea5b80ccdcb023e983"
},
{
"url": "https://git.kernel.org/stable/c/e803040b368d046434fbc8a91945c690332c4fcf"
},
{
"url": "https://git.kernel.org/stable/c/ba6a9970ce9e284cbc04099361c58731e308596a"
},
{
"url": "https://git.kernel.org/stable/c/31edf4bbe0ba27fd03ac7d87eb2ee3d2a231af6d"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "nbd: null check for nla_nest_start",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27025",
"datePublished": "2024-05-01T12:49:28.124Z",
"dateReserved": "2024-02-19T14:20:24.210Z",
"dateUpdated": "2024-08-02T00:21:05.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26953
Vulnerability from cvelistv5
Published
2024-05-01 05:18
Modified
2024-08-02 00:21
Severity
Summary
net: esp: fix bad handling of pages from page_pool
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.778Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8291b4eac429c480386669444c6377573f5d8664"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1abb20a5f4b02fb3020f88456fc1e6069b3cdc45"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f278ff9db67264715d0d50e3e75044f8b78990f4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c3198822c6cb9fb588e446540485669cc81c5d34"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"include/linux/skbuff.h",
"net/ipv4/esp4.c",
"net/ipv6/esp6.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8291b4eac429",
"status": "affected",
"version": "6a5bcd84e886",
"versionType": "git"
},
{
"lessThan": "1abb20a5f4b0",
"status": "affected",
"version": "6a5bcd84e886",
"versionType": "git"
},
{
"lessThan": "f278ff9db672",
"status": "affected",
"version": "6a5bcd84e886",
"versionType": "git"
},
{
"lessThan": "c3198822c6cb",
"status": "affected",
"version": "6a5bcd84e886",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"include/linux/skbuff.h",
"net/ipv4/esp4.c",
"net/ipv6/esp6.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.14"
},
{
"lessThan": "5.14",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: esp: fix bad handling of pages from page_pool\n\nWhen the skb is reorganized during esp_output (!esp-\u003einline), the pages\ncoming from the original skb fragments are supposed to be released back\nto the system through put_page. But if the skb fragment pages are\noriginating from a page_pool, calling put_page on them will trigger a\npage_pool leak which will eventually result in a crash.\n\nThis leak can be easily observed when using CONFIG_DEBUG_VM and doing\nipsec + gre (non offloaded) forwarding:\n\n BUG: Bad page state in process ksoftirqd/16 pfn:1451b6\n page:00000000de2b8d32 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1451b6000 pfn:0x1451b6\n flags: 0x200000000000000(node=0|zone=2)\n page_type: 0xffffffff()\n raw: 0200000000000000 dead000000000040 ffff88810d23c000 0000000000000000\n raw: 00000001451b6000 0000000000000001 00000000ffffffff 0000000000000000\n page dumped because: page_pool leak\n Modules linked in: ip_gre gre mlx5_ib mlx5_core xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink iptable_nat nf_nat xt_addrtype br_netfilter rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm ib_uverbs ib_core overlay zram zsmalloc fuse [last unloaded: mlx5_core]\n CPU: 16 PID: 96 Comm: ksoftirqd/16 Not tainted 6.8.0-rc4+ #22\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x36/0x50\n bad_page+0x70/0xf0\n free_unref_page_prepare+0x27a/0x460\n free_unref_page+0x38/0x120\n esp_ssg_unref.isra.0+0x15f/0x200\n esp_output_tail+0x66d/0x780\n esp_xmit+0x2c5/0x360\n validate_xmit_xfrm+0x313/0x370\n ? validate_xmit_skb+0x1d/0x330\n validate_xmit_skb_list+0x4c/0x70\n sch_direct_xmit+0x23e/0x350\n __dev_queue_xmit+0x337/0xba0\n ? nf_hook_slow+0x3f/0xd0\n ip_finish_output2+0x25e/0x580\n iptunnel_xmit+0x19b/0x240\n ip_tunnel_xmit+0x5fb/0xb60\n ipgre_xmit+0x14d/0x280 [ip_gre]\n dev_hard_start_xmit+0xc3/0x1c0\n __dev_queue_xmit+0x208/0xba0\n ? nf_hook_slow+0x3f/0xd0\n ip_finish_output2+0x1ca/0x580\n ip_sublist_rcv_finish+0x32/0x40\n ip_sublist_rcv+0x1b2/0x1f0\n ? ip_rcv_finish_core.constprop.0+0x460/0x460\n ip_list_rcv+0x103/0x130\n __netif_receive_skb_list_core+0x181/0x1e0\n netif_receive_skb_list_internal+0x1b3/0x2c0\n napi_gro_receive+0xc8/0x200\n gro_cell_poll+0x52/0x90\n __napi_poll+0x25/0x1a0\n net_rx_action+0x28e/0x300\n __do_softirq+0xc3/0x276\n ? sort_range+0x20/0x20\n run_ksoftirqd+0x1e/0x30\n smpboot_thread_fn+0xa6/0x130\n kthread+0xcd/0x100\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x31/0x50\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThe suggested fix is to introduce a new wrapper (skb_page_unref) that\ncovers page refcounting for page_pool pages as well."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:47.065Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8291b4eac429c480386669444c6377573f5d8664"
},
{
"url": "https://git.kernel.org/stable/c/1abb20a5f4b02fb3020f88456fc1e6069b3cdc45"
},
{
"url": "https://git.kernel.org/stable/c/f278ff9db67264715d0d50e3e75044f8b78990f4"
},
{
"url": "https://git.kernel.org/stable/c/c3198822c6cb9fb588e446540485669cc81c5d34"
}
],
"title": "net: esp: fix bad handling of pages from page_pool",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26953",
"datePublished": "2024-05-01T05:18:43.199Z",
"dateReserved": "2024-02-19T14:20:24.200Z",
"dateUpdated": "2024-08-02T00:21:05.778Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27033
Vulnerability from cvelistv5
Published
2024-05-01 12:53
Modified
2024-08-02 00:21
Severity
Summary
f2fs: fix to remove unnecessary f2fs_bug_on() to avoid panic
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27033",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T17:40:17.771817Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:45:41.346Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0386408036bfc8b50296d9e544ff91c4d52af2db"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6633cdc8b2ebefcddcfcdacfd063105e60f39a49"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/abe98a05e7162f64759bf9111108ebcb11322dec"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b896e302f79678451a94769ddd9e52e954c64fbb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/f2fs/f2fs.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0386408036bf",
"status": "affected",
"version": "18792e64c86d",
"versionType": "git"
},
{
"lessThan": "6633cdc8b2eb",
"status": "affected",
"version": "18792e64c86d",
"versionType": "git"
},
{
"lessThan": "abe98a05e716",
"status": "affected",
"version": "18792e64c86d",
"versionType": "git"
},
{
"lessThan": "b896e302f796",
"status": "affected",
"version": "18792e64c86d",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/f2fs/f2fs.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.2"
},
{
"lessThan": "6.2",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to remove unnecessary f2fs_bug_on() to avoid panic\n\nverify_blkaddr() will trigger panic once we inject fault into\nf2fs_is_valid_blkaddr(), fix to remove this unnecessary f2fs_bug_on()."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:22.368Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0386408036bfc8b50296d9e544ff91c4d52af2db"
},
{
"url": "https://git.kernel.org/stable/c/6633cdc8b2ebefcddcfcdacfd063105e60f39a49"
},
{
"url": "https://git.kernel.org/stable/c/abe98a05e7162f64759bf9111108ebcb11322dec"
},
{
"url": "https://git.kernel.org/stable/c/b896e302f79678451a94769ddd9e52e954c64fbb"
}
],
"title": "f2fs: fix to remove unnecessary f2fs_bug_on() to avoid panic",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27033",
"datePublished": "2024-05-01T12:53:36.254Z",
"dateReserved": "2024-02-19T14:20:24.211Z",
"dateUpdated": "2024-08-02T00:21:05.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-25742
Vulnerability from cvelistv5
Published
Modified
2024-08-16 16:22
Severity
Summary
In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This affects AMD SEV-SNP and AMD SEV-ES.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:05.760Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3008.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/e3ef461af35a8c74f2f4ce6616491ddb355a208f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e3ef461af35a8c74f2f4ce6616491ddb355a208f"
},
{
"tags": [
"x_transferred"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25742",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-20T14:09:31.331826Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-16T16:22:27.400Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This affects AMD SEV-SNP and AMD SEV-ES."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-17T21:19:48.853193",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3008.html"
},
{
"url": "https://github.com/torvalds/linux/commit/e3ef461af35a8c74f2f4ce6616491ddb355a208f"
},
{
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e3ef461af35a8c74f2f4ce6616491ddb355a208f"
},
{
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.9"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25742",
"dateUpdated": "2024-08-16T16:22:27.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27035
Vulnerability from cvelistv5
Published
2024-05-01 12:53
Modified
2024-08-02 00:21
Severity
Summary
f2fs: compress: fix to guarantee persisting compressed blocks by CP
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27035",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T17:40:14.613391Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:45:34.458Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.950Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e54cce8137258a550b49cae45d09e024821fb28d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/82704e598d7b33c7e45526e34d3c585426319bed"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c3311694b9bcced233548574d414c91d39214684"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/57e8b17d0522c8f4daf0c4d9969b4d7358033532"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8a430dd49e9cb021372b0ad91e60aeef9c6ced00"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/f2fs/compress.c",
"fs/f2fs/data.c",
"fs/f2fs/f2fs.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e54cce813725",
"status": "affected",
"version": "4c8ff7095bef",
"versionType": "git"
},
{
"lessThan": "82704e598d7b",
"status": "affected",
"version": "4c8ff7095bef",
"versionType": "git"
},
{
"lessThan": "c3311694b9bc",
"status": "affected",
"version": "4c8ff7095bef",
"versionType": "git"
},
{
"lessThan": "57e8b17d0522",
"status": "affected",
"version": "4c8ff7095bef",
"versionType": "git"
},
{
"lessThan": "8a430dd49e9c",
"status": "affected",
"version": "4c8ff7095bef",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/f2fs/compress.c",
"fs/f2fs/data.c",
"fs/f2fs/f2fs.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.6"
},
{
"lessThan": "5.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: compress: fix to guarantee persisting compressed blocks by CP\n\nIf data block in compressed cluster is not persisted with metadata\nduring checkpoint, after SPOR, the data may be corrupted, let\u0027s\nguarantee to write compressed page by checkpoint."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:24.395Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e54cce8137258a550b49cae45d09e024821fb28d"
},
{
"url": "https://git.kernel.org/stable/c/82704e598d7b33c7e45526e34d3c585426319bed"
},
{
"url": "https://git.kernel.org/stable/c/c3311694b9bcced233548574d414c91d39214684"
},
{
"url": "https://git.kernel.org/stable/c/57e8b17d0522c8f4daf0c4d9969b4d7358033532"
},
{
"url": "https://git.kernel.org/stable/c/8a430dd49e9cb021372b0ad91e60aeef9c6ced00"
}
],
"title": "f2fs: compress: fix to guarantee persisting compressed blocks by CP",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27035",
"datePublished": "2024-05-01T12:53:43.155Z",
"dateReserved": "2024-02-19T14:20:24.211Z",
"dateUpdated": "2024-08-02T00:21:05.950Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26969
Vulnerability from cvelistv5
Published
2024-05-01 05:19
Modified
2024-08-02 00:21
Severity
Summary
clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.840Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e117c6e2d1617520f5f7d7f6f6b395f01d8b5a27"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/83fe1bbd9e259ad109827ccfbfc2488e0dea8e94"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/851cc19bdb02556fb13629b3e4fef6f2bdb038fe"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9de184d4e557d550fb0b7b833b676bda4f269e4f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dd92b159c506804ac57adf3742d9728298bb1255"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b6b31b4c67ea6bd9222e5b73b330554c57f2f90d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fc3ac2fcd0a7fad63eba1b359490a4b81720d0f9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/be9e2752d823eca1d5af67014a1844a9176ff566"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1040ef5ed95d6fd2628bad387d78a61633e09429"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/clk/qcom/gcc-ipq8074.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e117c6e2d161",
"status": "affected",
"version": "9607f6224b39",
"versionType": "git"
},
{
"lessThan": "83fe1bbd9e25",
"status": "affected",
"version": "9607f6224b39",
"versionType": "git"
},
{
"lessThan": "851cc19bdb02",
"status": "affected",
"version": "9607f6224b39",
"versionType": "git"
},
{
"lessThan": "9de184d4e557",
"status": "affected",
"version": "9607f6224b39",
"versionType": "git"
},
{
"lessThan": "dd92b159c506",
"status": "affected",
"version": "9607f6224b39",
"versionType": "git"
},
{
"lessThan": "b6b31b4c67ea",
"status": "affected",
"version": "9607f6224b39",
"versionType": "git"
},
{
"lessThan": "fc3ac2fcd0a7",
"status": "affected",
"version": "9607f6224b39",
"versionType": "git"
},
{
"lessThan": "be9e2752d823",
"status": "affected",
"version": "9607f6224b39",
"versionType": "git"
},
{
"lessThan": "1040ef5ed95d",
"status": "affected",
"version": "9607f6224b39",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/clk/qcom/gcc-ipq8074.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.16"
},
{
"lessThan": "4.16",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.312",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.274",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-ipq8074: fix terminating of frequency table arrays\n\nThe frequency table arrays are supposed to be terminated with an\nempty element. Add such entry to the end of the arrays where it\nis missing in order to avoid possible out-of-bound access when\nthe table is traversed by functions like qcom_find_freq() or\nqcom_find_freq_floor().\n\nOnly compile tested."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:05.368Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e117c6e2d1617520f5f7d7f6f6b395f01d8b5a27"
},
{
"url": "https://git.kernel.org/stable/c/83fe1bbd9e259ad109827ccfbfc2488e0dea8e94"
},
{
"url": "https://git.kernel.org/stable/c/851cc19bdb02556fb13629b3e4fef6f2bdb038fe"
},
{
"url": "https://git.kernel.org/stable/c/9de184d4e557d550fb0b7b833b676bda4f269e4f"
},
{
"url": "https://git.kernel.org/stable/c/dd92b159c506804ac57adf3742d9728298bb1255"
},
{
"url": "https://git.kernel.org/stable/c/b6b31b4c67ea6bd9222e5b73b330554c57f2f90d"
},
{
"url": "https://git.kernel.org/stable/c/fc3ac2fcd0a7fad63eba1b359490a4b81720d0f9"
},
{
"url": "https://git.kernel.org/stable/c/be9e2752d823eca1d5af67014a1844a9176ff566"
},
{
"url": "https://git.kernel.org/stable/c/1040ef5ed95d6fd2628bad387d78a61633e09429"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26969",
"datePublished": "2024-05-01T05:19:50.580Z",
"dateReserved": "2024-02-19T14:20:24.202Z",
"dateUpdated": "2024-08-02T00:21:05.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26942
Vulnerability from cvelistv5
Published
2024-05-01 05:17
Modified
2024-08-02 00:21
Severity
Summary
net: phy: qcom: at803x: fix kernel panic with at8031_probe
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "25d2ba94005f"
}
]
},
{
"cpes": [
"cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "6.8"
}
]
},
{
"cpes": [
"cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unknown",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unknown",
"version": "6.8.3"
}
]
},
{
"cpes": [
"cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unknown",
"version": "6.9"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-26942",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-16T17:56:48.480091Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:49:33.611Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a8a296ad9957b845b89bcf48be1cf8c74875ecc3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6a4aee277740d04ac0fd54cfa17cc28261932ddc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/phy/qcom/at803x.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a8a296ad9957",
"status": "affected",
"version": "25d2ba94005f",
"versionType": "git"
},
{
"lessThan": "6a4aee277740",
"status": "affected",
"version": "25d2ba94005f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/phy/qcom/at803x.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: qcom: at803x: fix kernel panic with at8031_probe\n\nOn reworking and splitting the at803x driver, in splitting function of\nat803x PHYs it was added a NULL dereference bug where priv is referenced\nbefore it\u0027s actually allocated and then is tried to write to for the\nis_1000basex and is_fiber variables in the case of at8031, writing on\nthe wrong address.\n\nFix this by correctly setting priv local variable only after\nat803x_probe is called and actually allocates priv in the phydev struct."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:35.303Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a8a296ad9957b845b89bcf48be1cf8c74875ecc3"
},
{
"url": "https://git.kernel.org/stable/c/6a4aee277740d04ac0fd54cfa17cc28261932ddc"
}
],
"title": "net: phy: qcom: at803x: fix kernel panic with at8031_probe",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26942",
"datePublished": "2024-05-01T05:17:56.555Z",
"dateReserved": "2024-02-19T14:20:24.197Z",
"dateUpdated": "2024-08-02T00:21:05.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27047
Vulnerability from cvelistv5
Published
2024-05-01 12:54
Modified
2024-08-02 00:21
Severity
Summary
net: phy: fix phy_get_internal_delay accessing an empty array
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27047",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-09T18:38:46.768621Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:21:42.449Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/06dd21045a7e8bc8701b0ebedcd9a30a6325878b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0e939a002c8a7d66e60bd0ea6b281fb39d713c1a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2a2ff709511617de9c6c072eeee82bcbbdfecaf8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/589ec16174dd9378953b8232ae76fad0a96e1563"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c0691de7df1d51482a52cac93b7fe82fd9dd296b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0307cf443308ecc6be9b2ca312bb31bae5e5a7ad"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4469c0c5b14a0919f5965c7ceac96b523eb57b79"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/phy/phy_device.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "06dd21045a7e",
"status": "affected",
"version": "92252eec913b",
"versionType": "git"
},
{
"lessThan": "0e939a002c8a",
"status": "affected",
"version": "92252eec913b",
"versionType": "git"
},
{
"lessThan": "2a2ff7095116",
"status": "affected",
"version": "92252eec913b",
"versionType": "git"
},
{
"lessThan": "589ec16174dd",
"status": "affected",
"version": "92252eec913b",
"versionType": "git"
},
{
"lessThan": "c0691de7df1d",
"status": "affected",
"version": "92252eec913b",
"versionType": "git"
},
{
"lessThan": "0307cf443308",
"status": "affected",
"version": "92252eec913b",
"versionType": "git"
},
{
"lessThan": "4469c0c5b14a",
"status": "affected",
"version": "92252eec913b",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/phy/phy_device.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.9"
},
{
"lessThan": "5.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: fix phy_get_internal_delay accessing an empty array\n\nThe phy_get_internal_delay function could try to access to an empty\narray in the case that the driver is calling phy_get_internal_delay\nwithout defining delay_values and rx-internal-delay-ps or\ntx-internal-delay-ps is defined to 0 in the device-tree.\nThis will lead to \"unable to handle kernel NULL pointer dereference at\nvirtual address 0\". To avoid this kernel oops, the test should be delay\n\u003e= 0. As there is already delay \u003c 0 test just before, the test could\nonly be size == 0."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:36.645Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/06dd21045a7e8bc8701b0ebedcd9a30a6325878b"
},
{
"url": "https://git.kernel.org/stable/c/0e939a002c8a7d66e60bd0ea6b281fb39d713c1a"
},
{
"url": "https://git.kernel.org/stable/c/2a2ff709511617de9c6c072eeee82bcbbdfecaf8"
},
{
"url": "https://git.kernel.org/stable/c/589ec16174dd9378953b8232ae76fad0a96e1563"
},
{
"url": "https://git.kernel.org/stable/c/c0691de7df1d51482a52cac93b7fe82fd9dd296b"
},
{
"url": "https://git.kernel.org/stable/c/0307cf443308ecc6be9b2ca312bb31bae5e5a7ad"
},
{
"url": "https://git.kernel.org/stable/c/4469c0c5b14a0919f5965c7ceac96b523eb57b79"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "net: phy: fix phy_get_internal_delay accessing an empty array",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27047",
"datePublished": "2024-05-01T12:54:25.156Z",
"dateReserved": "2024-02-19T14:20:24.213Z",
"dateUpdated": "2024-08-02T00:21:05.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27057
Vulnerability from cvelistv5
Published
2024-05-01 12:54
Modified
2024-08-02 00:21
Severity
Summary
ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.891Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3cac6eebea9b4bc5f041e157e45c76e212ad6759"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d153e8b154f9746ac969c85a4e6474760453647c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c40aad7c81e5fba34b70123ed7ce3397fa62a4d2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"sound/soc/sof/ipc4-pcm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3cac6eebea9b",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "d153e8b154f9",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "c40aad7c81e5",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"sound/soc/sof/ipc4-pcm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend\n\nWhen the system is suspended while audio is active, the\nsof_ipc4_pcm_hw_free() is invoked to reset the pipelines since during\nsuspend the DSP is turned off, streams will be re-started after resume.\n\nIf the firmware crashes during while audio is running (or when we reset\nthe stream before suspend) then the sof_ipc4_set_multi_pipeline_state()\nwill fail with IPC error and the state change is interrupted.\nThis will cause misalignment between the kernel and firmware state on next\nDSP boot resulting errors returned by firmware for IPC messages, eventually\nfailing the audio resume.\nOn stream close the errors are ignored so the kernel state will be\ncorrected on the next DSP boot, so the second boot after the DSP panic.\n\nIf sof_ipc4_trigger_pipelines() is called from sof_ipc4_pcm_hw_free() then\nstate parameter is SOF_IPC4_PIPE_RESET and only in this case.\n\nTreat a forced pipeline reset similarly to how we treat a pcm_free by\nignoring error on state sending to allow the kernel\u0027s state to be\nconsistent with the state the firmware will have after the next boot."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:47.518Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3cac6eebea9b4bc5f041e157e45c76e212ad6759"
},
{
"url": "https://git.kernel.org/stable/c/d153e8b154f9746ac969c85a4e6474760453647c"
},
{
"url": "https://git.kernel.org/stable/c/c40aad7c81e5fba34b70123ed7ce3397fa62a4d2"
}
],
"title": "ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27057",
"datePublished": "2024-05-01T12:54:59.859Z",
"dateReserved": "2024-02-19T14:20:24.214Z",
"dateUpdated": "2024-08-02T00:21:05.891Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26932
Vulnerability from cvelistv5
Published
2024-05-01 05:17
Modified
2024-08-02 00:21
Severity
Summary
usb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd()
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "cd099cde4ed2"
}
]
},
{
"cpes": [
"cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "6.8"
}
]
},
{
"cpes": [
"cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unknown",
"version": "0"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unknown",
"version": "6.8.3"
}
]
},
{
"cpes": [
"cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unknown",
"version": "6.9"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-26932",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-16T17:47:41.356254Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-415",
"description": "CWE-415 Double Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:49:03.852Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/242e425ed580b2f4dbcb86c8fc03a410a4084a69"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b63f90487bdf93a4223ce7853d14717e9d452856"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/usb/typec/tcpm/tcpm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "242e425ed580",
"status": "affected",
"version": "cd099cde4ed2",
"versionType": "git"
},
{
"lessThan": "b63f90487bdf",
"status": "affected",
"version": "cd099cde4ed2",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/usb/typec/tcpm/tcpm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd()\n\nWhen unregister pd capabilitie in tcpm, KASAN will capture below double\n-free issue. The root cause is the same capabilitiy will be kfreed twice,\nthe first time is kfreed by pd_capabilities_release() and the second time\nis explicitly kfreed by tcpm_port_unregister_pd().\n\n[ 3.988059] BUG: KASAN: double-free in tcpm_port_unregister_pd+0x1a4/0x3dc\n[ 3.995001] Free of addr ffff0008164d3000 by task kworker/u16:0/10\n[ 4.001206]\n[ 4.002712] CPU: 2 PID: 10 Comm: kworker/u16:0 Not tainted 6.8.0-rc5-next-20240220-05616-g52728c567a55 #53\n[ 4.012402] Hardware name: Freescale i.MX8QXP MEK (DT)\n[ 4.017569] Workqueue: events_unbound deferred_probe_work_func\n[ 4.023456] Call trace:\n[ 4.025920] dump_backtrace+0x94/0xec\n[ 4.029629] show_stack+0x18/0x24\n[ 4.032974] dump_stack_lvl+0x78/0x90\n[ 4.036675] print_report+0xfc/0x5c0\n[ 4.040289] kasan_report_invalid_free+0xa0/0xc0\n[ 4.044937] __kasan_slab_free+0x124/0x154\n[ 4.049072] kfree+0xb4/0x1e8\n[ 4.052069] tcpm_port_unregister_pd+0x1a4/0x3dc\n[ 4.056725] tcpm_register_port+0x1dd0/0x2558\n[ 4.061121] tcpci_register_port+0x420/0x71c\n[ 4.065430] tcpci_probe+0x118/0x2e0\n\nTo fix the issue, this will remove kree() from tcpm_port_unregister_pd()."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:14.972Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/242e425ed580b2f4dbcb86c8fc03a410a4084a69"
},
{
"url": "https://git.kernel.org/stable/c/b63f90487bdf93a4223ce7853d14717e9d452856"
}
],
"title": "usb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26932",
"datePublished": "2024-05-01T05:17:19.129Z",
"dateReserved": "2024-02-19T14:20:24.195Z",
"dateUpdated": "2024-08-02T00:21:05.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26991
Vulnerability from cvelistv5
Published
2024-05-01 05:27
Modified
2024-08-02 00:21
Severity
Summary
KVM: x86/mmu: x86: Don't overflow lpage_info when checking attributes
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26991",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T18:48:18.659568Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T18:48:36.875Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.801Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/048cc4a028e635d339687ed968985d2d1669494c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/992b54bd083c5bee24ff7cc35991388ab08598c4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/x86/kvm/mmu/mmu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "048cc4a028e6",
"status": "affected",
"version": "90b4fe17981e",
"versionType": "git"
},
{
"lessThan": "992b54bd083c",
"status": "affected",
"version": "90b4fe17981e",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/x86/kvm/mmu/mmu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/mmu: x86: Don\u0027t overflow lpage_info when checking attributes\n\nFix KVM_SET_MEMORY_ATTRIBUTES to not overflow lpage_info array and trigger\nKASAN splat, as seen in the private_mem_conversions_test selftest.\n\nWhen memory attributes are set on a GFN range, that range will have\nspecific properties applied to the TDP. A huge page cannot be used when\nthe attributes are inconsistent, so they are disabled for those the\nspecific huge pages. For internal KVM reasons, huge pages are also not\nallowed to span adjacent memslots regardless of whether the backing memory\ncould be mapped as huge.\n\nWhat GFNs support which huge page sizes is tracked by an array of arrays\n\u0027lpage_info\u0027 on the memslot, of \u2018kvm_lpage_info\u2019 structs. Each index of\nlpage_info contains a vmalloc allocated array of these for a specific\nsupported page size. The kvm_lpage_info denotes whether a specific huge\npage (GFN and page size) on the memslot is supported. These arrays include\nindices for unaligned head and tail huge pages.\n\nPreventing huge pages from spanning adjacent memslot is covered by\nincrementing the count in head and tail kvm_lpage_info when the memslot is\nallocated, but disallowing huge pages for memory that has mixed attributes\nhas to be done in a more complicated way. During the\nKVM_SET_MEMORY_ATTRIBUTES ioctl KVM updates lpage_info for each memslot in\nthe range that has mismatched attributes. KVM does this a memslot at a\ntime, and marks a special bit, KVM_LPAGE_MIXED_FLAG, in the kvm_lpage_info\nfor any huge page. This bit is essentially a permanently elevated count.\nSo huge pages will not be mapped for the GFN at that page size if the\ncount is elevated in either case: a huge head or tail page unaligned to\nthe memslot or if KVM_LPAGE_MIXED_FLAG is set because it has mixed\nattributes.\n\nTo determine whether a huge page has consistent attributes, the\nKVM_SET_MEMORY_ATTRIBUTES operation checks an xarray to make sure it\nconsistently has the incoming attribute. Since level - 1 huge pages are\naligned to level huge pages, it employs an optimization. As long as the\nlevel - 1 huge pages are checked first, it can just check these and assume\nthat if each level - 1 huge page contained within the level sized huge\npage is not mixed, then the level size huge page is not mixed. This\noptimization happens in the helper hugepage_has_attrs().\n\nUnfortunately, although the kvm_lpage_info array representing page size\n\u0027level\u0027 will contain an entry for an unaligned tail page of size level,\nthe array for level - 1 will not contain an entry for each GFN at page\nsize level. The level - 1 array will only contain an index for any\nunaligned region covered by level - 1 huge page size, which can be a\nsmaller region. So this causes the optimization to overflow the level - 1\nkvm_lpage_info and perform a vmalloc out of bounds read.\n\nIn some cases of head and tail pages where an overflow could happen,\ncallers skip the operation completely as KVM_LPAGE_MIXED_FLAG is not\nrequired to prevent huge pages as discussed earlier. But for memslots that\nare smaller than the 1GB page size, it does call hugepage_has_attrs(). In\nthis case the huge page is both the head and tail page. The issue can be\nobserved simply by compiling the kernel with CONFIG_KASAN_VMALLOC and\nrunning the selftest \u201cprivate_mem_conversions_test\u201d, which produces the\noutput like the following:\n\nBUG: KASAN: vmalloc-out-of-bounds in hugepage_has_attrs+0x7e/0x110\nRead of size 4 at addr ffffc900000a3008 by task private_mem_con/169\nCall Trace:\n dump_stack_lvl\n print_report\n ? __virt_addr_valid\n ? hugepage_has_attrs\n ? hugepage_has_attrs\n kasan_report\n ? hugepage_has_attrs\n hugepage_has_attrs\n kvm_arch_post_set_memory_attributes\n kvm_vm_ioctl\n\nIt is a little ambiguous whether the unaligned head page (in the bug case\nalso the tail page) should be expected to have KVM_LPAGE_MIXED_FLAG set.\nIt is not functionally required, as the unal\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:33.536Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/048cc4a028e635d339687ed968985d2d1669494c"
},
{
"url": "https://git.kernel.org/stable/c/992b54bd083c5bee24ff7cc35991388ab08598c4"
}
],
"title": "KVM: x86/mmu: x86: Don\u0027t overflow lpage_info when checking attributes",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26991",
"datePublished": "2024-05-01T05:27:53.427Z",
"dateReserved": "2024-02-19T14:20:24.205Z",
