csaf_certbund - wid-sec-w-2024-1197

wid-sec-w-2024-1197

Vulnerability from csaf_certbund

Published

2024-05-21 22:00

Modified

2024-07-24 22:00

Summary

Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder unspezifische Angriffe durchzuführen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder unspezifische Angriffe durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1197 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1197.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1197 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1197"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47368 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052139-CVE-2021-47368-1290@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47374 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052141-CVE-2021-47374-41c2@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47375 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052141-CVE-2021-47375-8849@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47376 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052142-CVE-2021-47376-1032@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47377 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052142-CVE-2021-47377-8c20@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47403 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052150-CVE-2021-47403-b338@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47404 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052150-CVE-2021-47404-f851@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47405 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052150-CVE-2021-47405-b693@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47406 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052150-CVE-2021-47406-04e3@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47407 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052151-CVE-2021-47407-fd65@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47408 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052151-CVE-2021-47408-ad88@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47409 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052151-CVE-2021-47409-1856@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47410 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052152-CVE-2021-47410-3b06@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47411 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052152-CVE-2021-47411-9e6f@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47412 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052152-CVE-2021-47412-b362@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47413 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052153-CVE-2021-47413-5ff4@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47414 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052153-CVE-2021-47414-a400@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47415 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052153-CVE-2021-47415-4e3d@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47416 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2021-47416-7584@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47417 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2021-47417-783a@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47418 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2021-47418-342e@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47419 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2021-47419-22ab@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47420 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2021-47420-939e@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47421 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2021-47421-00f1@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47422 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2021-47422-3f95@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47423 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2021-47423-6632@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47424 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2021-47424-a4dc@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47425 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2021-47425-8e9f@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47426 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2021-47426-8f34@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47427 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2021-47427-ffc6@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47428 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2021-47428-f3c0@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47429 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2021-47429-e386@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47430 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2021-47430-7b38@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47431 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2021-47431-ff0c@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2021-47432 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052143-CVE-2021-47432-5e69@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2022-48706 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052153-CVE-2022-48706-3175@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2022-48707 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2022-48707-8523@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2022-48708 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2022-48708-ba53@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2022-48709 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2022-48709-4ab8@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2022-48710 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052143-CVE-2022-48710-aa43@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52700 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2023-52700-1e45@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52701 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2023-52701-5037@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52702 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2023-52702-ebca@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52703 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2023-52703-abcb@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52704 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2023-52704-0d9a@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52705 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2023-52705-8468@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52706 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52706-1652@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52707 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52707-e048@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52708 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52708-d68d@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52730 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52730-1c8f@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52731 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052159-CVE-2023-52731-29ab@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52732 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052159-CVE-2023-52732-c783@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52733 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052159-CVE-2023-52733-601c@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52734 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52734-c8c2@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52735 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52735-4df1@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52736 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52736-ff92@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52737 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052101-CVE-2023-52737-e10e@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52738 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052101-CVE-2023-52738-f1bb@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52739 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052101-CVE-2023-52739-46c6@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52740 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052101-CVE-2023-52740-3265@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52741 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52741-6a1e@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52742 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52742-005f@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52743 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52743-f027@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52744 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052103-CVE-2023-52744-1e58@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52745 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052103-CVE-2023-52745-3727@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52746 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052103-CVE-2023-52746-0476@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52747 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052104-CVE-2023-52747-a85f@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52748 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052143-CVE-2023-52748-577d@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52749 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052144-CVE-2023-52749-684e@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52750 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052144-CVE-2023-52750-2115@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52751 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052144-CVE-2023-52751-69df@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52752 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052144-CVE-2023-52752-2342@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52753 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052145-CVE-2023-52753-0805@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52754 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052145-CVE-2023-52754-9725@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52755 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052145-CVE-2023-52755-0e00@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52756 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052146-CVE-2023-52756-f694@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52757 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052146-CVE-2023-52757-5028@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52758 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052146-CVE-2023-52758-9b23@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52759 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052147-CVE-2023-52759-0e9f@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52760 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052147-CVE-2023-52760-5ac4@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52761 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052147-CVE-2023-52761-5ddf@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52762 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052147-CVE-2023-52762-fe90@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52763 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052148-CVE-2023-52763-34b7@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52764 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052148-CVE-2023-52764-fa3b@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52765 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052148-CVE-2023-52765-3bc7@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52766 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052149-CVE-2023-52766-2ae1@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52767 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052149-CVE-2023-52767-1f5b@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52768 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052149-CVE-2023-52768-68fc@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52769 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052150-CVE-2023-52769-8bac@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52770 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052150-CVE-2023-52770-fa95@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52771 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052150-CVE-2023-52771-43ad@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52772 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052150-CVE-2023-52772-4875@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52773 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052151-CVE-2023-52773-8334@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52774 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052151-CVE-2023-52774-1657@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52775 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052151-CVE-2023-52775-38a8@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52776 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052152-CVE-2023-52776-1f55@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52777 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052152-CVE-2023-52777-2f32@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52778 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052152-CVE-2023-52778-2a54@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52779 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052153-CVE-2023-52779-59e8@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52780 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052153-CVE-2023-52780-0324@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52781 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052153-CVE-2023-52781-8f04@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52782 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052153-CVE-2023-52782-acc6@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52783 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2023-52783-8ea7@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52784 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2023-52784-80ad@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52785 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2023-52785-8104@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52786 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2023-52786-ff76@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52787 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2023-52787-67f0@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52788 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2023-52788-9cb4@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52789 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2023-52789-6006@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52790 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2023-52790-2a4f@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52791 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2023-52791-f2b9@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52792 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2023-52792-69ce@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52793 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2023-52793-18ab@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52794 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2023-52794-bb34@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52795 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2023-52795-4811@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52796 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52796-860d@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52797 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52797-3d7a@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52798 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52798-374e@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52799 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052159-CVE-2023-52799-c335@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52800 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052159-CVE-2023-52800-63da@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52801 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052159-CVE-2023-52801-b287@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52802 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052159-CVE-2023-52802-81ce@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52803 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52803-1f43@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52804 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52804-b817@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52805 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52805-1338@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52806 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052101-CVE-2023-52806-e9ee@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52807 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052101-CVE-2023-52807-dcb9@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52808 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052101-CVE-2023-52808-b457@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52809 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52809-f07c@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52810 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52810-efd0@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52811 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52811-2a5f@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52812 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52812-b5b2@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52813 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052103-CVE-2023-52813-0704@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52814 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052103-CVE-2023-52814-1cae@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52815 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052103-CVE-2023-52815-a80a@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52816 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052104-CVE-2023-52816-73c7@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52817 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052104-CVE-2023-52817-ba29@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52818 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052104-CVE-2023-52818-758f@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52819 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052105-CVE-2023-52819-98d5@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52820 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052105-CVE-2023-52820-1d6d@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52821 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052105-CVE-2023-52821-1b6f@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52822 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052105-CVE-2023-52822-9e83@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52823 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052106-CVE-2023-52823-3d81@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52824 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052106-CVE-2023-52824-3586@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52825 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052106-CVE-2023-52825-0696@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52826 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052107-CVE-2023-52826-9960@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52827 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052107-CVE-2023-52827-c62f@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52828 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052107-CVE-2023-52828-e1e5@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52829 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052108-CVE-2023-52829-3283@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52830 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052108-CVE-2023-52830-529a@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52831 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052108-CVE-2023-52831-ce31@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52832 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052108-CVE-2023-52832-b9d9@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52833 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052109-CVE-2023-52833-eee3@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52834 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052109-CVE-2023-52834-4c46@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52835 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052109-CVE-2023-52835-80ee@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52836 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052110-CVE-2023-52836-930a@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52837 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052110-CVE-2023-52837-6490@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52838 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052110-CVE-2023-52838-be44@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52839 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052111-CVE-2023-52839-e3d4@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52840 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052111-CVE-2023-52840-8a3d@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52841 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052111-CVE-2023-52841-1157@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52842 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052111-CVE-2023-52842-711c@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52843 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052112-CVE-2023-52843-6515@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52844 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052112-CVE-2023-52844-e2e7@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52845 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052112-CVE-2023-52845-0245@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52846 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052113-CVE-2023-52846-c0ec@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52847 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052113-CVE-2023-52847-a551@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52848 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052113-CVE-2023-52848-a5fa@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52849 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052114-CVE-2023-52849-b63f@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52850 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052114-CVE-2023-52850-d1a1@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52851 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052114-CVE-2023-52851-b53c@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52852 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052114-CVE-2023-52852-e55a@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52853 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052115-CVE-2023-52853-5fd3@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52854 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052115-CVE-2023-52854-7657@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52855 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052115-CVE-2023-52855-3a55@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52856 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052116-CVE-2023-52856-fe35@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52857 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052116-CVE-2023-52857-e288@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52858 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052116-CVE-2023-52858-24db@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52859 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052117-CVE-2023-52859-ad0e@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52860 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052117-CVE-2023-52860-fc61@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52861 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052117-CVE-2023-52861-acb2@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52862 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052117-CVE-2023-52862-b020@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52863 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052118-CVE-2023-52863-490d@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52864 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052118-CVE-2023-52864-15cd@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52865 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052118-CVE-2023-52865-6412@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52866 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052119-CVE-2023-52866-c17d@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52867 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052119-CVE-2023-52867-3f26@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52868 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052119-CVE-2023-52868-c2c3@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52869 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052120-CVE-2023-52869-6f57@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52870 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052120-CVE-2023-52870-9af4@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52871 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052120-CVE-2023-52871-eaa4@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52872 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052120-CVE-2023-52872-48fd@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52873 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052121-CVE-2023-52873-cbe9@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52874 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052121-CVE-2023-52874-2fda@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52875 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052121-CVE-2023-52875-99fe@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52876 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052122-CVE-2023-52876-db2f@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52877 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052122-CVE-2023-52877-0826@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52878 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052122-CVE-2023-52878-d433@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement CVE-2023-52879 vom 2024-05-21",
        "url": "https://lore.kernel.org/linux-cve-announce/2024052122-CVE-2023-52879-fa4d@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcements vom 2024-05-21",
        "url": "https://kernel.org/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1979-1 vom 2024-06-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018685.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1978-1 vom 2024-06-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018686.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1983-1 vom 2024-06-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018700.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2011-1 vom 2024-06-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018710.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2010-1 vom 2024-06-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018711.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2008-1 vom 2024-06-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018706.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2135-1 vom 2024-06-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018783.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2183-1 vom 2024-06-24",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018808.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2184-1 vom 2024-06-24",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018807.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2185-1 vom 2024-06-24",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018809.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASKERNEL-5.10-2024-061 vom 2024-06-25",
        "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2024-061.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASKERNEL-5.10-2024-062 vom 2024-06-25",
        "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2024-062.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASKERNEL-5.4-2024-072 vom 2024-06-25",
        "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2024-072.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2189-1 vom 2024-06-25",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018811.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2190-1 vom 2024-06-25",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018819.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4211 vom 2024-07-02",
        "url": "https://access.redhat.com/errata/RHSA-2024:4211"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-4211 vom 2024-07-03",
        "url": "https://linux.oracle.com/errata/ELSA-2024-4211.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4352 vom 2024-07-08",
        "url": "https://access.redhat.com/errata/RHSA-2024:4352"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2365-1 vom 2024-07-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018897.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2362-1 vom 2024-07-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018905.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2372-1 vom 2024-07-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018901.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2360-1 vom 2024-07-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018907.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2381-1 vom 2024-07-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018916.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2394-1 vom 2024-07-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018922.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4321 vom 2024-07-10",
        "url": "https://access.redhat.com/errata/RHSA-2024:4321"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2384-1 vom 2024-07-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018921.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2385-1 vom 2024-07-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018920.html"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2024:4352 vom 2024-07-15",
        "url": "https://errata.build.resf.org/RLSA-2024:4352"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2024:4211 vom 2024-07-15",
        "url": "https://errata.build.resf.org/RLSA-2024:4211"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2493-1 vom 2024-07-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018984.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2495-1 vom 2024-07-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018982.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5731 vom 2024-07-17",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00142.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4631 vom 2024-07-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:4631"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2561-1 vom 2024-07-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019001.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2571-1 vom 2024-07-22",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019019.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4823 vom 2024-07-24",
        "url": "https://access.redhat.com/errata/RHSA-2024:4823"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4831 vom 2024-07-24",
        "url": "https://access.redhat.com/errata/RHSA-2024:4831"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen erm\u00f6glichen Denial of Service und unspezifische Angriffe",
    "tracking": {
      "current_release_date": "2024-07-24T22:00:00.000+00:00",
      "generator": {
        "date": "2024-07-25T08:33:24.011+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2024-1197",
      "initial_release_date": "2024-05-21T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-05-21T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-05-22T22:00:00.000+00:00",
          "number": "2",
          "summary": "CVE Nummern erg\u00e4nzt"
        },
        {
          "date": "2024-06-10T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-06-11T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-06-12T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-06-23T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-06-24T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE und Amazon aufgenommen"
        },
        {
          "date": "2024-06-25T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-07-01T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-02T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-07-07T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-09T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-07-10T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von SUSE und Red Hat aufgenommen"
        },
        {
          "date": "2024-07-15T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2024-07-16T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-07-18T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Red Hat und SUSE aufgenommen"
        },
        {
          "date": "2024-07-22T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-07-24T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "18"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T034937",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-47223",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47223"
    },
    {
      "cve": "CVE-2021-47224",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47224"
    },
    {
      "cve": "CVE-2021-47234",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47234"
    },
    {
      "cve": "CVE-2021-47259",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47259"
    },
    {
      "cve": "CVE-2021-47270",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47270"
    },
    {
      "cve": "CVE-2021-47304",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47304"
    },
    {
      "cve": "CVE-2021-47335",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47335"
    },
    {
      "cve": "CVE-2021-47337",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47337"
    },
    {
      "cve": "CVE-2021-47338",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47338"
    },
    {
      "cve": "CVE-2021-47368",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47368"
    },
    {
      "cve": "CVE-2021-47370",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47370"
    },
    {
      "cve": "CVE-2021-47374",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47374"
    },
    {
      "cve": "CVE-2021-47375",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47375"
    },
    {
      "cve": "CVE-2021-47376",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47376"
    },
    {
      "cve": "CVE-2021-47377",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47377"
    },
    {
      "cve": "CVE-2021-47381",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47381"
    },
    {
      "cve": "CVE-2021-47403",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47403"
    },
    {
      "cve": "CVE-2021-47404",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47404"
    },
    {
      "cve": "CVE-2021-47405",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47405"
    },
    {
      "cve": "CVE-2021-47406",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47406"
    },
    {
      "cve": "CVE-2021-47407",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47407"
    },
    {
      "cve": "CVE-2021-47408",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47408"
    },
    {
      "cve": "CVE-2021-47409",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47409"
    },
    {
      "cve": "CVE-2021-47410",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47410"
    },
    {
      "cve": "CVE-2021-47411",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47411"
    },
    {
      "cve": "CVE-2021-47412",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47412"
    },
    {
      "cve": "CVE-2021-47413",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47413"
    },
    {
      "cve": "CVE-2021-47414",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47414"
    },
    {
      "cve": "CVE-2021-47415",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47415"
    },
    {
      "cve": "CVE-2021-47416",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47416"
    },
    {
      "cve": "CVE-2021-47417",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47417"
    },
    {
      "cve": "CVE-2021-47418",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47418"
    },
    {
      "cve": "CVE-2021-47419",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47419"
    },
    {
      "cve": "CVE-2021-47420",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47420"
    },
    {
      "cve": "CVE-2021-47421",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47421"
    },
    {
      "cve": "CVE-2021-47422",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47422"
    },
    {
      "cve": "CVE-2021-47423",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47423"
    },
    {
      "cve": "CVE-2021-47424",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47424"
    },
    {
      "cve": "CVE-2021-47425",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47425"
    },
    {
      "cve": "CVE-2021-47426",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47426"
    },
    {
      "cve": "CVE-2021-47427",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47427"
    },
    {
      "cve": "CVE-2021-47428",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47428"
    },
    {
      "cve": "CVE-2021-47429",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47429"
    },
    {
      "cve": "CVE-2021-47430",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47430"
    },
    {
      "cve": "CVE-2021-47431",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47431"
    },
    {
      "cve": "CVE-2021-47432",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47432"
    },
    {
      "cve": "CVE-2021-47433",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47433"
    },
    {
      "cve": "CVE-2021-47434",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47434"
    },
    {
      "cve": "CVE-2021-47435",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47435"
    },
    {
      "cve": "CVE-2021-47436",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47436"
    },
    {
      "cve": "CVE-2021-47437",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47437"
    },
    {
      "cve": "CVE-2021-47438",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47438"
    },
    {
      "cve": "CVE-2021-47439",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47439"
    },
    {
      "cve": "CVE-2021-47440",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47440"
    },
    {
      "cve": "CVE-2021-47441",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47441"
    },
    {
      "cve": "CVE-2021-47442",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47442"
    },
    {
      "cve": "CVE-2021-47443",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47443"
    },
    {
      "cve": "CVE-2021-47444",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47444"
    },
    {
      "cve": "CVE-2021-47445",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47445"
    },
    {
      "cve": "CVE-2021-47446",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47446"
    },
    {
      "cve": "CVE-2021-47447",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47447"
    },
    {
      "cve": "CVE-2021-47448",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47448"
    },
    {
      "cve": "CVE-2021-47449",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47449"
    },
    {
      "cve": "CVE-2021-47450",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47450"
    },
    {
      "cve": "CVE-2021-47451",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47451"
    },
    {
      "cve": "CVE-2021-47452",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47452"
    },
    {
      "cve": "CVE-2021-47453",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47453"
    },
    {
      "cve": "CVE-2021-47454",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47454"
    },
    {
      "cve": "CVE-2021-47455",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47455"
    },
    {
      "cve": "CVE-2021-47456",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47456"
    },
    {
      "cve": "CVE-2021-47457",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47457"
    },
    {
      "cve": "CVE-2021-47458",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47458"
    },
    {
      "cve": "CVE-2021-47459",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47459"
    },
    {
      "cve": "CVE-2021-47460",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47460"
    },
    {
      "cve": "CVE-2021-47461",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47461"
    },
    {
      "cve": "CVE-2021-47462",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47462"
    },
    {
      "cve": "CVE-2021-47463",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47463"
    },
    {
      "cve": "CVE-2021-47464",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47464"
    },
    {
      "cve": "CVE-2021-47465",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47465"
    },
    {
      "cve": "CVE-2021-47466",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47466"
    },
    {
      "cve": "CVE-2021-47467",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47467"
    },
    {
      "cve": "CVE-2021-47468",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47468"
    },
    {
      "cve": "CVE-2021-47469",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47469"
    },
    {
      "cve": "CVE-2021-47470",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47470"
    },
    {
      "cve": "CVE-2021-47471",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47471"
    },
    {
      "cve": "CVE-2021-47472",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47472"
    },
    {
      "cve": "CVE-2021-47473",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47473"
    },
    {
      "cve": "CVE-2021-47474",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47474"
    },
    {
      "cve": "CVE-2021-47475",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47475"
    },
    {
      "cve": "CVE-2021-47476",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47476"
    },
    {
      "cve": "CVE-2021-47477",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47477"
    },
    {
      "cve": "CVE-2021-47478",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47478"
    },
    {
      "cve": "CVE-2021-47479",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47479"
    },
    {
      "cve": "CVE-2021-47480",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47480"
    },
    {
      "cve": "CVE-2021-47481",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47481"
    },
    {
      "cve": "CVE-2021-47482",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47482"
    },
    {
      "cve": "CVE-2021-47483",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47483"
    },
    {
      "cve": "CVE-2021-47484",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47484"
    },
    {
      "cve": "CVE-2021-47485",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47485"
    },
    {
      "cve": "CVE-2021-47486",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47486"
    },
    {
      "cve": "CVE-2021-47487",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47487"
    },
    {
      "cve": "CVE-2021-47488",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47488"
    },
    {
      "cve": "CVE-2021-47489",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47489"
    },
    {
      "cve": "CVE-2021-47490",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47490"
    },
    {
      "cve": "CVE-2021-47491",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47491"
    },
    {
      "cve": "CVE-2021-47492",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47492"
    },
    {
      "cve": "CVE-2021-47493",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47493"
    },
    {
      "cve": "CVE-2021-47494",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47494"
    },
    {
      "cve": "CVE-2021-47495",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47495"
    },
    {
      "cve": "CVE-2021-47496",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47496"
    },
    {
      "cve": "CVE-2021-47497",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47497"
    },
    {
      "cve": "CVE-2021-47498",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2021-47498"
    },
    {
      "cve": "CVE-2022-48706",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2022-48706"
    },
    {
      "cve": "CVE-2022-48707",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2022-48707"
    },
    {
      "cve": "CVE-2022-48708",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2022-48708"
    },
    {
      "cve": "CVE-2022-48709",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2022-48709"
    },
    {
      "cve": "CVE-2022-48710",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2022-48710"
    },
    {
      "cve": "CVE-2023-52700",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52700"
    },
    {
      "cve": "CVE-2023-52701",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52701"
    },
    {
      "cve": "CVE-2023-52702",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52702"
    },
    {
      "cve": "CVE-2023-52703",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52703"
    },
    {
      "cve": "CVE-2023-52704",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52704"
    },
    {
      "cve": "CVE-2023-52705",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52705"
    },
    {
      "cve": "CVE-2023-52706",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52706"
    },
    {
      "cve": "CVE-2023-52707",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52707"
    },
    {
      "cve": "CVE-2023-52708",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52708"
    },
    {
      "cve": "CVE-2023-52730",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52730"
    },
    {
      "cve": "CVE-2023-52731",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52731"
    },
    {
      "cve": "CVE-2023-52732",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52732"
    },
    {
      "cve": "CVE-2023-52733",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52733"
    },
    {
      "cve": "CVE-2023-52734",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52734"
    },
    {
      "cve": "CVE-2023-52735",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52735"
    },
    {
      "cve": "CVE-2023-52736",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52736"
    },
    {
      "cve": "CVE-2023-52737",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52737"
    },
    {
      "cve": "CVE-2023-52738",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52738"
    },
    {
      "cve": "CVE-2023-52739",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52739"
    },
    {
      "cve": "CVE-2023-52740",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52740"
    },
    {
      "cve": "CVE-2023-52741",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52741"
    },
    {
      "cve": "CVE-2023-52742",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52742"
    },
    {
      "cve": "CVE-2023-52743",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52743"
    },
    {
      "cve": "CVE-2023-52744",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52744"
    },
    {
      "cve": "CVE-2023-52745",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52745"
    },
    {
      "cve": "CVE-2023-52746",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52746"
    },
    {
      "cve": "CVE-2023-52747",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52747"
    },
    {
      "cve": "CVE-2023-52748",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52748"
    },
    {
      "cve": "CVE-2023-52749",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52749"
    },
    {
      "cve": "CVE-2023-52750",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52750"
    },
    {
      "cve": "CVE-2023-52751",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52751"
    },
    {
      "cve": "CVE-2023-52752",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52752"
    },
    {
      "cve": "CVE-2023-52753",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52753"
    },
    {
      "cve": "CVE-2023-52754",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52754"
    },
    {
      "cve": "CVE-2023-52755",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52755"
    },
    {
      "cve": "CVE-2023-52756",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52756"
    },
    {
      "cve": "CVE-2023-52757",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52757"
    },
    {
      "cve": "CVE-2023-52758",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52758"
    },
    {
      "cve": "CVE-2023-52759",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52759"
    },
    {
      "cve": "CVE-2023-52760",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52760"
    },
    {
      "cve": "CVE-2023-52761",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52761"
    },
    {
      "cve": "CVE-2023-52762",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52762"
    },
    {
      "cve": "CVE-2023-52763",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52763"
    },
    {
      "cve": "CVE-2023-52764",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52764"
    },
    {
      "cve": "CVE-2023-52765",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52765"
    },
    {
      "cve": "CVE-2023-52766",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52766"
    },
    {
      "cve": "CVE-2023-52767",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52767"
    },
    {
      "cve": "CVE-2023-52768",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52768"
    },
    {
      "cve": "CVE-2023-52769",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52769"
    },
    {
      "cve": "CVE-2023-52770",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52770"
    },
    {
      "cve": "CVE-2023-52771",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52771"
    },
    {
      "cve": "CVE-2023-52772",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52772"
    },
    {
      "cve": "CVE-2023-52773",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52773"
    },
    {
      "cve": "CVE-2023-52774",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52774"
    },
    {
      "cve": "CVE-2023-52775",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52775"
    },
    {
      "cve": "CVE-2023-52776",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52776"
    },
    {
      "cve": "CVE-2023-52777",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52777"
    },
    {
      "cve": "CVE-2023-52778",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52778"
    },
    {
      "cve": "CVE-2023-52779",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52779"
    },
    {
      "cve": "CVE-2023-52780",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52780"
    },
    {
      "cve": "CVE-2023-52781",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52781"
    },
    {
      "cve": "CVE-2023-52782",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52782"
    },
    {
      "cve": "CVE-2023-52783",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52783"
    },
    {
      "cve": "CVE-2023-52784",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52784"
    },
    {
      "cve": "CVE-2023-52785",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52785"
    },
    {
      "cve": "CVE-2023-52786",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52786"
    },
    {
      "cve": "CVE-2023-52787",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52787"
    },
    {
      "cve": "CVE-2023-52788",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52788"
    },
    {
      "cve": "CVE-2023-52789",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52789"
    },
    {
      "cve": "CVE-2023-52790",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52790"
    },
    {
      "cve": "CVE-2023-52791",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52791"
    },
    {
      "cve": "CVE-2023-52792",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52792"
    },
    {
      "cve": "CVE-2023-52793",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52793"
    },
    {
      "cve": "CVE-2023-52794",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52794"
    },
    {
      "cve": "CVE-2023-52795",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52795"
    },
    {
      "cve": "CVE-2023-52796",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52796"
    },
    {
      "cve": "CVE-2023-52797",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52797"
    },
    {
      "cve": "CVE-2023-52798",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52798"
    },
    {
      "cve": "CVE-2023-52799",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52799"
    },
    {
      "cve": "CVE-2023-52800",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52800"
    },
    {
      "cve": "CVE-2023-52801",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52801"
    },
    {
      "cve": "CVE-2023-52802",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52802"
    },
    {
      "cve": "CVE-2023-52803",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52803"
    },
    {
      "cve": "CVE-2023-52804",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52804"
    },
    {
      "cve": "CVE-2023-52805",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52805"
    },
    {
      "cve": "CVE-2023-52806",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52806"
    },
    {
      "cve": "CVE-2023-52807",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52807"
    },
    {
      "cve": "CVE-2023-52808",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52808"
    },
    {
      "cve": "CVE-2023-52809",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52809"
    },
    {
      "cve": "CVE-2023-52810",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52810"
    },
    {
      "cve": "CVE-2023-52811",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52811"
    },
    {
      "cve": "CVE-2023-52812",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52812"
    },
    {
      "cve": "CVE-2023-52813",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52813"
    },
    {
      "cve": "CVE-2023-52814",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52814"
    },
    {
      "cve": "CVE-2023-52815",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52815"
    },
    {
      "cve": "CVE-2023-52816",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52816"
    },
    {
      "cve": "CVE-2023-52817",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52817"
    },
    {
      "cve": "CVE-2023-52818",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52818"
    },
    {
      "cve": "CVE-2023-52819",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52819"
    },
    {
      "cve": "CVE-2023-52820",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52820"
    },
    {
      "cve": "CVE-2023-52821",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52821"
    },
    {
      "cve": "CVE-2023-52822",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52822"
    },
    {
      "cve": "CVE-2023-52823",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52823"
    },
    {
      "cve": "CVE-2023-52824",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52824"
    },
    {
      "cve": "CVE-2023-52825",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52825"
    },
    {
      "cve": "CVE-2023-52826",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52826"
    },
    {
      "cve": "CVE-2023-52827",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52827"
    },
    {
      "cve": "CVE-2023-52828",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52828"
    },
    {
      "cve": "CVE-2023-52829",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52829"
    },
    {
      "cve": "CVE-2023-52830",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52830"
    },
    {
      "cve": "CVE-2023-52831",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52831"
    },
    {
      "cve": "CVE-2023-52832",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52832"
    },
    {
      "cve": "CVE-2023-52833",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52833"
    },
    {
      "cve": "CVE-2023-52834",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52834"
    },
    {
      "cve": "CVE-2023-52835",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52835"
    },
    {
      "cve": "CVE-2023-52836",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52836"
    },
    {
      "cve": "CVE-2023-52837",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52837"
    },
    {
      "cve": "CVE-2023-52838",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52838"
    },
    {
      "cve": "CVE-2023-52839",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52839"
    },
    {
      "cve": "CVE-2023-52840",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52840"
    },
    {
      "cve": "CVE-2023-52841",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52841"
    },
    {
      "cve": "CVE-2023-52842",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52842"
    },
    {
      "cve": "CVE-2023-52843",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52843"
    },
    {
      "cve": "CVE-2023-52844",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52844"
    },
    {
      "cve": "CVE-2023-52845",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52845"
    },
    {
      "cve": "CVE-2023-52846",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52846"
    },
    {
      "cve": "CVE-2023-52847",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52847"
    },
    {
      "cve": "CVE-2023-52848",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52848"
    },
    {
      "cve": "CVE-2023-52849",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52849"
    },
    {
      "cve": "CVE-2023-52850",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52850"
    },
    {
      "cve": "CVE-2023-52851",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52851"
    },
    {
      "cve": "CVE-2023-52852",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52852"
    },
    {
      "cve": "CVE-2023-52853",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52853"
    },
    {
      "cve": "CVE-2023-52854",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52854"
    },
    {
      "cve": "CVE-2023-52855",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52855"
    },
    {
      "cve": "CVE-2023-52856",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52856"
    },
    {
      "cve": "CVE-2023-52857",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52857"
    },
    {
      "cve": "CVE-2023-52858",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52858"
    },
    {
      "cve": "CVE-2023-52859",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52859"
    },
    {
      "cve": "CVE-2023-52860",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52860"
    },
    {
      "cve": "CVE-2023-52861",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52861"
    },
    {
      "cve": "CVE-2023-52862",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52862"
    },
    {
      "cve": "CVE-2023-52863",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52863"
    },
    {
      "cve": "CVE-2023-52864",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52864"
    },
    {
      "cve": "CVE-2023-52865",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52865"
    },
    {
      "cve": "CVE-2023-52866",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52866"
    },
    {
      "cve": "CVE-2023-52867",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52867"
    },
    {
      "cve": "CVE-2023-52868",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52868"
    },
    {
      "cve": "CVE-2023-52869",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52869"
    },
    {
      "cve": "CVE-2023-52870",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52870"
    },
    {
      "cve": "CVE-2023-52871",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52871"
    },
    {
      "cve": "CVE-2023-52872",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52872"
    },
    {
      "cve": "CVE-2023-52873",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52873"
    },
    {
      "cve": "CVE-2023-52874",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52874"
    },
    {
      "cve": "CVE-2023-52875",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52875"
    },
    {
      "cve": "CVE-2023-52876",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52876"
    },
    {
      "cve": "CVE-2023-52877",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52877"
    },
    {
      "cve": "CVE-2023-52878",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52878"
    },
    {
      "cve": "CVE-2023-52879",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2023-52879"
    },
    {
      "cve": "CVE-2024-36010",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "398363",
          "T034937",
          "T004914",
          "T032255"
        ]
      },
      "release_date": "2024-05-21T22:00:00Z",
      "title": "CVE-2024-36010"
    }
  ]
}