"dateUpdated": "2024-08-02T00:21:05.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26990
Vulnerability from cvelistv5
Published
2024-05-01 05:27
Modified
2024-08-02 00:21
Severity
Summary
KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26990",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T20:04:24.835393Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T20:04:34.681Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.915Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cdf811a937471af2d1facdf8ae80e5e68096f1ed"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e20bff0f1b2de9cfe303dd35ff46470104a87404"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2673dfb591a359c75080dd5af3da484b89320d22"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/x86/kvm/mmu/tdp_mmu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "cdf811a93747",
"status": "affected",
"version": "5982a5392663",
"versionType": "git"
},
{
"lessThan": "e20bff0f1b2d",
"status": "affected",
"version": "5982a5392663",
"versionType": "git"
},
{
"lessThan": "2673dfb591a3",
"status": "affected",
"version": "5982a5392663",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/x86/kvm/mmu/tdp_mmu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"lessThan": "6.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status\n\nCheck kvm_mmu_page_ad_need_write_protect() when deciding whether to\nwrite-protect or clear D-bits on TDP MMU SPTEs, so that the TDP MMU\naccounts for any role-specific reasons for disabling D-bit dirty logging.\n\nSpecifically, TDP MMU SPTEs must be write-protected when the TDP MMU is\nbeing used to run an L2 (i.e. L1 has disabled EPT) and PML is enabled.\nKVM always disables PML when running L2, even when L1 and L2 GPAs are in\nthe some domain, so failing to write-protect TDP MMU SPTEs will cause\nwrites made by L2 to not be reflected in the dirty log.\n\n[sean: massage shortlog and changelog, tweak ternary op formatting]"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:32.090Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/cdf811a937471af2d1facdf8ae80e5e68096f1ed"
},
{
"url": "https://git.kernel.org/stable/c/e20bff0f1b2de9cfe303dd35ff46470104a87404"
},
{
"url": "https://git.kernel.org/stable/c/2673dfb591a359c75080dd5af3da484b89320d22"
}
],
"title": "KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26990",
"datePublished": "2024-05-01T05:27:48.810Z",
"dateReserved": "2024-02-19T14:20:24.205Z",
"dateUpdated": "2024-08-02T00:21:05.915Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27012
Vulnerability from cvelistv5
Published
2024-05-01 05:29
Modified
2024-08-02 00:21
Severity
Summary
netfilter: nf_tables: restore set elements when delete set fails
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27012",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T18:56:10.473492Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T18:56:19.427Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.873Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/86658fc7414d4b9e25c2699d751034537503d637"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e79b47a8615d42c68aaeb68971593333667382ed"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/netfilter/nf_tables_api.c",
"net/netfilter/nft_set_bitmap.c",
"net/netfilter/nft_set_hash.c",
"net/netfilter/nft_set_pipapo.c",
"net/netfilter/nft_set_rbtree.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "86658fc7414d",
"status": "affected",
"version": "628bd3e49cba",
"versionType": "git"
},
{
"lessThan": "e79b47a8615d",
"status": "affected",
"version": "628bd3e49cba",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/netfilter/nf_tables_api.c",
"net/netfilter/nft_set_bitmap.c",
"net/netfilter/nft_set_hash.c",
"net/netfilter/nft_set_pipapo.c",
"net/netfilter/nft_set_rbtree.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"lessThan": "6.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: restore set elements when delete set fails\n\nFrom abort path, nft_mapelem_activate() needs to restore refcounters to\nthe original state. Currently, it uses the set-\u003eops-\u003ewalk() to iterate\nover these set elements. The existing set iterator skips inactive\nelements in the next generation, this does not work from the abort path\nto restore the original state since it has to skip active elements\ninstead (not inactive ones).\n\nThis patch moves the check for inactive elements to the set iterator\ncallback, then it reverses the logic for the .activate case which\nneeds to skip active elements.\n\nToggle next generation bit for elements when delete set command is\ninvoked and call nft_clear() from .activate (abort) path to restore the\nnext generation bit.\n\nThe splat below shows an object in mappings memleak:\n\n[43929.457523] ------------[ cut here ]------------\n[43929.457532] WARNING: CPU: 0 PID: 1139 at include/net/netfilter/nf_tables.h:1237 nft_setelem_data_deactivate+0xe4/0xf0 [nf_tables]\n[...]\n[43929.458014] RIP: 0010:nft_setelem_data_deactivate+0xe4/0xf0 [nf_tables]\n[43929.458076] Code: 83 f8 01 77 ab 49 8d 7c 24 08 e8 37 5e d0 de 49 8b 6c 24 08 48 8d 7d 50 e8 e9 5c d0 de 8b 45 50 8d 50 ff 89 55 50 85 c0 75 86 \u003c0f\u003e 0b eb 82 0f 0b eb b3 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90\n[43929.458081] RSP: 0018:ffff888140f9f4b0 EFLAGS: 00010246\n[43929.458086] RAX: 0000000000000000 RBX: ffff8881434f5288 RCX: dffffc0000000000\n[43929.458090] RDX: 00000000ffffffff RSI: ffffffffa26d28a7 RDI: ffff88810ecc9550\n[43929.458093] RBP: ffff88810ecc9500 R08: 0000000000000001 R09: ffffed10281f3e8f\n[43929.458096] R10: 0000000000000003 R11: ffff0000ffff0000 R12: ffff8881434f52a0\n[43929.458100] R13: ffff888140f9f5f4 R14: ffff888151c7a800 R15: 0000000000000002\n[43929.458103] FS: 00007f0c687c4740(0000) GS:ffff888390800000(0000) knlGS:0000000000000000\n[43929.458107] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[43929.458111] CR2: 00007f58dbe5b008 CR3: 0000000123602005 CR4: 00000000001706f0\n[43929.458114] Call Trace:\n[43929.458118] \u003cTASK\u003e\n[43929.458121] ? __warn+0x9f/0x1a0\n[43929.458127] ? nft_setelem_data_deactivate+0xe4/0xf0 [nf_tables]\n[43929.458188] ? report_bug+0x1b1/0x1e0\n[43929.458196] ? handle_bug+0x3c/0x70\n[43929.458200] ? exc_invalid_op+0x17/0x40\n[43929.458211] ? nft_setelem_data_deactivate+0xd7/0xf0 [nf_tables]\n[43929.458271] ? nft_setelem_data_deactivate+0xe4/0xf0 [nf_tables]\n[43929.458332] nft_mapelem_deactivate+0x24/0x30 [nf_tables]\n[43929.458392] nft_rhash_walk+0xdd/0x180 [nf_tables]\n[43929.458453] ? __pfx_nft_rhash_walk+0x10/0x10 [nf_tables]\n[43929.458512] ? rb_insert_color+0x2e/0x280\n[43929.458520] nft_map_deactivate+0xdc/0x1e0 [nf_tables]\n[43929.458582] ? __pfx_nft_map_deactivate+0x10/0x10 [nf_tables]\n[43929.458642] ? __pfx_nft_mapelem_deactivate+0x10/0x10 [nf_tables]\n[43929.458701] ? __rcu_read_unlock+0x46/0x70\n[43929.458709] nft_delset+0xff/0x110 [nf_tables]\n[43929.458769] nft_flush_table+0x16f/0x460 [nf_tables]\n[43929.458830] nf_tables_deltable+0x501/0x580 [nf_tables]"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:00.450Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/86658fc7414d4b9e25c2699d751034537503d637"
},
{
"url": "https://git.kernel.org/stable/c/e79b47a8615d42c68aaeb68971593333667382ed"
}
],
"title": "netfilter: nf_tables: restore set elements when delete set fails",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27012",
"datePublished": "2024-05-01T05:29:37.765Z",
"dateReserved": "2024-02-19T14:20:24.208Z",
"dateUpdated": "2024-08-02T00:21:05.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26987
Vulnerability from cvelistv5
Published
2024-05-01 05:27
Modified
2024-08-02 00:21
Severity
Summary
mm/memory-failure: fix deadlock when hugetlb_optimize_vmemmap is enabled
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26987",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T17:40:46.496934Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:46:47.510Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.908Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5ef7ba2799a3b5ed292b8f6407376e2c25ef002e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/882e1180c83f5b75bae03d0ccc31ccedfe5159de"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/49955b24002dc16a0ae2e83a57a2a6c863a1845c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1983184c22dd84a4d95a71e5c6775c2638557dc7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"mm/memory-failure.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5ef7ba2799a3",
"status": "affected",
"version": "a6b40850c442",
"versionType": "git"
},
{
"lessThan": "882e1180c83f",
"status": "affected",
"version": "a6b40850c442",
"versionType": "git"
},
{
"lessThan": "49955b24002d",
"status": "affected",
"version": "a6b40850c442",
"versionType": "git"
},
{
"lessThan": "1983184c22dd",
"status": "affected",
"version": "a6b40850c442",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"mm/memory-failure.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.18"
},
{
"lessThan": "5.18",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/memory-failure: fix deadlock when hugetlb_optimize_vmemmap is enabled\n\nWhen I did hard offline test with hugetlb pages, below deadlock occurs:\n\n======================================================\nWARNING: possible circular locking dependency detected\n6.8.0-11409-gf6cef5f8c37f #1 Not tainted\n------------------------------------------------------\nbash/46904 is trying to acquire lock:\nffffffffabe68910 (cpu_hotplug_lock){++++}-{0:0}, at: static_key_slow_dec+0x16/0x60\n\nbut task is already holding lock:\nffffffffabf92ea8 (pcp_batch_high_lock){+.+.}-{3:3}, at: zone_pcp_disable+0x16/0x40\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #1 (pcp_batch_high_lock){+.+.}-{3:3}:\n __mutex_lock+0x6c/0x770\n page_alloc_cpu_online+0x3c/0x70\n cpuhp_invoke_callback+0x397/0x5f0\n __cpuhp_invoke_callback_range+0x71/0xe0\n _cpu_up+0xeb/0x210\n cpu_up+0x91/0xe0\n cpuhp_bringup_mask+0x49/0xb0\n bringup_nonboot_cpus+0xb7/0xe0\n smp_init+0x25/0xa0\n kernel_init_freeable+0x15f/0x3e0\n kernel_init+0x15/0x1b0\n ret_from_fork+0x2f/0x50\n ret_from_fork_asm+0x1a/0x30\n\n-\u003e #0 (cpu_hotplug_lock){++++}-{0:0}:\n __lock_acquire+0x1298/0x1cd0\n lock_acquire+0xc0/0x2b0\n cpus_read_lock+0x2a/0xc0\n static_key_slow_dec+0x16/0x60\n __hugetlb_vmemmap_restore_folio+0x1b9/0x200\n dissolve_free_huge_page+0x211/0x260\n __page_handle_poison+0x45/0xc0\n memory_failure+0x65e/0xc70\n hard_offline_page_store+0x55/0xa0\n kernfs_fop_write_iter+0x12c/0x1d0\n vfs_write+0x387/0x550\n ksys_write+0x64/0xe0\n do_syscall_64+0xca/0x1e0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nother info that might help us debug this:\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(pcp_batch_high_lock);\n lock(cpu_hotplug_lock);\n lock(pcp_batch_high_lock);\n rlock(cpu_hotplug_lock);\n\n *** DEADLOCK ***\n\n5 locks held by bash/46904:\n #0: ffff98f6c3bb23f0 (sb_writers#5){.+.+}-{0:0}, at: ksys_write+0x64/0xe0\n #1: ffff98f6c328e488 (\u0026of-\u003emutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0xf8/0x1d0\n #2: ffff98ef83b31890 (kn-\u003eactive#113){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x100/0x1d0\n #3: ffffffffabf9db48 (mf_mutex){+.+.}-{3:3}, at: memory_failure+0x44/0xc70\n #4: ffffffffabf92ea8 (pcp_batch_high_lock){+.+.}-{3:3}, at: zone_pcp_disable+0x16/0x40\n\nstack backtrace:\nCPU: 10 PID: 46904 Comm: bash Kdump: loaded Not tainted 6.8.0-11409-gf6cef5f8c37f #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x68/0xa0\n check_noncircular+0x129/0x140\n __lock_acquire+0x1298/0x1cd0\n lock_acquire+0xc0/0x2b0\n cpus_read_lock+0x2a/0xc0\n static_key_slow_dec+0x16/0x60\n __hugetlb_vmemmap_restore_folio+0x1b9/0x200\n dissolve_free_huge_page+0x211/0x260\n __page_handle_poison+0x45/0xc0\n memory_failure+0x65e/0xc70\n hard_offline_page_store+0x55/0xa0\n kernfs_fop_write_iter+0x12c/0x1d0\n vfs_write+0x387/0x550\n ksys_write+0x64/0xe0\n do_syscall_64+0xca/0x1e0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\nRIP: 0033:0x7fc862314887\nCode: 10 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 48 89 54 24 18 48 89 74 24\nRSP: 002b:00007fff19311268 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007fc862314887\nRDX: 000000000000000c RSI: 000056405645fe10 RDI: 0000000000000001\nRBP: 000056405645fe10 R08: 00007fc8623d1460 R09: 000000007fffffff\nR10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c\nR13: 00007fc86241b780 R14: 00007fc862417600 R15: 00007fc862416a00\n\nIn short, below scene breaks the \n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:28.522Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/5ef7ba2799a3b5ed292b8f6407376e2c25ef002e"
},
{
"url": "https://git.kernel.org/stable/c/882e1180c83f5b75bae03d0ccc31ccedfe5159de"
},
{
"url": "https://git.kernel.org/stable/c/49955b24002dc16a0ae2e83a57a2a6c863a1845c"
},
{
"url": "https://git.kernel.org/stable/c/1983184c22dd84a4d95a71e5c6775c2638557dc7"
}
],
"title": "mm/memory-failure: fix deadlock when hugetlb_optimize_vmemmap is enabled",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26987",
"datePublished": "2024-05-01T05:27:34.523Z",
"dateReserved": "2024-02-19T14:20:24.205Z",
"dateUpdated": "2024-08-02T00:21:05.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27041
Vulnerability from cvelistv5
Published
2024-05-01 12:54
Modified
2024-08-08 15:08
Severity
Summary
drm/amd/display: fix NULL checks for adev->dm.dc in amdgpu_dm_fini()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e040f1fbe9abae91b12b074cfc3bbb5367b79811"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ca2eb375db76fd50f31afdd67d6ca4f833254957"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1c62697e4086de988b31124fb8c79c244ea05f2b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2a3cfb9a24a28da9cc13d2c525a76548865e182c"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27041",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-24T14:44:31.681685Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T15:08:16.049Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e040f1fbe9ab",
"status": "affected",
"version": "81927e2808be",
"versionType": "git"
},
{
"lessThan": "ca2eb375db76",
"status": "affected",
"version": "81927e2808be",
"versionType": "git"
},
{
"lessThan": "1c62697e4086",
"status": "affected",
"version": "81927e2808be",
"versionType": "git"
},
{
"lessThan": "2a3cfb9a24a2",
"status": "affected",
"version": "81927e2808be",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.14"
},
{
"lessThan": "5.14",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix NULL checks for adev-\u003edm.dc in amdgpu_dm_fini()\n\nSince \u0027adev-\u003edm.dc\u0027 in amdgpu_dm_fini() might turn out to be NULL\nbefore the call to dc_enable_dmub_notifications(), check\nbeforehand to ensure there will not be a possible NULL-ptr-deref\nthere.\n\nAlso, since commit 1e88eb1b2c25 (\"drm/amd/display: Drop\nCONFIG_DRM_AMD_DC_HDCP\") there are two separate checks for NULL in\n\u0027adev-\u003edm.dc\u0027 before dc_deinit_callbacks() and dc_dmub_srv_destroy().\nClean up by combining them all under one \u0027if\u0027.\n\nFound by Linux Verification Center (linuxtesting.org) with static\nanalysis tool SVACE."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:30.556Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e040f1fbe9abae91b12b074cfc3bbb5367b79811"
},
{
"url": "https://git.kernel.org/stable/c/ca2eb375db76fd50f31afdd67d6ca4f833254957"
},
{
"url": "https://git.kernel.org/stable/c/1c62697e4086de988b31124fb8c79c244ea05f2b"
},
{
"url": "https://git.kernel.org/stable/c/2a3cfb9a24a28da9cc13d2c525a76548865e182c"
}
],
"title": "drm/amd/display: fix NULL checks for adev-\u003edm.dc in amdgpu_dm_fini()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27041",
"datePublished": "2024-05-01T12:54:04.111Z",
"dateReserved": "2024-02-19T14:20:24.212Z",
"dateUpdated": "2024-08-08T15:08:16.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26935
Vulnerability from cvelistv5
Published
2024-05-01 05:17
Modified
2024-08-02 00:21
Severity
Summary
scsi: core: Fix unremoved procfs host directory regression
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26935",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T14:41:52.902192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T14:42:04.057Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.717Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0053f15d50d50c9312d8ab9c11e2e405812dfcac"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5c2386ba80e779a92ec3bb64ccadbedd88f779b1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cea234bb214b17d004dfdccce4491e6ff57c96ee"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3678cf67ff7136db1dd3bf63c361650db5d92889"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d4c34782b6d7b1e68d18d9549451b19433bd4c6c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e293c773c13b830cdc251f155df2254981abc320"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f4ff08fab66eb5c0b97e1a24edac052fb40bf5d7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f23a4d6e07570826fe95023ca1aa96a011fa9f84"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/scsi/hosts.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0053f15d50d5",
"status": "affected",
"version": "88c3d3bb6469",
"versionType": "git"
},
{
"lessThan": "5c2386ba80e7",
"status": "affected",
"version": "68c665bb1850",
"versionType": "git"
},
{
"lessThan": "cea234bb214b",
"status": "affected",
"version": "2a764d55e938",
"versionType": "git"
},
{
"lessThan": "3678cf67ff71",
"status": "affected",
"version": "7e0ae8667fcd",
"versionType": "git"
},
{
"lessThan": "d4c34782b6d7",
"status": "affected",
"version": "be03df3d4bfe",
"versionType": "git"
},
{
"lessThan": "e293c773c13b",
"status": "affected",
"version": "be03df3d4bfe",
"versionType": "git"
},
{
"lessThan": "f4ff08fab66e",
"status": "affected",
"version": "be03df3d4bfe",
"versionType": "git"
},
{
"lessThan": "f23a4d6e0757",
"status": "affected",
"version": "be03df3d4bfe",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/scsi/hosts.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.3"
},
{
"lessThan": "6.3",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.274",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix unremoved procfs host directory regression\n\nCommit fc663711b944 (\"scsi: core: Remove the /proc/scsi/${proc_name}\ndirectory earlier\") fixed a bug related to modules loading/unloading, by\nadding a call to scsi_proc_hostdir_rm() on scsi_remove_host(). But that led\nto a potential duplicate call to the hostdir_rm() routine, since it\u0027s also\ncalled from scsi_host_dev_release(). That triggered a regression report,\nwhich was then fixed by commit be03df3d4bfe (\"scsi: core: Fix a procfs host\ndirectory removal regression\"). The fix just dropped the hostdir_rm() call\nfrom dev_release().\n\nBut it happens that this proc directory is created on scsi_host_alloc(),\nand that function \"pairs\" with scsi_host_dev_release(), while\nscsi_remove_host() pairs with scsi_add_host(). In other words, it seems the\nreason for removing the proc directory on dev_release() was meant to cover\ncases in which a SCSI host structure was allocated, but the call to\nscsi_add_host() didn\u0027t happen. And that pattern happens to exist in some\nerror paths, for example.\n\nSyzkaller causes that by using USB raw gadget device, error\u0027ing on\nusb-storage driver, at usb_stor_probe2(). By checking that path, we can see\nthat the BadDevice label leads to a scsi_host_put() after a SCSI host\nallocation, but there\u0027s no call to scsi_add_host() in such path. That leads\nto messages like this in dmesg (and a leak of the SCSI host proc\nstructure):\n\nusb-storage 4-1:87.51: USB Mass Storage device detected\nproc_dir_entry \u0027scsi/usb-storage\u0027 already registered\nWARNING: CPU: 1 PID: 3519 at fs/proc/generic.c:377 proc_register+0x347/0x4e0 fs/proc/generic.c:376\n\nThe proper fix seems to still call scsi_proc_hostdir_rm() on dev_release(),\nbut guard that with the state check for SHOST_CREATED; there is even a\ncomment in scsi_host_dev_release() detailing that: such conditional is\nmeant for cases where the SCSI host was allocated but there was no calls to\n{add,remove}_host(), like the usb-storage case.\n\nThis is what we propose here and with that, the error path of usb-storage\ndoes not trigger the warning anymore."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:27.723Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0053f15d50d50c9312d8ab9c11e2e405812dfcac"
},
{
"url": "https://git.kernel.org/stable/c/5c2386ba80e779a92ec3bb64ccadbedd88f779b1"
},
{
"url": "https://git.kernel.org/stable/c/cea234bb214b17d004dfdccce4491e6ff57c96ee"
},
{
"url": "https://git.kernel.org/stable/c/3678cf67ff7136db1dd3bf63c361650db5d92889"
},
{
"url": "https://git.kernel.org/stable/c/d4c34782b6d7b1e68d18d9549451b19433bd4c6c"
},
{
"url": "https://git.kernel.org/stable/c/e293c773c13b830cdc251f155df2254981abc320"
},
{
"url": "https://git.kernel.org/stable/c/f4ff08fab66eb5c0b97e1a24edac052fb40bf5d7"
},
{
"url": "https://git.kernel.org/stable/c/f23a4d6e07570826fe95023ca1aa96a011fa9f84"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "scsi: core: Fix unremoved procfs host directory regression",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26935",
"datePublished": "2024-05-01T05:17:31.445Z",
"dateReserved": "2024-02-19T14:20:24.196Z",
"dateUpdated": "2024-08-02T00:21:05.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26960
Vulnerability from cvelistv5
Published
2024-05-01 05:19
Modified
2024-08-02 00:21
Severity
Summary
mm: swap: fix race between free_swap_and_cache() and swapoff()
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "d85c11c97ecf",
"status": "affected",
"version": "7c00bafee87c",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "2da5568ee222",
"status": "affected",
"version": "7c00bafee87c",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "1ede7f1d7eed",
"status": "affected",
"version": "7c00bafee87c",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "0f98f6d2fb5f",
"status": "affected",
"version": "7c00bafee87c",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "3ce4c4c653e4",
"status": "affected",
"version": "7c00bafee87c",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "363d17e7f790",
"status": "affected",
"version": "7c00bafee87c",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "82b1c07a0af6",
"status": "affected",
"version": "7c00bafee87c",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "5.11",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "6.2",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "6.7",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "6.9",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unaffected",
"version": "6.9"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "4.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:4.11:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "4.11"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "5.16",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "6.8",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-26960",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-05T13:44:53.990022Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T14:58:33.267Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:06.048Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d85c11c97ecf92d47a4b29e3faca714dc1f18d0d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2da5568ee222ce0541bfe446a07998f92ed1643e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1ede7f1d7eed1738d1b9333fd1e152ccb450b86a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0f98f6d2fb5fad00f8299b84b85b6bc1b6d7d19a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3ce4c4c653e4e478ecb15d3c88e690f12cbf6b39"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/363d17e7f7907c8e27a9e86968af0eaa2301787b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/82b1c07a0af603e3c47b906c8e991dc96f01688e"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"mm/swapfile.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d85c11c97ecf",
"status": "affected",
"version": "7c00bafee87c",
"versionType": "git"
},
{
"lessThan": "2da5568ee222",
"status": "affected",
"version": "7c00bafee87c",
"versionType": "git"
},
{
"lessThan": "1ede7f1d7eed",
"status": "affected",
"version": "7c00bafee87c",
"versionType": "git"
},
{
"lessThan": "0f98f6d2fb5f",
"status": "affected",
"version": "7c00bafee87c",
"versionType": "git"
},
{
"lessThan": "3ce4c4c653e4",
"status": "affected",
"version": "7c00bafee87c",
"versionType": "git"
},
{
"lessThan": "363d17e7f790",
"status": "affected",
"version": "7c00bafee87c",
"versionType": "git"
},
{
"lessThan": "82b1c07a0af6",
"status": "affected",
"version": "7c00bafee87c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"mm/swapfile.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.11"
},
{
"lessThan": "4.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: swap: fix race between free_swap_and_cache() and swapoff()\n\nThere was previously a theoretical window where swapoff() could run and\nteardown a swap_info_struct while a call to free_swap_and_cache() was\nrunning in another thread. This could cause, amongst other bad\npossibilities, swap_page_trans_huge_swapped() (called by\nfree_swap_and_cache()) to access the freed memory for swap_map.\n\nThis is a theoretical problem and I haven\u0027t been able to provoke it from a\ntest case. But there has been agreement based on code review that this is\npossible (see link below).\n\nFix it by using get_swap_device()/put_swap_device(), which will stall\nswapoff(). There was an extra check in _swap_info_get() to confirm that\nthe swap entry was not free. This isn\u0027t present in get_swap_device()\nbecause it doesn\u0027t make sense in general due to the race between getting\nthe reference and swapoff. So I\u0027ve added an equivalent check directly in\nfree_swap_and_cache().\n\nDetails of how to provoke one possible issue (thanks to David Hildenbrand\nfor deriving this):\n\n--8\u003c-----\n\n__swap_entry_free() might be the last user and result in\n\"count == SWAP_HAS_CACHE\".\n\nswapoff-\u003etry_to_unuse() will stop as soon as soon as si-\u003einuse_pages==0.\n\nSo the question is: could someone reclaim the folio and turn\nsi-\u003einuse_pages==0, before we completed swap_page_trans_huge_swapped().\n\nImagine the following: 2 MiB folio in the swapcache. Only 2 subpages are\nstill references by swap entries.\n\nProcess 1 still references subpage 0 via swap entry.\nProcess 2 still references subpage 1 via swap entry.\n\nProcess 1 quits. Calls free_swap_and_cache().\n-\u003e count == SWAP_HAS_CACHE\n[then, preempted in the hypervisor etc.]\n\nProcess 2 quits. Calls free_swap_and_cache().\n-\u003e count == SWAP_HAS_CACHE\n\nProcess 2 goes ahead, passes swap_page_trans_huge_swapped(), and calls\n__try_to_reclaim_swap().\n\n__try_to_reclaim_swap()-\u003efolio_free_swap()-\u003edelete_from_swap_cache()-\u003e\nput_swap_folio()-\u003efree_swap_slot()-\u003eswapcache_free_entries()-\u003e\nswap_entry_free()-\u003eswap_range_free()-\u003e\n...\nWRITE_ONCE(si-\u003einuse_pages, si-\u003einuse_pages - nr_entries);\n\nWhat stops swapoff to succeed after process 2 reclaimed the swap cache\nbut before process1 finished its call to swap_page_trans_huge_swapped()?\n\n--8\u003c-----"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:54.248Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d85c11c97ecf92d47a4b29e3faca714dc1f18d0d"
},
{
"url": "https://git.kernel.org/stable/c/2da5568ee222ce0541bfe446a07998f92ed1643e"
},
{
"url": "https://git.kernel.org/stable/c/1ede7f1d7eed1738d1b9333fd1e152ccb450b86a"
},
{
"url": "https://git.kernel.org/stable/c/0f98f6d2fb5fad00f8299b84b85b6bc1b6d7d19a"
},
{
"url": "https://git.kernel.org/stable/c/3ce4c4c653e4e478ecb15d3c88e690f12cbf6b39"
},
{
"url": "https://git.kernel.org/stable/c/363d17e7f7907c8e27a9e86968af0eaa2301787b"
},
{
"url": "https://git.kernel.org/stable/c/82b1c07a0af603e3c47b906c8e991dc96f01688e"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "mm: swap: fix race between free_swap_and_cache() and swapoff()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26960",
"datePublished": "2024-05-01T05:19:12.112Z",
"dateReserved": "2024-02-19T14:20:24.201Z",
"dateUpdated": "2024-08-02T00:21:06.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27038
Vulnerability from cvelistv5
Published
2024-05-01 12:53
Modified
2024-08-02 00:21
Severity
Summary
clk: Fix clk_core_get NULL dereference
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27038",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T13:38:53.856287Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:44.741Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d7ae7d1265686b55832a445b1db8cdd69738ac07"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/239174535dba11f7b83de0eaaa27909024f8c185"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0efb9ef6fb95384ba631d6819e66f10392aabfa2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a8b2b26fdd011ebe36d68a9a321ca45801685959"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a5d9b1aa61b401867b9066d54086b3e4ee91f8ed"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c554badcae9c45b737a22d23454170c6020b90e6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6f073b24a9e2becd25ac4505a9780a87e621bb51"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e97fe4901e0f59a0bfd524578fe3768f8ca42428"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/clk/clk.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d7ae7d126568",
"status": "affected",
"version": "dde4eff47c82",
"versionType": "git"
},
{
"lessThan": "239174535dba",
"status": "affected",
"version": "dde4eff47c82",
"versionType": "git"
},
{
"lessThan": "0efb9ef6fb95",
"status": "affected",
"version": "dde4eff47c82",
"versionType": "git"
},
{
"lessThan": "a8b2b26fdd01",
"status": "affected",
"version": "dde4eff47c82",
"versionType": "git"
},
{
"lessThan": "a5d9b1aa61b4",
"status": "affected",
"version": "dde4eff47c82",
"versionType": "git"
},
{
"lessThan": "c554badcae9c",
"status": "affected",
"version": "dde4eff47c82",
"versionType": "git"
},
{
"lessThan": "6f073b24a9e2",
"status": "affected",
"version": "dde4eff47c82",
"versionType": "git"
},
{
"lessThan": "e97fe4901e0f",
"status": "affected",
"version": "dde4eff47c82",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/clk/clk.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.2"
},
{
"lessThan": "5.2",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.273",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: Fix clk_core_get NULL dereference\n\nIt is possible for clk_core_get to dereference a NULL in the following\nsequence:\n\nclk_core_get()\n of_clk_get_hw_from_clkspec()\n __of_clk_get_hw_from_provider()\n __clk_get_hw()\n\n__clk_get_hw() can return NULL which is dereferenced by clk_core_get() at\nhw-\u003ecore.\n\nPrior to commit dde4eff47c82 (\"clk: Look for parents with clkdev based\nclk_lookups\") the check IS_ERR_OR_NULL() was performed which would have\ncaught the NULL.\n\nReading the description of this function it talks about returning NULL but\nthat cannot be so at the moment.\n\nUpdate the function to check for hw before dereferencing it and return NULL\nif hw is NULL."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:27.480Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d7ae7d1265686b55832a445b1db8cdd69738ac07"
},
{
"url": "https://git.kernel.org/stable/c/239174535dba11f7b83de0eaaa27909024f8c185"
},
{
"url": "https://git.kernel.org/stable/c/0efb9ef6fb95384ba631d6819e66f10392aabfa2"
},
{
"url": "https://git.kernel.org/stable/c/a8b2b26fdd011ebe36d68a9a321ca45801685959"
},
{
"url": "https://git.kernel.org/stable/c/a5d9b1aa61b401867b9066d54086b3e4ee91f8ed"
},
{
"url": "https://git.kernel.org/stable/c/c554badcae9c45b737a22d23454170c6020b90e6"
},
{
"url": "https://git.kernel.org/stable/c/6f073b24a9e2becd25ac4505a9780a87e621bb51"
},
{
"url": "https://git.kernel.org/stable/c/e97fe4901e0f59a0bfd524578fe3768f8ca42428"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "clk: Fix clk_core_get NULL dereference",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27038",
"datePublished": "2024-05-01T12:53:53.698Z",
"dateReserved": "2024-02-19T14:20:24.212Z",
"dateUpdated": "2024-08-02T00:21:05.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27077
Vulnerability from cvelistv5
Published
2024-05-01 13:04
Modified
2024-08-02 00:27
Severity
Summary
media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:57.849Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3dd8abb0ed0e0a7c66d6d677c86ccb188cc39333"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0175f2d34c85744f9ad6554f696cf0afb5bd04e4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/afd2a82fe300032f63f8be5d6cd6981e75f8bbf2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dc866b69cc51af9b8509b4731b8ce2a4950cd0ef"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0c9550b032de48d6a7fa6a4ddc09699d64d9300d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/90029b9c979b60de5cb2b70ade4bbf61d561bc5d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5dc319cc3c4f7b74f7dfba349aa26f87efb52458"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9c23ef30e840fedc66948299509f6c2777c9cf4f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8f94b49a5b5d386c038e355bef6347298aabd211"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/media/v4l2-core/v4l2-mem2mem.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3dd8abb0ed0e",
"status": "affected",
"version": "be2fff656322",
"versionType": "git"
},
{
"lessThan": "0175f2d34c85",
"status": "affected",
"version": "be2fff656322",
"versionType": "git"
},
{
"lessThan": "afd2a82fe300",
"status": "affected",
"version": "be2fff656322",
"versionType": "git"
},
{
"lessThan": "dc866b69cc51",
"status": "affected",
"version": "be2fff656322",
"versionType": "git"
},
{
"lessThan": "0c9550b032de",
"status": "affected",
"version": "be2fff656322",
"versionType": "git"
},
{
"lessThan": "90029b9c979b",
"status": "affected",
"version": "be2fff656322",
"versionType": "git"
},
{
"lessThan": "5dc319cc3c4f",
"status": "affected",
"version": "be2fff656322",
"versionType": "git"
},
{
"lessThan": "9c23ef30e840",
"status": "affected",
"version": "be2fff656322",
"versionType": "git"
},
{
"lessThan": "8f94b49a5b5d",
"status": "affected",
"version": "be2fff656322",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/media/v4l2-core/v4l2-mem2mem.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.19"
},
{
"lessThan": "4.19",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.311",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.273",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity\n\nThe entity-\u003ename (i.e. name) is allocated in v4l2_m2m_register_entity\nbut isn\u0027t freed in its following error-handling paths. This patch\nadds such deallocation to prevent memleak of entity-\u003ename."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:28:08.407Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3dd8abb0ed0e0a7c66d6d677c86ccb188cc39333"
},
{
"url": "https://git.kernel.org/stable/c/0175f2d34c85744f9ad6554f696cf0afb5bd04e4"
},
{
"url": "https://git.kernel.org/stable/c/afd2a82fe300032f63f8be5d6cd6981e75f8bbf2"
},
{
"url": "https://git.kernel.org/stable/c/dc866b69cc51af9b8509b4731b8ce2a4950cd0ef"
},
{
"url": "https://git.kernel.org/stable/c/0c9550b032de48d6a7fa6a4ddc09699d64d9300d"
},
{
"url": "https://git.kernel.org/stable/c/90029b9c979b60de5cb2b70ade4bbf61d561bc5d"
},
{
"url": "https://git.kernel.org/stable/c/5dc319cc3c4f7b74f7dfba349aa26f87efb52458"
},
{
"url": "https://git.kernel.org/stable/c/9c23ef30e840fedc66948299509f6c2777c9cf4f"
},
{
"url": "https://git.kernel.org/stable/c/8f94b49a5b5d386c038e355bef6347298aabd211"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27077",
"datePublished": "2024-05-01T13:04:51.518Z",
"dateReserved": "2024-02-19T14:20:24.217Z",
"dateUpdated": "2024-08-02T00:27:57.849Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27392
Vulnerability from cvelistv5
Published
2024-05-01 13:05
Modified
2024-08-02 00:34
Severity
Summary
nvme: host: fix double-free of struct nvme_id_ns in ns_update_nuse()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:34:52.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/534f9dc7fe495b3f9cc84363898ac50c5a25fccb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8d0d2447394b13fb22a069f0330f9c49b7fff9d3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/nvme/host/sysfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "534f9dc7fe49",
"status": "affected",
"version": "a1a825ab6a60",
"versionType": "git"
},
{
"lessThan": "8d0d2447394b",
"status": "affected",
"version": "a1a825ab6a60",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/nvme/host/sysfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme: host: fix double-free of struct nvme_id_ns in ns_update_nuse()\n\nWhen nvme_identify_ns() fails, it frees the pointer to the struct\nnvme_id_ns before it returns. However, ns_update_nuse() calls kfree()\nfor the pointer even when nvme_identify_ns() fails. This results in\nKASAN double-free, which was observed with blktests nvme/045 with\nproposed patches [1] on the kernel v6.8-rc7. Fix the double-free by\nskipping kfree() when nvme_identify_ns() fails."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:28:18.404Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/534f9dc7fe495b3f9cc84363898ac50c5a25fccb"
},
{
"url": "https://git.kernel.org/stable/c/8d0d2447394b13fb22a069f0330f9c49b7fff9d3"
}
],
"title": "nvme: host: fix double-free of struct nvme_id_ns in ns_update_nuse()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27392",
"datePublished": "2024-05-01T13:05:20.117Z",
"dateReserved": "2024-02-25T13:47:42.677Z",
"dateUpdated": "2024-08-02T00:34:52.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26988
Vulnerability from cvelistv5
Published
2024-05-01 05:27
Modified
2024-08-02 00:21
Severity
Summary
init/main.c: Fix potential static_command_line memory overflow
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.815Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2ef607ea103616aec0289f1b65d103d499fa903a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0dc727a4e05400205358a22c3d01ccad2c8e1fe4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/76c2f4d426a5358fced5d5990744d46f10a4ccea"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/81cf85ae4f2dd5fa3e43021782aa72c4c85558e8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/936a02b5a9630c5beb0353c3085cc49d86c57034"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/46dad3c1e57897ab9228332f03e1c14798d2d3b9"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"init/main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "2ef607ea1036",
"status": "affected",
"version": "f5c7310ac73e",
"versionType": "git"
},
{
"lessThan": "0dc727a4e054",
"status": "affected",
"version": "f5c7310ac73e",
"versionType": "git"
},
{
"lessThan": "76c2f4d426a5",
"status": "affected",
"version": "f5c7310ac73e",
"versionType": "git"
},
{
"lessThan": "81cf85ae4f2d",
"status": "affected",
"version": "f5c7310ac73e",
"versionType": "git"
},
{
"lessThan": "936a02b5a963",
"status": "affected",
"version": "f5c7310ac73e",
"versionType": "git"
},
{
"lessThan": "46dad3c1e578",
"status": "affected",
"version": "f5c7310ac73e",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"init/main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.1"
},
{
"lessThan": "5.1",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.216",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ninit/main.c: Fix potential static_command_line memory overflow\n\nWe allocate memory of size \u0027xlen + strlen(boot_command_line) + 1\u0027 for\nstatic_command_line, but the strings copied into static_command_line are\nextra_command_line and command_line, rather than extra_command_line and\nboot_command_line.\n\nWhen strlen(command_line) \u003e strlen(boot_command_line), static_command_line\nwill overflow.\n\nThis patch just recovers strlen(command_line) which was miss-consolidated\nwith strlen(boot_command_line) in the commit f5c7310ac73e (\"init/main: add\nchecks for the return value of memblock_alloc*()\")"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:29.863Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/2ef607ea103616aec0289f1b65d103d499fa903a"
},
{
"url": "https://git.kernel.org/stable/c/0dc727a4e05400205358a22c3d01ccad2c8e1fe4"
},
{
"url": "https://git.kernel.org/stable/c/76c2f4d426a5358fced5d5990744d46f10a4ccea"
},
{
"url": "https://git.kernel.org/stable/c/81cf85ae4f2dd5fa3e43021782aa72c4c85558e8"
},
{
"url": "https://git.kernel.org/stable/c/936a02b5a9630c5beb0353c3085cc49d86c57034"
},
{
"url": "https://git.kernel.org/stable/c/46dad3c1e57897ab9228332f03e1c14798d2d3b9"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "init/main.c: Fix potential static_command_line memory overflow",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26988",
"datePublished": "2024-05-01T05:27:39.190Z",
"dateReserved": "2024-02-19T14:20:24.205Z",
"dateUpdated": "2024-08-02T00:21:05.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26962
Vulnerability from cvelistv5
Published
2024-05-01 05:19
Modified
2024-08-02 00:21
Severity
Summary
dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.628Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5943a34bf6bab5801e08a55f63e1b8d5bc90dae1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a8d249d770cb357d16a2097b548d2e4c1c137304"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/41425f96d7aa59bc865f60f5dda3d7697b555677"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/md/dm-raid.c",
"drivers/md/md.c",
"drivers/md/md.h",
"drivers/md/raid5.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5943a34bf6ba",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "a8d249d770cb",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "41425f96d7aa",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/md/dm-raid.c",
"drivers/md/md.c",
"drivers/md/md.h",
"drivers/md/raid5.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape\n\nFor raid456, if reshape is still in progress, then IO across reshape\nposition will wait for reshape to make progress. However, for dm-raid,\nin following cases reshape will never make progress hence IO will hang:\n\n1) the array is read-only;\n2) MD_RECOVERY_WAIT is set;\n3) MD_RECOVERY_FROZEN is set;\n\nAfter commit c467e97f079f (\"md/raid6: use valid sector values to determine\nif an I/O should wait on the reshape\") fix the problem that IO across\nreshape position doesn\u0027t wait for reshape, the dm-raid test\nshell/lvconvert-raid-reshape.sh start to hang:\n\n[root@fedora ~]# cat /proc/979/stack\n[\u003c0\u003e] wait_woken+0x7d/0x90\n[\u003c0\u003e] raid5_make_request+0x929/0x1d70 [raid456]\n[\u003c0\u003e] md_handle_request+0xc2/0x3b0 [md_mod]\n[\u003c0\u003e] raid_map+0x2c/0x50 [dm_raid]\n[\u003c0\u003e] __map_bio+0x251/0x380 [dm_mod]\n[\u003c0\u003e] dm_submit_bio+0x1f0/0x760 [dm_mod]\n[\u003c0\u003e] __submit_bio+0xc2/0x1c0\n[\u003c0\u003e] submit_bio_noacct_nocheck+0x17f/0x450\n[\u003c0\u003e] submit_bio_noacct+0x2bc/0x780\n[\u003c0\u003e] submit_bio+0x70/0xc0\n[\u003c0\u003e] mpage_readahead+0x169/0x1f0\n[\u003c0\u003e] blkdev_readahead+0x18/0x30\n[\u003c0\u003e] read_pages+0x7c/0x3b0\n[\u003c0\u003e] page_cache_ra_unbounded+0x1ab/0x280\n[\u003c0\u003e] force_page_cache_ra+0x9e/0x130\n[\u003c0\u003e] page_cache_sync_ra+0x3b/0x110\n[\u003c0\u003e] filemap_get_pages+0x143/0xa30\n[\u003c0\u003e] filemap_read+0xdc/0x4b0\n[\u003c0\u003e] blkdev_read_iter+0x75/0x200\n[\u003c0\u003e] vfs_read+0x272/0x460\n[\u003c0\u003e] ksys_read+0x7a/0x170\n[\u003c0\u003e] __x64_sys_read+0x1c/0x30\n[\u003c0\u003e] do_syscall_64+0xc6/0x230\n[\u003c0\u003e] entry_SYSCALL_64_after_hwframe+0x6c/0x74\n\nThis is because reshape can\u0027t make progress.\n\nFor md/raid, the problem doesn\u0027t exist because register new sync_thread\ndoesn\u0027t rely on the IO to be done any more:\n\n1) If array is read-only, it can switch to read-write by ioctl/sysfs;\n2) md/raid never set MD_RECOVERY_WAIT;\n3) If MD_RECOVERY_FROZEN is set, mddev_suspend() doesn\u0027t hold\n \u0027reconfig_mutex\u0027, hence it can be cleared and reshape can continue by\n sysfs api \u0027sync_action\u0027.\n\nHowever, I\u0027m not sure yet how to avoid the problem in dm-raid yet. This\npatch on the one hand make sure raid_message() can\u0027t change\nsync_thread() through raid_message() after presuspend(), on the other\nhand detect the above 3 cases before wait for IO do be done in\ndm_suspend(), and let dm-raid requeue those IO."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:56.453Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/5943a34bf6bab5801e08a55f63e1b8d5bc90dae1"
},
{
"url": "https://git.kernel.org/stable/c/a8d249d770cb357d16a2097b548d2e4c1c137304"
},
{
"url": "https://git.kernel.org/stable/c/41425f96d7aa59bc865f60f5dda3d7697b555677"
}
],
"title": "dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26962",
"datePublished": "2024-05-01T05:19:20.579Z",
"dateReserved": "2024-02-19T14:20:24.201Z",
"dateUpdated": "2024-08-02T00:21:05.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26933
Vulnerability from cvelistv5
Published
2024-05-01 05:17
Modified
2024-08-02 00:21
Severity
Summary
USB: core: Fix deadlock in port "disable" sysfs attribute
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9dac54f08198147f5ec0ec52fcf1bc8ac899ac05"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f51849833705dea5b4f9b0c8de714dd87bd6c95c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4facc9421117ba9d8148c73771b213887fec77f7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/73d1589b91f2099e5f6534a8497b7c6b527e064e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f4d1960764d8a70318b02f15203a1be2b2554ca1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/usb/core/port.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "9dac54f08198",
"status": "affected",
"version": "f061f43d7418",
"versionType": "git"
},
{
"lessThan": "f51849833705",
"status": "affected",
"version": "f061f43d7418",
"versionType": "git"
},
{
"lessThan": "4facc9421117",
"status": "affected",
"version": "f061f43d7418",
"versionType": "git"
},
{
"lessThan": "73d1589b91f2",
"status": "affected",
"version": "f061f43d7418",
"versionType": "git"
},
{
"lessThan": "f4d1960764d8",
"status": "affected",
"version": "f061f43d7418",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/usb/core/port.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"lessThan": "6.0",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix deadlock in port \"disable\" sysfs attribute\n\nThe show and store callback routines for the \"disable\" sysfs attribute\nfile in port.c acquire the device lock for the port\u0027s parent hub\ndevice. This can cause problems if another process has locked the hub\nto remove it or change its configuration:\n\n\tRemoving the hub or changing its configuration requires the\n\thub interface to be removed, which requires the port device\n\tto be removed, and device_del() waits until all outstanding\n\tsysfs attribute callbacks for the ports have returned. The\n\tlock can\u0027t be released until then.\n\n\tBut the disable_show() or disable_store() routine can\u0027t return\n\tuntil after it has acquired the lock.\n\nThe resulting deadlock can be avoided by calling\nsysfs_break_active_protection(). This will cause the sysfs core not\nto wait for the attribute\u0027s callback routine to return, allowing the\nremoval to proceed. The disadvantage is that after making this call,\nthere is no guarantee that the hub structure won\u0027t be deallocated at\nany moment. To prevent this, we have to acquire a reference to it\nfirst by calling hub_get()."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T08:41:12.354Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/9dac54f08198147f5ec0ec52fcf1bc8ac899ac05"
},
{
"url": "https://git.kernel.org/stable/c/f51849833705dea5b4f9b0c8de714dd87bd6c95c"
},
{
"url": "https://git.kernel.org/stable/c/4facc9421117ba9d8148c73771b213887fec77f7"
},
{
"url": "https://git.kernel.org/stable/c/73d1589b91f2099e5f6534a8497b7c6b527e064e"
},
{
"url": "https://git.kernel.org/stable/c/f4d1960764d8a70318b02f15203a1be2b2554ca1"
}
],
"title": "USB: core: Fix deadlock in port \"disable\" sysfs attribute",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26933",
"datePublished": "2024-05-01T05:17:23.289Z",
"dateReserved": "2024-02-19T14:20:24.195Z",
"dateUpdated": "2024-08-02T00:21:05.581Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27391
Vulnerability from cvelistv5
Published
2024-05-01 13:05
Modified
2024-08-02 00:34
Severity
Summary
wifi: wilc1000: do not realloc workqueue everytime an interface is added
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27391",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T15:19:57.671573Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:45.010Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:34:52.229Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/515cc676dfbce40d93c92b1ff3c1070e917f4e52"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4041c60a9d543b3ad50225385b072ba68e96166e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/90ae293d1d255f622318fce6eeea2e18f9fde5c1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9ab0c303ccabfd6bdce14432792d41090070008c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/328efda22af81130c2ad981c110518cb29ff2f1d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/microchip/wilc1000/cfg80211.c",
"drivers/net/wireless/microchip/wilc1000/netdev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "515cc676dfbc",
"status": "affected",
"version": "09ed8bfc5215",
"versionType": "git"
},
{
"lessThan": "4041c60a9d54",
"status": "affected",
"version": "09ed8bfc5215",
"versionType": "git"
},
{
"lessThan": "90ae293d1d25",
"status": "affected",
"version": "09ed8bfc5215",
"versionType": "git"
},
{
"lessThan": "9ab0c303ccab",
"status": "affected",
"version": "09ed8bfc5215",
"versionType": "git"
},
{
"lessThan": "328efda22af8",
"status": "affected",
"version": "09ed8bfc5215",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/microchip/wilc1000/cfg80211.c",
"drivers/net/wireless/microchip/wilc1000/netdev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.17"
},
{
"lessThan": "5.17",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: do not realloc workqueue everytime an interface is added\n\nCommit 09ed8bfc5215 (\"wilc1000: Rename workqueue from \"WILC_wq\" to\n\"NETDEV-wq\"\") moved workqueue creation in wilc_netdev_ifc_init in order to\nset the interface name in the workqueue name. However, while the driver\nneeds only one workqueue, the wilc_netdev_ifc_init is called each time we\nadd an interface over a phy, which in turns overwrite the workqueue with a\nnew one. This can be observed with the following commands:\n\nfor i in $(seq 0 10)\ndo\n iw phy phy0 interface add wlan1 type managed\n iw dev wlan1 del\ndone\nps -eo pid,comm|grep wlan\n\n 39 kworker/R-wlan0\n 98 kworker/R-wlan1\n102 kworker/R-wlan1\n105 kworker/R-wlan1\n108 kworker/R-wlan1\n111 kworker/R-wlan1\n114 kworker/R-wlan1\n117 kworker/R-wlan1\n120 kworker/R-wlan1\n123 kworker/R-wlan1\n126 kworker/R-wlan1\n129 kworker/R-wlan1\n\nFix this leakage by putting back hif_workqueue allocation in\nwilc_cfg80211_init. Regarding the workqueue name, it is indeed relevant to\nset it lowercase, however it is not attached to a specific netdev, so\nenforcing netdev name in the name is not so relevant. Still, enrich the\nname with the wiphy name to make it clear which phy is using the workqueue."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:28:17.396Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/515cc676dfbce40d93c92b1ff3c1070e917f4e52"
},
{
"url": "https://git.kernel.org/stable/c/4041c60a9d543b3ad50225385b072ba68e96166e"
},
{
"url": "https://git.kernel.org/stable/c/90ae293d1d255f622318fce6eeea2e18f9fde5c1"
},
{
"url": "https://git.kernel.org/stable/c/9ab0c303ccabfd6bdce14432792d41090070008c"
},
{
"url": "https://git.kernel.org/stable/c/328efda22af81130c2ad981c110518cb29ff2f1d"
}
],
"title": "wifi: wilc1000: do not realloc workqueue everytime an interface is added",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27391",
"datePublished": "2024-05-01T13:05:16.396Z",
"dateReserved": "2024-02-25T13:47:42.677Z",
"dateUpdated": "2024-08-02T00:34:52.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26979
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2024-06-12T15:58:08.674Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"rejectedReasons": [
{
"lang": "en",
"value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26979",
"datePublished": "2024-05-01T05:20:38.304Z",
"dateRejected": "2024-06-12T15:58:08.674Z",
"dateReserved": "2024-02-19T14:20:24.203Z",
"dateUpdated": "2024-06-12T15:58:08.674Z",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26947
Vulnerability from cvelistv5
Published
2024-05-01 05:18
Modified
2024-08-02 00:21
Severity
Summary
ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26947",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T17:40:49.744241Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:46:53.297Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.505Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0c027c2bad7f5111c51a358b5d392e1a695dabff"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9f7ddc222cae8254e93d5c169a8ae11a49d912a7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fb3a122a978626b33de3367ee1762da934c0f512"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0c66c6f4e21cb22220cbd8821c5c73fc157d20dc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/arm/mm/flush.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0c027c2bad7f",
"status": "affected",
"version": "a4d5613c4dc6",
"versionType": "git"
},
{
"lessThan": "9f7ddc222cae",
"status": "affected",
"version": "a4d5613c4dc6",
"versionType": "git"
},
{
"lessThan": "fb3a122a9786",
"status": "affected",
"version": "a4d5613c4dc6",
"versionType": "git"
},
{
"lessThan": "0c66c6f4e21c",
"status": "affected",
"version": "a4d5613c4dc6",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/arm/mm/flush.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.14"
},
{
"lessThan": "5.14",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses\n\nSince commit a4d5613c4dc6 (\"arm: extend pfn_valid to take into account\nfreed memory map alignment\") changes the semantics of pfn_valid() to check\npresence of the memory map for a PFN. A valid page for an address which\nis reserved but not mapped by the kernel[1], the system crashed during\nsome uio test with the following memory layout:\n\n node 0: [mem 0x00000000c0a00000-0x00000000cc8fffff]\n node 0: [mem 0x00000000d0000000-0x00000000da1fffff]\n the uio layout is\uff1a0xc0900000, 0x100000\n\nthe crash backtrace like:\n\n Unable to handle kernel paging request at virtual address bff00000\n [...]\n CPU: 1 PID: 465 Comm: startapp.bin Tainted: G O 5.10.0 #1\n Hardware name: Generic DT based system\n PC is at b15_flush_kern_dcache_area+0x24/0x3c\n LR is at __sync_icache_dcache+0x6c/0x98\n [...]\n (b15_flush_kern_dcache_area) from (__sync_icache_dcache+0x6c/0x98)\n (__sync_icache_dcache) from (set_pte_at+0x28/0x54)\n (set_pte_at) from (remap_pfn_range+0x1a0/0x274)\n (remap_pfn_range) from (uio_mmap+0x184/0x1b8 [uio])\n (uio_mmap [uio]) from (__mmap_region+0x264/0x5f4)\n (__mmap_region) from (__do_mmap_mm+0x3ec/0x440)\n (__do_mmap_mm) from (do_mmap+0x50/0x58)\n (do_mmap) from (vm_mmap_pgoff+0xfc/0x188)\n (vm_mmap_pgoff) from (ksys_mmap_pgoff+0xac/0xc4)\n (ksys_mmap_pgoff) from (ret_fast_syscall+0x0/0x5c)\n Code: e0801001 e2423001 e1c00003 f57ff04f (ee070f3e)\n ---[ end trace 09cf0734c3805d52 ]---\n Kernel panic - not syncing: Fatal exception\n\nSo check if PG_reserved was set to solve this issue.\n\n[1]: https://lore.kernel.org/lkml/Zbtdue57RO0QScJM@linux.ibm.com/"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:40.408Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0c027c2bad7f5111c51a358b5d392e1a695dabff"
},
{
"url": "https://git.kernel.org/stable/c/9f7ddc222cae8254e93d5c169a8ae11a49d912a7"
},
{
"url": "https://git.kernel.org/stable/c/fb3a122a978626b33de3367ee1762da934c0f512"
},
{
"url": "https://git.kernel.org/stable/c/0c66c6f4e21cb22220cbd8821c5c73fc157d20dc"
}
],
"title": "ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26947",
"datePublished": "2024-05-01T05:18:17.316Z",
"dateReserved": "2024-02-19T14:20:24.197Z",
"dateUpdated": "2024-08-02T00:21:05.505Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27036
Vulnerability from cvelistv5
Published
2024-05-01 12:53
Modified
2024-08-02 00:21
Severity
Summary
cifs: Fix writeback data corruption
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27036",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T16:19:34.397708Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:47:15.864Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e45deec35bf7f1f4f992a707b2d04a8c162f2240"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/65f2ced695982ccd516196d0a9447d85dbe2eed5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/844b4e132f57f1333dc79feaa035075a096762e4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f3dc1bdb6b0b0693562c7c54a6c28bafa608ba3c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/smb/client/file.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e45deec35bf7",
"status": "affected",
"version": "d08089f649a0",
"versionType": "git"
},
{
"lessThan": "65f2ced69598",
"status": "affected",
"version": "d08089f649a0",
"versionType": "git"
},
{
"lessThan": "844b4e132f57",
"status": "affected",
"version": "d08089f649a0",
"versionType": "git"
},
{
"lessThan": "f3dc1bdb6b0b",
"status": "affected",
"version": "d08089f649a0",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/smb/client/file.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.3"
},
{
"lessThan": "6.3",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix writeback data corruption\n\ncifs writeback doesn\u0027t correctly handle the case where\ncifs_extend_writeback() hits a point where it is considering an additional\nfolio, but this would overrun the wsize - at which point it drops out of\nthe xarray scanning loop and calls xas_pause(). The problem is that\nxas_pause() advances the loop counter - thereby skipping that page.\n\nWhat needs to happen is for xas_reset() to be called any time we decide we\ndon\u0027t want to process the page we\u0027re looking at, but rather send the\nrequest we are building and start a new one.\n\nFix this by copying and adapting the netfslib writepages code as a\ntemporary measure, with cifs writeback intending to be offloaded to\nnetfslib in the near future.\n\nThis also fixes the issue with the use of filemap_get_folios_tag() causing\nretry of a bunch of pages which the extender already dealt with.\n\nThis can be tested by creating, say, a 64K file somewhere not on cifs\n(otherwise copy-offload may get underfoot), mounting a cifs share with a\nwsize of 64000, copying the file to it and then comparing the original file\nand the copy:\n\n dd if=/dev/urandom of=/tmp/64K bs=64k count=1\n mount //192.168.6.1/test /mnt -o user=...,pass=...,wsize=64000\n cp /tmp/64K /mnt/64K\n cmp /tmp/64K /mnt/64K\n\nWithout the fix, the cmp fails at position 64000 (or shortly thereafter)."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:25.429Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e45deec35bf7f1f4f992a707b2d04a8c162f2240"
},
{
"url": "https://git.kernel.org/stable/c/65f2ced695982ccd516196d0a9447d85dbe2eed5"
},
{
"url": "https://git.kernel.org/stable/c/844b4e132f57f1333dc79feaa035075a096762e4"
},
{
"url": "https://git.kernel.org/stable/c/f3dc1bdb6b0b0693562c7c54a6c28bafa608ba3c"
}
],
"title": "cifs: Fix writeback data corruption",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27036",
"datePublished": "2024-05-01T12:53:46.721Z",
"dateReserved": "2024-02-19T14:20:24.211Z",
"dateUpdated": "2024-08-02T00:21:05.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27021
Vulnerability from cvelistv5
Published
2024-05-01 05:30
Modified
2024-08-02 00:21
Severity
Summary
r8169: fix LED-related deadlock on module removal
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27021",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-09T18:39:07.447646Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:46.428Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/53d986f39acd8ea11c9e460732bfa5add66360d9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/19fa4f2a85d777a8052e869c1b892a2f7556569d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/realtek/r8169.h",
"drivers/net/ethernet/realtek/r8169_leds.c",
"drivers/net/ethernet/realtek/r8169_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "53d986f39acd",
"status": "affected",
"version": "18764b883e15",
"versionType": "git"
},
{
"lessThan": "19fa4f2a85d7",
"status": "affected",
"version": "18764b883e15",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/realtek/r8169.h",
"drivers/net/ethernet/realtek/r8169_leds.c",
"drivers/net/ethernet/realtek/r8169_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nr8169: fix LED-related deadlock on module removal\n\nBinding devm_led_classdev_register() to the netdev is problematic\nbecause on module removal we get a RTNL-related deadlock. Fix this\nby avoiding the device-managed LED functions.\n\nNote: We can safely call led_classdev_unregister() for a LED even\nif registering it failed, because led_classdev_unregister() detects\nthis and is a no-op in this case."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:09.714Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/53d986f39acd8ea11c9e460732bfa5add66360d9"
},
{
"url": "https://git.kernel.org/stable/c/19fa4f2a85d777a8052e869c1b892a2f7556569d"
}
],
"title": "r8169: fix LED-related deadlock on module removal",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27021",
"datePublished": "2024-05-01T05:30:21.242Z",
"dateReserved": "2024-02-19T14:20:24.210Z",
"dateUpdated": "2024-08-02T00:21:05.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26986
Vulnerability from cvelistv5
Published
2024-05-01 05:27
Modified
2024-08-02 00:21
Severity
Summary
drm/amdkfd: Fix memory leak in create_process failure
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26986",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T20:04:45.554663Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T20:05:27.611Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.898Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/aa02d43367a9adf8c85fb382fea4171fb266c8d0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0dcd876411644da98a6b4d5a18d32ca94c15bdb5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/18921b205012568b45760753ad3146ddb9e2d4e2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/amdkfd/kfd_process.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "aa02d43367a9",
"status": "affected",
"version": "0ab2d7532b05",
"versionType": "git"
},
{
"lessThan": "0dcd87641164",
"status": "affected",
"version": "0ab2d7532b05",
"versionType": "git"
},
{
"lessThan": "18921b205012",
"status": "affected",
"version": "0ab2d7532b05",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/amdkfd/kfd_process.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.5"
},
{
"lessThan": "6.5",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix memory leak in create_process failure\n\nFix memory leak due to a leaked mmget reference on an error handling\ncode path that is triggered when attempting to create KFD processes\nwhile a GPU reset is in progress."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:27.502Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/aa02d43367a9adf8c85fb382fea4171fb266c8d0"
},
{
"url": "https://git.kernel.org/stable/c/0dcd876411644da98a6b4d5a18d32ca94c15bdb5"
},
{
"url": "https://git.kernel.org/stable/c/18921b205012568b45760753ad3146ddb9e2d4e2"
}
],
"title": "drm/amdkfd: Fix memory leak in create_process failure",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26986",
"datePublished": "2024-05-01T05:27:29.951Z",
"dateReserved": "2024-02-19T14:20:24.204Z",
"dateUpdated": "2024-08-02T00:21:05.898Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27032
Vulnerability from cvelistv5
Published
2024-05-01 12:53
Modified
2024-08-02 00:21
Severity
Summary
f2fs: fix to avoid potential panic during recovery
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27032",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T18:39:19.391888Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T18:39:28.141Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fe4de493572a4263554903bf9c3afc5c196e15f0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8844b2f8a3f0c428b74672f9726f9950b1a7764c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d034810d02a5af8eb74debe29877dcaf5f00fdd1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f26091a981318b5b7451d61f99bc073a6af8db67"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/21ec68234826b1b54ab980a8df6e33c74cfbee58"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/f2fs/f2fs.h",
"fs/f2fs/recovery.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "fe4de493572a",
"status": "affected",
"version": "b1020a546779",
"versionType": "git"
},
{
"lessThan": "8844b2f8a3f0",
"status": "affected",
"version": "2a7b12d4705b",
"versionType": "git"
},
{
"lessThan": "d034810d02a5",
"status": "affected",
"version": "b29cc6e29b5e",
"versionType": "git"
},
{
"lessThan": "f26091a98131",
"status": "affected",
"version": "956fa1ddc132",
"versionType": "git"
},
{
"lessThan": "21ec68234826",
"status": "affected",