cve-2021-47486

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:06

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

riscv, bpf: Fix potential NULL dereference

References

▼	URL	Tags
	https://git.kernel.org/stable/c/cac6b043cea3e120f4fccec16f7381747cbfdc0d
	https://git.kernel.org/stable/c/e1b80a5ebe5431caeb20f88c32d4a024777a2d41
	https://git.kernel.org/stable/c/27de809a3d83a6199664479ebb19712533d6fd9b

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "cac6b043cea3",
                "status": "affected",
                "version": "ca6cb5447cec",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "5.7"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.11",
                "status": "unaffected",
                "version": "5.10.77",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.15",
                "status": "unaffected",
                "version": "5.14.16",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "unaffected",
                "version": "5.15",
                "versionType": "custom"
              },
              {
                "lessThan": "e1b80a5ebe54",
                "status": "affected",
                "version": "ca6cb5447cec",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "27de809a3d83",
                "status": "affected",
                "version": "ca6cb5447cec",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47486",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T14:16:03.996625Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-20T20:47:36.231Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.593Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cac6b043cea3e120f4fccec16f7381747cbfdc0d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e1b80a5ebe5431caeb20f88c32d4a024777a2d41"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/27de809a3d83a6199664479ebb19712533d6fd9b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/riscv/net/bpf_jit_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "cac6b043cea3",
              "status": "affected",
              "version": "ca6cb5447cec",
              "versionType": "git"
            },
            {
              "lessThan": "e1b80a5ebe54",
              "status": "affected",
              "version": "ca6cb5447cec",
              "versionType": "git"
            },
            {
              "lessThan": "27de809a3d83",
              "status": "affected",
              "version": "ca6cb5447cec",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/riscv/net/bpf_jit_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.7"
            },
            {
              "lessThan": "5.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.77",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv, bpf: Fix potential NULL dereference\n\nThe bpf_jit_binary_free() function requires a non-NULL argument. When\nthe RISC-V BPF JIT fails to converge in NR_JIT_ITERATIONS steps,\njit_data-\u003eheader will be NULL, which triggers a NULL\ndereference. Avoid this by checking the argument, prior calling the\nfunction."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:51.865Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/cac6b043cea3e120f4fccec16f7381747cbfdc0d"
        },
        {
          "url": "https://git.kernel.org/stable/c/e1b80a5ebe5431caeb20f88c32d4a024777a2d41"
        },
        {
          "url": "https://git.kernel.org/stable/c/27de809a3d83a6199664479ebb19712533d6fd9b"
        }
      ],
      "title": "riscv, bpf: Fix potential NULL dereference",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47486",
    "datePublished": "2024-05-22T08:19:36.818Z",
    "dateReserved": "2024-05-22T06:20:56.201Z",
    "dateUpdated": "2024-11-04T12:06:51.865Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52859

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:54

Severity ?