"version": "956fa1ddc132",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/f2fs/f2fs.h",
"fs/f2fs/recovery.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to avoid potential panic during recovery\n\nDuring recovery, if FAULT_BLOCK is on, it is possible that\nf2fs_reserve_new_block() will return -ENOSPC during recovery,\nthen it may trigger panic.\n\nAlso, if fault injection rate is 1 and only FAULT_BLOCK fault\ntype is on, it may encounter deadloop in loop of block reservation.\n\nLet\u0027s change as below to fix these issues:\n- remove bug_on() to avoid panic.\n- limit the loop count of block reservation to avoid potential\ndeadloop."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:21.361Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/fe4de493572a4263554903bf9c3afc5c196e15f0"
},
{
"url": "https://git.kernel.org/stable/c/8844b2f8a3f0c428b74672f9726f9950b1a7764c"
},
{
"url": "https://git.kernel.org/stable/c/d034810d02a5af8eb74debe29877dcaf5f00fdd1"
},
{
"url": "https://git.kernel.org/stable/c/f26091a981318b5b7451d61f99bc073a6af8db67"
},
{
"url": "https://git.kernel.org/stable/c/21ec68234826b1b54ab980a8df6e33c74cfbee58"
}
],
"title": "f2fs: fix to avoid potential panic during recovery",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27032",
"datePublished": "2024-05-01T12:53:32.812Z",
"dateReserved": "2024-02-19T14:20:24.211Z",
"dateUpdated": "2024-08-02T00:21:05.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26950
Vulnerability from cvelistv5
Published
2024-05-01 05:18
Modified
2024-08-02 00:21
Severity
Summary
wireguard: netlink: access device through ctx instead of peer
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26950",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T18:55:56.220490Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T18:56:09.041Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/493aa6bdcffd90a4f82aa614fe4f4db0641b4068"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4be453271a882c8ebc28df3dbf9e4d95e6ac42f5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/09c3fa70f65175861ca948cb2f0f791e666c90e5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c991567e6c638079304cc15dff28748e4a3c4a37"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/93bcc1752c69bb309f4d8cfaf960ef1faeb34996"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d44bd323d8bb8031eef4bdc44547925998a11e47"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/71cbd32e3db82ea4a74e3ef9aeeaa6971969c86f"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/wireguard/netlink.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "493aa6bdcffd",
"status": "affected",
"version": "e7096c131e51",
"versionType": "git"
},
{
"lessThan": "4be453271a88",
"status": "affected",
"version": "e7096c131e51",
"versionType": "git"
},
{
"lessThan": "09c3fa70f651",
"status": "affected",
"version": "e7096c131e51",
"versionType": "git"
},
{
"lessThan": "c991567e6c63",
"status": "affected",
"version": "e7096c131e51",
"versionType": "git"
},
{
"lessThan": "93bcc1752c69",
"status": "affected",
"version": "e7096c131e51",
"versionType": "git"
},
{
"lessThan": "d44bd323d8bb",
"status": "affected",
"version": "e7096c131e51",
"versionType": "git"
},
{
"lessThan": "71cbd32e3db8",
"status": "affected",
"version": "e7096c131e51",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/wireguard/netlink.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.6"
},
{
"lessThan": "5.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwireguard: netlink: access device through ctx instead of peer\n\nThe previous commit fixed a bug that led to a NULL peer-\u003edevice being\ndereferenced. It\u0027s actually easier and faster performance-wise to\ninstead get the device from ctx-\u003ewg. This semantically makes more sense\ntoo, since ctx-\u003ewg-\u003epeer_allowedips.seq is compared with\nctx-\u003eallowedips_seq, basing them both in ctx. This also acts as a\ndefence in depth provision against freed peers."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:43.459Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/493aa6bdcffd90a4f82aa614fe4f4db0641b4068"
},
{
"url": "https://git.kernel.org/stable/c/4be453271a882c8ebc28df3dbf9e4d95e6ac42f5"
},
{
"url": "https://git.kernel.org/stable/c/09c3fa70f65175861ca948cb2f0f791e666c90e5"
},
{
"url": "https://git.kernel.org/stable/c/c991567e6c638079304cc15dff28748e4a3c4a37"
},
{
"url": "https://git.kernel.org/stable/c/93bcc1752c69bb309f4d8cfaf960ef1faeb34996"
},
{
"url": "https://git.kernel.org/stable/c/d44bd323d8bb8031eef4bdc44547925998a11e47"
},
{
"url": "https://git.kernel.org/stable/c/71cbd32e3db82ea4a74e3ef9aeeaa6971969c86f"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "wireguard: netlink: access device through ctx instead of peer",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26950",
"datePublished": "2024-05-01T05:18:29.902Z",
"dateReserved": "2024-02-19T14:20:24.198Z",
"dateUpdated": "2024-08-02T00:21:05.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27013
Vulnerability from cvelistv5
Published
2024-05-01 05:29
Modified
2024-08-02 00:21
Severity
Summary
tun: limit printing rate when illegal packet received by tun dev
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27013",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T13:35:26.133742Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:49.101Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.877Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/68459b8e3ee554ce71878af9eb69659b9462c588"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4b0dcae5c4797bf31c63011ed62917210d3fdac3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/14cdb43dbc827e18ac7d5b30c5b4c676219f1421"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a50dbeca28acf7051dfa92786b85f704c75db6eb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/62e27ef18eb4f0d33bbae8e9ef56b99696a74713"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/40f4ced305c6c47487d3cd8da54676e2acc1a6ad"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/52854101180beccdb9dc2077a3bea31b6ad48dfa"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f8bbc07ac535593139c875ffa19af924b1084540"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/tun.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "68459b8e3ee5",
"status": "affected",
"version": "ef3db4a59542",
"versionType": "git"
},
{
"lessThan": "4b0dcae5c479",
"status": "affected",
"version": "ef3db4a59542",
"versionType": "git"
},
{
"lessThan": "14cdb43dbc82",
"status": "affected",
"version": "ef3db4a59542",
"versionType": "git"
},
{
"lessThan": "a50dbeca28ac",
"status": "affected",
"version": "ef3db4a59542",
"versionType": "git"
},
{
"lessThan": "62e27ef18eb4",
"status": "affected",
"version": "ef3db4a59542",
"versionType": "git"
},
{
"lessThan": "40f4ced305c6",
"status": "affected",
"version": "ef3db4a59542",
"versionType": "git"
},
{
"lessThan": "52854101180b",
"status": "affected",
"version": "ef3db4a59542",
"versionType": "git"
},
{
"lessThan": "f8bbc07ac535",
"status": "affected",
"version": "ef3db4a59542",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/tun.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.35"
},
{
"lessThan": "2.6.35",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.313",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.275",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.216",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntun: limit printing rate when illegal packet received by tun dev\n\nvhost_worker will call tun call backs to receive packets. If too many\nillegal packets arrives, tun_do_read will keep dumping packet contents.\nWhen console is enabled, it will costs much more cpu time to dump\npacket and soft lockup will be detected.\n\nnet_ratelimit mechanism can be used to limit the dumping rate.\n\nPID: 33036 TASK: ffff949da6f20000 CPU: 23 COMMAND: \"vhost-32980\"\n #0 [fffffe00003fce50] crash_nmi_callback at ffffffff89249253\n #1 [fffffe00003fce58] nmi_handle at ffffffff89225fa3\n #2 [fffffe00003fceb0] default_do_nmi at ffffffff8922642e\n #3 [fffffe00003fced0] do_nmi at ffffffff8922660d\n #4 [fffffe00003fcef0] end_repeat_nmi at ffffffff89c01663\n [exception RIP: io_serial_in+20]\n RIP: ffffffff89792594 RSP: ffffa655314979e8 RFLAGS: 00000002\n RAX: ffffffff89792500 RBX: ffffffff8af428a0 RCX: 0000000000000000\n RDX: 00000000000003fd RSI: 0000000000000005 RDI: ffffffff8af428a0\n RBP: 0000000000002710 R8: 0000000000000004 R9: 000000000000000f\n R10: 0000000000000000 R11: ffffffff8acbf64f R12: 0000000000000020\n R13: ffffffff8acbf698 R14: 0000000000000058 R15: 0000000000000000\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n #5 [ffffa655314979e8] io_serial_in at ffffffff89792594\n #6 [ffffa655314979e8] wait_for_xmitr at ffffffff89793470\n #7 [ffffa65531497a08] serial8250_console_putchar at ffffffff897934f6\n #8 [ffffa65531497a20] uart_console_write at ffffffff8978b605\n #9 [ffffa65531497a48] serial8250_console_write at ffffffff89796558\n #10 [ffffa65531497ac8] console_unlock at ffffffff89316124\n #11 [ffffa65531497b10] vprintk_emit at ffffffff89317c07\n #12 [ffffa65531497b68] printk at ffffffff89318306\n #13 [ffffa65531497bc8] print_hex_dump at ffffffff89650765\n #14 [ffffa65531497ca8] tun_do_read at ffffffffc0b06c27 [tun]\n #15 [ffffa65531497d38] tun_recvmsg at ffffffffc0b06e34 [tun]\n #16 [ffffa65531497d68] handle_rx at ffffffffc0c5d682 [vhost_net]\n #17 [ffffa65531497ed0] vhost_worker at ffffffffc0c644dc [vhost]\n #18 [ffffa65531497f10] kthread at ffffffff892d2e72\n #19 [ffffa65531497f50] ret_from_fork at ffffffff89c0022f"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:01.486Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/68459b8e3ee554ce71878af9eb69659b9462c588"
},
{
"url": "https://git.kernel.org/stable/c/4b0dcae5c4797bf31c63011ed62917210d3fdac3"
},
{
"url": "https://git.kernel.org/stable/c/14cdb43dbc827e18ac7d5b30c5b4c676219f1421"
},
{
"url": "https://git.kernel.org/stable/c/a50dbeca28acf7051dfa92786b85f704c75db6eb"
},
{
"url": "https://git.kernel.org/stable/c/62e27ef18eb4f0d33bbae8e9ef56b99696a74713"
},
{
"url": "https://git.kernel.org/stable/c/40f4ced305c6c47487d3cd8da54676e2acc1a6ad"
},
{
"url": "https://git.kernel.org/stable/c/52854101180beccdb9dc2077a3bea31b6ad48dfa"
},
{
"url": "https://git.kernel.org/stable/c/f8bbc07ac535593139c875ffa19af924b1084540"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "tun: limit printing rate when illegal packet received by tun dev",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27013",
"datePublished": "2024-05-01T05:29:42.289Z",
"dateReserved": "2024-02-19T14:20:24.209Z",
"dateUpdated": "2024-08-02T00:21:05.877Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27008
Vulnerability from cvelistv5
Published
2024-05-01 05:29
Modified
2024-08-02 00:21
Severity
Summary
drm: nv04: Fix out of bounds access
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27008",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T17:53:02.936582Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:46:47.615Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.825Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c2b97f26f081ceec3298151481687071075a25cb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5050ae879a828d752b439e3827aac126709da6d1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/097c7918fcfa1dee233acfd1f3029f00c3bc8062"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/df0991da7db846f7fa4ec6740350f743d3b69b04"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5fd4b090304e450aa0e7cc9cc2b4873285c6face"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6690cc2732e2a8d0eaca44dcbac032a4b0148042"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/26212da39ee14a52c76a202c6ae5153a84f579a5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cf92bb778eda7830e79452c6917efa8474a30c1e"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/nouveau/nouveau_bios.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "c2b97f26f081",
"status": "affected",
"version": "2e5702aff395",
"versionType": "git"
},
{
"lessThan": "5050ae879a82",
"status": "affected",
"version": "2e5702aff395",
"versionType": "git"
},
{
"lessThan": "097c7918fcfa",
"status": "affected",
"version": "2e5702aff395",
"versionType": "git"
},
{
"lessThan": "df0991da7db8",
"status": "affected",
"version": "2e5702aff395",
"versionType": "git"
},
{
"lessThan": "5fd4b090304e",
"status": "affected",
"version": "2e5702aff395",
"versionType": "git"
},
{
"lessThan": "6690cc2732e2",
"status": "affected",
"version": "2e5702aff395",
"versionType": "git"
},
{
"lessThan": "26212da39ee1",
"status": "affected",
"version": "2e5702aff395",
"versionType": "git"
},
{
"lessThan": "cf92bb778eda",
"status": "affected",
"version": "2e5702aff395",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/nouveau/nouveau_bios.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.38"
},
{
"lessThan": "2.6.38",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.313",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.275",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.216",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: nv04: Fix out of bounds access\n\nWhen Output Resource (dcb-\u003eor) value is assigned in\nfabricate_dcb_output(), there may be out of bounds access to\ndac_users array in case dcb-\u003eor is zero because ffs(dcb-\u003eor) is\nused as index there.\nThe \u0027or\u0027 argument of fabricate_dcb_output() must be interpreted as a\nnumber of bit to set, not value.\n\nUtilize macros from \u0027enum nouveau_or\u0027 in calls instead of hardcoding.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:55.800Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/c2b97f26f081ceec3298151481687071075a25cb"
},
{
"url": "https://git.kernel.org/stable/c/5050ae879a828d752b439e3827aac126709da6d1"
},
{
"url": "https://git.kernel.org/stable/c/097c7918fcfa1dee233acfd1f3029f00c3bc8062"
},
{
"url": "https://git.kernel.org/stable/c/df0991da7db846f7fa4ec6740350f743d3b69b04"
},
{
"url": "https://git.kernel.org/stable/c/5fd4b090304e450aa0e7cc9cc2b4873285c6face"
},
{
"url": "https://git.kernel.org/stable/c/6690cc2732e2a8d0eaca44dcbac032a4b0148042"
},
{
"url": "https://git.kernel.org/stable/c/26212da39ee14a52c76a202c6ae5153a84f579a5"
},
{
"url": "https://git.kernel.org/stable/c/cf92bb778eda7830e79452c6917efa8474a30c1e"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "drm: nv04: Fix out of bounds access",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27008",
"datePublished": "2024-05-01T05:29:13.312Z",
"dateReserved": "2024-02-19T14:20:24.208Z",
"dateUpdated": "2024-08-02T00:21:05.825Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27014
Vulnerability from cvelistv5
Published
2024-05-01 05:29
Modified
2024-08-02 00:21
Severity
Summary
net/mlx5e: Prevent deadlock while disabling aRFS
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27014",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T17:40:27.350253Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:46:06.728Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.849Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/46efa4d5930cf3c2af8c01f75e0a47e4fc045e3b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/48c4bb81df19402d4346032353d0795260255e3b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0080bf99499468030248ebd25dd645e487dcecdc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fef965764cf562f28afb997b626fc7c3cec99693"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "46efa4d5930c",
"status": "affected",
"version": "45bf454ae884",
"versionType": "git"
},
{
"lessThan": "48c4bb81df19",
"status": "affected",
"version": "45bf454ae884",
"versionType": "git"
},
{
"lessThan": "0080bf994994",
"status": "affected",
"version": "45bf454ae884",
"versionType": "git"
},
{
"lessThan": "fef965764cf5",
"status": "affected",
"version": "45bf454ae884",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.7"
},
{
"lessThan": "4.7",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Prevent deadlock while disabling aRFS\n\nWhen disabling aRFS under the `priv-\u003estate_lock`, any scheduled\naRFS works are canceled using the `cancel_work_sync` function,\nwhich waits for the work to end if it has already started.\nHowever, while waiting for the work handler, the handler will\ntry to acquire the `state_lock` which is already acquired.\n\nThe worker acquires the lock to delete the rules if the state\nis down, which is not the worker\u0027s responsibility since\ndisabling aRFS deletes the rules.\n\nAdd an aRFS state variable, which indicates whether the aRFS is\nenabled and prevent adding rules when the aRFS is disabled.\n\nKernel log:\n\n======================================================\nWARNING: possible circular locking dependency detected\n6.7.0-rc4_net_next_mlx5_5483eb2 #1 Tainted: G I\n------------------------------------------------------\nethtool/386089 is trying to acquire lock:\nffff88810f21ce68 ((work_completion)(\u0026rule-\u003earfs_work)){+.+.}-{0:0}, at: __flush_work+0x74/0x4e0\n\nbut task is already holding lock:\nffff8884a1808cc0 (\u0026priv-\u003estate_lock){+.+.}-{3:3}, at: mlx5e_ethtool_set_channels+0x53/0x200 [mlx5_core]\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #1 (\u0026priv-\u003estate_lock){+.+.}-{3:3}:\n __mutex_lock+0x80/0xc90\n arfs_handle_work+0x4b/0x3b0 [mlx5_core]\n process_one_work+0x1dc/0x4a0\n worker_thread+0x1bf/0x3c0\n kthread+0xd7/0x100\n ret_from_fork+0x2d/0x50\n ret_from_fork_asm+0x11/0x20\n\n-\u003e #0 ((work_completion)(\u0026rule-\u003earfs_work)){+.+.}-{0:0}:\n __lock_acquire+0x17b4/0x2c80\n lock_acquire+0xd0/0x2b0\n __flush_work+0x7a/0x4e0\n __cancel_work_timer+0x131/0x1c0\n arfs_del_rules+0x143/0x1e0 [mlx5_core]\n mlx5e_arfs_disable+0x1b/0x30 [mlx5_core]\n mlx5e_ethtool_set_channels+0xcb/0x200 [mlx5_core]\n ethnl_set_channels+0x28f/0x3b0\n ethnl_default_set_doit+0xec/0x240\n genl_family_rcv_msg_doit+0xd0/0x120\n genl_rcv_msg+0x188/0x2c0\n netlink_rcv_skb+0x54/0x100\n genl_rcv+0x24/0x40\n netlink_unicast+0x1a1/0x270\n netlink_sendmsg+0x214/0x460\n __sock_sendmsg+0x38/0x60\n __sys_sendto+0x113/0x170\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x40/0xe0\n entry_SYSCALL_64_after_hwframe+0x46/0x4e\n\nother info that might help us debug this:\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026priv-\u003estate_lock);\n lock((work_completion)(\u0026rule-\u003earfs_work));\n lock(\u0026priv-\u003estate_lock);\n lock((work_completion)(\u0026rule-\u003earfs_work));\n\n *** DEADLOCK ***\n\n3 locks held by ethtool/386089:\n #0: ffffffff82ea7210 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40\n #1: ffffffff82e94c88 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_default_set_doit+0xd3/0x240\n #2: ffff8884a1808cc0 (\u0026priv-\u003estate_lock){+.+.}-{3:3}, at: mlx5e_ethtool_set_channels+0x53/0x200 [mlx5_core]\n\nstack backtrace:\nCPU: 15 PID: 386089 Comm: ethtool Tainted: G I 6.7.0-rc4_net_next_mlx5_5483eb2 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x60/0xa0\n check_noncircular+0x144/0x160\n __lock_acquire+0x17b4/0x2c80\n lock_acquire+0xd0/0x2b0\n ? __flush_work+0x74/0x4e0\n ? save_trace+0x3e/0x360\n ? __flush_work+0x74/0x4e0\n __flush_work+0x7a/0x4e0\n ? __flush_work+0x74/0x4e0\n ? __lock_acquire+0xa78/0x2c80\n ? lock_acquire+0xd0/0x2b0\n ? mark_held_locks+0x49/0x70\n __cancel_work_timer+0x131/0x1c0\n ? mark_held_locks+0x49/0x70\n arfs_del_rules+0x143/0x1e0 [mlx5_core]\n mlx5e_arfs_disable+0x1b/0x30 [mlx5_core]\n mlx5e_ethtool_set_channels+0xcb/0x200 [mlx5_core]\n ethnl_set_channels+0x28f/0x3b0\n ethnl_default_set_doit+0xec/0x240\n genl_family_rcv_msg_doit+0xd0/0x120\n genl_rcv_msg+0x188/0x2c0\n ? ethn\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:02.500Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/46efa4d5930cf3c2af8c01f75e0a47e4fc045e3b"
},
{
"url": "https://git.kernel.org/stable/c/48c4bb81df19402d4346032353d0795260255e3b"
},
{
"url": "https://git.kernel.org/stable/c/0080bf99499468030248ebd25dd645e487dcecdc"
},
{
"url": "https://git.kernel.org/stable/c/fef965764cf562f28afb997b626fc7c3cec99693"
}
],
"title": "net/mlx5e: Prevent deadlock while disabling aRFS",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27014",
"datePublished": "2024-05-01T05:29:46.980Z",
"dateReserved": "2024-02-19T14:20:24.209Z",
"dateUpdated": "2024-08-02T00:21:05.849Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26949
Vulnerability from cvelistv5
Published
2024-05-01 05:18
Modified
2024-08-02 00:21
Severity
Summary
drm/amdgpu/pm: Fix NULL pointer dereference when get power limit
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.536Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/99c2f1563b1400cc8331fc79d19ada1bb95bb388"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b8eaa8ef1f1157a9f330e36e66bdd7a693309948"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/08ae9ef829b8055c2fdc8cfee37510c1f4721a07"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c",
"drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c",
"drivers/gpu/drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c",
"drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c",
"drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "99c2f1563b14",
"status": "affected",
"version": "c83d9cce713f",
"versionType": "git"
},
{
"lessThan": "b8eaa8ef1f11",
"status": "affected",
"version": "7968e9748fbb",
"versionType": "git"
},
{
"lessThan": "08ae9ef829b8",
"status": "affected",
"version": "7968e9748fbb",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c",
"drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c",
"drivers/gpu/drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c",
"drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c",
"drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/pm: Fix NULL pointer dereference when get power limit\n\nBecause powerplay_table initialization is skipped under\nsriov case, We check and set default lower and upper OD\nvalue if powerplay_table is NULL."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:42.441Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/99c2f1563b1400cc8331fc79d19ada1bb95bb388"
},
{
"url": "https://git.kernel.org/stable/c/b8eaa8ef1f1157a9f330e36e66bdd7a693309948"
},
{
"url": "https://git.kernel.org/stable/c/08ae9ef829b8055c2fdc8cfee37510c1f4721a07"
}
],
"title": "drm/amdgpu/pm: Fix NULL pointer dereference when get power limit",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26949",
"datePublished": "2024-05-01T05:18:25.692Z",
"dateReserved": "2024-02-19T14:20:24.198Z",
"dateUpdated": "2024-08-02T00:21:05.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26974
Vulnerability from cvelistv5
Published
2024-05-01 05:20
Modified
2024-08-02 00:21
Severity
Summary
crypto: qat - resolve race condition during AER recovery
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26974",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T17:47:45.425638Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:49:36.315Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/daba62d9eeddcc5b1081be7d348ca836c83c59d7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8e81cd58aee14a470891733181a47d123193ba81"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d03092550f526a79cf1ade7f0dfa74906f39eb71"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4ae5a97781ce7d6ecc9c7055396535815b64ca4f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/226fc408c5fcd23cc4186f05ea3a09a7a9aef2f7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8a5a7611ccc7b1fba8d933a9f22a2e76859d94dc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0c2cf5142bfb634c0ef0a1a69cdf37950747d0be"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bb279ead42263e9fb09480f02a4247b2c287d828"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7d42e097607c4d246d99225bf2b195b6167a210c"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/crypto/intel/qat/qat_common/adf_aer.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "daba62d9eedd",
"status": "affected",
"version": "d8cba25d2c68",
"versionType": "git"
},
{
"lessThan": "8e81cd58aee1",
"status": "affected",
"version": "d8cba25d2c68",
"versionType": "git"
},
{
"lessThan": "d03092550f52",
"status": "affected",
"version": "d8cba25d2c68",
"versionType": "git"
},
{
"lessThan": "4ae5a97781ce",
"status": "affected",
"version": "d8cba25d2c68",
"versionType": "git"
},
{
"lessThan": "226fc408c5fc",
"status": "affected",
"version": "d8cba25d2c68",
"versionType": "git"
},
{
"lessThan": "8a5a7611ccc7",
"status": "affected",
"version": "d8cba25d2c68",
"versionType": "git"
},
{
"lessThan": "0c2cf5142bfb",
"status": "affected",
"version": "d8cba25d2c68",
"versionType": "git"
},
{
"lessThan": "bb279ead4226",
"status": "affected",
"version": "d8cba25d2c68",
"versionType": "git"
},
{
"lessThan": "7d42e097607c",
"status": "affected",
"version": "d8cba25d2c68",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/crypto/intel/qat/qat_common/adf_aer.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.17"
},
{
"lessThan": "3.17",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.312",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.274",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - resolve race condition during AER recovery\n\nDuring the PCI AER system\u0027s error recovery process, the kernel driver\nmay encounter a race condition with freeing the reset_data structure\u0027s\nmemory. If the device restart will take more than 10 seconds the function\nscheduling that restart will exit due to a timeout, and the reset_data\nstructure will be freed. However, this data structure is used for\ncompletion notification after the restart is completed, which leads\nto a UAF bug.\n\nThis results in a KFENCE bug notice.\n\n BUG: KFENCE: use-after-free read in adf_device_reset_worker+0x38/0xa0 [intel_qat]\n Use-after-free read at 0x00000000bc56fddf (in kfence-#142):\n adf_device_reset_worker+0x38/0xa0 [intel_qat]\n process_one_work+0x173/0x340\n\nTo resolve this race condition, the memory associated to the container\nof the work_struct is freed on the worker if the timeout expired,\notherwise on the function that schedules the worker.\nThe timeout detection can be done by checking if the caller is\nstill waiting for completion or not by using completion_done() function."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:12.530Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/daba62d9eeddcc5b1081be7d348ca836c83c59d7"
},
{
"url": "https://git.kernel.org/stable/c/8e81cd58aee14a470891733181a47d123193ba81"
},
{
"url": "https://git.kernel.org/stable/c/d03092550f526a79cf1ade7f0dfa74906f39eb71"
},
{
"url": "https://git.kernel.org/stable/c/4ae5a97781ce7d6ecc9c7055396535815b64ca4f"
},
{
"url": "https://git.kernel.org/stable/c/226fc408c5fcd23cc4186f05ea3a09a7a9aef2f7"
},
{
"url": "https://git.kernel.org/stable/c/8a5a7611ccc7b1fba8d933a9f22a2e76859d94dc"
},
{
"url": "https://git.kernel.org/stable/c/0c2cf5142bfb634c0ef0a1a69cdf37950747d0be"
},
{
"url": "https://git.kernel.org/stable/c/bb279ead42263e9fb09480f02a4247b2c287d828"
},
{
"url": "https://git.kernel.org/stable/c/7d42e097607c4d246d99225bf2b195b6167a210c"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "crypto: qat - resolve race condition during AER recovery",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26974",
"datePublished": "2024-05-01T05:20:14.163Z",
"dateReserved": "2024-02-19T14:20:24.203Z",
"dateUpdated": "2024-08-02T00:21:05.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27078
Vulnerability from cvelistv5
Published
2024-05-01 13:04
Modified
2024-08-02 00:27
Severity
Summary
media: v4l2-tpg: fix some memleaks in tpg_alloc
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27078",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T15:32:05.412221Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T15:32:19.858Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:58.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0de691ff547d86dd54c24b40a81f9c925df8dd77"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8269ab16415f2065cd792c49b0475543936cbd79"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/94303a06e1852a366e9671fff46d19459f88cb28"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/770a57922ce36a8476c43f7400b6501c554ea511"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6bf5c2fade8ed53b2d26fa9875e5b04f36c7145d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4c86c772fef06f5d7a66151bac42366825db0941"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/31096da07933598da8522c54bd007376fb152a09"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/622b1cf38521569869c8f7b9fbe9e4f1a289add7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8cf9c5051076e0eb958f4361d50d8b0c3ee6691c"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/media/common/v4l2-tpg/v4l2-tpg-core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0de691ff547d",
"status": "affected",
"version": "63881df94d3e",
"versionType": "git"
},
{
"lessThan": "8269ab16415f",
"status": "affected",
"version": "63881df94d3e",
"versionType": "git"
},
{
"lessThan": "94303a06e185",
"status": "affected",
"version": "63881df94d3e",
"versionType": "git"
},
{
"lessThan": "770a57922ce3",
"status": "affected",
"version": "63881df94d3e",
"versionType": "git"
},
{
"lessThan": "6bf5c2fade8e",
"status": "affected",
"version": "63881df94d3e",
"versionType": "git"
},
{
"lessThan": "4c86c772fef0",
"status": "affected",
"version": "63881df94d3e",
"versionType": "git"
},
{
"lessThan": "31096da07933",
"status": "affected",
"version": "63881df94d3e",
"versionType": "git"
},
{
"lessThan": "622b1cf38521",
"status": "affected",
"version": "63881df94d3e",
"versionType": "git"
},
{
"lessThan": "8cf9c5051076",
"status": "affected",
"version": "63881df94d3e",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/media/common/v4l2-tpg/v4l2-tpg-core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.18"
},
{
"lessThan": "3.18",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.311",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.273",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l2-tpg: fix some memleaks in tpg_alloc\n\nIn tpg_alloc, resources should be deallocated in each and every\nerror-handling paths, since they are allocated in for statements.\nOtherwise there would be memleaks because tpg_free is called only when\ntpg_alloc return 0."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:28:09.417Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0de691ff547d86dd54c24b40a81f9c925df8dd77"
},
{
"url": "https://git.kernel.org/stable/c/8269ab16415f2065cd792c49b0475543936cbd79"
},
{
"url": "https://git.kernel.org/stable/c/94303a06e1852a366e9671fff46d19459f88cb28"
},
{
"url": "https://git.kernel.org/stable/c/770a57922ce36a8476c43f7400b6501c554ea511"
},
{
"url": "https://git.kernel.org/stable/c/6bf5c2fade8ed53b2d26fa9875e5b04f36c7145d"
},
{
"url": "https://git.kernel.org/stable/c/4c86c772fef06f5d7a66151bac42366825db0941"
},
{
"url": "https://git.kernel.org/stable/c/31096da07933598da8522c54bd007376fb152a09"
},
{
"url": "https://git.kernel.org/stable/c/622b1cf38521569869c8f7b9fbe9e4f1a289add7"
},
{
"url": "https://git.kernel.org/stable/c/8cf9c5051076e0eb958f4361d50d8b0c3ee6691c"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "media: v4l2-tpg: fix some memleaks in tpg_alloc",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27078",
"datePublished": "2024-05-01T13:04:54.979Z",
"dateReserved": "2024-02-19T14:20:24.217Z",
"dateUpdated": "2024-08-02T00:27:58.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26940
Vulnerability from cvelistv5
Published
2024-05-01 05:17
Modified
2024-08-02 00:21
Severity
Summary
drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26940",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T18:58:47.194142Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T18:58:55.126Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.654Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/016119154981d81c9e8f2ea3f56b9e2b4ea14500"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/042ef0afc40fa1a22b3608f22915b91ce39d128f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/25e3ce59c1200f1f0563e39de151f34962ab0fe1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/eb08db0fc5354fa17b7ed66dab3c503332423451"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4be9075fec0a639384ed19975634b662bfab938f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/vmwgfx/vmwgfx_drv.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "016119154981",
"status": "affected",
"version": "af4a25bbe5e7",
"versionType": "git"
},
{
"lessThan": "042ef0afc40f",
"status": "affected",
"version": "af4a25bbe5e7",
"versionType": "git"
},
{
"lessThan": "25e3ce59c120",
"status": "affected",
"version": "af4a25bbe5e7",
"versionType": "git"
},
{
"lessThan": "eb08db0fc535",
"status": "affected",
"version": "af4a25bbe5e7",
"versionType": "git"
},
{
"lessThan": "4be9075fec0a",
"status": "affected",
"version": "af4a25bbe5e7",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/vmwgfx/vmwgfx_drv.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.19"
},
{
"lessThan": "5.19",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed\n\nThe driver creates /sys/kernel/debug/dri/0/mob_ttm even when the\ncorresponding ttm_resource_manager is not allocated.\nThis leads to a crash when trying to read from this file.\n\nAdd a check to create mob_ttm, system_mob_ttm, and gmr_ttm debug file\nonly when the corresponding ttm_resource_manager is allocated.\n\ncrash\u003e bt\nPID: 3133409 TASK: ffff8fe4834a5000 CPU: 3 COMMAND: \"grep\"\n #0 [ffffb954506b3b20] machine_kexec at ffffffffb2a6bec3\n #1 [ffffb954506b3b78] __crash_kexec at ffffffffb2bb598a\n #2 [ffffb954506b3c38] crash_kexec at ffffffffb2bb68c1\n #3 [ffffb954506b3c50] oops_end at ffffffffb2a2a9b1\n #4 [ffffb954506b3c70] no_context at ffffffffb2a7e913\n #5 [ffffb954506b3cc8] __bad_area_nosemaphore at ffffffffb2a7ec8c\n #6 [ffffb954506b3d10] do_page_fault at ffffffffb2a7f887\n #7 [ffffb954506b3d40] page_fault at ffffffffb360116e\n [exception RIP: ttm_resource_manager_debug+0x11]\n RIP: ffffffffc04afd11 RSP: ffffb954506b3df0 RFLAGS: 00010246\n RAX: ffff8fe41a6d1200 RBX: 0000000000000000 RCX: 0000000000000940\n RDX: 0000000000000000 RSI: ffffffffc04b4338 RDI: 0000000000000000\n RBP: ffffb954506b3e08 R8: ffff8fee3ffad000 R9: 0000000000000000\n R10: ffff8fe41a76a000 R11: 0000000000000001 R12: 00000000ffffffff\n R13: 0000000000000001 R14: ffff8fe5bb6f3900 R15: ffff8fe41a6d1200\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n #8 [ffffb954506b3e00] ttm_resource_manager_show at ffffffffc04afde7 [ttm]\n #9 [ffffb954506b3e30] seq_read at ffffffffb2d8f9f3\n RIP: 00007f4c4eda8985 RSP: 00007ffdbba9e9f8 RFLAGS: 00000246\n RAX: ffffffffffffffda RBX: 000000000037e000 RCX: 00007f4c4eda8985\n RDX: 000000000037e000 RSI: 00007f4c41573000 RDI: 0000000000000003\n RBP: 000000000037e000 R8: 0000000000000000 R9: 000000000037fe30\n R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4c41573000\n R13: 0000000000000003 R14: 00007f4c41572010 R15: 0000000000000003\n ORIG_RAX: 0000000000000000 CS: 0033 SS: 002b"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:33.241Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/016119154981d81c9e8f2ea3f56b9e2b4ea14500"
},
{
"url": "https://git.kernel.org/stable/c/042ef0afc40fa1a22b3608f22915b91ce39d128f"
},
{
"url": "https://git.kernel.org/stable/c/25e3ce59c1200f1f0563e39de151f34962ab0fe1"
},
{
"url": "https://git.kernel.org/stable/c/eb08db0fc5354fa17b7ed66dab3c503332423451"
},
{
"url": "https://git.kernel.org/stable/c/4be9075fec0a639384ed19975634b662bfab938f"
}
],
"title": "drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26940",
"datePublished": "2024-05-01T05:17:48.607Z",
"dateReserved": "2024-02-19T14:20:24.197Z",
"dateUpdated": "2024-08-02T00:21:05.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26951
Vulnerability from cvelistv5
Published
2024-05-01 05:18
Modified
2024-08-02 00:21
Severity
Summary
wireguard: netlink: check for dangling peer via is_dead instead of empty list
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f52be46e3e6ecefc2539119784324f0cbc09620a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/710a177f347282eea162aec8712beb1f42d5ad87"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b7cea3a9af0853fdbb1b16633a458f991dde6aac"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/13d107794304306164481d31ce33f8fdb25a9c04"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7bedfe4cfa38771840a355970e4437cd52d4046b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/302b2dfc013baca3dea7ceda383930d9297d231d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/55b6c738673871c9b0edae05d0c97995c1ff08c4"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/wireguard/netlink.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f52be46e3e6e",
"status": "affected",
"version": "e7096c131e51",
"versionType": "git"
},
{
"lessThan": "710a177f3472",
"status": "affected",
"version": "e7096c131e51",
"versionType": "git"
},
{
"lessThan": "b7cea3a9af08",
"status": "affected",
"version": "e7096c131e51",
"versionType": "git"
},
{
"lessThan": "13d107794304",
"status": "affected",
"version": "e7096c131e51",
"versionType": "git"
},
{
"lessThan": "7bedfe4cfa38",
"status": "affected",
"version": "e7096c131e51",
"versionType": "git"
},
{
"lessThan": "302b2dfc013b",
"status": "affected",
"version": "e7096c131e51",
"versionType": "git"
},
{
"lessThan": "55b6c7386738",
"status": "affected",
"version": "e7096c131e51",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/wireguard/netlink.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.6"
},
{
"lessThan": "5.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwireguard: netlink: check for dangling peer via is_dead instead of empty list\n\nIf all peers are removed via wg_peer_remove_all(), rather than setting\npeer_list to empty, the peer is added to a temporary list with a head on\nthe stack of wg_peer_remove_all(). If a netlink dump is resumed and the\ncursored peer is one that has been removed via wg_peer_remove_all(), it\nwill iterate from that peer and then attempt to dump freed peers.\n\nFix this by instead checking peer-\u003eis_dead, which was explictly created\nfor this purpose. Also move up the device_update_lock lockdep assertion,\nsince reading is_dead relies on that.\n\nIt can be reproduced by a small script like:\n\n echo \"Setting config...\"\n ip link add dev wg0 type wireguard\n wg setconf wg0 /big-config\n (\n while true; do\n echo \"Showing config...\"\n wg showconf wg0 \u003e /dev/null\n done\n ) \u0026\n sleep 4\n wg setconf wg0 \u003c(printf \"[Peer]\\nPublicKey=$(wg genkey)\\n\")\n\nResulting in:\n\n BUG: KASAN: slab-use-after-free in __lock_acquire+0x182a/0x1b20\n Read of size 8 at addr ffff88811956ec70 by task wg/59\n CPU: 2 PID: 59 Comm: wg Not tainted 6.8.0-rc2-debug+ #5\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x47/0x70\n print_address_description.constprop.0+0x2c/0x380\n print_report+0xab/0x250\n kasan_report+0xba/0xf0\n __lock_acquire+0x182a/0x1b20\n lock_acquire+0x191/0x4b0\n down_read+0x80/0x440\n get_peer+0x140/0xcb0\n wg_get_device_dump+0x471/0x1130"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:44.935Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/f52be46e3e6ecefc2539119784324f0cbc09620a"
},
{
"url": "https://git.kernel.org/stable/c/710a177f347282eea162aec8712beb1f42d5ad87"
},
{
"url": "https://git.kernel.org/stable/c/b7cea3a9af0853fdbb1b16633a458f991dde6aac"
},
{
"url": "https://git.kernel.org/stable/c/13d107794304306164481d31ce33f8fdb25a9c04"
},
{
"url": "https://git.kernel.org/stable/c/7bedfe4cfa38771840a355970e4437cd52d4046b"
},
{
"url": "https://git.kernel.org/stable/c/302b2dfc013baca3dea7ceda383930d9297d231d"
},
{
"url": "https://git.kernel.org/stable/c/55b6c738673871c9b0edae05d0c97995c1ff08c4"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "wireguard: netlink: check for dangling peer via is_dead instead of empty list",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26951",
"datePublished": "2024-05-01T05:18:34.520Z",
"dateReserved": "2024-02-19T14:20:24.198Z",
"dateUpdated": "2024-08-02T00:21:05.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27066
Vulnerability from cvelistv5
Published
2024-05-01 13:04
Modified
2024-08-02 00:27
Severity
Summary
virtio: packed: fix unmap leak for indirect desc table
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27066",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-13T18:28:27.748226Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-30T14:58:09.210Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:57.845Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e142169aca5546ae6619c39a575cda8105362100"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/75450ff8c6fe8755bf5b139b238eaf9739cfd64e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/51bacd9d29bf98c3ebc65e4a0477bb86306b4140"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d5c0ed17fea60cca9bc3bf1278b49ba79242bbcd"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/virtio/virtio_ring.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e142169aca55",
"status": "affected",
"version": "b319940f83c2",
"versionType": "git"
},
{
"lessThan": "75450ff8c6fe",
"status": "affected",
"version": "b319940f83c2",
"versionType": "git"
},
{
"lessThan": "51bacd9d29bf",
"status": "affected",
"version": "b319940f83c2",
"versionType": "git"
},
{
"lessThan": "d5c0ed17fea6",
"status": "affected",
"version": "b319940f83c2",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/virtio/virtio_ring.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.6"
},
{
"lessThan": "6.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio: packed: fix unmap leak for indirect desc table\n\nWhen use_dma_api and premapped are true, then the do_unmap is false.\n\nBecause the do_unmap is false, vring_unmap_extra_packed is not called by\ndetach_buf_packed.\n\n if (unlikely(vq-\u003edo_unmap)) {\n curr = id;\n for (i = 0; i \u003c state-\u003enum; i++) {\n vring_unmap_extra_packed(vq,\n \u0026vq-\u003epacked.desc_extra[curr]);\n curr = vq-\u003epacked.desc_extra[curr].next;\n }\n }\n\nSo the indirect desc table is not unmapped. This causes the unmap leak.\n\nSo here, we check vq-\u003euse_dma_api instead. Synchronously, dma info is\nupdated based on use_dma_api judgment\n\nThis bug does not occur, because no driver use the premapped with\nindirect."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:56.653Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e142169aca5546ae6619c39a575cda8105362100"
},
{
"url": "https://git.kernel.org/stable/c/75450ff8c6fe8755bf5b139b238eaf9739cfd64e"
},
{
"url": "https://git.kernel.org/stable/c/51bacd9d29bf98c3ebc65e4a0477bb86306b4140"
},
{
"url": "https://git.kernel.org/stable/c/d5c0ed17fea60cca9bc3bf1278b49ba79242bbcd"
}
],
"title": "virtio: packed: fix unmap leak for indirect desc table",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27066",
"datePublished": "2024-05-01T13:04:12.582Z",
"dateReserved": "2024-02-19T14:20:24.216Z",
"dateUpdated": "2024-08-02T00:27:57.845Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26961
Vulnerability from cvelistv5
Published
2024-05-01 05:19
Modified
2024-08-02 00:21
Severity
Summary
mac802154: fix llsec key resources release in mac802154_llsec_key_del
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26961",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T17:51:17.536237Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:48:15.130Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.779Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/068ab2759bc0b4daf0b964de61b2731449c86531"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d3d858650933d44ac12c1f31337e7110c2071821"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dcd51ab42b7a0431575689c5f74b8b6efd45fc2f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/20d3e1c8a1847497269f04d874b2a5818ec29e2d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/640297c3e897bd7e1481466a6a5cb9560f1edb88"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/49c8951680d7b76fceaee89dcfbab1363fb24fd1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e8a1e58345cf40b7b272e08ac7b32328b2543e40"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"include/net/cfg802154.h",
"net/mac802154/llsec.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "068ab2759bc0",
"status": "affected",
"version": "5d637d5aabd8",
"versionType": "git"
},
{
"lessThan": "d3d858650933",
"status": "affected",
"version": "5d637d5aabd8",
"versionType": "git"
},
{
"lessThan": "dcd51ab42b7a",
"status": "affected",
"version": "5d637d5aabd8",
"versionType": "git"
},
{
"lessThan": "20d3e1c8a184",
"status": "affected",
"version": "5d637d5aabd8",
"versionType": "git"
},
{
"lessThan": "640297c3e897",
"status": "affected",
"version": "5d637d5aabd8",
"versionType": "git"
},
{
"lessThan": "49c8951680d7",
"status": "affected",
"version": "5d637d5aabd8",
"versionType": "git"
},
{
"lessThan": "e8a1e58345cf",
"status": "affected",
"version": "5d637d5aabd8",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"include/net/cfg802154.h",
"net/mac802154/llsec.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.16"
},
{
"lessThan": "3.16",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac802154: fix llsec key resources release in mac802154_llsec_key_del\n\nmac802154_llsec_key_del() can free resources of a key directly without\nfollowing the RCU rules for waiting before the end of a grace period. This\nmay lead to use-after-free in case llsec_lookup_key() is traversing the\nlist of keys in parallel with a key deletion:\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 4 PID: 16000 at lib/refcount.c:25 refcount_warn_saturate+0x162/0x2a0\nModules linked in:\nCPU: 4 PID: 16000 Comm: wpan-ping Not tainted 6.7.0 #19\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nRIP: 0010:refcount_warn_saturate+0x162/0x2a0\nCall Trace:\n \u003cTASK\u003e\n llsec_lookup_key.isra.0+0x890/0x9e0\n mac802154_llsec_encrypt+0x30c/0x9c0\n ieee802154_subif_start_xmit+0x24/0x1e0\n dev_hard_start_xmit+0x13e/0x690\n sch_direct_xmit+0x2ae/0xbc0\n __dev_queue_xmit+0x11dd/0x3c20\n dgram_sendmsg+0x90b/0xd60\n __sys_sendto+0x466/0x4c0\n __x64_sys_sendto+0xe0/0x1c0\n do_syscall_64+0x45/0xf0\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nAlso, ieee802154_llsec_key_entry structures are not freed by\nmac802154_llsec_key_del():\n\nunreferenced object 0xffff8880613b6980 (size 64):\n comm \"iwpan\", pid 2176, jiffies 4294761134 (age 60.475s)\n hex dump (first 32 bytes):\n 78 0d 8f 18 80 88 ff ff 22 01 00 00 00 00 ad de x.......\".......\n 00 00 00 00 00 00 00 00 03 00 cd ab 00 00 00 00 ................\n backtrace:\n [\u003cffffffff81dcfa62\u003e] __kmem_cache_alloc_node+0x1e2/0x2d0\n [\u003cffffffff81c43865\u003e] kmalloc_trace+0x25/0xc0\n [\u003cffffffff88968b09\u003e] mac802154_llsec_key_add+0xac9/0xcf0\n [\u003cffffffff8896e41a\u003e] ieee802154_add_llsec_key+0x5a/0x80\n [\u003cffffffff8892adc6\u003e] nl802154_add_llsec_key+0x426/0x5b0\n [\u003cffffffff86ff293e\u003e] genl_family_rcv_msg_doit+0x1fe/0x2f0\n [\u003cffffffff86ff46d1\u003e] genl_rcv_msg+0x531/0x7d0\n [\u003cffffffff86fee7a9\u003e] netlink_rcv_skb+0x169/0x440\n [\u003cffffffff86ff1d88\u003e] genl_rcv+0x28/0x40\n [\u003cffffffff86fec15c\u003e] netlink_unicast+0x53c/0x820\n [\u003cffffffff86fecd8b\u003e] netlink_sendmsg+0x93b/0xe60\n [\u003cffffffff86b91b35\u003e] ____sys_sendmsg+0xac5/0xca0\n [\u003cffffffff86b9c3dd\u003e] ___sys_sendmsg+0x11d/0x1c0\n [\u003cffffffff86b9c65a\u003e] __sys_sendmsg+0xfa/0x1d0\n [\u003cffffffff88eadbf5\u003e] do_syscall_64+0x45/0xf0\n [\u003cffffffff890000ea\u003e] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nHandle the proper resource release in the RCU callback function\nmac802154_llsec_key_del_rcu().\n\nNote that if llsec_lookup_key() finds a key, it gets a refcount via\nllsec_key_get() and locally copies key id from key_entry (which is a\nlist element). So it\u0027s safe to call llsec_key_put() and free the list\nentry after the RCU grace period elapses.\n\nFound by Linux Verification Center (linuxtesting.org)."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:55.279Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/068ab2759bc0b4daf0b964de61b2731449c86531"
},
{
"url": "https://git.kernel.org/stable/c/d3d858650933d44ac12c1f31337e7110c2071821"
},
{
"url": "https://git.kernel.org/stable/c/dcd51ab42b7a0431575689c5f74b8b6efd45fc2f"
},
{
"url": "https://git.kernel.org/stable/c/20d3e1c8a1847497269f04d874b2a5818ec29e2d"
},
{
"url": "https://git.kernel.org/stable/c/640297c3e897bd7e1481466a6a5cb9560f1edb88"
},
{
"url": "https://git.kernel.org/stable/c/49c8951680d7b76fceaee89dcfbab1363fb24fd1"
},
{
"url": "https://git.kernel.org/stable/c/e8a1e58345cf40b7b272e08ac7b32328b2543e40"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "mac802154: fix llsec key resources release in mac802154_llsec_key_del",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26961",
"datePublished": "2024-05-01T05:19:16.361Z",
"dateReserved": "2024-02-19T14:20:24.201Z",
"dateUpdated": "2024-08-02T00:21:05.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52652
Vulnerability from cvelistv5
Published
2024-05-01 13:03
Modified
2024-08-02 23:03
Severity
Summary
NTB: fix possible name leak in ntb_register_device()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52652",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T15:06:43.734795Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T15:06:52.376Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:03:21.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a62b9f3d7bbfac874cc0c638bc1776dcf1f8ec06"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6632a54ac8057cc0b0d789c6f73883e871bcd25c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a039690d323221eb5865f1f31db3ec264e7a14b6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e8025439ef8e16029dc313d78a351ef192469b7b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/913421f9f7fd8324dcc41753d0f28b52e177ef04"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/aebfdfe39b9327a3077d0df8db3beb3160c9bdd0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/ntb/core.c",
"drivers/pci/endpoint/functions/pci-epf-vntb.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a62b9f3d7bbf",
"status": "affected",
"version": "a1bd3baeb2f1",
"versionType": "git"
},
{
"lessThan": "6632a54ac805",
"status": "affected",
"version": "a1bd3baeb2f1",
"versionType": "git"
},
{
"lessThan": "a039690d3232",
"status": "affected",
"version": "a1bd3baeb2f1",
"versionType": "git"
},
{
"lessThan": "e8025439ef8e",
"status": "affected",
"version": "a1bd3baeb2f1",
"versionType": "git"
},
{
"lessThan": "913421f9f7fd",
"status": "affected",
"version": "a1bd3baeb2f1",
"versionType": "git"
},
{
"lessThan": "aebfdfe39b93",
"status": "affected",
"version": "a1bd3baeb2f1",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/ntb/core.c",
"drivers/pci/endpoint/functions/pci-epf-vntb.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.2"
},
{
"lessThan": "4.2",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNTB: fix possible name leak in ntb_register_device()\n\nIf device_register() fails in ntb_register_device(), the device name\nallocated by dev_set_name() should be freed. As per the comment in\ndevice_register(), callers should use put_device() to give up the\nreference in the error path. So fix this by calling put_device() in the\nerror path so that the name can be freed in kobject_cleanup().\n\nAs a result of this, put_device() in the error path of\nntb_register_device() is removed and the actual error is returned.\n\n[mani: reworded commit message]"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:15:08.692Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a62b9f3d7bbfac874cc0c638bc1776dcf1f8ec06"
},
{
"url": "https://git.kernel.org/stable/c/6632a54ac8057cc0b0d789c6f73883e871bcd25c"
},
{
"url": "https://git.kernel.org/stable/c/a039690d323221eb5865f1f31db3ec264e7a14b6"
},
{
"url": "https://git.kernel.org/stable/c/e8025439ef8e16029dc313d78a351ef192469b7b"
},
{
"url": "https://git.kernel.org/stable/c/913421f9f7fd8324dcc41753d0f28b52e177ef04"
},
{
"url": "https://git.kernel.org/stable/c/aebfdfe39b9327a3077d0df8db3beb3160c9bdd0"
}
],
"title": "NTB: fix possible name leak in ntb_register_device()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-52652",
"datePublished": "2024-05-01T13:03:58.575Z",
"dateReserved": "2024-03-06T09:52:12.098Z",
"dateUpdated": "2024-08-02T23:03:21.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27064
Vulnerability from cvelistv5
Published
2024-05-01 13:04
Modified
2024-08-02 00:21
Severity
Summary
netfilter: nf_tables: Fix a memory leak in nf_tables_updchain
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.896Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/79846fdcc548d617b0b321addc6a3821d3b75b20"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4e4623a4f6e133e671f65f9ac493bddaaf63e250"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e77a6b53a3a547b6dedfc40c37cee4f310701090"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7eaf837a4eb5f74561e2486972e7f5184b613f6e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/netfilter/nf_tables_api.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "79846fdcc548",
"status": "affected",
"version": "b9703ed44ffb",
"versionType": "git"
},
{
"lessThan": "4e4623a4f6e1",
"status": "affected",
"version": "b9703ed44ffb",
"versionType": "git"
},
{
"lessThan": "e77a6b53a3a5",
"status": "affected",
"version": "b9703ed44ffb",
"versionType": "git"
},
{
"lessThan": "7eaf837a4eb5",
"status": "affected",
"version": "b9703ed44ffb",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/netfilter/nf_tables_api.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"lessThan": "6.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix a memory leak in nf_tables_updchain\n\nIf nft_netdev_register_hooks() fails, the memory associated with\nnft_stats is not freed, causing a memory leak.\n\nThis patch fixes it by moving nft_stats_alloc() down after\nnft_netdev_register_hooks() succeeds."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:54.610Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/79846fdcc548d617b0b321addc6a3821d3b75b20"
},
{
"url": "https://git.kernel.org/stable/c/4e4623a4f6e133e671f65f9ac493bddaaf63e250"
},
{
"url": "https://git.kernel.org/stable/c/e77a6b53a3a547b6dedfc40c37cee4f310701090"
},
{
"url": "https://git.kernel.org/stable/c/7eaf837a4eb5f74561e2486972e7f5184b613f6e"
}
],
"title": "netfilter: nf_tables: Fix a memory leak in nf_tables_updchain",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27064",
"datePublished": "2024-05-01T13:04:05.514Z",
"dateReserved": "2024-02-19T14:20:24.215Z",
"dateUpdated": "2024-08-02T00:21:05.896Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26938
Vulnerability from cvelistv5
Published
2024-05-01 05:17
Modified
2024-08-02 00:21
Severity
Summary
drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.836Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/72e4d3fb72e9f0f016946158a7d95304832768e6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a891add409e3bc381f4f68c2ce9d953f1865cb1f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f4bbac954d8f9ab214ea1d4f385de4fa6bd92dd0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/94cf2fb6feccd625e5b4e23e1b70f39a206f82ac"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/32e39bab59934bfd3f37097d4dd85ac5eb0fd549"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/i915/display/intel_bios.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "72e4d3fb72e9",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "a891add409e3",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "f4bbac954d8f",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "94cf2fb6fecc",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "32e39bab5993",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/i915/display/intel_bios.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode()\n\nIf we have no VBT, or the VBT didn\u0027t declare the encoder\nin question, we won\u0027t have the \u0027devdata\u0027 for the encoder.\nInstead of oopsing just bail early.\n\nWe won\u0027t be able to tell whether the port is DP++ or not,\nbut so be it.\n\n(cherry picked from commit 26410896206342c8a80d2b027923e9ee7d33b733)"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:31.174Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/72e4d3fb72e9f0f016946158a7d95304832768e6"
},
{
"url": "https://git.kernel.org/stable/c/a891add409e3bc381f4f68c2ce9d953f1865cb1f"
},
{
"url": "https://git.kernel.org/stable/c/f4bbac954d8f9ab214ea1d4f385de4fa6bd92dd0"
},
{
"url": "https://git.kernel.org/stable/c/94cf2fb6feccd625e5b4e23e1b70f39a206f82ac"
},
{
"url": "https://git.kernel.org/stable/c/32e39bab59934bfd3f37097d4dd85ac5eb0fd549"
}
],
"title": "drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26938",
"datePublished": "2024-05-01T05:17:40.173Z",
"dateReserved": "2024-02-19T14:20:24.196Z",
"dateUpdated": "2024-08-02T00:21:05.836Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27001
Vulnerability from cvelistv5
Published
2024-05-01 05:28
Modified
2024-08-02 00:21
Severity
Summary
comedi: vmk80xx: fix incomplete endpoint checking
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27001",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T14:56:33.918930Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T14:56:44.201Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.909Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3a63ae0348d990e137cca04eced5b08379969ea9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a3b8ae7e9297dd453f2977b011c5bc75eb20e71b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f15370e315976198f338b41611f37ce82af6cf54"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b0b268eeb087e324ef3ea71f8e6cabd07630517f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ac882d6b21bffecb57bcc4486701239eef5aa67b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/59f33af9796160f851641d960bd93937f282c696"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6ec3514a7d35ad9cfab600187612c29f669069d2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d1718530e3f640b7d5f0050e725216eab57a85d8"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/comedi/drivers/vmk80xx.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3a63ae0348d9",
"status": "affected",
"version": "49253d542cc0",
"versionType": "git"
},
{
"lessThan": "a3b8ae7e9297",
"status": "affected",
"version": "49253d542cc0",
"versionType": "git"
},
{
"lessThan": "f15370e31597",
"status": "affected",
"version": "49253d542cc0",
"versionType": "git"
},
{
"lessThan": "b0b268eeb087",
"status": "affected",
"version": "49253d542cc0",
"versionType": "git"
},
{
"lessThan": "ac882d6b21bf",
"status": "affected",
"version": "49253d542cc0",
"versionType": "git"
},
{
"lessThan": "59f33af97961",
"status": "affected",
"version": "49253d542cc0",
"versionType": "git"
},
{
"lessThan": "6ec3514a7d35",
"status": "affected",
"version": "49253d542cc0",
"versionType": "git"
},
{
"lessThan": "d1718530e3f6",
"status": "affected",
"version": "49253d542cc0",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/comedi/drivers/vmk80xx.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.9"
},
{
"lessThan": "3.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.313",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.275",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.216",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: vmk80xx: fix incomplete endpoint checking\n\nWhile vmk80xx does have endpoint checking implemented, some things\ncan fall through the cracks. Depending on the hardware model,\nURBs can have either bulk or interrupt type, and current version\nof vmk80xx_find_usb_endpoints() function does not take that fully\ninto account. While this warning does not seem to be too harmful,\nat the very least it will crash systems with \u0027panic_on_warn\u0027 set on\nthem.\n\nFix the issue found by Syzkaller [1] by somewhat simplifying the\nendpoint checking process with usb_find_common_endpoints() and\nensuring that only expected endpoint types are present.\n\nThis patch has not been tested on real hardware.\n\n[1] Syzkaller report:\nusb 1-1: BOGUS urb xfer, pipe 1 != type 3\nWARNING: CPU: 0 PID: 781 at drivers/usb/core/urb.c:504 usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n usb_start_wait_urb+0x113/0x520 drivers/usb/core/message.c:59\n vmk80xx_reset_device drivers/comedi/drivers/vmk80xx.c:227 [inline]\n vmk80xx_auto_attach+0xa1c/0x1a40 drivers/comedi/drivers/vmk80xx.c:818\n comedi_auto_config+0x238/0x380 drivers/comedi/drivers.c:1067\n usb_probe_interface+0x5cd/0xb00 drivers/usb/core/driver.c:399\n...\n\nSimilar issue also found by Syzkaller:"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:47.594Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3a63ae0348d990e137cca04eced5b08379969ea9"
},
{
"url": "https://git.kernel.org/stable/c/a3b8ae7e9297dd453f2977b011c5bc75eb20e71b"
},
{
"url": "https://git.kernel.org/stable/c/f15370e315976198f338b41611f37ce82af6cf54"
},
{
"url": "https://git.kernel.org/stable/c/b0b268eeb087e324ef3ea71f8e6cabd07630517f"
},
{
"url": "https://git.kernel.org/stable/c/ac882d6b21bffecb57bcc4486701239eef5aa67b"
},
{
"url": "https://git.kernel.org/stable/c/59f33af9796160f851641d960bd93937f282c696"
},
{
"url": "https://git.kernel.org/stable/c/6ec3514a7d35ad9cfab600187612c29f669069d2"
},
{
"url": "https://git.kernel.org/stable/c/d1718530e3f640b7d5f0050e725216eab57a85d8"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "comedi: vmk80xx: fix incomplete endpoint checking",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27001",
"datePublished": "2024-05-01T05:28:40.341Z",
"dateReserved": "2024-02-19T14:20:24.207Z",
"dateUpdated": "2024-08-02T00:21:05.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27044
Vulnerability from cvelistv5
Published
2024-05-01 12:54
Modified
2024-08-02 00:21
Severity
Summary
drm/amd/display: Fix potential NULL pointer dereferences in 'dcn10_set_output_transfer_func()'
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27044",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T13:38:17.735678Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:49.219Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:06.019Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e019d87e02f1e539ae48b99187f253847744ca7a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/330caa061af53ea6d287d7c43d0703714e510e08"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6ac7c7a3a9ab57aba0fe78ecb922d2b20e16efeb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/29fde8895b2fcc33f44aea28c644ce2d9b62f9e0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2d9fe7787af01188dc470a649bdbb842d6511fd7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/14613d52bc7fc180df6d2c65ba65fc921fc1dda7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7874ab3105ca4657102fee1cc14b0af70883c484"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9ccfe80d022df7c595f1925afb31de2232900656"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/dc/hwss/dcn10/dcn10_hwseq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e019d87e02f1",
"status": "affected",
"version": "ddef02de0d71",
"versionType": "git"
},
{
"lessThan": "330caa061af5",
"status": "affected",
"version": "ddef02de0d71",
"versionType": "git"
},
{
"lessThan": "6ac7c7a3a9ab",
"status": "affected",
"version": "ddef02de0d71",
"versionType": "git"
},
{
"lessThan": "29fde8895b2f",
"status": "affected",
"version": "ddef02de0d71",
"versionType": "git"
},
{
"lessThan": "2d9fe7787af0",
"status": "affected",
"version": "ddef02de0d71",
"versionType": "git"
},
{
"lessThan": "14613d52bc7f",
"status": "affected",
"version": "ddef02de0d71",
"versionType": "git"
},
{
"lessThan": "7874ab3105ca",
"status": "affected",
"version": "ddef02de0d71",
"versionType": "git"
},
{
"lessThan": "9ccfe80d022d",
"status": "affected",
"version": "ddef02de0d71",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/dc/hwss/dcn10/dcn10_hwseq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.4"
},
{
"lessThan": "5.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.273",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix potential NULL pointer dereferences in \u0027dcn10_set_output_transfer_func()\u0027\n\nThe \u0027stream\u0027 pointer is used in dcn10_set_output_transfer_func() before\nthe check if \u0027stream\u0027 is NULL.\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn10/dcn10_hwseq.c:1892 dcn10_set_output_transfer_func() warn: variable dereferenced before check \u0027stream\u0027 (see line 1875)"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:33.601Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e019d87e02f1e539ae48b99187f253847744ca7a"
},
{
"url": "https://git.kernel.org/stable/c/330caa061af53ea6d287d7c43d0703714e510e08"
},
{
"url": "https://git.kernel.org/stable/c/6ac7c7a3a9ab57aba0fe78ecb922d2b20e16efeb"
},
{
"url": "https://git.kernel.org/stable/c/29fde8895b2fcc33f44aea28c644ce2d9b62f9e0"
},
{
"url": "https://git.kernel.org/stable/c/2d9fe7787af01188dc470a649bdbb842d6511fd7"
},
{
"url": "https://git.kernel.org/stable/c/14613d52bc7fc180df6d2c65ba65fc921fc1dda7"
},
{
"url": "https://git.kernel.org/stable/c/7874ab3105ca4657102fee1cc14b0af70883c484"
},
{
"url": "https://git.kernel.org/stable/c/9ccfe80d022df7c595f1925afb31de2232900656"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "drm/amd/display: Fix potential NULL pointer dereferences in \u0027dcn10_set_output_transfer_func()\u0027",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27044",
"datePublished": "2024-05-01T12:54:14.695Z",
"dateReserved": "2024-02-19T14:20:24.213Z",