Summary

perf: hisi: Fix use-after-free when register pmu fails

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0e1e88bba286621b886218363de07b319d6208b2
	https://git.kernel.org/stable/c/b660420f449d094b1fabfa504889810b3a63cdd5
	https://git.kernel.org/stable/c/3405f364f82d4f5407a8b4c519dc15d24b847fda
	https://git.kernel.org/stable/c/75bab28ffd05ec8879c197890b1bd1dfec8d3f63
	https://git.kernel.org/stable/c/b805cafc604bfdb671fae7347a57f51154afa735

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.049Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0e1e88bba286621b886218363de07b319d6208b2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b660420f449d094b1fabfa504889810b3a63cdd5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3405f364f82d4f5407a8b4c519dc15d24b847fda"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/75bab28ffd05ec8879c197890b1bd1dfec8d3f63"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b805cafc604bfdb671fae7347a57f51154afa735"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52859",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:28.164920Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:54.164Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/perf/hisilicon/hisi_uncore_pa_pmu.c",
            "drivers/perf/hisilicon/hisi_uncore_sllc_pmu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0e1e88bba286",
              "status": "affected",
              "version": "3bf30882c3c7",
              "versionType": "git"
            },
            {
              "lessThan": "b660420f449d",
              "status": "affected",
              "version": "3bf30882c3c7",
              "versionType": "git"
            },
            {
              "lessThan": "3405f364f82d",
              "status": "affected",
              "version": "3bf30882c3c7",
              "versionType": "git"
            },
            {
              "lessThan": "75bab28ffd05",
              "status": "affected",
              "version": "3bf30882c3c7",
              "versionType": "git"
            },
            {
              "lessThan": "b805cafc604b",
              "status": "affected",
              "version": "3bf30882c3c7",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/perf/hisilicon/hisi_uncore_pa_pmu.c",
            "drivers/perf/hisilicon/hisi_uncore_sllc_pmu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.13"
            },
            {
              "lessThan": "5.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: hisi: Fix use-after-free when register pmu fails\n\nWhen we fail to register the uncore pmu, the pmu context may not been\nallocated. The error handing will call cpuhp_state_remove_instance()\nto call uncore pmu offline callback, which migrate the pmu context.\nSince that\u0027s liable to lead to some kind of use-after-free.\n\nUse cpuhp_state_remove_instance_nocalls() instead of\ncpuhp_state_remove_instance() so that the notifiers don\u0027t execute after\nthe PMU device has been failed to register."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:01.591Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0e1e88bba286621b886218363de07b319d6208b2"
        },
        {
          "url": "https://git.kernel.org/stable/c/b660420f449d094b1fabfa504889810b3a63cdd5"
        },
        {
          "url": "https://git.kernel.org/stable/c/3405f364f82d4f5407a8b4c519dc15d24b847fda"
        },
        {
          "url": "https://git.kernel.org/stable/c/75bab28ffd05ec8879c197890b1bd1dfec8d3f63"
        },
        {
          "url": "https://git.kernel.org/stable/c/b805cafc604bfdb671fae7347a57f51154afa735"
        }
      ],
      "title": "perf: hisi: Fix use-after-free when register pmu fails",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52859",
    "datePublished": "2024-05-21T15:31:52.546Z",
    "dateReserved": "2024-05-21T15:19:24.260Z",
    "dateUpdated": "2024-11-04T14:54:01.591Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47403

Vulnerability from cvelistv5

Published

2024-05-21 15:03

Modified

2024-11-04 12:05

Severity ?

7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Summary

ipack: ipoctal: fix module reference leak

References

▼	URL	Tags
	https://git.kernel.org/stable/c/31398849b84ebae0d43a1cf379cb9895597f221a
	https://git.kernel.org/stable/c/c0adb5a947dec6cff7050ec56d78ecd3916f9ce6
	https://git.kernel.org/stable/c/dde4c1429b97383689f755ce92b4ed1e84a9c92b
	https://git.kernel.org/stable/c/9c5b77a7ffc983b2429ce158b50497c5d3c86a69
	https://git.kernel.org/stable/c/3253c87e1e5bc0107aab773af2f135ebccf38666
	https://git.kernel.org/stable/c/7cea848678470daadbfdaa6a112b823c290f900c
	https://git.kernel.org/stable/c/811178f296b16af30264def74c8d2179a72d5562
	https://git.kernel.org/stable/c/bb8a4fcb2136508224c596a7e665bdba1d7c3c27

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "82a82340bab6"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "3.18"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "4.4.286"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "4.9.285"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "4.14.249"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "\t4.19.209"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.4.151"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.10.71"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.14.10"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.15"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.1,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47403",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T19:05:46.322377Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-200",
                "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:29.725Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.005Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/31398849b84ebae0d43a1cf379cb9895597f221a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c0adb5a947dec6cff7050ec56d78ecd3916f9ce6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dde4c1429b97383689f755ce92b4ed1e84a9c92b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9c5b77a7ffc983b2429ce158b50497c5d3c86a69"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3253c87e1e5bc0107aab773af2f135ebccf38666"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7cea848678470daadbfdaa6a112b823c290f900c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/811178f296b16af30264def74c8d2179a72d5562"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bb8a4fcb2136508224c596a7e665bdba1d7c3c27"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/ipack/devices/ipoctal.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "31398849b84e",
              "status": "affected",
              "version": "82a82340bab6",
              "versionType": "git"
            },
            {
              "lessThan": "c0adb5a947de",
              "status": "affected",
              "version": "82a82340bab6",
              "versionType": "git"
            },
            {
              "lessThan": "dde4c1429b97",
              "status": "affected",
              "version": "82a82340bab6",
              "versionType": "git"
            },
            {
              "lessThan": "9c5b77a7ffc9",
              "status": "affected",
              "version": "82a82340bab6",
              "versionType": "git"
            },
            {
              "lessThan": "3253c87e1e5b",
              "status": "affected",
              "version": "82a82340bab6",
              "versionType": "git"
            },
            {
              "lessThan": "7cea84867847",
              "status": "affected",
              "version": "82a82340bab6",
              "versionType": "git"
            },
            {
              "lessThan": "811178f296b1",
              "status": "affected",
              "version": "82a82340bab6",
              "versionType": "git"
            },
            {
              "lessThan": "bb8a4fcb2136",
              "status": "affected",
              "version": "82a82340bab6",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/ipack/devices/ipoctal.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.18"
            },
            {
              "lessThan": "3.18",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.286",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.285",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.249",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.209",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.151",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.71",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipack: ipoctal: fix module reference leak\n\nA reference to the carrier module was taken on every open but was only\nreleased once when the final reference to the tty struct was dropped.\n\nFix this by taking the module reference and initialising the tty driver\ndata when installing the tty."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:15.478Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/31398849b84ebae0d43a1cf379cb9895597f221a"
        },
        {
          "url": "https://git.kernel.org/stable/c/c0adb5a947dec6cff7050ec56d78ecd3916f9ce6"
        },
        {
          "url": "https://git.kernel.org/stable/c/dde4c1429b97383689f755ce92b4ed1e84a9c92b"
        },
        {
          "url": "https://git.kernel.org/stable/c/9c5b77a7ffc983b2429ce158b50497c5d3c86a69"
        },
        {
          "url": "https://git.kernel.org/stable/c/3253c87e1e5bc0107aab773af2f135ebccf38666"
        },
        {
          "url": "https://git.kernel.org/stable/c/7cea848678470daadbfdaa6a112b823c290f900c"
        },
        {
          "url": "https://git.kernel.org/stable/c/811178f296b16af30264def74c8d2179a72d5562"
        },
        {
          "url": "https://git.kernel.org/stable/c/bb8a4fcb2136508224c596a7e665bdba1d7c3c27"
        }
      ],
      "title": "ipack: ipoctal: fix module reference leak",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47403",
    "datePublished": "2024-05-21T15:03:57.344Z",
    "dateReserved": "2024-05-21T14:58:30.816Z",
    "dateUpdated": "2024-11-04T12:05:15.478Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52831

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

cpu/hotplug: Don't offline the last non-isolated CPU

References

▼	URL	Tags
	https://git.kernel.org/stable/c/3410b702354702b500bde10e3cc1f9db8731d908
	https://git.kernel.org/stable/c/335a47ed71e332c82339d1aec0c7f6caccfcda13
	https://git.kernel.org/stable/c/3073f6df783d9d75f7f69f73e16c7ef85d6cfb63
	https://git.kernel.org/stable/c/38685e2a0476127db766f81b1c06019ddc4c9ffa

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52831",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T19:07:45.620666Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-24T20:44:55.485Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.073Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3410b702354702b500bde10e3cc1f9db8731d908"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/335a47ed71e332c82339d1aec0c7f6caccfcda13"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3073f6df783d9d75f7f69f73e16c7ef85d6cfb63"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/38685e2a0476127db766f81b1c06019ddc4c9ffa"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/cpu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "3410b7023547",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "335a47ed71e3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "3073f6df783d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "38685e2a0476",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/cpu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpu/hotplug: Don\u0027t offline the last non-isolated CPU\n\nIf a system has isolated CPUs via the \"isolcpus=\" command line parameter,\nthen an attempt to offline the last housekeeping CPU will result in a\nWARN_ON() when rebuilding the scheduler domains and a subsequent panic due\nto and unhandled empty CPU mas in partition_sched_domains_locked().\n\ncpuset_hotplug_workfn()\n  rebuild_sched_domains_locked()\n    ndoms = generate_sched_domains(\u0026doms, \u0026attr);\n      cpumask_and(doms[0], top_cpuset.effective_cpus, housekeeping_cpumask(HK_FLAG_DOMAIN));\n\nThus results in an empty CPU mask which triggers the warning and then the\nsubsequent crash:\n\nWARNING: CPU: 4 PID: 80 at kernel/sched/topology.c:2366 build_sched_domains+0x120c/0x1408\nCall trace:\n build_sched_domains+0x120c/0x1408\n partition_sched_domains_locked+0x234/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n rebuild_sched_domains+0x30/0x58\n cpuset_hotplug_workfn+0x2a8/0x930\n\nUnable to handle kernel paging request at virtual address fffe80027ab37080\n partition_sched_domains_locked+0x318/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n\nAside of the resulting crash, it does not make any sense to offline the last\nlast housekeeping CPU.\n\nPrevent this by masking out the non-housekeeping CPUs when selecting a\ntarget CPU for initiating the CPU unplug operation via the work queue."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:28.043Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/3410b702354702b500bde10e3cc1f9db8731d908"
        },
        {
          "url": "https://git.kernel.org/stable/c/335a47ed71e332c82339d1aec0c7f6caccfcda13"
        },
        {
          "url": "https://git.kernel.org/stable/c/3073f6df783d9d75f7f69f73e16c7ef85d6cfb63"
        },
        {
          "url": "https://git.kernel.org/stable/c/38685e2a0476127db766f81b1c06019ddc4c9ffa"
        }
      ],
      "title": "cpu/hotplug: Don\u0027t offline the last non-isolated CPU",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52831",
    "datePublished": "2024-05-21T15:31:33.566Z",
    "dateReserved": "2024-05-21T15:19:24.251Z",
    "dateUpdated": "2024-11-04T14:53:28.043Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47224

Vulnerability from cvelistv5

Published

2024-05-21 14:19

Modified

2024-11-04 20:41

Severity ?

6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

net: ll_temac: Make sure to free skb when it is completely used

References

▼	URL	Tags
	https://git.kernel.org/stable/c/6d120ab4dc39a543c6b63361e1d0541c382900a3
	https://git.kernel.org/stable/c/019ab7d044d0ebf97e1236bb8935b7809be92358
	https://git.kernel.org/stable/c/e8afe05bd359ebe12a61dbdc94c06c00ea3e8d4b
	https://git.kernel.org/stable/c/6aa32217a9a446275440ee8724b1ecaf1838df47

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.2,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47224",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-31T18:48:29.010008Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-04T20:41:06.725Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:07.412Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6d120ab4dc39a543c6b63361e1d0541c382900a3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/019ab7d044d0ebf97e1236bb8935b7809be92358"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e8afe05bd359ebe12a61dbdc94c06c00ea3e8d4b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6aa32217a9a446275440ee8724b1ecaf1838df47"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/xilinx/ll_temac_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6d120ab4dc39",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "019ab7d044d0",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e8afe05bd359",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6aa32217a9a4",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/xilinx/ll_temac_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.128",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.46",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ll_temac: Make sure to free skb when it is completely used\n\nWith the skb pointer piggy-backed on the TX BD, we have a simple and\nefficient way to free the skb buffer when the frame has been transmitted.\nBut in order to avoid freeing the skb while there are still fragments from\nthe skb in use, we need to piggy-back on the TX BD of the skb, not the\nfirst.\n\nWithout this, we are doing use-after-free on the DMA side, when the first\nBD of a multi TX BD packet is seen as completed in xmit_done, and the\nremaining BDs are still being processed."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:01:48.724Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6d120ab4dc39a543c6b63361e1d0541c382900a3"
        },
        {
          "url": "https://git.kernel.org/stable/c/019ab7d044d0ebf97e1236bb8935b7809be92358"
        },
        {
          "url": "https://git.kernel.org/stable/c/e8afe05bd359ebe12a61dbdc94c06c00ea3e8d4b"
        },
        {
          "url": "https://git.kernel.org/stable/c/6aa32217a9a446275440ee8724b1ecaf1838df47"
        }
      ],
      "title": "net: ll_temac: Make sure to free skb when it is completely used",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47224",
    "datePublished": "2024-05-21T14:19:29.542Z",
    "dateReserved": "2024-04-10T18:59:19.529Z",
    "dateUpdated": "2024-11-04T20:41:06.725Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52776

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

wifi: ath12k: fix dfs-radar and temperature event locking

References

▼	URL	Tags
	https://git.kernel.org/stable/c/774de37c147fea81f2c2e4be5082304f4f71d535
	https://git.kernel.org/stable/c/d7a5f7f76568e48869916d769e28b9f3ca70c78e
	https://git.kernel.org/stable/c/69bd216e049349886405b1c87a55dce3d35d1ba7

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 5.9,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52776",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T18:48:38.223706Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-31T14:25:28.524Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.862Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/774de37c147fea81f2c2e4be5082304f4f71d535"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d7a5f7f76568e48869916d769e28b9f3ca70c78e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/69bd216e049349886405b1c87a55dce3d35d1ba7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath12k/wmi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "774de37c147f",
              "status": "affected",
              "version": "d889913205cf",
              "versionType": "git"
            },
            {
              "lessThan": "d7a5f7f76568",
              "status": "affected",
              "version": "d889913205cf",
              "versionType": "git"
            },
            {
              "lessThan": "69bd216e0493",
              "status": "affected",
              "version": "d889913205cf",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath12k/wmi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "lessThan": "6.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix dfs-radar and temperature event locking\n\nThe ath12k active pdevs are protected by RCU but the DFS-radar and\ntemperature event handling code calling ath12k_mac_get_ar_by_pdev_id()\nwas not marked as a read-side critical section.\n\nMark the code in question as RCU read-side critical sections to avoid\nany potential use-after-free issues.\n\nNote that the temperature event handler looks like a place holder\ncurrently but would still trigger an RCU lockdep splat.\n\nCompile tested only."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:29.522Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/774de37c147fea81f2c2e4be5082304f4f71d535"
        },
        {
          "url": "https://git.kernel.org/stable/c/d7a5f7f76568e48869916d769e28b9f3ca70c78e"
        },
        {
          "url": "https://git.kernel.org/stable/c/69bd216e049349886405b1c87a55dce3d35d1ba7"
        }
      ],
      "title": "wifi: ath12k: fix dfs-radar and temperature event locking",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52776",
    "datePublished": "2024-05-21T15:30:56.906Z",
    "dateReserved": "2024-05-21T15:19:24.239Z",
    "dateUpdated": "2024-11-04T14:52:29.522Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47447

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:06

Severity ?