"dateUpdated": "2024-08-02T00:21:06.019Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27020
Vulnerability from cvelistv5
Published
2024-05-01 05:30
Modified
2024-08-02 00:21
Severity
Summary
netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27020",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T18:55:29.189635Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T18:55:41.613Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/939109c0a8e2a006a6cc8209e262d25065f4403a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b38a133d37fa421c8447b383d788c9cc6f5cb34c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/934e66e231cff2b18faa2c8aad0b8cec13957e05"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0b6de00206adbbfc6373b3ae38d2a6f197987907"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8d56bad42ac4c43c6c72ddd6a654a2628bf839c5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a9ebf340d123ae12582210407f879d6a5a1bc25b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/01f1a678b05ade4b1248019c2dcca773aebbeb7f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f969eb84ce482331a991079ab7a5c4dc3b7f89bf"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/netfilter/nf_tables_api.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "939109c0a8e2",
"status": "affected",
"version": "ef1f7df9170d",
"versionType": "git"
},
{
"lessThan": "b38a133d37fa",
"status": "affected",
"version": "ef1f7df9170d",
"versionType": "git"
},
{
"lessThan": "934e66e231cf",
"status": "affected",
"version": "ef1f7df9170d",
"versionType": "git"
},
{
"lessThan": "0b6de00206ad",
"status": "affected",
"version": "ef1f7df9170d",
"versionType": "git"
},
{
"lessThan": "8d56bad42ac4",
"status": "affected",
"version": "ef1f7df9170d",
"versionType": "git"
},
{
"lessThan": "a9ebf340d123",
"status": "affected",
"version": "ef1f7df9170d",
"versionType": "git"
},
{
"lessThan": "01f1a678b05a",
"status": "affected",
"version": "ef1f7df9170d",
"versionType": "git"
},
{
"lessThan": "f969eb84ce48",
"status": "affected",
"version": "ef1f7df9170d",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/netfilter/nf_tables_api.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.13"
},
{
"lessThan": "3.13",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.313",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.275",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.216",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()\n\nnft_unregister_expr() can concurrent with __nft_expr_type_get(),\nand there is not any protection when iterate over nf_tables_expressions\nlist in __nft_expr_type_get(). Therefore, there is potential data-race\nof nf_tables_expressions list entry.\n\nUse list_for_each_entry_rcu() to iterate over nf_tables_expressions\nlist in __nft_expr_type_get(), and use rcu_read_lock() in the caller\nnft_expr_type_get() to protect the entire type query process."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:08.696Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/939109c0a8e2a006a6cc8209e262d25065f4403a"
},
{
"url": "https://git.kernel.org/stable/c/b38a133d37fa421c8447b383d788c9cc6f5cb34c"
},
{
"url": "https://git.kernel.org/stable/c/934e66e231cff2b18faa2c8aad0b8cec13957e05"
},
{
"url": "https://git.kernel.org/stable/c/0b6de00206adbbfc6373b3ae38d2a6f197987907"
},
{
"url": "https://git.kernel.org/stable/c/8d56bad42ac4c43c6c72ddd6a654a2628bf839c5"
},
{
"url": "https://git.kernel.org/stable/c/a9ebf340d123ae12582210407f879d6a5a1bc25b"
},
{
"url": "https://git.kernel.org/stable/c/01f1a678b05ade4b1248019c2dcca773aebbeb7f"
},
{
"url": "https://git.kernel.org/stable/c/f969eb84ce482331a991079ab7a5c4dc3b7f89bf"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27020",
"datePublished": "2024-05-01T05:30:15.908Z",
"dateReserved": "2024-02-19T14:20:24.209Z",
"dateUpdated": "2024-08-02T00:21:05.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26952
Vulnerability from cvelistv5
Published
2024-05-01 05:18
Modified
2024-08-02 00:21
Severity
Summary
ksmbd: fix potencial out-of-bounds when buffer offset is invalid
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "2dcda336b6e8",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-26952",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T16:40:20.864151Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:49:17.654Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/39bdc4197acf2ed13269167ccf093ee28cfa2a4e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2dcda336b6e80b72d58d30d40f2fad9724e5fe63"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0c5541b4c980626fa3cab16ba1a451757778bbb5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c6cd2e8d2d9aa7ee35b1fa6a668e32a22a9753da"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/smb/server/smb2misc.c",
"fs/smb/server/smb2pdu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "39bdc4197acf",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "2dcda336b6e8",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "0c5541b4c980",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "c6cd2e8d2d9a",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/smb/server/smb2misc.c",
"fs/smb/server/smb2pdu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.32",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix potencial out-of-bounds when buffer offset is invalid\n\nI found potencial out-of-bounds when buffer offset fields of a few requests\nis invalid. This patch set the minimum value of buffer offset field to\n-\u003eBuffer offset to validate buffer length."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:46.038Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/39bdc4197acf2ed13269167ccf093ee28cfa2a4e"
},
{
"url": "https://git.kernel.org/stable/c/2dcda336b6e80b72d58d30d40f2fad9724e5fe63"
},
{
"url": "https://git.kernel.org/stable/c/0c5541b4c980626fa3cab16ba1a451757778bbb5"
},
{
"url": "https://git.kernel.org/stable/c/c6cd2e8d2d9aa7ee35b1fa6a668e32a22a9753da"
}
],
"title": "ksmbd: fix potencial out-of-bounds when buffer offset is invalid",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26952",
"datePublished": "2024-05-01T05:18:39.096Z",
"dateReserved": "2024-02-19T14:20:24.198Z",
"dateUpdated": "2024-08-02T00:21:05.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52647
Vulnerability from cvelistv5
Published
2024-05-01 05:16
Modified
2024-08-02 23:03
Severity
Summary
media: nxp: imx8-isi: Check whether crossbar pad is non-NULL before access
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52647",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-09T18:39:24.705323Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:46.015Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:03:21.365Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c95318607fbe8fdd44991a8dad2e44118e6b8812"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c4bd29bf5b7f67925bc1abd16069f22dadf5f061"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/91c8ce42fcde09f1da24acab9013b3e19cb88a4e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/eb2f932100288dbb881eadfed02e1459c6b9504c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/media/platform/nxp/imx8-isi/imx8-isi-crossbar.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "c95318607fbe",
"status": "affected",
"version": "cf21f328fcaf",
"versionType": "git"
},
{
"lessThan": "c4bd29bf5b7f",
"status": "affected",
"version": "cf21f328fcaf",
"versionType": "git"
},
{
"lessThan": "91c8ce42fcde",
"status": "affected",
"version": "cf21f328fcaf",
"versionType": "git"
},
{
"lessThan": "eb2f93210028",
"status": "affected",
"version": "cf21f328fcaf",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/media/platform/nxp/imx8-isi/imx8-isi-crossbar.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"lessThan": "6.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: nxp: imx8-isi: Check whether crossbar pad is non-NULL before access\n\nWhen translating source to sink streams in the crossbar subdev, the\ndriver tries to locate the remote subdev connected to the sink pad. The\nremote pad may be NULL, if userspace tries to enable a stream that ends\nat an unconnected crossbar sink. When that occurs, the driver\ndereferences the NULL pad, leading to a crash.\n\nPrevent the crash by checking if the pad is NULL before using it, and\nreturn an error if it is."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:15:04.395Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/c95318607fbe8fdd44991a8dad2e44118e6b8812"
},
{
"url": "https://git.kernel.org/stable/c/c4bd29bf5b7f67925bc1abd16069f22dadf5f061"
},
{
"url": "https://git.kernel.org/stable/c/91c8ce42fcde09f1da24acab9013b3e19cb88a4e"
},
{
"url": "https://git.kernel.org/stable/c/eb2f932100288dbb881eadfed02e1459c6b9504c"
}
],
"title": "media: nxp: imx8-isi: Check whether crossbar pad is non-NULL before access",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-52647",
"datePublished": "2024-05-01T05:16:57.465Z",
"dateReserved": "2024-03-06T09:52:12.094Z",
"dateUpdated": "2024-08-02T23:03:21.365Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26966
Vulnerability from cvelistv5
Published
2024-05-01 05:19
Modified
2024-08-02 00:21
Severity
Summary
clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5533686e99b04994d7c4877dc0e4282adc9444a2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b2dfb216f32627c2f6a8041f2d9d56d102ab87c0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a09aecb6cb482de88301c43bf00a6c8726c4d34f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3aedcf3755c74dafc187eb76acb04e3e6348b1a9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/185de0b7cdeaad8b89ebd4c8a258ff2f21adba99"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9b4c4546dd61950e80ffdca1bf6925f42b665b03"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7e5432401536117c316d7f3b21d46b64c1514f38"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5638330150db2cc30b53eed04e481062faa3ece8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a903cfd38d8dee7e754fb89fd1bebed99e28003d"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/clk/qcom/mmcc-apq8084.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5533686e99b0",
"status": "affected",
"version": "2b46cd23a5a2",
"versionType": "git"
},
{
"lessThan": "b2dfb216f326",
"status": "affected",
"version": "2b46cd23a5a2",
"versionType": "git"
},
{
"lessThan": "a09aecb6cb48",
"status": "affected",
"version": "2b46cd23a5a2",
"versionType": "git"
},
{
"lessThan": "3aedcf3755c7",
"status": "affected",
"version": "2b46cd23a5a2",
"versionType": "git"
},
{
"lessThan": "185de0b7cdea",
"status": "affected",
"version": "2b46cd23a5a2",
"versionType": "git"
},
{
"lessThan": "9b4c4546dd61",
"status": "affected",
"version": "2b46cd23a5a2",
"versionType": "git"
},
{
"lessThan": "7e5432401536",
"status": "affected",
"version": "2b46cd23a5a2",
"versionType": "git"
},
{
"lessThan": "5638330150db",
"status": "affected",
"version": "2b46cd23a5a2",
"versionType": "git"
},
{
"lessThan": "a903cfd38d8d",
"status": "affected",
"version": "2b46cd23a5a2",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/clk/qcom/mmcc-apq8084.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.17"
},
{
"lessThan": "3.17",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.312",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.274",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: mmcc-apq8084: fix terminating of frequency table arrays\n\nThe frequency table arrays are supposed to be terminated with an\nempty element. Add such entry to the end of the arrays where it\nis missing in order to avoid possible out-of-bound access when\nthe table is traversed by functions like qcom_find_freq() or\nqcom_find_freq_floor().\n\nOnly compile tested."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:00.866Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/5533686e99b04994d7c4877dc0e4282adc9444a2"
},
{
"url": "https://git.kernel.org/stable/c/b2dfb216f32627c2f6a8041f2d9d56d102ab87c0"
},
{
"url": "https://git.kernel.org/stable/c/a09aecb6cb482de88301c43bf00a6c8726c4d34f"
},
{
"url": "https://git.kernel.org/stable/c/3aedcf3755c74dafc187eb76acb04e3e6348b1a9"
},
{
"url": "https://git.kernel.org/stable/c/185de0b7cdeaad8b89ebd4c8a258ff2f21adba99"
},
{
"url": "https://git.kernel.org/stable/c/9b4c4546dd61950e80ffdca1bf6925f42b665b03"
},
{
"url": "https://git.kernel.org/stable/c/7e5432401536117c316d7f3b21d46b64c1514f38"
},
{
"url": "https://git.kernel.org/stable/c/5638330150db2cc30b53eed04e481062faa3ece8"
},
{
"url": "https://git.kernel.org/stable/c/a903cfd38d8dee7e754fb89fd1bebed99e28003d"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26966",
"datePublished": "2024-05-01T05:19:36.656Z",
"dateReserved": "2024-02-19T14:20:24.201Z",
"dateUpdated": "2024-08-02T00:21:05.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27022
Vulnerability from cvelistv5
Published
2024-05-01 05:35
Modified
2024-08-02 00:21
Severity
Summary
fork: defer linking file vma until vma is fully initialized
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0c42f7e039aba3de6d7dbf92da708e2b2ecba557"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/04b0c41912349aff11a1bbaef6a722bd7fbb90ac"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cec11fa2eb512ebe3a459c185f4aca1d44059bbf"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dd782da470761077f4d1120e191f1a35787cda6e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/abdb88dd272bbeb93efe01d8e0b7b17e24af3a34"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/35e351780fa9d8240dd6f7e4f245f9ea37e96c19"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/fork.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0c42f7e039ab",
"status": "affected",
"version": "8d9bfb260814",
"versionType": "git"
},
{
"lessThan": "04b0c4191234",
"status": "affected",
"version": "8d9bfb260814",
"versionType": "git"
},
{
"lessThan": "cec11fa2eb51",
"status": "affected",
"version": "8d9bfb260814",
"versionType": "git"
},
{
"lessThan": "dd782da47076",
"status": "affected",
"version": "8d9bfb260814",
"versionType": "git"
},
{
"lessThan": "abdb88dd272b",
"status": "affected",
"version": "8d9bfb260814",
"versionType": "git"
},
{
"lessThan": "35e351780fa9",
"status": "affected",
"version": "8d9bfb260814",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/fork.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"lessThan": "6.1",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.90",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.95",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.30",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.35",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfork: defer linking file vma until vma is fully initialized\n\nThorvald reported a WARNING [1]. And the root cause is below race:\n\n CPU 1\t\t\t\t\tCPU 2\n fork\t\t\t\t\thugetlbfs_fallocate\n dup_mmap\t\t\t\t hugetlbfs_punch_hole\n i_mmap_lock_write(mapping);\n vma_interval_tree_insert_after -- Child vma is visible through i_mmap tree.\n i_mmap_unlock_write(mapping);\n hugetlb_dup_vma_private -- Clear vma_lock outside i_mmap_rwsem!\n\t\t\t\t\t i_mmap_lock_write(mapping);\n \t\t\t\t\t hugetlb_vmdelete_list\n\t\t\t\t\t vma_interval_tree_foreach\n\t\t\t\t\t hugetlb_vma_trylock_write -- Vma_lock is cleared.\n tmp-\u003evm_ops-\u003eopen -- Alloc new vma_lock outside i_mmap_rwsem!\n\t\t\t\t\t hugetlb_vma_unlock_write -- Vma_lock is assigned!!!\n\t\t\t\t\t i_mmap_unlock_write(mapping);\n\nhugetlb_dup_vma_private() and hugetlb_vm_op_open() are called outside\ni_mmap_rwsem lock while vma lock can be used in the same time. Fix this\nby deferring linking file vma until vma is fully initialized. Those vmas\nshould be initialized first before they can be used."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T13:27:28.186Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0c42f7e039aba3de6d7dbf92da708e2b2ecba557"
},
{
"url": "https://git.kernel.org/stable/c/04b0c41912349aff11a1bbaef6a722bd7fbb90ac"
},
{
"url": "https://git.kernel.org/stable/c/cec11fa2eb512ebe3a459c185f4aca1d44059bbf"
},
{
"url": "https://git.kernel.org/stable/c/dd782da470761077f4d1120e191f1a35787cda6e"
},
{
"url": "https://git.kernel.org/stable/c/abdb88dd272bbeb93efe01d8e0b7b17e24af3a34"
},
{
"url": "https://git.kernel.org/stable/c/35e351780fa9d8240dd6f7e4f245f9ea37e96c19"
}
],
"title": "fork: defer linking file vma until vma is fully initialized",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27022",
"datePublished": "2024-05-01T05:35:39.627Z",
"dateReserved": "2024-02-19T14:20:24.210Z",
"dateUpdated": "2024-08-02T00:21:05.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27056
Vulnerability from cvelistv5
Published
2024-05-01 12:54
Modified
2024-08-02 00:21
Severity
Summary
wifi: iwlwifi: mvm: ensure offloading TID queue exists
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27056",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T18:56:53.043911Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T18:56:59.749Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ed35a509390ef4011ea2226da5dd6f62b73873b5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/78f65fbf421a61894c14a1b91fe2fb4437b3fe5f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/intel/iwlwifi/mvm/d3.c",
"drivers/net/wireless/intel/iwlwifi/mvm/sta.c",
"drivers/net/wireless/intel/iwlwifi/mvm/sta.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ed35a509390e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "78f65fbf421a",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/intel/iwlwifi/mvm/d3.c",
"drivers/net/wireless/intel/iwlwifi/mvm/sta.c",
"drivers/net/wireless/intel/iwlwifi/mvm/sta.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: ensure offloading TID queue exists\n\nThe resume code path assumes that the TX queue for the offloading TID\nhas been configured. At resume time it then tries to sync the write\npointer as it may have been updated by the firmware.\n\nIn the unusual event that no packets have been send on TID 0, the queue\nwill not have been allocated and this causes a crash. Fix this by\nensuring the queue exist at suspend time."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:46.242Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ed35a509390ef4011ea2226da5dd6f62b73873b5"
},
{
"url": "https://git.kernel.org/stable/c/78f65fbf421a61894c14a1b91fe2fb4437b3fe5f"
}
],
"title": "wifi: iwlwifi: mvm: ensure offloading TID queue exists",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27056",
"datePublished": "2024-05-01T12:54:56.461Z",
"dateReserved": "2024-02-19T14:20:24.214Z",
"dateUpdated": "2024-08-02T00:21:05.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27054
Vulnerability from cvelistv5
Published
2024-05-01 12:54
Modified
2024-08-02 00:21
Severity
Summary
s390/dasd: fix double module refcount decrement
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27054",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T18:30:31.482327Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T18:30:42.989Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/s390/block/dasd.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "edbdb0d94143",
"status": "affected",
"version": "c020d722b110",
"versionType": "git"
},
{
"lessThan": "ad999aa18103",
"status": "affected",
"version": "c020d722b110",
"versionType": "git"
},
{
"lessThan": "ec09bcab32fc",
"status": "affected",
"version": "c020d722b110",
"versionType": "git"
},
{
"lessThan": "fa18aa507ea7",
"status": "affected",
"version": "c020d722b110",
"versionType": "git"
},
{
"lessThan": "ebc5a3bd79e5",
"status": "affected",
"version": "c020d722b110",
"versionType": "git"
},
{
"lessThan": "c3116e62ddef",
"status": "affected",
"version": "c020d722b110",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/s390/block/dasd.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.9"
},
{
"lessThan": "4.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix double module refcount decrement\n\nOnce the discipline is associated with the device, deleting the device\ntakes care of decrementing the module\u0027s refcount. Doing it manually on\nthis error path causes refcount to artificially decrease on each error\nwhile it should just stay the same."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:44.147Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19"
},
{
"url": "https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1a"
},
{
"url": "https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37e"
},
{
"url": "https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650"
},
{
"url": "https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5"
},
{
"url": "https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06"
}
],
"title": "s390/dasd: fix double module refcount decrement",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27054",
"datePublished": "2024-05-01T12:54:49.441Z",
"dateReserved": "2024-02-19T14:20:24.214Z",
"dateUpdated": "2024-08-02T00:21:05.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27390
Vulnerability from cvelistv5
Published
2024-05-01 13:05
Modified
2024-08-02 00:34
Severity
Summary
ipv6: mcast: remove one synchronize_net() barrier in ipv6_mc_down()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:34:52.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9d159d6637ccce25f879d662a480541ef4ba3a50"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a03ede2282ebbd181bd6f5c38cbfcb5765afcd04"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/26d4bac55750d535f1f0b8790dc26daf6089e373"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7eb06ee5921189812e6b4bfe7b0f1e878be16df7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5da9a218340a2bc804dc4327e5804392e24a0b88"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/17ef8efc00b34918b966388b2af0993811895a8c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/ipv6/mcast.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "9d159d6637cc",
"status": "affected",
"version": "f185de28d9ae",
"versionType": "git"
},
{
"lessThan": "a03ede2282eb",
"status": "affected",
"version": "f185de28d9ae",
"versionType": "git"
},
{
"lessThan": "26d4bac55750",
"status": "affected",
"version": "f185de28d9ae",
"versionType": "git"
},
{
"lessThan": "7eb06ee59211",
"status": "affected",
"version": "f185de28d9ae",
"versionType": "git"
},
{
"lessThan": "5da9a218340a",
"status": "affected",
"version": "f185de28d9ae",
"versionType": "git"
},
{
"lessThan": "17ef8efc00b3",
"status": "affected",
"version": "f185de28d9ae",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/ipv6/mcast.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.13"
},
{
"lessThan": "5.13",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: remove one synchronize_net() barrier in ipv6_mc_down()\n\nAs discussed in the past (commit 2d3916f31891 (\"ipv6: fix skb drops\nin igmp6_event_query() and igmp6_event_report()\")) I think the\nsynchronize_net() call in ipv6_mc_down() is not needed.\n\nUnder load, synchronize_net() can last between 200 usec and 5 ms.\n\nKASAN seems to agree as well."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:28:16.387Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/9d159d6637ccce25f879d662a480541ef4ba3a50"
},
{
"url": "https://git.kernel.org/stable/c/a03ede2282ebbd181bd6f5c38cbfcb5765afcd04"
},
{
"url": "https://git.kernel.org/stable/c/26d4bac55750d535f1f0b8790dc26daf6089e373"
},
{
"url": "https://git.kernel.org/stable/c/7eb06ee5921189812e6b4bfe7b0f1e878be16df7"
},
{
"url": "https://git.kernel.org/stable/c/5da9a218340a2bc804dc4327e5804392e24a0b88"
},
{
"url": "https://git.kernel.org/stable/c/17ef8efc00b34918b966388b2af0993811895a8c"
}
],
"title": "ipv6: mcast: remove one synchronize_net() barrier in ipv6_mc_down()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27390",
"datePublished": "2024-05-01T13:05:12.775Z",
"dateReserved": "2024-02-25T13:47:42.677Z",
"dateUpdated": "2024-08-02T00:34:52.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26955
Vulnerability from cvelistv5
Published
2024-05-01 05:18
Modified
2024-08-02 00:21
Severity
Summary
nilfs2: prevent kernel bug at submit_bh_wbc()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26955",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T17:51:47.841182Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:49:21.638Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.746Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/91e4c4595fae5e87069e44687ae879091783c183"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/32eaee72e96590a75445c8a6c7c1057673b47e07"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f0fe7ad5aff4f0fcf988913313c497de85f1e186"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ca581d237f3b8539c044205bb003de71d75d227c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/192e9f9078c96be30b31c4b44d6294b24520fce5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0c8aa4cfda4e4adb15d5b6536d155eca9c9cd44c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/48d443d200237782dc82e6b60663ec414ef02e39"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/76ffbe911e2798c7296968f5fd72f7bf67207a8d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/269cdf353b5bdd15f1a079671b0f889113865f20"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/nilfs2/inode.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "91e4c4595fae",
"status": "affected",
"version": "1f5abe7e7dbc",
"versionType": "git"
},
{
"lessThan": "32eaee72e965",
"status": "affected",
"version": "1f5abe7e7dbc",
"versionType": "git"
},
{
"lessThan": "f0fe7ad5aff4",
"status": "affected",
"version": "1f5abe7e7dbc",
"versionType": "git"
},
{
"lessThan": "ca581d237f3b",
"status": "affected",
"version": "1f5abe7e7dbc",
"versionType": "git"
},
{
"lessThan": "192e9f9078c9",
"status": "affected",
"version": "1f5abe7e7dbc",
"versionType": "git"
},
{
"lessThan": "0c8aa4cfda4e",
"status": "affected",
"version": "1f5abe7e7dbc",
"versionType": "git"
},
{
"lessThan": "48d443d20023",
"status": "affected",
"version": "1f5abe7e7dbc",
"versionType": "git"
},
{
"lessThan": "76ffbe911e27",
"status": "affected",
"version": "1f5abe7e7dbc",
"versionType": "git"
},
{
"lessThan": "269cdf353b5b",
"status": "affected",
"version": "1f5abe7e7dbc",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/nilfs2/inode.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.30"
},
{
"lessThan": "2.6.30",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.312",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.274",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: prevent kernel bug at submit_bh_wbc()\n\nFix a bug where nilfs_get_block() returns a successful status when\nsearching and inserting the specified block both fail inconsistently. If\nthis inconsistent behavior is not due to a previously fixed bug, then an\nunexpected race is occurring, so return a temporary error -EAGAIN instead.\n\nThis prevents callers such as __block_write_begin_int() from requesting a\nread into a buffer that is not mapped, which would cause the BUG_ON check\nfor the BH_Mapped flag in submit_bh_wbc() to fail."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:49.104Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/91e4c4595fae5e87069e44687ae879091783c183"
},
{
"url": "https://git.kernel.org/stable/c/32eaee72e96590a75445c8a6c7c1057673b47e07"
},
{
"url": "https://git.kernel.org/stable/c/f0fe7ad5aff4f0fcf988913313c497de85f1e186"
},
{
"url": "https://git.kernel.org/stable/c/ca581d237f3b8539c044205bb003de71d75d227c"
},
{
"url": "https://git.kernel.org/stable/c/192e9f9078c96be30b31c4b44d6294b24520fce5"
},
{
"url": "https://git.kernel.org/stable/c/0c8aa4cfda4e4adb15d5b6536d155eca9c9cd44c"
},
{
"url": "https://git.kernel.org/stable/c/48d443d200237782dc82e6b60663ec414ef02e39"
},
{
"url": "https://git.kernel.org/stable/c/76ffbe911e2798c7296968f5fd72f7bf67207a8d"
},
{
"url": "https://git.kernel.org/stable/c/269cdf353b5bdd15f1a079671b0f889113865f20"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "nilfs2: prevent kernel bug at submit_bh_wbc()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26955",
"datePublished": "2024-05-01T05:18:51.866Z",
"dateReserved": "2024-02-19T14:20:24.200Z",
"dateUpdated": "2024-08-02T00:21:05.746Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26956
Vulnerability from cvelistv5
Published
2024-05-01 05:18
Modified
2024-08-02 00:21
Severity
Summary
nilfs2: fix failure to detect DAT corruption in btree and direct mappings
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26956",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T18:55:00.382518Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T18:55:25.009Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.748Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b67189690eb4b7ecc84ae16fa1e880e0123eaa35"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9cbe1ad5f4354f4df1445e5f4883983328cd6d8e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c3b5c5c31e723b568f83d8cafab8629d9d830ffb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2e2619ff5d0def4bb6c2037a32a6eaa28dd95c84"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/46b832e09d43b394ac0f6d9485d2b1a06593f0b7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f69e81396aea66304d214f175aa371f1b5578862"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a8e4d098de1c0f4c5c1f2ed4633a860f0da6d713"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/82827ca21e7c8a91384c5baa656f78a5adfa4ab4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f2f26b4a84a0ef41791bd2d70861c8eac748f4ba"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/nilfs2/btree.c",
"fs/nilfs2/direct.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b67189690eb4",
"status": "affected",
"version": "c3a7abf06ce7",
"versionType": "git"
},
{
"lessThan": "9cbe1ad5f435",
"status": "affected",
"version": "c3a7abf06ce7",
"versionType": "git"
},
{
"lessThan": "c3b5c5c31e72",
"status": "affected",
"version": "c3a7abf06ce7",
"versionType": "git"
},
{
"lessThan": "2e2619ff5d0d",
"status": "affected",
"version": "c3a7abf06ce7",
"versionType": "git"
},
{
"lessThan": "46b832e09d43",
"status": "affected",
"version": "c3a7abf06ce7",
"versionType": "git"
},
{
"lessThan": "f69e81396aea",
"status": "affected",
"version": "c3a7abf06ce7",
"versionType": "git"
},
{
"lessThan": "a8e4d098de1c",
"status": "affected",
"version": "c3a7abf06ce7",
"versionType": "git"
},
{
"lessThan": "82827ca21e7c",
"status": "affected",
"version": "c3a7abf06ce7",
"versionType": "git"
},
{
"lessThan": "f2f26b4a84a0",
"status": "affected",
"version": "c3a7abf06ce7",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/nilfs2/btree.c",
"fs/nilfs2/direct.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.31"
},
{
"lessThan": "2.6.31",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.312",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.274",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix failure to detect DAT corruption in btree and direct mappings\n\nPatch series \"nilfs2: fix kernel bug at submit_bh_wbc()\".\n\nThis resolves a kernel BUG reported by syzbot. Since there are two\nflaws involved, I\u0027ve made each one a separate patch.\n\nThe first patch alone resolves the syzbot-reported bug, but I think\nboth fixes should be sent to stable, so I\u0027ve tagged them as such.\n\n\nThis patch (of 2):\n\nSyzbot has reported a kernel bug in submit_bh_wbc() when writing file data\nto a nilfs2 file system whose metadata is corrupted.\n\nThere are two flaws involved in this issue.\n\nThe first flaw is that when nilfs_get_block() locates a data block using\nbtree or direct mapping, if the disk address translation routine\nnilfs_dat_translate() fails with internal code -ENOENT due to DAT metadata\ncorruption, it can be passed back to nilfs_get_block(). This causes\nnilfs_get_block() to misidentify an existing block as non-existent,\ncausing both data block lookup and insertion to fail inconsistently.\n\nThe second flaw is that nilfs_get_block() returns a successful status in\nthis inconsistent state. This causes the caller __block_write_begin_int()\nor others to request a read even though the buffer is not mapped,\nresulting in a BUG_ON check for the BH_Mapped flag in submit_bh_wbc()\nfailing.\n\nThis fixes the first issue by changing the return value to code -EINVAL\nwhen a conversion using DAT fails with code -ENOENT, avoiding the\nconflicting condition that leads to the kernel bug described above. Here,\ncode -EINVAL indicates that metadata corruption was detected during the\nblock lookup, which will be properly handled as a file system error and\nconverted to -EIO when passing through the nilfs2 bmap layer."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:50.130Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b67189690eb4b7ecc84ae16fa1e880e0123eaa35"
},
{
"url": "https://git.kernel.org/stable/c/9cbe1ad5f4354f4df1445e5f4883983328cd6d8e"
},
{