Summary

drm/msm/a3xx: fix error handling in a3xx_gpu_init()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/d59e44e7821a8f2bb6f2e846b9167397a5f01608
	https://git.kernel.org/stable/c/3eda901995371d390ef82d0b6462f4ea8efbcfdf

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47447",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T15:54:08.510506Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:50.049Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.478Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d59e44e7821a8f2bb6f2e846b9167397a5f01608"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3eda901995371d390ef82d0b6462f4ea8efbcfdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/msm/adreno/a3xx_gpu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d59e44e7821a",
              "status": "affected",
              "version": "5785dd7a8ef0",
              "versionType": "git"
            },
            {
              "lessThan": "3eda90199537",
              "status": "affected",
              "version": "5785dd7a8ef0",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/msm/adreno/a3xx_gpu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.11"
            },
            {
              "lessThan": "5.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/a3xx: fix error handling in a3xx_gpu_init()\n\nThese error paths returned 1 on failure, instead of a negative error\ncode.  This would lead to an Oops in the caller.  A second problem is\nthat the check for \"if (ret != -ENODATA)\" did not work because \"ret\" was\nset to 1."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:05.179Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d59e44e7821a8f2bb6f2e846b9167397a5f01608"
        },
        {
          "url": "https://git.kernel.org/stable/c/3eda901995371d390ef82d0b6462f4ea8efbcfdf"
        }
      ],
      "title": "drm/msm/a3xx: fix error handling in a3xx_gpu_init()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47447",
    "datePublished": "2024-05-22T06:19:39.506Z",
    "dateReserved": "2024-05-21T14:58:30.832Z",
    "dateUpdated": "2024-11-04T12:06:05.179Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52837

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

nbd: fix uaf in nbd_open

References

▼	URL	Tags
	https://git.kernel.org/stable/c/4e9b3ec84dc97909876641dad14e0a2300d6c2a3
	https://git.kernel.org/stable/c/879947f4180bc6e83af64eb0515e0cf57fce15db
	https://git.kernel.org/stable/c/56bd7901b5e9dbc9112036ea615ebcba1565fafe
	https://git.kernel.org/stable/c/327462725b0f759f093788dfbcb2f1fd132f956b

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52837",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T18:01:48.631616Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:20.566Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.041Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4e9b3ec84dc97909876641dad14e0a2300d6c2a3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/879947f4180bc6e83af64eb0515e0cf57fce15db"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/56bd7901b5e9dbc9112036ea615ebcba1565fafe"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/327462725b0f759f093788dfbcb2f1fd132f956b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/block/nbd.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4e9b3ec84dc9",
              "status": "affected",
              "version": "4af5f2e03013",
              "versionType": "git"
            },
            {
              "lessThan": "879947f4180b",
              "status": "affected",
              "version": "4af5f2e03013",
              "versionType": "git"
            },
            {
              "lessThan": "56bd7901b5e9",
              "status": "affected",
              "version": "4af5f2e03013",
              "versionType": "git"
            },
            {
              "lessThan": "327462725b0f",
              "status": "affected",
              "version": "4af5f2e03013",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/block/nbd.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "lessThan": "5.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: fix uaf in nbd_open\n\nCommit 4af5f2e03013 (\"nbd: use blk_mq_alloc_disk and\nblk_cleanup_disk\") cleans up disk by blk_cleanup_disk() and it won\u0027t set\ndisk-\u003eprivate_data as NULL as before. UAF may be triggered in nbd_open()\nif someone tries to open nbd device right after nbd_put() since nbd has\nbeen free in nbd_dev_remove().\n\nFix this by implementing -\u003efree_disk and free private data in it."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:35.084Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4e9b3ec84dc97909876641dad14e0a2300d6c2a3"
        },
        {
          "url": "https://git.kernel.org/stable/c/879947f4180bc6e83af64eb0515e0cf57fce15db"
        },
        {
          "url": "https://git.kernel.org/stable/c/56bd7901b5e9dbc9112036ea615ebcba1565fafe"
        },
        {
          "url": "https://git.kernel.org/stable/c/327462725b0f759f093788dfbcb2f1fd132f956b"
        }
      ],
      "title": "nbd: fix uaf in nbd_open",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52837",
    "datePublished": "2024-05-21T15:31:37.859Z",
    "dateReserved": "2024-05-21T15:19:24.253Z",
    "dateUpdated": "2024-11-04T14:53:35.084Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47466

Vulnerability from cvelistv5

Published

2024-05-22 06:23

Modified

2024-11-04 12:06

Severity ?

Summary

mm, slub: fix potential memoryleak in kmem_cache_open()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/4f5d1c29cfab5cb0ab885059818751bdef32e2bb
	https://git.kernel.org/stable/c/568f906340b43120abd6fcc67c37396482f85930
	https://git.kernel.org/stable/c/42b81946e3ac9ea0372ba16e05160dc11e02694f
	https://git.kernel.org/stable/c/9037c57681d25e4dcc442d940d6dbe24dd31f461

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.454Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4f5d1c29cfab5cb0ab885059818751bdef32e2bb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/568f906340b43120abd6fcc67c37396482f85930"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/42b81946e3ac9ea0372ba16e05160dc11e02694f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9037c57681d25e4dcc442d940d6dbe24dd31f461"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47466",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:11.672378Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:53.631Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "mm/slub.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4f5d1c29cfab",
              "status": "affected",
              "version": "210e7a43fa90",
              "versionType": "git"
            },
            {
              "lessThan": "568f906340b4",
              "status": "affected",
              "version": "210e7a43fa90",
              "versionType": "git"
            },
            {
              "lessThan": "42b81946e3ac",
              "status": "affected",
              "version": "210e7a43fa90",
              "versionType": "git"
            },
            {
              "lessThan": "9037c57681d2",
              "status": "affected",
              "version": "210e7a43fa90",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "mm/slub.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.8"
            },
            {
              "lessThan": "4.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.156",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.76",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm, slub: fix potential memoryleak in kmem_cache_open()\n\nIn error path, the random_seq of slub cache might be leaked.  Fix this\nby using __kmem_cache_release() to release all the relevant resources."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:29.452Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4f5d1c29cfab5cb0ab885059818751bdef32e2bb"
        },
        {
          "url": "https://git.kernel.org/stable/c/568f906340b43120abd6fcc67c37396482f85930"
        },
        {
          "url": "https://git.kernel.org/stable/c/42b81946e3ac9ea0372ba16e05160dc11e02694f"
        },
        {
          "url": "https://git.kernel.org/stable/c/9037c57681d25e4dcc442d940d6dbe24dd31f461"
        }
      ],
      "title": "mm, slub: fix potential memoryleak in kmem_cache_open()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47466",
    "datePublished": "2024-05-22T06:23:25.674Z",
    "dateReserved": "2024-05-22T06:20:56.198Z",
    "dateUpdated": "2024-11-04T12:06:29.452Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47494

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:07

Severity ?

Summary

cfg80211: fix management registrations locking

References

▼	URL	Tags
	https://git.kernel.org/stable/c/4c22227e39c7a0b4dab55617ee8d34d171fab8d4
	https://git.kernel.org/stable/c/3c897f39b71fe68f90599f6a45b5f7bf5618420e
	https://git.kernel.org/stable/c/09b1d5dc6ce1c9151777f6c4e128a59457704c97

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47494",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:38:36.269063Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:15:18.041Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.605Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4c22227e39c7a0b4dab55617ee8d34d171fab8d4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3c897f39b71fe68f90599f6a45b5f7bf5618420e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/09b1d5dc6ce1c9151777f6c4e128a59457704c97"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/net/cfg80211.h",
            "net/wireless/core.c",
            "net/wireless/core.h",
            "net/wireless/mlme.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4c22227e39c7",
              "status": "affected",
              "version": "6cd536fe62ef",
              "versionType": "git"
            },
            {
              "lessThan": "3c897f39b71f",
              "status": "affected",
              "version": "6cd536fe62ef",
              "versionType": "git"
            },
            {
              "lessThan": "09b1d5dc6ce1",
              "status": "affected",
              "version": "6cd536fe62ef",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "include/net/cfg80211.h",
            "net/wireless/core.c",
            "net/wireless/core.h",
            "net/wireless/mlme.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            },
            {
              "lessThan": "5.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.77",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncfg80211: fix management registrations locking\n\nThe management registrations locking was broken, the list was\nlocked for each wdev, but cfg80211_mgmt_registrations_update()\niterated it without holding all the correct spinlocks, causing\nlist corruption.\n\nRather than trying to fix it with fine-grained locking, just\nmove the lock to the wiphy/rdev (still need the list on each\nwdev), we already need to hold the wdev lock to change it, so\nthere\u0027s no contention on the lock in any case. This trivially\nfixes the bug since we hold one wdev\u0027s lock already, and now\nwill hold the lock that protects all lists."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:07:00.210Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4c22227e39c7a0b4dab55617ee8d34d171fab8d4"
        },
        {
          "url": "https://git.kernel.org/stable/c/3c897f39b71fe68f90599f6a45b5f7bf5618420e"
        },
        {
          "url": "https://git.kernel.org/stable/c/09b1d5dc6ce1c9151777f6c4e128a59457704c97"
        }
      ],
      "title": "cfg80211: fix management registrations locking",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47494",
    "datePublished": "2024-05-22T08:19:42.083Z",
    "dateReserved": "2024-05-22T06:20:56.201Z",
    "dateUpdated": "2024-11-04T12:07:00.210Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47419

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

net/sched: sch_taprio: properly cancel timer from taprio_destroy()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/c951c08a5996365aecbc5f1a9bddec3905e1ddfc
	https://git.kernel.org/stable/c/3ec73ffeef54596c32aff0e73fe60971b9c8b866
	https://git.kernel.org/stable/c/7a1c1af341041221b3acb9d7036cc2b43e0efa75
	https://git.kernel.org/stable/c/a56d447f196fa9973c568f54c0d76d5391c3b0c0

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47419",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T18:00:04.629892Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-01T14:40:36.981Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.382Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c951c08a5996365aecbc5f1a9bddec3905e1ddfc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3ec73ffeef54596c32aff0e73fe60971b9c8b866"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7a1c1af341041221b3acb9d7036cc2b43e0efa75"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a56d447f196fa9973c568f54c0d76d5391c3b0c0"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/sched/sch_taprio.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c951c08a5996",
              "status": "affected",
              "version": "c71c512f4a65",
              "versionType": "git"
            },
            {
              "lessThan": "3ec73ffeef54",
              "status": "affected",
              "version": "a969a632cbe7",
              "versionType": "git"
            },
            {
              "lessThan": "7a1c1af34104",
              "status": "affected",
              "version": "44d4775ca518",
              "versionType": "git"
            },
            {
              "lessThan": "a56d447f196f",
              "status": "affected",
              "version": "44d4775ca518",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/sched/sch_taprio.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.11"
            },
            {
              "lessThan": "5.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.153",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.73",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_taprio: properly cancel timer from taprio_destroy()\n\nThere is a comment in qdisc_create() about us not calling ops-\u003ereset()\nin some cases.\n\nerr_out4:\n\t/*\n\t * Any broken qdiscs that would require a ops-\u003ereset() here?\n\t * The qdisc was never in action so it shouldn\u0027t be necessary.\n\t */\n\nAs taprio sets a timer before actually receiving a packet, we need\nto cancel it from ops-\u003edestroy, just in case ops-\u003ereset has not\nbeen called.\n\nsyzbot reported:\n\nODEBUG: free active (active state 0) object type: hrtimer hint: advance_sched+0x0/0x9a0 arch/x86/include/asm/atomic64_64.h:22\nWARNING: CPU: 0 PID: 8441 at lib/debugobjects.c:505 debug_print_object+0x16e/0x250 lib/debugobjects.c:505\nModules linked in:\nCPU: 0 PID: 8441 Comm: syz-executor813 Not tainted 5.14.0-rc6-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:505\nCode: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 af 00 00 00 48 8b 14 dd e0 d3 e3 89 4c 89 ee 48 c7 c7 e0 c7 e3 89 e8 5b 86 11 05 \u003c0f\u003e 0b 83 05 85 03 92 09 01 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e c3\nRSP: 0018:ffffc9000130f330 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000\nRDX: ffff88802baeb880 RSI: ffffffff815d87b5 RDI: fffff52000261e58\nRBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff815d25ee R11: 0000000000000000 R12: ffffffff898dd020\nR13: ffffffff89e3ce20 R14: ffffffff81653630 R15: dffffc0000000000\nFS:  0000000000f0d300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffb64b3e000 CR3: 0000000036557000 CR4: 00000000001506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n __debug_check_no_obj_freed lib/debugobjects.c:987 [inline]\n debug_check_no_obj_freed+0x301/0x420 lib/debugobjects.c:1018\n slab_free_hook mm/slub.c:1603 [inline]\n slab_free_freelist_hook+0x171/0x240 mm/slub.c:1653\n slab_free mm/slub.c:3213 [inline]\n kfree+0xe4/0x540 mm/slub.c:4267\n qdisc_create+0xbcf/0x1320 net/sched/sch_api.c:1299\n tc_modify_qdisc+0x4c8/0x1a60 net/sched/sch_api.c:1663\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5571\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2504\n netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1340\n netlink_sendmsg+0x86d/0xdb0 net/netlink/af_netlink.c:1929\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2403\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2457\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2486\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:32.971Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c951c08a5996365aecbc5f1a9bddec3905e1ddfc"
        },
        {
          "url": "https://git.kernel.org/stable/c/3ec73ffeef54596c32aff0e73fe60971b9c8b866"
        },
        {
          "url": "https://git.kernel.org/stable/c/7a1c1af341041221b3acb9d7036cc2b43e0efa75"
        },
        {
          "url": "https://git.kernel.org/stable/c/a56d447f196fa9973c568f54c0d76d5391c3b0c0"
        }
      ],
      "title": "net/sched: sch_taprio: properly cancel timer from taprio_destroy()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47419",
    "datePublished": "2024-05-21T15:04:07.992Z",
    "dateReserved": "2024-05-21T14:58:30.818Z",
    "dateUpdated": "2024-11-04T12:05:32.971Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47429

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

powerpc/64s: Fix unrecoverable MCE calling async handler from NMI

References

▼	URL	Tags
	https://git.kernel.org/stable/c/d7a8e38999fbd6910516e44cb43f9f4317e54f73
	https://git.kernel.org/stable/c/f08fb25bc66986b0952724530a640d9970fa52c1

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47429",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:57:20.280954Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:59.087Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.386Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d7a8e38999fbd6910516e44cb43f9f4317e54f73"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f08fb25bc66986b0952724530a640d9970fa52c1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/powerpc/include/asm/interrupt.h",
            "arch/powerpc/kernel/exceptions-64s.S",
            "arch/powerpc/kernel/traps.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d7a8e38999fb",
              "status": "affected",
              "version": "2b43dd7653cc",
              "versionType": "git"
            },
            {
              "lessThan": "f08fb25bc669",
              "status": "affected",
              "version": "2b43dd7653cc",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/powerpc/include/asm/interrupt.h",
            "arch/powerpc/kernel/exceptions-64s.S",
            "arch/powerpc/kernel/traps.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "lessThan": "5.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64s: Fix unrecoverable MCE calling async handler from NMI\n\nThe machine check handler is not considered NMI on 64s. The early\nhandler is the true NMI handler, and then it schedules the\nmachine_check_exception handler to run when interrupts are enabled.\n\nThis works fine except the case of an unrecoverable MCE, where the true\nNMI is taken when MSR[RI] is clear, it can not recover, so it calls\nmachine_check_exception directly so something might be done about it.\n\nCalling an async handler from NMI context can result in irq state and\nother things getting corrupted. This can also trigger the BUG at\n  arch/powerpc/include/asm/interrupt.h:168\n  BUG_ON(!arch_irq_disabled_regs(regs) \u0026\u0026 !(regs-\u003emsr \u0026 MSR_EE));\n\nFix this by making an _async version of the handler which is called\nin the normal case, and a NMI version that is called for unrecoverable\ninterrupts."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:44.688Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d7a8e38999fbd6910516e44cb43f9f4317e54f73"
        },
        {
          "url": "https://git.kernel.org/stable/c/f08fb25bc66986b0952724530a640d9970fa52c1"
        }
      ],
      "title": "powerpc/64s: Fix unrecoverable MCE calling async handler from NMI",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47429",
    "datePublished": "2024-05-21T15:04:14.574Z",
    "dateReserved": "2024-05-21T14:58:30.828Z",
    "dateUpdated": "2024-11-04T12:05:44.688Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52742

Vulnerability from cvelistv5

Published

2024-05-21 15:23

Modified

2024-11-04 14:51

Severity ?

Summary

net: USB: Fix wrong-direction WARNING in plusb.c

References

▼	URL	Tags
	https://git.kernel.org/stable/c/f0ad46ef772438c0596df370450d8bdc8a12dbfb
	https://git.kernel.org/stable/c/6f69307f625904feed189008381fd83bd1a35b63
	https://git.kernel.org/stable/c/43379fcacea2dcee35d02efc9c8fe97807a503c9
	https://git.kernel.org/stable/c/1be271c52bf3554edcb8d124d1f8c7f777ee5727
	https://git.kernel.org/stable/c/25141fb4119112f4ebf8f00cf52014abbc8020b1
	https://git.kernel.org/stable/c/0d2cf3fae701646061e295815bb7588d2f3671cc
	https://git.kernel.org/stable/c/811d581194f7412eda97acc03d17fc77824b561f

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52742",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:27:10.192146Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:37.886Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.518Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f0ad46ef772438c0596df370450d8bdc8a12dbfb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6f69307f625904feed189008381fd83bd1a35b63"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/43379fcacea2dcee35d02efc9c8fe97807a503c9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1be271c52bf3554edcb8d124d1f8c7f777ee5727"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/25141fb4119112f4ebf8f00cf52014abbc8020b1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0d2cf3fae701646061e295815bb7588d2f3671cc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/811d581194f7412eda97acc03d17fc77824b561f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/usb/plusb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f0ad46ef7724",
              "status": "affected",
              "version": "090ffa9d0e90",
              "versionType": "git"
            },
            {
              "lessThan": "6f69307f6259",
              "status": "affected",
              "version": "090ffa9d0e90",
              "versionType": "git"
            },
            {
              "lessThan": "43379fcacea2",
              "status": "affected",
              "version": "090ffa9d0e90",
              "versionType": "git"
            },
            {
              "lessThan": "1be271c52bf3",
              "status": "affected",
              "version": "090ffa9d0e90",
              "versionType": "git"
            },
            {
              "lessThan": "25141fb41191",
              "status": "affected",
              "version": "090ffa9d0e90",
              "versionType": "git"
            },
            {
              "lessThan": "0d2cf3fae701",
              "status": "affected",
              "version": "090ffa9d0e90",
              "versionType": "git"
            },
            {
              "lessThan": "811d581194f7",
              "status": "affected",
              "version": "090ffa9d0e90",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/usb/plusb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.14"
            },
            {
              "lessThan": "2.6.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.306",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.273",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.232",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.168",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.94",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: USB: Fix wrong-direction WARNING in plusb.c\n\nThe syzbot fuzzer detected a bug in the plusb network driver: A\nzero-length control-OUT transfer was treated as a read instead of a\nwrite.  In modern kernels this error provokes a WARNING:\n\nusb 1-1: BOGUS control dir, pipe 80000280 doesn\u0027t match bRequestType c0\nWARNING: CPU: 0 PID: 4645 at drivers/usb/core/urb.c:411\nusb_submit_urb+0x14a7/0x1880 drivers/usb/core/urb.c:411\nModules linked in:\nCPU: 1 PID: 4645 Comm: dhcpcd Not tainted\n6.2.0-rc6-syzkaller-00050-g9f266ccaa2f5 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google\n01/12/2023\nRIP: 0010:usb_submit_urb+0x14a7/0x1880 drivers/usb/core/urb.c:411\n...\nCall Trace:\n \u003cTASK\u003e\n usb_start_wait_urb+0x101/0x4b0 drivers/usb/core/message.c:58\n usb_internal_control_msg drivers/usb/core/message.c:102 [inline]\n usb_control_msg+0x320/0x4a0 drivers/usb/core/message.c:153\n __usbnet_read_cmd+0xb9/0x390 drivers/net/usb/usbnet.c:2010\n usbnet_read_cmd+0x96/0xf0 drivers/net/usb/usbnet.c:2068\n pl_vendor_req drivers/net/usb/plusb.c:60 [inline]\n pl_set_QuickLink_features drivers/net/usb/plusb.c:75 [inline]\n pl_reset+0x2f/0xf0 drivers/net/usb/plusb.c:85\n usbnet_open+0xcc/0x5d0 drivers/net/usb/usbnet.c:889\n __dev_open+0x297/0x4d0 net/core/dev.c:1417\n __dev_change_flags+0x587/0x750 net/core/dev.c:8530\n dev_change_flags+0x97/0x170 net/core/dev.c:8602\n devinet_ioctl+0x15a2/0x1d70 net/ipv4/devinet.c:1147\n inet_ioctl+0x33f/0x380 net/ipv4/af_inet.c:979\n sock_do_ioctl+0xcc/0x230 net/socket.c:1169\n sock_ioctl+0x1f8/0x680 net/socket.c:1286\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x197/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe fix is to call usbnet_write_cmd() instead of usbnet_read_cmd() and\nremove the USB_DIR_IN flag."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:49.887Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f0ad46ef772438c0596df370450d8bdc8a12dbfb"
        },
        {
          "url": "https://git.kernel.org/stable/c/6f69307f625904feed189008381fd83bd1a35b63"
        },
        {
          "url": "https://git.kernel.org/stable/c/43379fcacea2dcee35d02efc9c8fe97807a503c9"
        },
        {
          "url": "https://git.kernel.org/stable/c/1be271c52bf3554edcb8d124d1f8c7f777ee5727"
        },
        {
          "url": "https://git.kernel.org/stable/c/25141fb4119112f4ebf8f00cf52014abbc8020b1"
        },
        {
          "url": "https://git.kernel.org/stable/c/0d2cf3fae701646061e295815bb7588d2f3671cc"
        },
        {
          "url": "https://git.kernel.org/stable/c/811d581194f7412eda97acc03d17fc77824b561f"
        }
      ],
      "title": "net: USB: Fix wrong-direction WARNING in plusb.c",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52742",
    "datePublished": "2024-05-21T15:23:04.513Z",
    "dateReserved": "2024-05-21T15:19:24.233Z",
    "dateUpdated": "2024-11-04T14:51:49.887Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52760

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

gfs2: Fix slab-use-after-free in gfs2_qd_dealloc

References

▼	URL	Tags
	https://git.kernel.org/stable/c/7ad4e0a4f61c57c3ca291ee010a9d677d0199fba
	https://git.kernel.org/stable/c/08a28272faa750d4357ea2cb48d2baefd778ea81
	https://git.kernel.org/stable/c/bdcb8aa434c6d36b5c215d02a9ef07551be25a37

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52760",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:26:22.936431Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:04.103Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.034Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7ad4e0a4f61c57c3ca291ee010a9d677d0199fba"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/08a28272faa750d4357ea2cb48d2baefd778ea81"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bdcb8aa434c6d36b5c215d02a9ef07551be25a37"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/gfs2/super.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7ad4e0a4f61c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "08a28272faa7",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "bdcb8aa434c6",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/gfs2/super.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.97",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix slab-use-after-free in gfs2_qd_dealloc\n\nIn gfs2_put_super(), whether withdrawn or not, the quota should\nbe cleaned up by gfs2_quota_cleanup().\n\nOtherwise, struct gfs2_sbd will be freed before gfs2_qd_dealloc (rcu\ncallback) has run for all gfs2_quota_data objects, resulting in\nuse-after-free.\n\nAlso, gfs2_destroy_threads() and gfs2_quota_cleanup() is already called\nby gfs2_make_fs_ro(), so in gfs2_put_super(), after calling\ngfs2_make_fs_ro(), there is no need to call them again."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:09.450Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7ad4e0a4f61c57c3ca291ee010a9d677d0199fba"
        },
        {
          "url": "https://git.kernel.org/stable/c/08a28272faa750d4357ea2cb48d2baefd778ea81"
        },
        {
          "url": "https://git.kernel.org/stable/c/bdcb8aa434c6d36b5c215d02a9ef07551be25a37"
        }
      ],
      "title": "gfs2: Fix slab-use-after-free in gfs2_qd_dealloc",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52760",
    "datePublished": "2024-05-21T15:30:46.427Z",
    "dateReserved": "2024-05-21T15:19:24.237Z",
    "dateUpdated": "2024-11-04T14:52:09.450Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52766

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler

References

▼	URL	Tags
	https://git.kernel.org/stable/c/d23ad76f240c0f597b7a9eb79905d246f27d40df
	https://git.kernel.org/stable/c/8be39f66915b40d26ea2c18ba84b5c3d5da6809b
	https://git.kernel.org/stable/c/7c2b91b30d74d7c407118ad72502d4ca28af1af6
	https://git.kernel.org/stable/c/4c86cb2321bd9c72d3b945ce7f747961beda8e65
	https://git.kernel.org/stable/c/45a832f989e520095429589d5b01b0c65da9b574

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52766",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:26:12.286527Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:28.810Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.533Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d23ad76f240c0f597b7a9eb79905d246f27d40df"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8be39f66915b40d26ea2c18ba84b5c3d5da6809b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7c2b91b30d74d7c407118ad72502d4ca28af1af6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4c86cb2321bd9c72d3b945ce7f747961beda8e65"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/45a832f989e520095429589d5b01b0c65da9b574"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/i3c/master/mipi-i3c-hci/dma.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d23ad76f240c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8be39f66915b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "7c2b91b30d74",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "4c86cb2321bd",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "45a832f989e5",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/i3c/master/mipi-i3c-hci/dma.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler\n\nDo not loop over ring headers in hci_dma_irq_handler() that are not\nallocated and enabled in hci_dma_init(). Otherwise out of bounds access\nwill occur from rings-\u003eheaders[i] access when i \u003e= number of allocated\nring headers."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:16.966Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d23ad76f240c0f597b7a9eb79905d246f27d40df"
        },
        {
          "url": "https://git.kernel.org/stable/c/8be39f66915b40d26ea2c18ba84b5c3d5da6809b"
        },
        {
          "url": "https://git.kernel.org/stable/c/7c2b91b30d74d7c407118ad72502d4ca28af1af6"
        },
        {
          "url": "https://git.kernel.org/stable/c/4c86cb2321bd9c72d3b945ce7f747961beda8e65"
        },
        {
          "url": "https://git.kernel.org/stable/c/45a832f989e520095429589d5b01b0c65da9b574"
        }
      ],
      "title": "i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52766",
    "datePublished": "2024-05-21T15:30:50.343Z",
    "dateReserved": "2024-05-21T15:19:24.238Z",
    "dateUpdated": "2024-11-04T14:52:16.966Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52764

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

media: gspca: cpia1: shift-out-of-bounds in set_flicker

References

▼	URL	Tags
	https://git.kernel.org/stable/c/69bba62600bd91d6b7c1e8ca181faf8ac64f7060
	https://git.kernel.org/stable/c/2eee8edfff90e22980a6b22079d238c3c9d323bb
	https://git.kernel.org/stable/c/8f83c85ee88225319c52680792320c02158c2a9b
	https://git.kernel.org/stable/c/c6b6b8692218da73b33b310d7c1df90f115bdd9a
	https://git.kernel.org/stable/c/09cd8b561aa9796903710a1046957f2b112c8f26
	https://git.kernel.org/stable/c/a647f27a7426d2fe1b40da7c8fa2b81354a51177
	https://git.kernel.org/stable/c/93bddd6529f187f510eec759f37d0569243c9809
	https://git.kernel.org/stable/c/e2d7149b913d14352c82624e723ce1c211ca06d3
	https://git.kernel.org/stable/c/099be1822d1f095433f4b08af9cc9d6308ec1953

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.774Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/69bba62600bd91d6b7c1e8ca181faf8ac64f7060"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2eee8edfff90e22980a6b22079d238c3c9d323bb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8f83c85ee88225319c52680792320c02158c2a9b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c6b6b8692218da73b33b310d7c1df90f115bdd9a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/09cd8b561aa9796903710a1046957f2b112c8f26"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a647f27a7426d2fe1b40da7c8fa2b81354a51177"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/93bddd6529f187f510eec759f37d0569243c9809"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e2d7149b913d14352c82624e723ce1c211ca06d3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/099be1822d1f095433f4b08af9cc9d6308ec1953"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52764",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:06.356182Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:31.755Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/usb/gspca/cpia1.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "69bba62600bd",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2eee8edfff90",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8f83c85ee882",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c6b6b8692218",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "09cd8b561aa9",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a647f27a7426",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "93bddd6529f1",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e2d7149b913d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "099be1822d1f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/usb/gspca/cpia1.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.331",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: gspca: cpia1: shift-out-of-bounds in set_flicker\n\nSyzkaller reported the following issue:\nUBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27\nshift exponent 245 is too large for 32-bit type \u0027int\u0027\n\nWhen the value of the variable \"sd-\u003eparams.exposure.gain\" exceeds the\nnumber of bits in an integer, a shift-out-of-bounds error is reported. It\nis triggered because the variable \"currentexp\" cannot be left-shifted by\nmore than the number of bits in an integer. In order to avoid invalid\nrange during left-shift, the conditional expression is added."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:14.544Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/69bba62600bd91d6b7c1e8ca181faf8ac64f7060"
        },
        {
          "url": "https://git.kernel.org/stable/c/2eee8edfff90e22980a6b22079d238c3c9d323bb"
        },
        {
          "url": "https://git.kernel.org/stable/c/8f83c85ee88225319c52680792320c02158c2a9b"
        },
        {
          "url": "https://git.kernel.org/stable/c/c6b6b8692218da73b33b310d7c1df90f115bdd9a"
        },
        {
          "url": "https://git.kernel.org/stable/c/09cd8b561aa9796903710a1046957f2b112c8f26"
        },
        {
          "url": "https://git.kernel.org/stable/c/a647f27a7426d2fe1b40da7c8fa2b81354a51177"
        },
        {
          "url": "https://git.kernel.org/stable/c/93bddd6529f187f510eec759f37d0569243c9809"
        },
        {
          "url": "https://git.kernel.org/stable/c/e2d7149b913d14352c82624e723ce1c211ca06d3"
        },
        {
          "url": "https://git.kernel.org/stable/c/099be1822d1f095433f4b08af9cc9d6308ec1953"
        }
      ],
      "title": "media: gspca: cpia1: shift-out-of-bounds in set_flicker",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52764",
    "datePublished": "2024-05-21T15:30:49.032Z",
    "dateReserved": "2024-05-21T15:19:24.238Z",
    "dateUpdated": "2024-11-04T14:52:14.544Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52850

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

media: hantro: Check whether reset op is defined before use

References

▼	URL	Tags
	https://git.kernel.org/stable/c/64f55cebb4339ae771e9e7f3f42bee2489e2fa00
	https://git.kernel.org/stable/c/66b4c5f980d741f3a47e4b65eeaf2797f2d59294
	https://git.kernel.org/stable/c/24c06295f28335ced3aad53dd4b0a0bae7b9b100
	https://git.kernel.org/stable/c/88d4b23a629ebd34f682f770cb6c2116c851f7b8

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52850",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:57:58.496286Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:55.563Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.232Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/64f55cebb4339ae771e9e7f3f42bee2489e2fa00"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/66b4c5f980d741f3a47e4b65eeaf2797f2d59294"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/24c06295f28335ced3aad53dd4b0a0bae7b9b100"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/88d4b23a629ebd34f682f770cb6c2116c851f7b8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/platform/verisilicon/hantro_drv.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "64f55cebb433",
              "status": "affected",
              "version": "6971efb70ac3",
              "versionType": "git"
            },
            {
              "lessThan": "66b4c5f980d7",
              "status": "affected",
              "version": "6971efb70ac3",
              "versionType": "git"
            },
            {
              "lessThan": "24c06295f283",
              "status": "affected",
              "version": "6971efb70ac3",
              "versionType": "git"
            },
            {
              "lessThan": "88d4b23a629e",
              "status": "affected",
              "version": "6971efb70ac3",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/platform/verisilicon/hantro_drv.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.18"
            },
            {
              "lessThan": "5.18",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: hantro: Check whether reset op is defined before use\n\nThe i.MX8MM/N/P does not define the .reset op since reset of the VPU is\ndone by genpd. Check whether the .reset op is defined before calling it\nto avoid NULL pointer dereference.\n\nNote that the Fixes tag is set to the commit which removed the reset op\nfrom i.MX8M Hantro G2 implementation, this is because before this commit\nall the implementations did define the .reset op."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:50.599Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/64f55cebb4339ae771e9e7f3f42bee2489e2fa00"
        },
        {
          "url": "https://git.kernel.org/stable/c/66b4c5f980d741f3a47e4b65eeaf2797f2d59294"
        },
        {
          "url": "https://git.kernel.org/stable/c/24c06295f28335ced3aad53dd4b0a0bae7b9b100"
        },
        {
          "url": "https://git.kernel.org/stable/c/88d4b23a629ebd34f682f770cb6c2116c851f7b8"
        }
      ],
      "title": "media: hantro: Check whether reset op is defined before use",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52850",
    "datePublished": "2024-05-21T15:31:46.545Z",
    "dateReserved": "2024-05-21T15:19:24.255Z",
    "dateUpdated": "2024-11-04T14:53:50.599Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52832

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Summary

wifi: mac80211: don't return unset power in ieee80211_get_tx_power()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/1571120c44dbe5757aee1612c5b6097cdc42710f
	https://git.kernel.org/stable/c/298e767362cade639b7121ecb3cc5345b6529f62
	https://git.kernel.org/stable/c/efeae5f4972f75d50002bc50eb112ab9e7069b18
	https://git.kernel.org/stable/c/717de20abdcd1d4993fa450e28b8086a352620ea
	https://git.kernel.org/stable/c/21a0f310a9f3bfd2b4cf4f382430e638607db846
	https://git.kernel.org/stable/c/2be24c47ac19bf639c48c082486c08888bd603c6
	https://git.kernel.org/stable/c/adc2474d823fe81d8da759207f4f1d3691aa775a
	https://git.kernel.org/stable/c/5a94cffe90e20e8fade0b9abd4370bd671fe87c7
	https://git.kernel.org/stable/c/e160ab85166e77347d0cbe5149045cb25e83937f

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "1da177e4c3f4"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "4.14.331"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "4.19.300"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.4.262"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.10.202"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.15.140"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.1.64"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.5.13"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.6.3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.7"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52832",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T19:51:54.630981Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-920",
                "description": "CWE-920 Improper Restriction of Power Consumption",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:01.577Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.043Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1571120c44dbe5757aee1612c5b6097cdc42710f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/298e767362cade639b7121ecb3cc5345b6529f62"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/efeae5f4972f75d50002bc50eb112ab9e7069b18"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/717de20abdcd1d4993fa450e28b8086a352620ea"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/21a0f310a9f3bfd2b4cf4f382430e638607db846"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2be24c47ac19bf639c48c082486c08888bd603c6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/adc2474d823fe81d8da759207f4f1d3691aa775a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5a94cffe90e20e8fade0b9abd4370bd671fe87c7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e160ab85166e77347d0cbe5149045cb25e83937f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/mac80211/cfg.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1571120c44db",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "298e767362ca",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "efeae5f4972f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "717de20abdcd",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "21a0f310a9f3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2be24c47ac19",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "adc2474d823f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "5a94cffe90e2",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e160ab85166e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/mac80211/cfg.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.331",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don\u0027t return unset power in ieee80211_get_tx_power()\n\nWe can get a UBSAN warning if ieee80211_get_tx_power() returns the\nINT_MIN value mac80211 internally uses for \"unset power level\".\n\n UBSAN: signed-integer-overflow in net/wireless/nl80211.c:3816:5\n -2147483648 * 100 cannot be represented in type \u0027int\u0027\n CPU: 0 PID: 20433 Comm: insmod Tainted: G        WC OE\n Call Trace:\n  dump_stack+0x74/0x92\n  ubsan_epilogue+0x9/0x50\n  handle_overflow+0x8d/0xd0\n  __ubsan_handle_mul_overflow+0xe/0x10\n  nl80211_send_iface+0x688/0x6b0 [cfg80211]\n  [...]\n  cfg80211_register_wdev+0x78/0xb0 [cfg80211]\n  cfg80211_netdev_notifier_call+0x200/0x620 [cfg80211]\n  [...]\n  ieee80211_if_add+0x60e/0x8f0 [mac80211]\n  ieee80211_register_hw+0xda5/0x1170 [mac80211]\n\nIn this case, simply return an error instead, to indicate\nthat no data is available."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:29.175Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1571120c44dbe5757aee1612c5b6097cdc42710f"
        },
        {
          "url": "https://git.kernel.org/stable/c/298e767362cade639b7121ecb3cc5345b6529f62"
        },
        {
          "url": "https://git.kernel.org/stable/c/efeae5f4972f75d50002bc50eb112ab9e7069b18"
        },
        {
          "url": "https://git.kernel.org/stable/c/717de20abdcd1d4993fa450e28b8086a352620ea"
        },
        {
          "url": "https://git.kernel.org/stable/c/21a0f310a9f3bfd2b4cf4f382430e638607db846"
        },
        {
          "url": "https://git.kernel.org/stable/c/2be24c47ac19bf639c48c082486c08888bd603c6"
        },
        {
          "url": "https://git.kernel.org/stable/c/adc2474d823fe81d8da759207f4f1d3691aa775a"
        },
        {
          "url": "https://git.kernel.org/stable/c/5a94cffe90e20e8fade0b9abd4370bd671fe87c7"
        },
        {
          "url": "https://git.kernel.org/stable/c/e160ab85166e77347d0cbe5149045cb25e83937f"
        }
      ],
      "title": "wifi: mac80211: don\u0027t return unset power in ieee80211_get_tx_power()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52832",
    "datePublished": "2024-05-21T15:31:34.247Z",
    "dateReserved": "2024-05-21T15:19:24.252Z",
    "dateUpdated": "2024-11-04T14:53:29.175Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47484

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-07 15:25

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

octeontx2-af: Fix possible null pointer dereference.

References

▼	URL	Tags
	https://git.kernel.org/stable/c/f1e3cd1cc80204fd02b9e9843450925a2af90dc0
	https://git.kernel.org/stable/c/c2d4c543f74c90f883e8ec62a31973ae8807d354

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47484",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T17:09:25.005976Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T15:25:53.559Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.787Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f1e3cd1cc80204fd02b9e9843450925a2af90dc0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c2d4c543f74c90f883e8ec62a31973ae8807d354"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/marvell/octeontx2/af/rvu_debugfs.c",
            "drivers/net/ethernet/marvell/octeontx2/af/rvu_nix.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f1e3cd1cc802",
              "status": "affected",
              "version": "8756828a8148",
              "versionType": "git"
            },
            {
              "lessThan": "c2d4c543f74c",
              "status": "affected",
              "version": "8756828a8148",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/marvell/octeontx2/af/rvu_debugfs.c",
            "drivers/net/ethernet/marvell/octeontx2/af/rvu_nix.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.5"
            },
            {
              "lessThan": "5.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Fix possible null pointer dereference.\n\nThis patch fixes possible null pointer dereference in files\n\"rvu_debugfs.c\" and \"rvu_nix.c\""
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:49.563Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f1e3cd1cc80204fd02b9e9843450925a2af90dc0"
        },
        {
          "url": "https://git.kernel.org/stable/c/c2d4c543f74c90f883e8ec62a31973ae8807d354"
        }
      ],
      "title": "octeontx2-af: Fix possible null pointer dereference.",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47484",
    "datePublished": "2024-05-22T08:19:35.503Z",
    "dateReserved": "2024-05-22T06:20:56.201Z",
    "dateUpdated": "2024-11-07T15:25:53.559Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52707

Vulnerability from cvelistv5

Published

2024-05-21 15:22

Modified

2024-11-04 14:51

Severity ?

Summary

sched/psi: Fix use-after-free in ep_remove_wait_queue()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/7caeb5457bd01ccba0df1d6f4872f20d28e50b38
	https://git.kernel.org/stable/c/ec9c7aa08819f976b2492fa63c41b5712d2924b5
	https://git.kernel.org/stable/c/cca2b3feb70170ef6f0fbc4b4d91eea235a2b73a
	https://git.kernel.org/stable/c/c6879a4dcefe92d870ab68cabaa9caeda4f2af5a
	https://git.kernel.org/stable/c/c2dbe32d5db5c4ead121cf86dabd5ab691fb47fe

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52707",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:37:08.537145Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:37:46.100Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.459Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7caeb5457bd01ccba0df1d6f4872f20d28e50b38"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ec9c7aa08819f976b2492fa63c41b5712d2924b5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cca2b3feb70170ef6f0fbc4b4d91eea235a2b73a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c6879a4dcefe92d870ab68cabaa9caeda4f2af5a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c2dbe32d5db5c4ead121cf86dabd5ab691fb47fe"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/sched/psi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7caeb5457bd0",
              "status": "affected",
              "version": "0e94682b73bf",
              "versionType": "git"
            },
            {
              "lessThan": "ec9c7aa08819",
              "status": "affected",
              "version": "0e94682b73bf",
              "versionType": "git"
            },
            {
              "lessThan": "cca2b3feb701",
              "status": "affected",
              "version": "0e94682b73bf",
              "versionType": "git"
            },
            {
              "lessThan": "c6879a4dcefe",
              "status": "affected",
              "version": "0e94682b73bf",
              "versionType": "git"
            },
            {
              "lessThan": "c2dbe32d5db5",
              "status": "affected",
              "version": "0e94682b73bf",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/sched/psi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.2"
            },
            {
              "lessThan": "5.2",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.232",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.169",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.95",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/psi: Fix use-after-free in ep_remove_wait_queue()\n\nIf a non-root cgroup gets removed when there is a thread that registered\ntrigger and is polling on a pressure file within the cgroup, the polling\nwaitqueue gets freed in the following path:\n\n do_rmdir\n   cgroup_rmdir\n     kernfs_drain_open_files\n       cgroup_file_release\n         cgroup_pressure_release\n           psi_trigger_destroy\n\nHowever, the polling thread still has a reference to the pressure file and\nwill access the freed waitqueue when the file is closed or upon exit:\n\n fput\n   ep_eventpoll_release\n     ep_free\n       ep_remove_wait_queue\n         remove_wait_queue\n\nThis results in use-after-free as pasted below.\n\nThe fundamental problem here is that cgroup_file_release() (and\nconsequently waitqueue\u0027s lifetime) is not tied to the file\u0027s real lifetime.\nUsing wake_up_pollfree() here might be less than ideal, but it is in line\nwith the comment at commit 42288cb44c4b (\"wait: add wake_up_pollfree()\")\nsince the waitqueue\u0027s lifetime is not tied to file\u0027s one and can be\nconsidered as another special case. While this would be fixable by somehow\nmaking cgroup_file_release() be tied to the fput(), it would require\nsizable refactoring at cgroups or higher layer which might be more\njustifiable if we identify more cases like this.\n\n  BUG: KASAN: use-after-free in _raw_spin_lock_irqsave+0x60/0xc0\n  Write of size 4 at addr ffff88810e625328 by task a.out/4404\n\n\tCPU: 19 PID: 4404 Comm: a.out Not tainted 6.2.0-rc6 #38\n\tHardware name: Amazon EC2 c5a.8xlarge/, BIOS 1.0 10/16/2017\n\tCall Trace:\n\t\u003cTASK\u003e\n\tdump_stack_lvl+0x73/0xa0\n\tprint_report+0x16c/0x4e0\n\tkasan_report+0xc3/0xf0\n\tkasan_check_range+0x2d2/0x310\n\t_raw_spin_lock_irqsave+0x60/0xc0\n\tremove_wait_queue+0x1a/0xa0\n\tep_free+0x12c/0x170\n\tep_eventpoll_release+0x26/0x30\n\t__fput+0x202/0x400\n\ttask_work_run+0x11d/0x170\n\tdo_exit+0x495/0x1130\n\tdo_group_exit+0x100/0x100\n\tget_signal+0xd67/0xde0\n\tarch_do_signal_or_restart+0x2a/0x2b0\n\texit_to_user_mode_prepare+0x94/0x100\n\tsyscall_exit_to_user_mode+0x20/0x40\n\tdo_syscall_64+0x52/0x90\n\tentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\t\u003c/TASK\u003e\n\n Allocated by task 4404:\n\n\tkasan_set_track+0x3d/0x60\n\t__kasan_kmalloc+0x85/0x90\n\tpsi_trigger_create+0x113/0x3e0\n\tpressure_write+0x146/0x2e0\n\tcgroup_file_write+0x11c/0x250\n\tkernfs_fop_write_iter+0x186/0x220\n\tvfs_write+0x3d8/0x5c0\n\tksys_write+0x90/0x110\n\tdo_syscall_64+0x43/0x90\n\tentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\n Freed by task 4407:\n\n\tkasan_set_track+0x3d/0x60\n\tkasan_save_free_info+0x27/0x40\n\t____kasan_slab_free+0x11d/0x170\n\tslab_free_freelist_hook+0x87/0x150\n\t__kmem_cache_free+0xcb/0x180\n\tpsi_trigger_destroy+0x2e8/0x310\n\tcgroup_file_release+0x4f/0xb0\n\tkernfs_drain_open_files+0x165/0x1f0\n\tkernfs_drain+0x162/0x1a0\n\t__kernfs_remove+0x1fb/0x310\n\tkernfs_remove_by_name_ns+0x95/0xe0\n\tcgroup_addrm_files+0x67f/0x700\n\tcgroup_destroy_locked+0x283/0x3c0\n\tcgroup_rmdir+0x29/0x100\n\tkernfs_iop_rmdir+0xd1/0x140\n\tvfs_rmdir+0xfe/0x240\n\tdo_rmdir+0x13d/0x280\n\t__x64_sys_rmdir+0x2c/0x30\n\tdo_syscall_64+0x43/0x90\n\tentry_SYSCALL_64_after_hwframe+0x63/0xcd"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:34.373Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7caeb5457bd01ccba0df1d6f4872f20d28e50b38"
        },
        {
          "url": "https://git.kernel.org/stable/c/ec9c7aa08819f976b2492fa63c41b5712d2924b5"
        },
        {
          "url": "https://git.kernel.org/stable/c/cca2b3feb70170ef6f0fbc4b4d91eea235a2b73a"
        },
        {
          "url": "https://git.kernel.org/stable/c/c6879a4dcefe92d870ab68cabaa9caeda4f2af5a"
        },
        {
          "url": "https://git.kernel.org/stable/c/c2dbe32d5db5c4ead121cf86dabd5ab691fb47fe"
        }
      ],
      "title": "sched/psi: Fix use-after-free in ep_remove_wait_queue()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52707",
    "datePublished": "2024-05-21T15:22:55.315Z",
    "dateReserved": "2024-03-07T14:49:46.891Z",
    "dateUpdated": "2024-11-04T14:51:34.373Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47259

Vulnerability from cvelistv5

Published

2024-05-21 14:19

Modified

2024-11-04 12:02

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

NFS: Fix use-after-free in nfs4_init_client()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/c7eab9e2d7b4e983ce280276fb920af649955897
	https://git.kernel.org/stable/c/42c10b0db064e45f5c5ae7019bbf2168ffab766c
	https://git.kernel.org/stable/c/3e3c7ebbfac152d08be75c92802a64a1f6471a15
	https://git.kernel.org/stable/c/c3b6cf64dfe4ef96e7341508d50d6998da7062c7
	https://git.kernel.org/stable/c/72651c6579a25317a90536181d311c663d0329ab
	https://git.kernel.org/stable/c/476bdb04c501fc64bf3b8464ffddefc8dbe01577

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:4.13:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "4.13"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "476bdb04c501",
                "status": "affected",
                "version": "8dcbec6d20eb",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47259",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T16:41:04.603993Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:09.514Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:07.994Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c7eab9e2d7b4e983ce280276fb920af649955897"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/42c10b0db064e45f5c5ae7019bbf2168ffab766c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3e3c7ebbfac152d08be75c92802a64a1f6471a15"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c3b6cf64dfe4ef96e7341508d50d6998da7062c7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/72651c6579a25317a90536181d311c663d0329ab"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/476bdb04c501fc64bf3b8464ffddefc8dbe01577"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/nfs/nfs4client.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c7eab9e2d7b4",
              "status": "affected",
              "version": "8dcbec6d20eb",
              "versionType": "git"
            },
            {
              "lessThan": "42c10b0db064",
              "status": "affected",
              "version": "8dcbec6d20eb",
              "versionType": "git"
            },
            {
              "lessThan": "3e3c7ebbfac1",
              "status": "affected",
              "version": "8dcbec6d20eb",
              "versionType": "git"
            },
            {
              "lessThan": "c3b6cf64dfe4",
              "status": "affected",
              "version": "8dcbec6d20eb",
              "versionType": "git"
            },
            {
              "lessThan": "72651c6579a2",
              "status": "affected",
              "version": "8dcbec6d20eb",
              "versionType": "git"
            },
            {
              "lessThan": "476bdb04c501",
              "status": "affected",
              "version": "8dcbec6d20eb",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/nfs/nfs4client.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.13"
            },
            {
              "lessThan": "4.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.237",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.195",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.126",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.44",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix use-after-free in nfs4_init_client()\n\nKASAN reports a use-after-free when attempting to mount two different\nexports through two different NICs that belong to the same server.\n\nOlga was able to hit this with kernels starting somewhere between 5.7\nand 5.10, but I traced the patch that introduced the clear_bit() call to\n4.13. So something must have changed in the refcounting of the clp\npointer to make this call to nfs_put_client() the very last one."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:02:28.785Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c7eab9e2d7b4e983ce280276fb920af649955897"
        },
        {
          "url": "https://git.kernel.org/stable/c/42c10b0db064e45f5c5ae7019bbf2168ffab766c"
        },
        {
          "url": "https://git.kernel.org/stable/c/3e3c7ebbfac152d08be75c92802a64a1f6471a15"
        },
        {
          "url": "https://git.kernel.org/stable/c/c3b6cf64dfe4ef96e7341508d50d6998da7062c7"
        },
        {
          "url": "https://git.kernel.org/stable/c/72651c6579a25317a90536181d311c663d0329ab"
        },
        {
          "url": "https://git.kernel.org/stable/c/476bdb04c501fc64bf3b8464ffddefc8dbe01577"
        }
      ],
      "title": "NFS: Fix use-after-free in nfs4_init_client()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47259",
    "datePublished": "2024-05-21T14:19:52.738Z",
    "dateReserved": "2024-05-21T13:27:52.125Z",
    "dateUpdated": "2024-11-04T12:02:28.785Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52741

Vulnerability from cvelistv5

Published

2024-05-21 15:23

Modified

2024-11-04 14:51

Severity ?

Summary

cifs: Fix use-after-free in rdata->read_into_pages()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/2b693fe3f760c87fd9768e759f6297f743a1b3b0
	https://git.kernel.org/stable/c/d1fba1e096ffc7ec11df863a97c50203c47315b9
	https://git.kernel.org/stable/c/3684a2f6affa1ca52a5d4a12f04d0652efdee65e
	https://git.kernel.org/stable/c/aa5465aeca3c66fecdf7efcf554aed79b4c4b211

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52741",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-28T15:46:03.268177Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:17.508Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.667Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2b693fe3f760c87fd9768e759f6297f743a1b3b0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d1fba1e096ffc7ec11df863a97c50203c47315b9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3684a2f6affa1ca52a5d4a12f04d0652efdee65e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/aa5465aeca3c66fecdf7efcf554aed79b4c4b211"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/cifs/file.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2b693fe3f760",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d1fba1e096ff",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "3684a2f6affa",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "aa5465aeca3c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/cifs/file.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.168",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.94",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix use-after-free in rdata-\u003eread_into_pages()\n\nWhen the network status is unstable, use-after-free may occur when\nread data from the server.\n\n  BUG: KASAN: use-after-free in readpages_fill_pages+0x14c/0x7e0\n\n  Call Trace:\n   \u003cTASK\u003e\n   dump_stack_lvl+0x38/0x4c\n   print_report+0x16f/0x4a6\n   kasan_report+0xb7/0x130\n   readpages_fill_pages+0x14c/0x7e0\n   cifs_readv_receive+0x46d/0xa40\n   cifs_demultiplex_thread+0x121c/0x1490\n   kthread+0x16b/0x1a0\n   ret_from_fork+0x2c/0x50\n   \u003c/TASK\u003e\n\n  Allocated by task 2535:\n   kasan_save_stack+0x22/0x50\n   kasan_set_track+0x25/0x30\n   __kasan_kmalloc+0x82/0x90\n   cifs_readdata_direct_alloc+0x2c/0x110\n   cifs_readdata_alloc+0x2d/0x60\n   cifs_readahead+0x393/0xfe0\n   read_pages+0x12f/0x470\n   page_cache_ra_unbounded+0x1b1/0x240\n   filemap_get_pages+0x1c8/0x9a0\n   filemap_read+0x1c0/0x540\n   cifs_strict_readv+0x21b/0x240\n   vfs_read+0x395/0x4b0\n   ksys_read+0xb8/0x150\n   do_syscall_64+0x3f/0x90\n   entry_SYSCALL_64_after_hwframe+0x72/0xdc\n\n  Freed by task 79:\n   kasan_save_stack+0x22/0x50\n   kasan_set_track+0x25/0x30\n   kasan_save_free_info+0x2e/0x50\n   __kasan_slab_free+0x10e/0x1a0\n   __kmem_cache_free+0x7a/0x1a0\n   cifs_readdata_release+0x49/0x60\n   process_one_work+0x46c/0x760\n   worker_thread+0x2a4/0x6f0\n   kthread+0x16b/0x1a0\n   ret_from_fork+0x2c/0x50\n\n  Last potentially related work creation:\n   kasan_save_stack+0x22/0x50\n   __kasan_record_aux_stack+0x95/0xb0\n   insert_work+0x2b/0x130\n   __queue_work+0x1fe/0x660\n   queue_work_on+0x4b/0x60\n   smb2_readv_callback+0x396/0x800\n   cifs_abort_connection+0x474/0x6a0\n   cifs_reconnect+0x5cb/0xa50\n   cifs_readv_from_socket.cold+0x22/0x6c\n   cifs_read_page_from_socket+0xc1/0x100\n   readpages_fill_pages.cold+0x2f/0x46\n   cifs_readv_receive+0x46d/0xa40\n   cifs_demultiplex_thread+0x121c/0x1490\n   kthread+0x16b/0x1a0\n   ret_from_fork+0x2c/0x50\n\nThe following function calls will cause UAF of the rdata pointer.\n\nreadpages_fill_pages\n cifs_read_page_from_socket\n  cifs_readv_from_socket\n   cifs_reconnect\n    __cifs_reconnect\n     cifs_abort_connection\n      mid-\u003ecallback() --\u003e smb2_readv_callback\n       queue_work(\u0026rdata-\u003ework)  # if the worker completes first,\n                                 # the rdata is freed\n          cifs_readv_complete\n            kref_put\n              cifs_readdata_release\n                kfree(rdata)\n return rdata-\u003e...               # UAF in readpages_fill_pages()\n\nSimilarly, this problem also occurs in the uncache_fill_pages().\n\nFix this by adjusts the order of condition judgment in the return\nstatement."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:48.728Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2b693fe3f760c87fd9768e759f6297f743a1b3b0"
        },
        {
          "url": "https://git.kernel.org/stable/c/d1fba1e096ffc7ec11df863a97c50203c47315b9"
        },
        {
          "url": "https://git.kernel.org/stable/c/3684a2f6affa1ca52a5d4a12f04d0652efdee65e"
        },
        {
          "url": "https://git.kernel.org/stable/c/aa5465aeca3c66fecdf7efcf554aed79b4c4b211"
        }
      ],
      "title": "cifs: Fix use-after-free in rdata-\u003eread_into_pages()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52741",
    "datePublished": "2024-05-21T15:23:03.867Z",
    "dateReserved": "2024-05-21T15:19:24.233Z",
    "dateUpdated": "2024-11-04T14:51:48.728Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52844

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

media: vidtv: psi: Add check for kstrdup

References

▼	URL	Tags
	https://git.kernel.org/stable/c/3387490c89b10aeb4e71d78b65dbc9ba4b2385b9
	https://git.kernel.org/stable/c/d17269fb9161995303985ab2fe6f16cfb72152f9
	https://git.kernel.org/stable/c/5c26aae3723965c291c65dd2ecad6a3240d422b0
	https://git.kernel.org/stable/c/5cfcc8de7d733a1137b86954cc28ce99972311ad
	https://git.kernel.org/stable/c/a51335704a3f90eaf23a6864faefca34b382490a
	https://git.kernel.org/stable/c/76a2c5df6ca8bd8ada45e953b8c72b746f42918d

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "7a7899f6f58e"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "5.10"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.10.201"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.15.139"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.1.63"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.5.12"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.6.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.7"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.2,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52844",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T19:28:09.029238Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:14.051Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.084Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3387490c89b10aeb4e71d78b65dbc9ba4b2385b9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d17269fb9161995303985ab2fe6f16cfb72152f9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5c26aae3723965c291c65dd2ecad6a3240d422b0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5cfcc8de7d733a1137b86954cc28ce99972311ad"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a51335704a3f90eaf23a6864faefca34b382490a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/76a2c5df6ca8bd8ada45e953b8c72b746f42918d"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/test-drivers/vidtv/vidtv_psi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "3387490c89b1",
              "status": "affected",
              "version": "7a7899f6f58e",
              "versionType": "git"
            },
            {
              "lessThan": "d17269fb9161",
              "status": "affected",
              "version": "7a7899f6f58e",
              "versionType": "git"
            },
            {
              "lessThan": "5c26aae37239",
              "status": "affected",
              "version": "7a7899f6f58e",
              "versionType": "git"
            },
            {
              "lessThan": "5cfcc8de7d73",
              "status": "affected",
              "version": "7a7899f6f58e",
              "versionType": "git"
            },
            {
              "lessThan": "a51335704a3f",
              "status": "affected",
              "version": "7a7899f6f58e",
              "versionType": "git"
            },
            {
              "lessThan": "76a2c5df6ca8",
              "status": "affected",
              "version": "7a7899f6f58e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/test-drivers/vidtv/vidtv_psi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.10"
            },
            {
              "lessThan": "5.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: psi: Add check for kstrdup\n\nAdd check for the return value of kstrdup() and return the error\nif it fails in order to avoid NULL pointer dereference."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:43.448Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/3387490c89b10aeb4e71d78b65dbc9ba4b2385b9"
        },
        {
          "url": "https://git.kernel.org/stable/c/d17269fb9161995303985ab2fe6f16cfb72152f9"
        },
        {
          "url": "https://git.kernel.org/stable/c/5c26aae3723965c291c65dd2ecad6a3240d422b0"
        },
        {
          "url": "https://git.kernel.org/stable/c/5cfcc8de7d733a1137b86954cc28ce99972311ad"
        },
        {
          "url": "https://git.kernel.org/stable/c/a51335704a3f90eaf23a6864faefca34b382490a"
        },
        {
          "url": "https://git.kernel.org/stable/c/76a2c5df6ca8bd8ada45e953b8c72b746f42918d"
        }
      ],
      "title": "media: vidtv: psi: Add check for kstrdup",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52844",
    "datePublished": "2024-05-21T15:31:42.527Z",
    "dateReserved": "2024-05-21T15:19:24.254Z",
    "dateUpdated": "2024-11-04T14:53:43.448Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47485

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:06

Severity ?

Summary

IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields

References

▼	URL	Tags
	https://git.kernel.org/stable/c/bda41654b6e0c125a624ca35d6d20beb8015b5d0
	https://git.kernel.org/stable/c/3f57c3f67fd93b4da86aeffea1ca32c484d054ad
	https://git.kernel.org/stable/c/60833707b968d5ae02a75edb7886dcd4a957cf0d
	https://git.kernel.org/stable/c/73d2892148aa4397a885b4f4afcfc5b27a325c42
	https://git.kernel.org/stable/c/0f8cdfff06829a0b0348b6debc29ff6a61967724
	https://git.kernel.org/stable/c/c3e17e58f571f34c51aeb17274ed02c2ed5cf780
	https://git.kernel.org/stable/c/0d4395477741608d123dad51def9fe50b7ebe952
	https://git.kernel.org/stable/c/d39bf40e55e666b5905fdbd46a0dced030ce87be

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47485",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:45:08.968768Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:26.389Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.745Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bda41654b6e0c125a624ca35d6d20beb8015b5d0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3f57c3f67fd93b4da86aeffea1ca32c484d054ad"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/60833707b968d5ae02a75edb7886dcd4a957cf0d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/73d2892148aa4397a885b4f4afcfc5b27a325c42"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0f8cdfff06829a0b0348b6debc29ff6a61967724"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c3e17e58f571f34c51aeb17274ed02c2ed5cf780"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0d4395477741608d123dad51def9fe50b7ebe952"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d39bf40e55e666b5905fdbd46a0dced030ce87be"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/hw/qib/qib_user_sdma.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "bda41654b6e0",
              "status": "affected",
              "version": "f931551bafe1",
              "versionType": "git"
            },
            {
              "lessThan": "3f57c3f67fd9",
              "status": "affected",
              "version": "f931551bafe1",
              "versionType": "git"
            },
            {
              "lessThan": "60833707b968",
              "status": "affected",
              "version": "f931551bafe1",
              "versionType": "git"
            },
            {
              "lessThan": "73d2892148aa",
              "status": "affected",
              "version": "f931551bafe1",
              "versionType": "git"
            },
            {
              "lessThan": "0f8cdfff0682",
              "status": "affected",
              "version": "f931551bafe1",
              "versionType": "git"
            },
            {
              "lessThan": "c3e17e58f571",
              "status": "affected",
              "version": "f931551bafe1",
              "versionType": "git"
            },
            {
              "lessThan": "0d4395477741",
              "status": "affected",
              "version": "f931551bafe1",
              "versionType": "git"
            },
            {
              "lessThan": "d39bf40e55e6",
              "status": "affected",
              "version": "f931551bafe1",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/hw/qib/qib_user_sdma.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.35"
            },
            {
              "lessThan": "2.6.35",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.292",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.255",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.216",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.157",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.77",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields\n\nOverflowing either addrlimit or bytes_togo can allow userspace to trigger\na buffer overflow of kernel memory. Check for overflows in all the places\ndoing math on user controlled buffers."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:50.705Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/bda41654b6e0c125a624ca35d6d20beb8015b5d0"
        },
        {
          "url": "https://git.kernel.org/stable/c/3f57c3f67fd93b4da86aeffea1ca32c484d054ad"
        },
        {
          "url": "https://git.kernel.org/stable/c/60833707b968d5ae02a75edb7886dcd4a957cf0d"
        },
        {
          "url": "https://git.kernel.org/stable/c/73d2892148aa4397a885b4f4afcfc5b27a325c42"
        },
        {
          "url": "https://git.kernel.org/stable/c/0f8cdfff06829a0b0348b6debc29ff6a61967724"
        },
        {
          "url": "https://git.kernel.org/stable/c/c3e17e58f571f34c51aeb17274ed02c2ed5cf780"
        },
        {
          "url": "https://git.kernel.org/stable/c/0d4395477741608d123dad51def9fe50b7ebe952"
        },
        {
          "url": "https://git.kernel.org/stable/c/d39bf40e55e666b5905fdbd46a0dced030ce87be"
        }
      ],
      "title": "IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47485",
    "datePublished": "2024-05-22T08:19:36.158Z",
    "dateReserved": "2024-05-22T06:20:56.201Z",
    "dateUpdated": "2024-11-04T12:06:50.705Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52848

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

f2fs: fix to drop meta_inode's page cache in f2fs_put_super()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/eb42e1862aa7934c2c21890097ce4993c5e0d192
	https://git.kernel.org/stable/c/10b2a6c0dade67b5a2b2d17fb75c457ea1985fad
	https://git.kernel.org/stable/c/a4639380bbe66172df329f8b54aa7d2e943f0f64

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52848",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T17:54:45.651350Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:06.214Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.923Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eb42e1862aa7934c2c21890097ce4993c5e0d192"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/10b2a6c0dade67b5a2b2d17fb75c457ea1985fad"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a4639380bbe66172df329f8b54aa7d2e943f0f64"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/f2fs/super.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "eb42e1862aa7",
              "status": "affected",
              "version": "20872584b8c0",
              "versionType": "git"
            },
            {
              "lessThan": "10b2a6c0dade",
              "status": "affected",
              "version": "20872584b8c0",
              "versionType": "git"
            },
            {
              "lessThan": "a4639380bbe6",
              "status": "affected",
              "version": "20872584b8c0",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/f2fs/super.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.5"
            },
            {
              "lessThan": "6.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to drop meta_inode\u0027s page cache in f2fs_put_super()\n\nsyzbot reports a kernel bug as below:\n\nF2FS-fs (loop1): detect filesystem reference count leak during umount, type: 10, count: 1\nkernel BUG at fs/f2fs/super.c:1639!\nCPU: 0 PID: 15451 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-09338-ge0152e7481c6 #0\nRIP: 0010:f2fs_put_super+0xce1/0xed0 fs/f2fs/super.c:1639\nCall Trace:\n generic_shutdown_super+0x161/0x3c0 fs/super.c:693\n kill_block_super+0x3b/0x70 fs/super.c:1646\n kill_f2fs_super+0x2b7/0x3d0 fs/f2fs/super.c:4879\n deactivate_locked_super+0x9a/0x170 fs/super.c:481\n deactivate_super+0xde/0x100 fs/super.c:514\n cleanup_mnt+0x222/0x3d0 fs/namespace.c:1254\n task_work_run+0x14d/0x240 kernel/task_work.c:179\n resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]\n exit_to_user_mode_loop kernel/entry/common.c:171 [inline]\n exit_to_user_mode_prepare+0x210/0x240 kernel/entry/common.c:204\n __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]\n syscall_exit_to_user_mode+0x1d/0x60 kernel/entry/common.c:296\n do_syscall_64+0x44/0xb0 arch/x86/entry/common.c:86\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nIn f2fs_put_super(), it tries to do sanity check on dirty and IO\nreference count of f2fs, once there is any reference count leak,\nit will trigger panic.\n\nThe root case is, during f2fs_put_super(), if there is any IO error\nin f2fs_wait_on_all_pages(), we missed to truncate meta_inode\u0027s page\ncache later, result in panic, fix this case."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:48.202Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/eb42e1862aa7934c2c21890097ce4993c5e0d192"
        },
        {
          "url": "https://git.kernel.org/stable/c/10b2a6c0dade67b5a2b2d17fb75c457ea1985fad"
        },
        {
          "url": "https://git.kernel.org/stable/c/a4639380bbe66172df329f8b54aa7d2e943f0f64"
        }
      ],
      "title": "f2fs: fix to drop meta_inode\u0027s page cache in f2fs_put_super()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52848",
    "datePublished": "2024-05-21T15:31:45.196Z",
    "dateReserved": "2024-05-21T15:19:24.255Z",
    "dateUpdated": "2024-11-04T14:53:48.202Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47493

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:06

Severity ?

Summary

ocfs2: fix race between searching chunks and release journal_head from buffer_head

References

▼	URL	Tags
	https://git.kernel.org/stable/c/5043fbd294f5909a080ade0f04b70a4da9e122b7
	https://git.kernel.org/stable/c/2e382600e8856ea654677b5134ee66e03ea72bc2
	https://git.kernel.org/stable/c/6f1b228529ae49b0f85ab89bcdb6c365df401558

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47493",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-06T18:35:17.607326Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-06T18:35:30.175Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.750Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5043fbd294f5909a080ade0f04b70a4da9e122b7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2e382600e8856ea654677b5134ee66e03ea72bc2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6f1b228529ae49b0f85ab89bcdb6c365df401558"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/ocfs2/suballoc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5043fbd294f5",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2e382600e885",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6f1b228529ae",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/ocfs2/suballoc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.77",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix race between searching chunks and release journal_head from buffer_head\n\nEncountered a race between ocfs2_test_bg_bit_allocatable() and\njbd2_journal_put_journal_head() resulting in the below vmcore.\n\n  PID: 106879  TASK: ffff880244ba9c00  CPU: 2   COMMAND: \"loop3\"\n  Call trace:\n    panic\n    oops_end\n    no_context\n    __bad_area_nosemaphore\n    bad_area_nosemaphore\n    __do_page_fault\n    do_page_fault\n    page_fault\n      [exception RIP: ocfs2_block_group_find_clear_bits+316]\n    ocfs2_block_group_find_clear_bits [ocfs2]\n    ocfs2_cluster_group_search [ocfs2]\n    ocfs2_search_chain [ocfs2]\n    ocfs2_claim_suballoc_bits [ocfs2]\n    __ocfs2_claim_clusters [ocfs2]\n    ocfs2_claim_clusters [ocfs2]\n    ocfs2_local_alloc_slide_window [ocfs2]\n    ocfs2_reserve_local_alloc_bits [ocfs2]\n    ocfs2_reserve_clusters_with_limit [ocfs2]\n    ocfs2_reserve_clusters [ocfs2]\n    ocfs2_lock_refcount_allocators [ocfs2]\n    ocfs2_make_clusters_writable [ocfs2]\n    ocfs2_replace_cow [ocfs2]\n    ocfs2_refcount_cow [ocfs2]\n    ocfs2_file_write_iter [ocfs2]\n    lo_rw_aio\n    loop_queue_work\n    kthread_worker_fn\n    kthread\n    ret_from_fork\n\nWhen ocfs2_test_bg_bit_allocatable() called bh2jh(bg_bh), the\nbg_bh-\u003eb_private NULL as jbd2_journal_put_journal_head() raced and\nreleased the jounal head from the buffer head.  Needed to take bit lock\nfor the bit \u0027BH_JournalHead\u0027 to fix this race."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:59.024Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/5043fbd294f5909a080ade0f04b70a4da9e122b7"
        },
        {
          "url": "https://git.kernel.org/stable/c/2e382600e8856ea654677b5134ee66e03ea72bc2"
        },
        {
          "url": "https://git.kernel.org/stable/c/6f1b228529ae49b0f85ab89bcdb6c365df401558"
        }
      ],
      "title": "ocfs2: fix race between searching chunks and release journal_head from buffer_head",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47493",
    "datePublished": "2024-05-22T08:19:41.419Z",
    "dateReserved": "2024-05-22T06:20:56.201Z",
    "dateUpdated": "2024-11-04T12:06:59.024Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52745

Vulnerability from cvelistv5

Published

2024-05-21 15:23

Modified

2024-11-04 14:51

Severity ?

Summary

IB/IPoIB: Fix legacy IPoIB due to wrong number of queues

References

▼	URL	Tags
	https://git.kernel.org/stable/c/4a779187db39b2f32d048a752573e56e4e77807f
	https://git.kernel.org/stable/c/b1afb666c32931667c15ad1b58e7203f0119dcaf
	https://git.kernel.org/stable/c/1b4ef90cbcfa603b3bb536fbd6f261197012b6f6
	https://git.kernel.org/stable/c/7197460dcd43ff0e4a502ba855dd82d37c2848cc
	https://git.kernel.org/stable/c/e632291a2dbce45a24cddeb5fe28fe71d724ba43

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.591Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4a779187db39b2f32d048a752573e56e4e77807f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b1afb666c32931667c15ad1b58e7203f0119dcaf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1b4ef90cbcfa603b3bb536fbd6f261197012b6f6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7197460dcd43ff0e4a502ba855dd82d37c2848cc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e632291a2dbce45a24cddeb5fe28fe71d724ba43"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52745",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:28.815664Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:34.534Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/ulp/ipoib/ipoib_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4a779187db39",
              "status": "affected",
              "version": "d4bf3fcccd18",
              "versionType": "git"
            },
            {
              "lessThan": "b1afb666c329",
              "status": "affected",
              "version": "d21714134505",
              "versionType": "git"
            },
            {
              "lessThan": "1b4ef90cbcfa",
              "status": "affected",
              "version": "ca48174a7643",
              "versionType": "git"
            },
            {
              "lessThan": "7197460dcd43",
              "status": "affected",
              "version": "ee0e9b2c4b9c",
              "versionType": "git"
            },
            {
              "lessThan": "e632291a2dbc",
              "status": "affected",
              "version": "dbc94a0fb817",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/ulp/ipoib/ipoib_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5.4.232",
              "status": "affected",
              "version": "5.4.229",
              "versionType": "semver"
            },
            {
              "lessThan": "5.10.168",
              "status": "affected",
              "version": "5.10.163",
              "versionType": "semver"
            },
            {
              "lessThan": "5.15.94",
              "status": "affected",
              "version": "5.15.86",
              "versionType": "semver"
            },
            {
              "lessThan": "6.1.12",
              "status": "affected",
              "version": "6.1.2",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/IPoIB: Fix legacy IPoIB due to wrong number of queues\n\nThe cited commit creates child PKEY interfaces over netlink will\nmultiple tx and rx queues, but some devices doesn\u0027t support more than 1\ntx and 1 rx queues. This causes to a crash when traffic is sent over the\nPKEY interface due to the parent having a single queue but the child\nhaving multiple queues.\n\nThis patch fixes the number of queues to 1 for legacy IPoIB at the\nearliest possible point in time.\n\nBUG: kernel NULL pointer dereference, address: 000000000000036b\nPGD 0 P4D 0\nOops: 0000 [#1] SMP\nCPU: 4 PID: 209665 Comm: python3 Not tainted 6.1.0_for_upstream_min_debug_2022_12_12_17_02 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:kmem_cache_alloc+0xcb/0x450\nCode: ce 7e 49 8b 50 08 49 83 78 10 00 4d 8b 28 0f 84 cb 02 00 00 4d 85 ed 0f 84 c2 02 00 00 41 8b 44 24 28 48 8d 4a\n01 49 8b 3c 24 \u003c49\u003e 8b 5c 05 00 4c 89 e8 65 48 0f c7 0f 0f 94 c0 84 c0 74 b8 41 8b\nRSP: 0018:ffff88822acbbab8 EFLAGS: 00010202\nRAX: 0000000000000070 RBX: ffff8881c28e3e00 RCX: 00000000064f8dae\nRDX: 00000000064f8dad RSI: 0000000000000a20 RDI: 0000000000030d00\nRBP: 0000000000000a20 R08: ffff8882f5d30d00 R09: ffff888104032f40\nR10: ffff88810fade828 R11: 736f6d6570736575 R12: ffff88810081c000\nR13: 00000000000002fb R14: ffffffff817fc865 R15: 0000000000000000\nFS:  00007f9324ff9700(0000) GS:ffff8882f5d00000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000000000036b CR3: 00000001125af004 CR4: 0000000000370ea0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n skb_clone+0x55/0xd0\n ip6_finish_output2+0x3fe/0x690\n ip6_finish_output+0xfa/0x310\n ip6_send_skb+0x1e/0x60\n udp_v6_send_skb+0x1e5/0x420\n udpv6_sendmsg+0xb3c/0xe60\n ? ip_mc_finish_output+0x180/0x180\n ? __switch_to_asm+0x3a/0x60\n ? __switch_to_asm+0x34/0x60\n sock_sendmsg+0x33/0x40\n __sys_sendto+0x103/0x160\n ? _copy_to_user+0x21/0x30\n ? kvm_clock_get_cycles+0xd/0x10\n ? ktime_get_ts64+0x49/0xe0\n __x64_sys_sendto+0x25/0x30\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\nRIP: 0033:0x7f9374f1ed14\nCode: 42 41 f8 ff 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b\n7c 24 08 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 68 41 f8 ff 48 8b\nRSP: 002b:00007f9324ff7bd0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 00007f9324ff7cc8 RCX: 00007f9374f1ed14\nRDX: 00000000000002fb RSI: 00007f93000052f0 RDI: 0000000000000030\nRBP: 0000000000000000 R08: 00007f9324ff7d40 R09: 000000000000001c\nR10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000\nR13: 000000012a05f200 R14: 0000000000000001 R15: 00007f9374d57bdc\n \u003c/TASK\u003e"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:53.382Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4a779187db39b2f32d048a752573e56e4e77807f"
        },
        {
          "url": "https://git.kernel.org/stable/c/b1afb666c32931667c15ad1b58e7203f0119dcaf"
        },
        {
          "url": "https://git.kernel.org/stable/c/1b4ef90cbcfa603b3bb536fbd6f261197012b6f6"
        },
        {
          "url": "https://git.kernel.org/stable/c/7197460dcd43ff0e4a502ba855dd82d37c2848cc"
        },
        {
          "url": "https://git.kernel.org/stable/c/e632291a2dbce45a24cddeb5fe28fe71d724ba43"
        }
      ],
      "title": "IB/IPoIB: Fix legacy IPoIB due to wrong number of queues",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52745",
    "datePublished": "2024-05-21T15:23:06.595Z",
    "dateReserved": "2024-05-21T15:19:24.233Z",
    "dateUpdated": "2024-11-04T14:51:53.382Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52752

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

smb: client: fix use-after-free bug in cifs_debug_data_proc_show()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/558817597d5fbd7af31f891b67b0fd20f0d047b7
	https://git.kernel.org/stable/c/89929ea46f9cc11ba66d2c64713aa5d5dc723b09
	https://git.kernel.org/stable/c/0ab6f842452ce2cae04209d4671ac6289d0aef8a
	https://git.kernel.org/stable/c/d328c09ee9f15ee5a26431f5aad7c9239fa85e62

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.7"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.6.3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "1da177e4c3f4"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.1.64"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.5.13"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 8.4,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52752",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T17:22:07.851461Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:08.238Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.175Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/558817597d5fbd7af31f891b67b0fd20f0d047b7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/89929ea46f9cc11ba66d2c64713aa5d5dc723b09"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0ab6f842452ce2cae04209d4671ac6289d0aef8a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d328c09ee9f15ee5a26431f5aad7c9239fa85e62"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/client/cifs_debug.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "558817597d5f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "89929ea46f9c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "0ab6f842452c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d328c09ee9f1",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/client/cifs_debug.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses-\u003eses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n  [ 816.251274] general protection fault, probably for non-canonical\n  address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n  ...\n  [  816.260138] Call Trace:\n  [  816.260329]  \u003cTASK\u003e\n  [  816.260499]  ? die_addr+0x36/0x90\n  [  816.260762]  ? exc_general_protection+0x1b3/0x410\n  [  816.261126]  ? asm_exc_general_protection+0x26/0x30\n  [  816.261502]  ? cifs_debug_tcon+0xbd/0x240 [cifs]\n  [  816.261878]  ? cifs_debug_tcon+0xab/0x240 [cifs]\n  [  816.262249]  cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n  [  816.262689]  ? seq_read_iter+0x379/0x470\n  [  816.262995]  seq_read_iter+0x118/0x470\n  [  816.263291]  proc_reg_read_iter+0x53/0x90\n  [  816.263596]  ? srso_alias_return_thunk+0x5/0x7f\n  [  816.263945]  vfs_read+0x201/0x350\n  [  816.264211]  ksys_read+0x75/0x100\n  [  816.264472]  do_syscall_64+0x3f/0x90\n  [  816.264750]  entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n  [  816.265135] RIP: 0033:0x7fd5e669d381"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:02.180Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/558817597d5fbd7af31f891b67b0fd20f0d047b7"
        },
        {
          "url": "https://git.kernel.org/stable/c/89929ea46f9cc11ba66d2c64713aa5d5dc723b09"
        },
        {
          "url": "https://git.kernel.org/stable/c/0ab6f842452ce2cae04209d4671ac6289d0aef8a"
        },
        {
          "url": "https://git.kernel.org/stable/c/d328c09ee9f15ee5a26431f5aad7c9239fa85e62"
        }
      ],
      "title": "smb: client: fix use-after-free bug in cifs_debug_data_proc_show()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52752",
    "datePublished": "2024-05-21T15:30:40.901Z",
    "dateReserved": "2024-05-21T15:19:24.234Z",
    "dateUpdated": "2024-11-04T14:52:02.180Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47476

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:06

Severity ?

4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

comedi: ni_usb6501: fix NULL-deref in command paths

References

▼	URL	Tags
	https://git.kernel.org/stable/c/58478143771b20ab219937b1c30a706590a59224
	https://git.kernel.org/stable/c/aa39738423503825625853b643b9e99d11c23816
	https://git.kernel.org/stable/c/df7b1238f3b599a0b9284249772cdfd1ea83a632
	https://git.kernel.org/stable/c/bc51111bf6e8e7b6cc94b133e4c291273a16acd1
	https://git.kernel.org/stable/c/b0156b7c9649d8f55a2ce3d3258509f1b2a181c3
	https://git.kernel.org/stable/c/ef143dc0c3defe56730ecd3a9de7b3e1d7e557c1
	https://git.kernel.org/stable/c/4a9d43cb5d5f39fa39fc1da438517004cc95f7ea
	https://git.kernel.org/stable/c/d6a727a681a39ae4f73081a9bedb45d14f95bdd1
	https://git.kernel.org/stable/c/907767da8f3a925b060c740e0b5c92ea7dbec440

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "PHYSICAL",
              "availabilityImpact": "HIGH",
              "baseScore": 4.6,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47476",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-25T18:23:48.578876Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-01T14:38:44.765Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.479Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/58478143771b20ab219937b1c30a706590a59224"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/aa39738423503825625853b643b9e99d11c23816"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/df7b1238f3b599a0b9284249772cdfd1ea83a632"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bc51111bf6e8e7b6cc94b133e4c291273a16acd1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b0156b7c9649d8f55a2ce3d3258509f1b2a181c3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ef143dc0c3defe56730ecd3a9de7b3e1d7e557c1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4a9d43cb5d5f39fa39fc1da438517004cc95f7ea"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d6a727a681a39ae4f73081a9bedb45d14f95bdd1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/907767da8f3a925b060c740e0b5c92ea7dbec440"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/comedi/drivers/ni_usb6501.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "58478143771b",
              "status": "affected",
              "version": "a03bb00e50ab",
              "versionType": "git"
            },
            {
              "lessThan": "aa3973842350",
              "status": "affected",
              "version": "a03bb00e50ab",
              "versionType": "git"
            },
            {
              "lessThan": "df7b1238f3b5",
              "status": "affected",
              "version": "a03bb00e50ab",
              "versionType": "git"
            },
            {
              "lessThan": "bc51111bf6e8",
              "status": "affected",
              "version": "a03bb00e50ab",
              "versionType": "git"
            },
            {
              "lessThan": "b0156b7c9649",
              "status": "affected",
              "version": "a03bb00e50ab",
              "versionType": "git"
            },
            {
              "lessThan": "ef143dc0c3de",
              "status": "affected",
              "version": "a03bb00e50ab",
              "versionType": "git"
            },
            {
              "lessThan": "4a9d43cb5d5f",
              "status": "affected",
              "version": "a03bb00e50ab",
              "versionType": "git"
            },
            {
              "lessThan": "d6a727a681a3",
              "status": "affected",
              "version": "a03bb00e50ab",
              "versionType": "git"
            },
            {
              "lessThan": "907767da8f3a",
              "status": "affected",
              "version": "a03bb00e50ab",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/comedi/drivers/ni_usb6501.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.18"
            },
            {
              "lessThan": "3.18",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.292",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.255",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.217",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.159",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.79",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: ni_usb6501: fix NULL-deref in command paths\n\nThe driver uses endpoint-sized USB transfer buffers but had no sanity\nchecks on the sizes. This can lead to zero-size-pointer dereferences or\noverflowed transfer buffers in ni6501_port_command() and\nni6501_counter_command() if a (malicious) device has smaller max-packet\nsizes than expected (or when doing descriptor fuzz testing).\n\nAdd the missing sanity checks to probe()."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:40.142Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/58478143771b20ab219937b1c30a706590a59224"
        },
        {
          "url": "https://git.kernel.org/stable/c/aa39738423503825625853b643b9e99d11c23816"
        },
        {
          "url": "https://git.kernel.org/stable/c/df7b1238f3b599a0b9284249772cdfd1ea83a632"
        },
        {
          "url": "https://git.kernel.org/stable/c/bc51111bf6e8e7b6cc94b133e4c291273a16acd1"
        },
        {
          "url": "https://git.kernel.org/stable/c/b0156b7c9649d8f55a2ce3d3258509f1b2a181c3"
        },
        {
          "url": "https://git.kernel.org/stable/c/ef143dc0c3defe56730ecd3a9de7b3e1d7e557c1"
        },
        {
          "url": "https://git.kernel.org/stable/c/4a9d43cb5d5f39fa39fc1da438517004cc95f7ea"
        },
        {
          "url": "https://git.kernel.org/stable/c/d6a727a681a39ae4f73081a9bedb45d14f95bdd1"
        },
        {
          "url": "https://git.kernel.org/stable/c/907767da8f3a925b060c740e0b5c92ea7dbec440"
        }
      ],
      "title": "comedi: ni_usb6501: fix NULL-deref in command paths",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47476",
    "datePublished": "2024-05-22T08:19:30.201Z",
    "dateReserved": "2024-05-22T06:20:56.200Z",
    "dateUpdated": "2024-11-04T12:06:40.142Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52762

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

virtio-blk: fix implicit overflow on virtio_max_dma_size

References

▼	URL	Tags
	https://git.kernel.org/stable/c/72775cad7