"url": "https://git.kernel.org/stable/c/c3b5c5c31e723b568f83d8cafab8629d9d830ffb"
},
{
"url": "https://git.kernel.org/stable/c/2e2619ff5d0def4bb6c2037a32a6eaa28dd95c84"
},
{
"url": "https://git.kernel.org/stable/c/46b832e09d43b394ac0f6d9485d2b1a06593f0b7"
},
{
"url": "https://git.kernel.org/stable/c/f69e81396aea66304d214f175aa371f1b5578862"
},
{
"url": "https://git.kernel.org/stable/c/a8e4d098de1c0f4c5c1f2ed4633a860f0da6d713"
},
{
"url": "https://git.kernel.org/stable/c/82827ca21e7c8a91384c5baa656f78a5adfa4ab4"
},
{
"url": "https://git.kernel.org/stable/c/f2f26b4a84a0ef41791bd2d70861c8eac748f4ba"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "nilfs2: fix failure to detect DAT corruption in btree and direct mappings",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26956",
"datePublished": "2024-05-01T05:18:56.101Z",
"dateReserved": "2024-02-19T14:20:24.200Z",
"dateUpdated": "2024-08-02T00:21:05.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27058
Vulnerability from cvelistv5
Published
2024-05-01 13:00
Modified
2024-08-02 00:21
Severity
Summary
tmpfs: fix race on handling dquot rbtree
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27058",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-17T15:12:32.083830Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:46:41.269Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.876Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c7077f43f30d817d10a9f8245e51576ac114b2f0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/617d55b90e73c7b4aa2733ca6cc3f9b72d1124bb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f82f184874d2761ebaa60dccf577921a0dbb3810"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0a69b6b3a026543bc215ccc866d0aea5579e6ce2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"mm/shmem_quota.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "c7077f43f30d",
"status": "affected",
"version": "eafc474e2029",
"versionType": "git"
},
{
"lessThan": "617d55b90e73",
"status": "affected",
"version": "eafc474e2029",
"versionType": "git"
},
{
"lessThan": "f82f184874d2",
"status": "affected",
"version": "eafc474e2029",
"versionType": "git"
},
{
"lessThan": "0a69b6b3a026",
"status": "affected",
"version": "eafc474e2029",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"mm/shmem_quota.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.6"
},
{
"lessThan": "6.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntmpfs: fix race on handling dquot rbtree\n\nA syzkaller reproducer found a race while attempting to remove dquot\ninformation from the rb tree.\n\nFetching the rb_tree root node must also be protected by the\ndqopt-\u003edqio_sem, otherwise, giving the right timing, shmem_release_dquot()\nwill trigger a warning because it couldn\u0027t find a node in the tree, when\nthe real reason was the root node changing before the search starts:\n\nThread 1\t\t\t\tThread 2\n- shmem_release_dquot()\t\t\t- shmem_{acquire,release}_dquot()\n\n- fetch ROOT\t\t\t\t- Fetch ROOT\n\n\t\t\t\t\t- acquire dqio_sem\n- wait dqio_sem\n\n\t\t\t\t\t- do something, triger a tree rebalance\n\t\t\t\t\t- release dqio_sem\n\n- acquire dqio_sem\n- start searching for the node, but\n from the wrong location, missing\n the node, and triggering a warning."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:48.532Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/c7077f43f30d817d10a9f8245e51576ac114b2f0"
},
{
"url": "https://git.kernel.org/stable/c/617d55b90e73c7b4aa2733ca6cc3f9b72d1124bb"
},
{
"url": "https://git.kernel.org/stable/c/f82f184874d2761ebaa60dccf577921a0dbb3810"
},
{
"url": "https://git.kernel.org/stable/c/0a69b6b3a026543bc215ccc866d0aea5579e6ce2"
}
],
"title": "tmpfs: fix race on handling dquot rbtree",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27058",
"datePublished": "2024-05-01T13:00:06.852Z",
"dateReserved": "2024-02-19T14:20:24.214Z",
"dateUpdated": "2024-08-02T00:21:05.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26972
Vulnerability from cvelistv5
Published
2024-05-01 05:20
Modified
2024-08-02 00:21
Severity
Summary
ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26972",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T20:05:43.085010Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T20:05:50.540Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/62b5ae00c2b835639002ce898ccb5d82c51073ae"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6379b44cdcd67f5f5d986b73953e99700591edfa"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/ubifs/dir.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "62b5ae00c2b8",
"status": "affected",
"version": "2c58d548f570",
"versionType": "git"
},
{
"lessThan": "6379b44cdcd6",
"status": "affected",
"version": "2c58d548f570",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/ubifs/dir.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.2"
},
{
"lessThan": "5.2",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: ubifs_symlink: Fix memleak of inode-\u003ei_link in error path\n\nFor error handling path in ubifs_symlink(), inode will be marked as\nbad first, then iput() is invoked. If inode-\u003ei_link is initialized by\nfscrypt_encrypt_symlink() in encryption scenario, inode-\u003ei_link won\u0027t\nbe freed by callchain ubifs_free_inode -\u003e fscrypt_free_inode in error\nhandling path, because make_bad_inode() has changed \u0027inode-\u003ei_mode\u0027 as\n\u0027S_IFREG\u0027.\nFollowing kmemleak is easy to be reproduced by injecting error in\nubifs_jnl_update() when doing symlink in encryption scenario:\n unreferenced object 0xffff888103da3d98 (size 8):\n comm \"ln\", pid 1692, jiffies 4294914701 (age 12.045s)\n backtrace:\n kmemdup+0x32/0x70\n __fscrypt_encrypt_symlink+0xed/0x1c0\n ubifs_symlink+0x210/0x300 [ubifs]\n vfs_symlink+0x216/0x360\n do_symlinkat+0x11a/0x190\n do_syscall_64+0x3b/0xe0\nThere are two ways fixing it:\n 1. Remove make_bad_inode() in error handling path. We can do that\n because ubifs_evict_inode() will do same processes for good\n symlink inode and bad symlink inode, for inode-\u003ei_nlink checking\n is before is_bad_inode().\n 2. Free inode-\u003ei_link before marking inode bad.\nMethod 2 is picked, it has less influence, personally, I think."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:10.481Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/62b5ae00c2b835639002ce898ccb5d82c51073ae"
},
{
"url": "https://git.kernel.org/stable/c/6379b44cdcd67f5f5d986b73953e99700591edfa"
}
],
"title": "ubifs: ubifs_symlink: Fix memleak of inode-\u003ei_link in error path",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26972",
"datePublished": "2024-05-01T05:20:04.669Z",
"dateReserved": "2024-02-19T14:20:24.202Z",
"dateUpdated": "2024-08-02T00:21:05.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27037
Vulnerability from cvelistv5
Published
2024-05-01 12:53
Modified
2024-08-02 00:21
Severity
Summary
clk: zynq: Prevent null pointer dereference caused by kmalloc failure
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27037",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T18:33:24.280230Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T18:38:25.463Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.887Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/01511ac7be8e45f80e637f6bf61af2d3d2dee9db"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8c4889a9ea861d7be37463c10846eb75e1b49c9d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0801c893fd48cdba66a3c8f44c3fe43cc67d3b85"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ca976c6a592f789700200069ef9052493c0b73d8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/58a946ab43501f2eba058d24d96af0ad1122475b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7938e9ce39d6779d2f85d822cc930f73420e54a6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/clk/zynq/clkc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "01511ac7be8e",
"status": "affected",
"version": "0ee52b157b8e",
"versionType": "git"
},
{
"lessThan": "8c4889a9ea86",
"status": "affected",
"version": "0ee52b157b8e",
"versionType": "git"
},
{
"lessThan": "0801c893fd48",
"status": "affected",
"version": "0ee52b157b8e",
"versionType": "git"
},
{
"lessThan": "ca976c6a592f",
"status": "affected",
"version": "0ee52b157b8e",
"versionType": "git"
},
{
"lessThan": "58a946ab4350",
"status": "affected",
"version": "0ee52b157b8e",
"versionType": "git"
},
{
"lessThan": "7938e9ce39d6",
"status": "affected",
"version": "0ee52b157b8e",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/clk/zynq/clkc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.11"
},
{
"lessThan": "3.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: zynq: Prevent null pointer dereference caused by kmalloc failure\n\nThe kmalloc() in zynq_clk_setup() will return null if the\nphysical memory has run out. As a result, if we use snprintf()\nto write data to the null address, the null pointer dereference\nbug will happen.\n\nThis patch uses a stack variable to replace the kmalloc()."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:26.452Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/01511ac7be8e45f80e637f6bf61af2d3d2dee9db"
},
{
"url": "https://git.kernel.org/stable/c/8c4889a9ea861d7be37463c10846eb75e1b49c9d"
},
{
"url": "https://git.kernel.org/stable/c/0801c893fd48cdba66a3c8f44c3fe43cc67d3b85"
},
{
"url": "https://git.kernel.org/stable/c/ca976c6a592f789700200069ef9052493c0b73d8"
},
{
"url": "https://git.kernel.org/stable/c/58a946ab43501f2eba058d24d96af0ad1122475b"
},
{
"url": "https://git.kernel.org/stable/c/7938e9ce39d6779d2f85d822cc930f73420e54a6"
}
],
"title": "clk: zynq: Prevent null pointer dereference caused by kmalloc failure",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27037",
"datePublished": "2024-05-01T12:53:50.227Z",
"dateReserved": "2024-02-19T14:20:24.212Z",
"dateUpdated": "2024-08-02T00:21:05.887Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27076
Vulnerability from cvelistv5
Published
2024-05-01 13:04
Modified
2024-08-08 15:02
Severity
Summary
media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:58.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8c2e4efe1278cd2b230cdbf90a6cefbf00acc282"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5d9fe604bf9b5b09d2215225df55f22a4cbbc684"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b1d0eebaf87cc9ccd05f779ec4a0589f95d6c18b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8df9a3c7044b847e9c4dc7e683fd64c6b873f328"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d164ddc21e986dd9ad614b4b01746e5457aeb24f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/42492b00156c03a79fd4851190aa63045d6a15ce"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6c92224721a439d6350db5933a1060768dcd565e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4797a3dd46f220e6d83daf54d70c5b33db6deb01"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27076",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T18:31:08.599457Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T15:02:53.804Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/staging/media/imx/imx-media-csc-scaler.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8c2e4efe1278",
"status": "affected",
"version": "a8ef0488cc59",
"versionType": "git"
},
{
"lessThan": "5d9fe604bf9b",
"status": "affected",
"version": "a8ef0488cc59",
"versionType": "git"
},
{
"lessThan": "b1d0eebaf87c",
"status": "affected",
"version": "a8ef0488cc59",
"versionType": "git"
},
{
"lessThan": "8df9a3c7044b",
"status": "affected",
"version": "a8ef0488cc59",
"versionType": "git"
},
{
"lessThan": "d164ddc21e98",
"status": "affected",
"version": "a8ef0488cc59",
"versionType": "git"
},
{
"lessThan": "42492b00156c",
"status": "affected",
"version": "a8ef0488cc59",
"versionType": "git"
},
{
"lessThan": "6c92224721a4",
"status": "affected",
"version": "a8ef0488cc59",
"versionType": "git"
},
{
"lessThan": "4797a3dd46f2",
"status": "affected",
"version": "a8ef0488cc59",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/staging/media/imx/imx-media-csc-scaler.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.4"
},
{
"lessThan": "5.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.273",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imx: csc/scaler: fix v4l2_ctrl_handler memory leak\n\nFree the memory allocated in v4l2_ctrl_handler_init on release."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:28:07.384Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8c2e4efe1278cd2b230cdbf90a6cefbf00acc282"
},
{
"url": "https://git.kernel.org/stable/c/5d9fe604bf9b5b09d2215225df55f22a4cbbc684"
},
{
"url": "https://git.kernel.org/stable/c/b1d0eebaf87cc9ccd05f779ec4a0589f95d6c18b"
},
{
"url": "https://git.kernel.org/stable/c/8df9a3c7044b847e9c4dc7e683fd64c6b873f328"
},
{
"url": "https://git.kernel.org/stable/c/d164ddc21e986dd9ad614b4b01746e5457aeb24f"
},
{
"url": "https://git.kernel.org/stable/c/42492b00156c03a79fd4851190aa63045d6a15ce"
},
{
"url": "https://git.kernel.org/stable/c/6c92224721a439d6350db5933a1060768dcd565e"
},
{
"url": "https://git.kernel.org/stable/c/4797a3dd46f220e6d83daf54d70c5b33db6deb01"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27076",
"datePublished": "2024-05-01T13:04:48.074Z",
"dateReserved": "2024-02-19T14:20:24.217Z",
"dateUpdated": "2024-08-08T15:02:53.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27005
Vulnerability from cvelistv5
Published
2024-05-01 05:28
Modified
2024-08-02 00:21
Severity
Summary
interconnect: Don't access req_list while it's being manipulated
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27005",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T18:46:13.449387Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T18:46:22.895Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.951Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d0d04efa2e367921654b5106cc5c05e3757c2b42"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4c65507121ea8e0b47fae6d2049c8688390d46b6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/de1bf25b6d771abdb52d43546cf57ad775fb68a1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/interconnect/core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d0d04efa2e36",
"status": "affected",
"version": "af42269c3523",
"versionType": "git"
},
{
"lessThan": "4c65507121ea",
"status": "affected",
"version": "af42269c3523",
"versionType": "git"
},
{
"lessThan": "de1bf25b6d77",
"status": "affected",
"version": "af42269c3523",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/interconnect/core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.6"
},
{
"lessThan": "6.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ninterconnect: Don\u0027t access req_list while it\u0027s being manipulated\n\nThe icc_lock mutex was split into separate icc_lock and icc_bw_lock\nmutexes in [1] to avoid lockdep splats. However, this didn\u0027t adequately\nprotect access to icc_node::req_list.\n\nThe icc_set_bw() function will eventually iterate over req_list while\nonly holding icc_bw_lock, but req_list can be modified while only\nholding icc_lock. This causes races between icc_set_bw(), of_icc_get(),\nand icc_put().\n\nExample A:\n\n CPU0 CPU1\n ---- ----\n icc_set_bw(path_a)\n mutex_lock(\u0026icc_bw_lock);\n icc_put(path_b)\n mutex_lock(\u0026icc_lock);\n aggregate_requests()\n hlist_for_each_entry(r, ...\n hlist_del(...\n \u003cr = invalid pointer\u003e\n\nExample B:\n\n CPU0 CPU1\n ---- ----\n icc_set_bw(path_a)\n mutex_lock(\u0026icc_bw_lock);\n path_b = of_icc_get()\n of_icc_get_by_index()\n mutex_lock(\u0026icc_lock);\n path_find()\n path_init()\n aggregate_requests()\n hlist_for_each_entry(r, ...\n hlist_add_head(...\n \u003cr = invalid pointer\u003e\n\nFix this by ensuring icc_bw_lock is always held before manipulating\nicc_node::req_list. The additional places icc_bw_lock is held don\u0027t\nperform any memory allocations, so we should still be safe from the\noriginal lockdep splats that motivated the separate locks.\n\n[1] commit af42269c3523 (\"interconnect: Fix locking for runpm vs reclaim\")"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:52.623Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d0d04efa2e367921654b5106cc5c05e3757c2b42"
},
{
"url": "https://git.kernel.org/stable/c/4c65507121ea8e0b47fae6d2049c8688390d46b6"
},
{
"url": "https://git.kernel.org/stable/c/de1bf25b6d771abdb52d43546cf57ad775fb68a1"
}
],
"title": "interconnect: Don\u0027t access req_list while it\u0027s being manipulated",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27005",
"datePublished": "2024-05-01T05:28:59.193Z",
"dateReserved": "2024-02-19T14:20:24.207Z",
"dateUpdated": "2024-08-02T00:21:05.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26999
Vulnerability from cvelistv5
Published
2024-05-01 05:28
Modified
2024-08-02 00:21
Severity
Summary
serial/pmac_zilog: Remove flawed mitigation for rx irq flood
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/69a02273e288011b521ee7c1f3ab2c23fda633ce"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d679c816929d62af51c8e6d7fc0e165c9412d2f3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ab86cf6f8d24e63e9aca23da5108af1aa5483928"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7a3bbe41efa55323b6ea3c35fa15941d4dbecdef"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bbaafbb4651fede8d3c3881601ecaa4f834f9d3f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/52aaf1ff14622a04148dbb9ccce6d9de5d534ea7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ca09dfc3cfdf89e6af3ac24e1c6c0be5c575a729"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1be3226445362bfbf461c92a5bcdb1723f2e4907"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/tty/serial/pmac_zilog.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "69a02273e288",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "d679c816929d",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "ab86cf6f8d24",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "7a3bbe41efa5",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "bbaafbb4651f",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "52aaf1ff1462",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "ca09dfc3cfdf",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "1be322644536",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/tty/serial/pmac_zilog.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.12"
},
{
"lessThan": "2.6.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.313",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.275",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.216",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial/pmac_zilog: Remove flawed mitigation for rx irq flood\n\nThe mitigation was intended to stop the irq completely. That may be\nbetter than a hard lock-up but it turns out that you get a crash anyway\nif you\u0027re using pmac_zilog as a serial console:\n\nttyPZ0: pmz: rx irq flood !\nBUG: spinlock recursion on CPU#0, swapper/0\n\nThat\u0027s because the pr_err() call in pmz_receive_chars() results in\npmz_console_write() attempting to lock a spinlock already locked in\npmz_interrupt(). With CONFIG_DEBUG_SPINLOCK=y, this produces a fatal\nBUG splat. The spinlock in question is the one in struct uart_port.\n\nEven when it\u0027s not fatal, the serial port rx function ceases to work.\nAlso, the iteration limit doesn\u0027t play nicely with QEMU, as can be\nseen in the bug report linked below.\n\nA web search for other reports of the error message \"pmz: rx irq flood\"\ndidn\u0027t produce anything. So I don\u0027t think this code is needed any more.\nRemove it."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:45.202Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/69a02273e288011b521ee7c1f3ab2c23fda633ce"
},
{
"url": "https://git.kernel.org/stable/c/d679c816929d62af51c8e6d7fc0e165c9412d2f3"
},
{
"url": "https://git.kernel.org/stable/c/ab86cf6f8d24e63e9aca23da5108af1aa5483928"
},
{
"url": "https://git.kernel.org/stable/c/7a3bbe41efa55323b6ea3c35fa15941d4dbecdef"
},
{
"url": "https://git.kernel.org/stable/c/bbaafbb4651fede8d3c3881601ecaa4f834f9d3f"
},
{
"url": "https://git.kernel.org/stable/c/52aaf1ff14622a04148dbb9ccce6d9de5d534ea7"
},
{
"url": "https://git.kernel.org/stable/c/ca09dfc3cfdf89e6af3ac24e1c6c0be5c575a729"
},
{
"url": "https://git.kernel.org/stable/c/1be3226445362bfbf461c92a5bcdb1723f2e4907"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"title": "serial/pmac_zilog: Remove flawed mitigation for rx irq flood",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26999",
"datePublished": "2024-05-01T05:28:30.760Z",
"dateReserved": "2024-02-19T14:20:24.206Z",
"dateUpdated": "2024-08-02T00:21:05.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26992
Vulnerability from cvelistv5
Published
2024-05-01 05:27
Modified
2024-08-02 00:21
Severity
Summary
KVM: x86/pmu: Disable support for adaptive PEBS
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0fb74c00d140a66128afc0003785dcc57e69d312"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/037e48ceccf163899374b601afb6ae8d0bf1d2ac"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7a7650b3ac23e5fc8c990f00e94f787dc84e3175"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9e985cbf2942a1bb8fcef9adc2a17d90fd7ca8ee"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/x86/kvm/vmx/vmx.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0fb74c00d140",
"status": "affected",
"version": "c59a1f106f5c",
"versionType": "git"
},
{
"lessThan": "037e48ceccf1",
"status": "affected",
"version": "c59a1f106f5c",
"versionType": "git"
},
{
"lessThan": "7a7650b3ac23",
"status": "affected",
"version": "c59a1f106f5c",
"versionType": "git"
},
{
"lessThan": "9e985cbf2942",
"status": "affected",
"version": "c59a1f106f5c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/x86/kvm/vmx/vmx.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"lessThan": "6.0",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/pmu: Disable support for adaptive PEBS\n\nDrop support for virtualizing adaptive PEBS, as KVM\u0027s implementation is\narchitecturally broken without an obvious/easy path forward, and because\nexposing adaptive PEBS can leak host LBRs to the guest, i.e. can leak\nhost kernel addresses to the guest.\n\nBug #1 is that KVM doesn\u0027t account for the upper 32 bits of\nIA32_FIXED_CTR_CTRL when (re)programming fixed counters, e.g\nfixed_ctrl_field() drops the upper bits, reprogram_fixed_counters()\nstores local variables as u8s and truncates the upper bits too, etc.\n\nBug #2 is that, because KVM _always_ sets precise_ip to a non-zero value\nfor PEBS events, perf will _always_ generate an adaptive record, even if\nthe guest requested a basic record. Note, KVM will also enable adaptive\nPEBS in individual *counter*, even if adaptive PEBS isn\u0027t exposed to the\nguest, but this is benign as MSR_PEBS_DATA_CFG is guaranteed to be zero,\ni.e. the guest will only ever see Basic records.\n\nBug #3 is in perf. intel_pmu_disable_fixed() doesn\u0027t clear the upper\nbits either, i.e. leaves ICL_FIXED_0_ADAPTIVE set, and\nintel_pmu_enable_fixed() effectively doesn\u0027t clear ICL_FIXED_0_ADAPTIVE\neither. I.e. perf _always_ enables ADAPTIVE counters, regardless of what\nKVM requests.\n\nBug #4 is that adaptive PEBS *might* effectively bypass event filters set\nby the host, as \"Updated Memory Access Info Group\" records information\nthat might be disallowed by userspace via KVM_SET_PMU_EVENT_FILTER.\n\nBug #5 is that KVM doesn\u0027t ensure LBR MSRs hold guest values (or at least\nzeros) when entering a vCPU with adaptive PEBS, which allows the guest\nto read host LBRs, i.e. host RIPs/addresses, by enabling \"LBR Entries\"\nrecords.\n\nDisable adaptive PEBS support as an immediate fix due to the severity of\nthe LBR leak in particular, and because fixing all of the bugs will be\nnon-trivial, e.g. not suitable for backporting to stable kernels.\n\nNote! This will break live migration, but trying to make KVM play nice\nwith live migration would be quite complicated, wouldn\u0027t be guaranteed to\nwork (i.e. KVM might still kill/confuse the guest), and it\u0027s not clear\nthat there are any publicly available VMMs that support adaptive PEBS,\nlet alone live migrate VMs that support adaptive PEBS, e.g. QEMU doesn\u0027t\nsupport PEBS in any capacity."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:34.887Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0fb74c00d140a66128afc0003785dcc57e69d312"
},
{
"url": "https://git.kernel.org/stable/c/037e48ceccf163899374b601afb6ae8d0bf1d2ac"
},
{
"url": "https://git.kernel.org/stable/c/7a7650b3ac23e5fc8c990f00e94f787dc84e3175"
},
{
"url": "https://git.kernel.org/stable/c/9e985cbf2942a1bb8fcef9adc2a17d90fd7ca8ee"
}
],
"title": "KVM: x86/pmu: Disable support for adaptive PEBS",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26992",
"datePublished": "2024-05-01T05:27:57.967Z",
"dateReserved": "2024-02-19T14:20:24.205Z",
"dateUpdated": "2024-08-02T00:21:05.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27007
Vulnerability from cvelistv5
Published
2024-05-01 05:29
Modified
2024-08-02 00:21
Severity
Summary
userfaultfd: change src_folio after ensuring it's unpinned in UFFDIO_MOVE
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27007",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T17:40:30.411881Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:46:11.249Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.906Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/df5f6e683e7f21a15d8be6e7a0c7a46436963ebe"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c0205eaf3af9f5db14d4b5ee4abacf4a583c3c50"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"mm/huge_memory.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "df5f6e683e7f",
"status": "affected",
"version": "adef440691ba",
"versionType": "git"
},
{
"lessThan": "c0205eaf3af9",
"status": "affected",
"version": "adef440691ba",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"mm/huge_memory.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nuserfaultfd: change src_folio after ensuring it\u0027s unpinned in UFFDIO_MOVE\n\nCommit d7a08838ab74 (\"mm: userfaultfd: fix unexpected change to src_folio\nwhen UFFDIO_MOVE fails\") moved the src_folio-\u003e{mapping, index} changing to\nafter clearing the page-table and ensuring that it\u0027s not pinned. This\navoids failure of swapout+migration and possibly memory corruption.\n\nHowever, the commit missed fixing it in the huge-page case."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:54.797Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/df5f6e683e7f21a15d8be6e7a0c7a46436963ebe"
},
{
"url": "https://git.kernel.org/stable/c/c0205eaf3af9f5db14d4b5ee4abacf4a583c3c50"
}
],
"title": "userfaultfd: change src_folio after ensuring it\u0027s unpinned in UFFDIO_MOVE",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27007",
"datePublished": "2024-05-01T05:29:08.528Z",
"dateReserved": "2024-02-19T14:20:24.208Z",
"dateUpdated": "2024-08-02T00:21:05.906Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27067
Vulnerability from cvelistv5
Published
2024-05-01 13:04
Modified
2024-08-02 00:27
Severity
Summary
xen/evtchn: avoid WARN() when unbinding an event channel
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27067",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T17:40:05.117300Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:45:14.642Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:57.836Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/99e425032c6ec13584d3cd33846e0c7307501b47"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/35485dad6e28f9b17884764d4692b1655cb848d0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9e2d4b58c1da48a32905802aaeadba7084b46895"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/51c23bd691c0f1fb95b29731c356c6fd69925d17"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/xen/evtchn.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "99e425032c6e",
"status": "affected",
"version": "3c8f5965a993",
"versionType": "git"
},
{
"lessThan": "35485dad6e28",
"status": "affected",
"version": "9e90e58c11b7",
"versionType": "git"
},
{
"lessThan": "9e2d4b58c1da",
"status": "affected",
"version": "9e90e58c11b7",
"versionType": "git"
},
{
"lessThan": "51c23bd691c0",
"status": "affected",
"version": "9e90e58c11b7",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/xen/evtchn.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.7"
},
{
"lessThan": "6.7",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/evtchn: avoid WARN() when unbinding an event channel\n\nWhen unbinding a user event channel, the related handler might be\ncalled a last time in case the kernel was built with\nCONFIG_DEBUG_SHIRQ. This might cause a WARN() in the handler.\n\nAvoid that by adding an \"unbinding\" flag to struct user_event which\nwill short circuit the handler."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:57.665Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/99e425032c6ec13584d3cd33846e0c7307501b47"
},
{
"url": "https://git.kernel.org/stable/c/35485dad6e28f9b17884764d4692b1655cb848d0"
},
{
"url": "https://git.kernel.org/stable/c/9e2d4b58c1da48a32905802aaeadba7084b46895"
},
{
"url": "https://git.kernel.org/stable/c/51c23bd691c0f1fb95b29731c356c6fd69925d17"
}
],
"title": "xen/evtchn: avoid WARN() when unbinding an event channel",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27067",
"datePublished": "2024-05-01T13:04:16.051Z",
"dateReserved": "2024-02-19T14:20:24.216Z",
"dateUpdated": "2024-08-02T00:27:57.836Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26934
Vulnerability from cvelistv5
Published
2024-05-01 05:17
Modified
2024-08-02 00:21
Severity
Summary
USB: core: Fix deadlock in usb_deauthorize_interface()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26934",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-10T18:35:35.947702Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:21:30.301Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8cbdd324b41528994027128207fae8100dff094f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/12d6a5681a0a5cecc2af7860f0a1613fa7c6e947"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e451709573f8be904a8a72d0775bf114d7c291d9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1b175bc579f46520b11ecda443bcd2ee4904f66a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ab062fa3dc69aea88fe62162c5881ba14b50ecc5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/122a06f1068bf5e39089863f4f60b1f5d4273384"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dbdf66250d2d33e8b27352fcb901de79f3521057"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/07acf979da33c721357ff27129edf74c23c036c6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/80ba43e9f799cbdd83842fc27db667289b3150f5"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/usb/core/sysfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8cbdd324b415",
"status": "affected",
"version": "310d2b4124c0",
"versionType": "git"
},
{
"lessThan": "12d6a5681a0a",
"status": "affected",
"version": "310d2b4124c0",
"versionType": "git"
},
{
"lessThan": "e451709573f8",
"status": "affected",
"version": "310d2b4124c0",
"versionType": "git"
},
{
"lessThan": "1b175bc579f4",
"status": "affected",
"version": "310d2b4124c0",
"versionType": "git"
},
{
"lessThan": "ab062fa3dc69",
"status": "affected",
"version": "310d2b4124c0",
"versionType": "git"
},
{
"lessThan": "122a06f1068b",
"status": "affected",
"version": "310d2b4124c0",
"versionType": "git"
},
{
"lessThan": "dbdf66250d2d",
"status": "affected",
"version": "310d2b4124c0",
"versionType": "git"
},
{
"lessThan": "07acf979da33",
"status": "affected",
"version": "310d2b4124c0",
"versionType": "git"
},
{
"lessThan": "80ba43e9f799",
"status": "affected",
"version": "310d2b4124c0",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/usb/core/sysfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.4"
},
{
"lessThan": "4.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.312",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.274",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.215",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.154",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.84",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix deadlock in usb_deauthorize_interface()\n\nAmong the attribute file callback routines in\ndrivers/usb/core/sysfs.c, the interface_authorized_store() function is\nthe only one which acquires a device lock on an ancestor device: It\ncalls usb_deauthorize_interface(), which locks the interface\u0027s parent\nUSB device.\n\nThe will lead to deadlock if another process already owns that lock\nand tries to remove the interface, whether through a configuration\nchange or because the device has been disconnected. As part of the\nremoval procedure, device_del() waits for all ongoing sysfs attribute\ncallbacks to complete. But usb_deauthorize_interface() can\u0027t complete\nuntil the device lock has been released, and the lock won\u0027t be\nreleased until the removal has finished.\n\nThe mechanism provided by sysfs to prevent this kind of deadlock is\nto use the sysfs_break_active_protection() function, which tells sysfs\nnot to wait for the attribute callback.\n\nReported-and-tested by: Yue Sun \u003csamsun1006219@gmail.com\u003e\nReported by: xingwei lee \u003cxrivendell7@gmail.com\u003e"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:26.682Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8cbdd324b41528994027128207fae8100dff094f"
},
{
"url": "https://git.kernel.org/stable/c/12d6a5681a0a5cecc2af7860f0a1613fa7c6e947"
},
{
"url": "https://git.kernel.org/stable/c/e451709573f8be904a8a72d0775bf114d7c291d9"
},
{
"url": "https://git.kernel.org/stable/c/1b175bc579f46520b11ecda443bcd2ee4904f66a"
},
{
"url": "https://git.kernel.org/stable/c/ab062fa3dc69aea88fe62162c5881ba14b50ecc5"
},
{
"url": "https://git.kernel.org/stable/c/122a06f1068bf5e39089863f4f60b1f5d4273384"
},
{
"url": "https://git.kernel.org/stable/c/dbdf66250d2d33e8b27352fcb901de79f3521057"
},
{
"url": "https://git.kernel.org/stable/c/07acf979da33c721357ff27129edf74c23c036c6"
},
{
"url": "https://git.kernel.org/stable/c/80ba43e9f799cbdd83842fc27db667289b3150f5"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "USB: core: Fix deadlock in usb_deauthorize_interface()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26934",
"datePublished": "2024-05-01T05:17:27.352Z",
"dateReserved": "2024-02-19T14:20:24.196Z",
"dateUpdated": "2024-08-02T00:21:05.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27010
Vulnerability from cvelistv5
Published
2024-05-01 05:29
Modified
2024-08-02 00:21
Severity
Summary
net/sched: Fix mirred deadlock on device recursion
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27010",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T15:03:35.408191Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T15:03:46.655Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e6b90468da4dae2281a6e381107f411efb48b0ef"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0f022d32c3eca477fbf79a205243a6123ed0fe11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"include/net/sch_generic.h",
"net/core/dev.c",
"net/sched/sch_generic.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e6b90468da4d",
"status": "affected",
"version": "e578d9c02587",
"versionType": "git"
},
{
"lessThan": "0f022d32c3ec",
"status": "affected",
"version": "e578d9c02587",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"include/net/sch_generic.h",
"net/core/dev.c",
"net/sched/sch_generic.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.2"
},
{
"lessThan": "4.2",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Fix mirred deadlock on device recursion\n\nWhen the mirred action is used on a classful egress qdisc and a packet is\nmirrored or redirected to self we hit a qdisc lock deadlock.\nSee trace below.\n\n[..... other info removed for brevity....]\n[ 82.890906]\n[ 82.890906] ============================================\n[ 82.890906] WARNING: possible recursive locking detected\n[ 82.890906] 6.8.0-05205-g77fadd89fe2d-dirty #213 Tainted: G W\n[ 82.890906] --------------------------------------------\n[ 82.890906] ping/418 is trying to acquire lock:\n[ 82.890906] ffff888006994110 (\u0026sch-\u003eq.lock){+.-.}-{3:3}, at:\n__dev_queue_xmit+0x1778/0x3550\n[ 82.890906]\n[ 82.890906] but task is already holding lock:\n[ 82.890906] ffff888006994110 (\u0026sch-\u003eq.lock){+.-.}-{3:3}, at:\n__dev_queue_xmit+0x1778/0x3550\n[ 82.890906]\n[ 82.890906] other info that might help us debug this:\n[ 82.890906] Possible unsafe locking scenario:\n[ 82.890906]\n[ 82.890906] CPU0\n[ 82.890906] ----\n[ 82.890906] lock(\u0026sch-\u003eq.lock);\n[ 82.890906] lock(\u0026sch-\u003eq.lock);\n[ 82.890906]\n[ 82.890906] *** DEADLOCK ***\n[ 82.890906]\n[..... other info removed for brevity....]\n\nExample setup (eth0-\u003eeth0) to recreate\ntc qdisc add dev eth0 root handle 1: htb default 30\ntc filter add dev eth0 handle 1: protocol ip prio 2 matchall \\\n action mirred egress redirect dev eth0\n\nAnother example(eth0-\u003eeth1-\u003eeth0) to recreate\ntc qdisc add dev eth0 root handle 1: htb default 30\ntc filter add dev eth0 handle 1: protocol ip prio 2 matchall \\\n action mirred egress redirect dev eth1\n\ntc qdisc add dev eth1 root handle 1: htb default 30\ntc filter add dev eth1 handle 1: protocol ip prio 2 matchall \\\n action mirred egress redirect dev eth0\n\nWe fix this by adding an owner field (CPU id) to struct Qdisc set after\nroot qdisc is entered. When the softirq enters it a second time, if the\nqdisc owner is the same CPU, the packet is dropped to break the loop."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:58.312Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e6b90468da4dae2281a6e381107f411efb48b0ef"
},
{
"url": "https://git.kernel.org/stable/c/0f022d32c3eca477fbf79a205243a6123ed0fe11"
}
],
"title": "net/sched: Fix mirred deadlock on device recursion",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27010",
"datePublished": "2024-05-01T05:29:23.494Z",
"dateReserved": "2024-02-19T14:20:24.208Z",
"dateUpdated": "2024-08-02T00:21:05.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27028
Vulnerability from cvelistv5
Published
2024-05-01 12:53
Modified
2024-08-02 00:21
Severity
Summary
spi: spi-mt65xx: Fix NULL pointer access in interrupt handler
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27028",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-23T17:22:02.102985Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:46:46.004Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2342b05ec5342a519e00524a507f7a6ea6791a38"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/55f8ea6731aa64871ee6aef7dba53ee9f9f3b2f6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bcfcdf19698024565eff427706ebbd8df65abd11"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c10fed329c1c104f375a75ed97ea3abef0786d62"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/766ec94cc57492eab97cbbf1595bd516ab0cb0e4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/62b1f837b15cf3ec2835724bdf8577e47d14c753"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bea82355df9e1c299625405b1947fc9b26b4c6d4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1784053cf10a14c4ebd8a890bad5cfe1bee51713"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a20ad45008a7c82f1184dc6dee280096009ece55"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/spi/spi-mt65xx.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "2342b05ec534",
"status": "affected",
"version": "1ce24864bff4",
"versionType": "git"
},
{
"lessThan": "55f8ea6731aa",
"status": "affected",
"version": "1ce24864bff4",
"versionType": "git"
},
{
"lessThan": "bcfcdf196980",
"status": "affected",
"version": "1ce24864bff4",
"versionType": "git"
},
{
"lessThan": "c10fed329c1c",
"status": "affected",
"version": "1ce24864bff4",
"versionType": "git"
},
{
"lessThan": "766ec94cc574",
"status": "affected",
"version": "1ce24864bff4",
"versionType": "git"
},
{
"lessThan": "62b1f837b15c",
"status": "affected",
"version": "1ce24864bff4",
"versionType": "git"
},
{
"lessThan": "bea82355df9e",
"status": "affected",
"version": "1ce24864bff4",
"versionType": "git"
},
{
"lessThan": "1784053cf10a",
"status": "affected",
"version": "1ce24864bff4",
"versionType": "git"
},
{
"lessThan": "a20ad45008a7",
"status": "affected",
"version": "1ce24864bff4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/spi/spi-mt65xx.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.11"
},
{
"lessThan": "4.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.311",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.273",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.153",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.83",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-mt65xx: Fix NULL pointer access in interrupt handler\n\nThe TX buffer in spi_transfer can be a NULL pointer, so the interrupt\nhandler may end up writing to the invalid memory and cause crashes.\n\nAdd a check to trans-\u003etx_buf before using it."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:17.317Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/2342b05ec5342a519e00524a507f7a6ea6791a38"
},
{
"url": "https://git.kernel.org/stable/c/55f8ea6731aa64871ee6aef7dba53ee9f9f3b2f6"
},
{
"url": "https://git.kernel.org/stable/c/bcfcdf19698024565eff427706ebbd8df65abd11"
},
{
"url": "https://git.kernel.org/stable/c/c10fed329c1c104f375a75ed97ea3abef0786d62"
},
{
"url": "https://git.kernel.org/stable/c/766ec94cc57492eab97cbbf1595bd516ab0cb0e4"
},
{
"url": "https://git.kernel.org/stable/c/62b1f837b15cf3ec2835724bdf8577e47d14c753"
},
{
"url": "https://git.kernel.org/stable/c/bea82355df9e1c299625405b1947fc9b26b4c6d4"
},
{
"url": "https://git.kernel.org/stable/c/1784053cf10a14c4ebd8a890bad5cfe1bee51713"
},
{
"url": "https://git.kernel.org/stable/c/a20ad45008a7c82f1184dc6dee280096009ece55"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "spi: spi-mt65xx: Fix NULL pointer access in interrupt handler",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27028",
"datePublished": "2024-05-01T12:53:19.069Z",
"dateReserved": "2024-02-19T14:20:24.210Z",
"dateUpdated": "2024-08-02T00:21:05.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27029
Vulnerability from cvelistv5
Published
2024-05-01 12:53
Modified
2024-08-02 00:21
Severity
Summary
drm/amdgpu: fix mmhub client id out-of-bounds access
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e1e076bda4fd6378ae650f2c6ef1a4ff93c5aea5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1f24b3040f2b6ffcb97151fabb3070328254d923"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6540ff6482c1a5a6890ae44b23d0852ba1986d9e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/amdgpu/mmhub_v3_3.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e1e076bda4fd",
"status": "affected",
"version": "aba2be41470a",
"versionType": "git"
},
{
"lessThan": "1f24b3040f2b",
"status": "affected",
"version": "aba2be41470a",
"versionType": "git"
},
{
"lessThan": "6540ff6482c1",
"status": "affected",
"version": "aba2be41470a",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/amdgpu/mmhub_v3_3.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.7"
},
{
"lessThan": "6.7",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix mmhub client id out-of-bounds access\n\nProperly handle cid 0x140."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:27:18.323Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e1e076bda4fd6378ae650f2c6ef1a4ff93c5aea5"
},
{
"url": "https://git.kernel.org/stable/c/1f24b3040f2b6ffcb97151fabb3070328254d923"
},
{
"url": "https://git.kernel.org/stable/c/6540ff6482c1a5a6890ae44b23d0852ba1986d9e"
}
],
"title": "drm/amdgpu: fix mmhub client id out-of-bounds access",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27029",
"datePublished": "2024-05-01T12:53:22.513Z",
"dateReserved": "2024-02-19T14:20:24.211Z",
"dateUpdated": "2024-08-02T00:21:05.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26959
Vulnerability from cvelistv5
Published
2024-05-01 05:19
Modified
2024-08-02 00:21
Severity
Summary
Bluetooth: btnxpuart: Fix btnxpuart_close
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26959",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T14:25:54.572177Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T14:26:04.903Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.891Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d4e2365b07f1ae1f811a915b514caef5b2d6581e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/586e099c93fe26b7bd40593979532f507ed9f6a4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/74bcf708775c405f7fb6ed776ccd3e1957f38a52"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/664130c0b0309b360bc5bdd40a30604a9387bde8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/bluetooth/btnxpuart.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d4e2365b07f1",
"status": "affected",
"version": "689ca16e5232",
"versionType": "git"
},
{
"lessThan": "586e099c93fe",
"status": "affected",
"version": "689ca16e5232",
"versionType": "git"
},
{
"lessThan": "74bcf708775c",
"status": "affected",
"version": "689ca16e5232",
"versionType": "git"
},
{
"lessThan": "664130c0b030",
"status": "affected",
"version": "689ca16e5232",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/bluetooth/btnxpuart.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"lessThan": "6.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Fix btnxpuart_close\n\nFix scheduling while atomic BUG in btnxpuart_close(), properly\npurge the transmit queue and free the receive skb.\n\n[ 10.973809] BUG: scheduling while atomic: kworker/u9:0/80/0x00000002\n...\n[ 10.980740] CPU: 3 PID: 80 Comm: kworker/u9:0 Not tainted 6.8.0-rc7-0.0.0-devel-00005-g61fdfceacf09 #1\n[ 10.980751] Hardware name: Toradex Verdin AM62 WB on Dahlia Board (DT)\n[ 10.980760] Workqueue: hci0 hci_power_off [bluetooth]\n[ 10.981169] Call trace:\n...\n[ 10.981363] uart_update_mctrl+0x58/0x78\n[ 10.981373] uart_dtr_rts+0x104/0x114\n[ 10.981381] tty_port_shutdown+0xd4/0xdc\n[ 10.981396] tty_port_close+0x40/0xbc\n[ 10.981407] uart_close+0x34/0x9c\n[ 10.981414] ttyport_close+0x50/0x94\n[ 10.981430] serdev_device_close+0x40/0x50\n[ 10.981442] btnxpuart_close+0x24/0x98 [btnxpuart]\n[ 10.981469] hci_dev_close_sync+0x2d8/0x718 [bluetooth]\n[ 10.981728] hci_dev_do_close+0x2c/0x70 [bluetooth]\n[ 10.981862] hci_power_off+0x20/0x64 [bluetooth]"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:53.219Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d4e2365b07f1ae1f811a915b514caef5b2d6581e"
},
{
"url": "https://git.kernel.org/stable/c/586e099c93fe26b7bd40593979532f507ed9f6a4"
},
{
"url": "https://git.kernel.org/stable/c/74bcf708775c405f7fb6ed776ccd3e1957f38a52"
},
{
"url": "https://git.kernel.org/stable/c/664130c0b0309b360bc5bdd40a30604a9387bde8"
}
],
"title": "Bluetooth: btnxpuart: Fix btnxpuart_close",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26959",
"datePublished": "2024-05-01T05:19:08.184Z",
"dateReserved": "2024-02-19T14:20:24.200Z",
"dateUpdated": "2024-08-02T00:21:05.891Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27079
Vulnerability from cvelistv5
Published
2024-05-01 13:04
Modified
2024-08-02 00:27
Severity
Summary
iommu/vt-d: Fix NULL domain on device release
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27079",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T17:45:27.745235Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:46:28.295Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:57.800Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/333fe86968482ca701c609af590003bcea450e8f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/81e921fd321614c2ad8ac333b041aae1da7a1c6d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/iommu/intel/iommu.c",
"drivers/iommu/intel/pasid.c",
"drivers/iommu/intel/pasid.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "333fe8696848",
"status": "affected",
"version": "586081d3f6b1",
"versionType": "git"
},
{
"lessThan": "81e921fd3216",
"status": "affected",
"version": "586081d3f6b1",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/iommu/intel/iommu.c",
"drivers/iommu/intel/pasid.c",
"drivers/iommu/intel/pasid.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.18"
},
{
"lessThan": "5.18",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix NULL domain on device release\n\nIn the kdump kernel, the IOMMU operates in deferred_attach mode. In this\nmode, info-\u003edomain may not yet be assigned by the time the release_device\nfunction is called. It leads to the following crash in the crash kernel:\n\n BUG: kernel NULL pointer dereference, address: 000000000000003c\n ...\n RIP: 0010:do_raw_spin_lock+0xa/0xa0\n ...\n _raw_spin_lock_irqsave+0x1b/0x30\n intel_iommu_release_device+0x96/0x170\n iommu_deinit_device+0x39/0xf0\n __iommu_group_remove_device+0xa0/0xd0\n iommu_bus_notifier+0x55/0xb0\n notifier_call_chain+0x5a/0xd0\n blocking_notifier_call_chain+0x41/0x60\n bus_notify+0x34/0x50\n device_del+0x269/0x3d0\n pci_remove_bus_device+0x77/0x100\n p2sb_bar+0xae/0x1d0\n ...\n i801_probe+0x423/0x740\n\nUse the release_domain mechanism to fix it. The scalable mode context\nentry which is not part of release domain should be cleared in\nrelease_device()."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:28:10.911Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/333fe86968482ca701c609af590003bcea450e8f"
},
{
"url": "https://git.kernel.org/stable/c/81e921fd321614c2ad8ac333b041aae1da7a1c6d"
}
],
"title": "iommu/vt-d: Fix NULL domain on device release",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27079",
"datePublished": "2024-05-01T13:04:58.511Z",
"dateReserved": "2024-02-19T14:20:24.217Z",
"dateUpdated": "2024-08-02T00:27:57.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26954
Vulnerability from cvelistv5
Published
2024-05-01 05:18
Modified
2024-08-02 00:21
Severity
Summary
ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.749Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3b8da67191e938a63d2736dabb4ac5d337e5de57"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4f97e6a9d62cb1fce82fbf4baff44b83221bc178"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a80a486d72e20bd12c335bcd38b6e6f19356b0aa"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/smb/server/smb2misc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3b8da67191e9",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "4f97e6a9d62c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "a80a486d72e2",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/smb/server/smb2misc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()\n\nIf -\u003eNameOffset of smb2_create_req is smaller than Buffer offset of\nsmb2_create_req, slab-out-of-bounds read can happen from smb2_open.\nThis patch set the minimum value of the name offset to the buffer offset\nto validate name length of smb2_create_req()."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:48.080Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3b8da67191e938a63d2736dabb4ac5d337e5de57"
},
{
"url": "https://git.kernel.org/stable/c/4f97e6a9d62cb1fce82fbf4baff44b83221bc178"
},
{
"url": "https://git.kernel.org/stable/c/a80a486d72e20bd12c335bcd38b6e6f19356b0aa"
}
],
"title": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26954",
"datePublished": "2024-05-01T05:18:47.428Z",
"dateReserved": "2024-02-19T14:20:24.200Z",
"dateUpdated": "2024-08-02T00:21:05.749Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26984
Vulnerability from cvelistv5
Published
2024-05-01 05:27
Modified
2024-08-02 00:21
Severity
Summary
nouveau: fix instmem race condition around ptr stores
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "bba8ec5e9b16 ",
"status": "affected",
"version": "be55287aa5ba",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": " 1bc4825d4c3e ",
"status": "affected",
"version": "be55287aa5ba",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": " 13d76b2f443d ",
"status": "affected",
"version": "be55287aa5ba",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "3ab056814cd8 ",
"status": "affected",
"version": "be55287aa5ba",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "ad74d208f213 ",
"status": "affected",
"version": "be55287aa5ba",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "a019b44b1bc6 ",
"status": "affected",
"version": "be55287aa5ba",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "21ca9539f093 ",
"status": "affected",
"version": "be55287aa5ba",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "fff1386cc889 ",
"status": "affected",
"version": "be55287aa5ba",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "4.20",
"status": "unaffected",
"version": "4.19.313",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "5.5",
"status": "unaffected",
"version": "5.4.275",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "5.16",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "6.2",
"status": "unaffected",
"version": " 6.1.88 ",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "6.7",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "6.9",
"status": "unaffected",
"version": " 6.8.8",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unaffected",
"version": "6.9"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "4.15",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:4.15:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "4.15"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "5.11",
"status": "unaffected",
"version": "5.10.216",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-26984",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T18:32:28.143908Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T15:04:43.043Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bba8ec5e9b16649d85bc9e9086bf7ae5b5716ff9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1bc4825d4c3ec6abe43cf06c3c39d664d044cbf7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/13d76b2f443dc371842916dd8768009ff1594716"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3ab056814cd8ab84744c9a19ef51360b2271c572"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ad74d208f213c06d860916ad40f609ade8c13039"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a019b44b1bc6ed224c46fb5f88a8a10dd116e525"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/21ca9539f09360fd83654f78f2c361f2f5ddcb52"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fff1386cc889d8fb4089d285f883f8cba62d82ce"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/nouveau/nvkm/subdev/instmem/nv50.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "bba8ec5e9b16",
"status": "affected",
"version": "be55287aa5ba",
"versionType": "git"
},
{
"lessThan": "1bc4825d4c3e",
"status": "affected",
"version": "be55287aa5ba",
"versionType": "git"
},
{
"lessThan": "13d76b2f443d",
"status": "affected",
"version": "be55287aa5ba",
"versionType": "git"
},
{
"lessThan": "3ab056814cd8",
"status": "affected",
"version": "be55287aa5ba",
"versionType": "git"
},
{
"lessThan": "ad74d208f213",
"status": "affected",
"version": "be55287aa5ba",
"versionType": "git"
},
{
"lessThan": "a019b44b1bc6",
"status": "affected",
"version": "be55287aa5ba",
"versionType": "git"
},
{
"lessThan": "21ca9539f093",
"status": "affected",
"version": "be55287aa5ba",
"versionType": "git"
},
{
"lessThan": "fff1386cc889",
"status": "affected",
"version": "be55287aa5ba",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/nouveau/nvkm/subdev/instmem/nv50.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.15"
},
{
"lessThan": "4.15",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.313",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.275",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.216",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.157",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau: fix instmem race condition around ptr stores\n\nRunning a lot of VK CTS in parallel against nouveau, once every\nfew hours you might see something like this crash.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nPGD 8000000114e6e067 P4D 8000000114e6e067 PUD 109046067 PMD 0\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 7 PID: 53891 Comm: deqp-vk Not tainted 6.8.0-rc6+ #27\nHardware name: Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI/Z390 I AORUS PRO WIFI-CF, BIOS F8 11/05/2021\nRIP: 0010:gp100_vmm_pgt_mem+0xe3/0x180 [nouveau]\nCode: c7 48 01 c8 49 89 45 58 85 d2 0f 84 95 00 00 00 41 0f b7 46 12 49 8b 7e 08 89 da 42 8d 2c f8 48 8b 47 08 41 83 c7 01 48 89 ee \u003c48\u003e 8b 40 08 ff d0 0f 1f 00 49 8b 7e 08 48 89 d9 48 8d 75 04 48 c1\nRSP: 0000:ffffac20c5857838 EFLAGS: 00010202\nRAX: 0000000000000000 RBX: 00000000004d8001 RCX: 0000000000000001\nRDX: 00000000004d8001 RSI: 00000000000006d8 RDI: ffffa07afe332180\nRBP: 00000000000006d8 R08: ffffac20c5857ad0 R09: 0000000000ffff10\nR10: 0000000000000001 R11: ffffa07af27e2de0 R12: 000000000000001c\nR13: ffffac20c5857ad0 R14: ffffa07a96fe9040 R15: 000000000000001c\nFS: 00007fe395eed7c0(0000) GS:ffffa07e2c980000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000008 CR3: 000000011febe001 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\n...\n\n ? gp100_vmm_pgt_mem+0xe3/0x180 [nouveau]\n ? gp100_vmm_pgt_mem+0x37/0x180 [nouveau]\n nvkm_vmm_iter+0x351/0xa20 [nouveau]\n ? __pfx_nvkm_vmm_ref_ptes+0x10/0x10 [nouveau]\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n ? __lock_acquire+0x3ed/0x2170\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n nvkm_vmm_ptes_get_map+0xc2/0x100 [nouveau]\n ? __pfx_nvkm_vmm_ref_ptes+0x10/0x10 [nouveau]\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n nvkm_vmm_map_locked+0x224/0x3a0 [nouveau]\n\nAdding any sort of useful debug usually makes it go away, so I hand\nwrote the function in a line, and debugged the asm.\n\nEvery so often pt-\u003ememory-\u003eptrs is NULL. This ptrs ptr is set in\nthe nv50_instobj_acquire called from nvkm_kmap.\n\nIf Thread A and Thread B both get to nv50_instobj_acquire around\nthe same time, and Thread A hits the refcount_set line, and in\nlockstep thread B succeeds at refcount_inc_not_zero, there is a\nchance the ptrs value won\u0027t have been stored since refcount_set\nis unordered. Force a memory barrier here, I picked smp_mb, since\nwe want it on all CPUs and it\u0027s write followed by a read.\n\nv2: use paired smp_rmb/smp_wmb."
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:26:25.471Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/bba8ec5e9b16649d85bc9e9086bf7ae5b5716ff9"
},
{
"url": "https://git.kernel.org/stable/c/1bc4825d4c3ec6abe43cf06c3c39d664d044cbf7"
},
{
"url": "https://git.kernel.org/stable/c/13d76b2f443dc371842916dd8768009ff1594716"
},
{
"url": "https://git.kernel.org/stable/c/3ab056814cd8ab84744c9a19ef51360b2271c572"
},
{
"url": "https://git.kernel.org/stable/c/ad74d208f213c06d860916ad40f609ade8c13039"
},
{
"url": "https://git.kernel.org/stable/c/a019b44b1bc6ed224c46fb5f88a8a10dd116e525"
},
{
"url": "https://git.kernel.org/stable/c/21ca9539f09360fd83654f78f2c361f2f5ddcb52"
},
{
"url": "https://git.kernel.org/stable/c/fff1386cc889d8fb4089d285f883f8cba62d82ce"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "nouveau: fix instmem race condition around ptr stores",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26984",
"datePublished": "2024-05-01T05:27:20.506Z",
"dateReserved": "2024-02-19T14:20:24.204Z",
"dateUpdated": "2024-08-02T00:21:05.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26939
Vulnerability from cvelistv5
Published
2024-05-01 05:17
Modified
2024-08-02 00:21
Severity
Summary
drm/i915/vma: Fix UAF on destroy against retire race
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26939",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T18:59:58.125327Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T19:00:13.886Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:21:05.670Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/704edc9252f4988ae1ad7dafa23d0db8d90d7190"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5e3eb862df9f972ab677fb19e0d4b9b1be8db7b5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/59b2626dd8c8a2e13f18054b3530e0c00073d79f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0e45882ca829b26b915162e8e86dbb1095768e9e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/i915/i915_vma.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "704edc9252f4",
"status": "affected",
"version": "d93939730347",
"versionType": "git"
},
{
"lessThan": "5e3eb862df9f",
"status": "affected",
"version": "d93939730347",
"versionType": "git"
},
{
"lessThan": "59b2626dd8c8",
"status": "affected",
"version": "d93939730347",
"versionType": "git"
},
{
"lessThan": "0e45882ca829",
"status": "affected",
"version": "d93939730347",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/i915/i915_vma.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.19"
},
{
"lessThan": "5.19",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.29",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/vma: Fix UAF on destroy against retire race\n\nObject debugging tools were sporadically reporting illegal attempts to\nfree a still active i915 VMA object when parking a GT believed to be idle.\n\n[161.359441] ODEBUG: free active (active state 0) object: ffff88811643b958 object type: i915_active hint: __i915_vma_active+0x0/0x50 [i915]\n[161.360082] WARNING: CPU: 5 PID: 276 at lib/debugobjects.c:514 debug_print_object+0x80/0xb0\n...\n[161.360304] CPU: 5 PID: 276 Comm: kworker/5:2 Not tainted 6.5.0-rc1-CI_DRM_13375-g003f860e5577+ #1\n[161.360314] Hardware name: Intel Corporation Rocket Lake Client Platform/RocketLake S UDIMM 6L RVP, BIOS RKLSFWI1.R00.3173.A03.2204210138 04/21/2022\n[161.360322] Workqueue: i915-unordered __intel_wakeref_put_work [i915]\n[161.360592] RIP: 0010:debug_print_object+0x80/0xb0\n...\n[161.361347] debug_object_free+0xeb/0x110\n[161.361362] i915_active_fini+0x14/0x130 [i915]\n[161.361866] release_references+0xfe/0x1f0 [i915]\n[161.362543] i915_vma_parked+0x1db/0x380 [i915]\n[161.363129] __gt_park+0x121/0x230 [i915]\n[161.363515] ____intel_wakeref_put_last+0x1f/0x70 [i915]\n\nThat has been tracked down to be happening when another thread is\ndeactivating the VMA inside __active_retire() helper, after the VMA\u0027s\nactive counter has been already decremented to 0, but before deactivation\nof the VMA\u0027s object is reported to the object debugging tool.\n\nWe could prevent from that race by serializing i915_active_fini() with\n__active_retire() via ref-\u003etree_lock, but that wouldn\u0027t stop the VMA from\nbeing used, e.g. from __i915_vma_retire() called at the end of\n__active_retire(), after that VMA has been already freed by a concurrent\ni915_vma_destroy() on return from the i915_active_fini(). Then, we should\nrather fix the issue at the VMA level, not in i915_active.\n\nSince __i915_vma_parked() is called from __gt_park() on last put of the\nGT\u0027s wakeref, the issue could be addressed by holding the GT wakeref long\nenough for __active_retire() to complete before that wakeref is released\nand the GT parked.\n\nI believe the issue was introduced by commit d93939730347 (\"drm/i915:\nRemove the vma refcount\") which moved a call to i915_active_fini() from\na dropped i915_vma_release(), called on last put of the removed VMA kref,\nto i915_vma_parked() processing path called on last put of a GT wakeref.\nHowever, its visibility to the object debugging tool was suppressed by a\nbug in i915_active that was fixed two weeks later with commit e92eb246feb9\n(\"drm/i915/active: Fix missing debug object activation\").\n\nA VMA associated with a request doesn\u0027t acquire a GT wakeref by itself.\nInstead, it depends on a wakeref held directly by the request\u0027s active\nintel_context for a GT associated with its VM, and indirectly on that\nintel_context\u0027s engine wakeref if the engine belongs to the same GT as the\nVMA\u0027s VM. Those wakerefs are released asynchronously to VMA deactivation.\n\nFix the issue by getting a wakeref for the VMA\u0027s GT when activating it,\nand putting that wakeref only after the VMA is deactivated. However,\nexclude global GTT from that processing path, otherwise the GPU never goes\nidle. Since __i915_vma_retire() may be called from atomic contexts, use\nasync variant of wakeref put. Also, to avoid circular locking dependency,\ntake care of acquiring the wakeref before VM mutex when both are needed.\n\nv7: Add inline comments with justifications for:\n - using untracked variants of intel_gt_pm_get/put() (Nirmoy),\n - using async variant of _put(),\n - not getting the wakeref in case of a global GTT,\n - always getting the first wakeref outside vm-\u003emutex.\nv6: Since __i915_vma_active/retire() callbacks are not serialized, storing\n a wakeref tracking handle inside struct i915_vma is not safe, and\n there is no other good place for that. Use untracked variants of\n intel_gt_pm_get/put_async().\nv5: Replace \"tile\" with \"GT\" across commit description (Rodrigo),\n - \n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T05:25:32.198Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/704edc9252f4988ae1ad7dafa23d0db8d90d7190"
},
{
"url": "https://git.kernel.org/stable/c/5e3eb862df9f972ab677fb19e0d4b9b1be8db7b5"
},
{
"url": "https://git.kernel.org/stable/c/59b2626dd8c8a2e13f18054b3530e0c00073d79f"
},
{
"url": "https://git.kernel.org/stable/c/0e45882ca829b26b915162e8e86dbb1095768e9e"
}
],
"title": "drm/i915/vma: Fix UAF on destroy against retire race",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26939",
"datePublished": "2024-05-01T05:17:44.370Z",
"dateReserved": "2024-02-19T14:20:24.196Z",
"dateUpdated": "2024-08-02T00:21:05.670Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading...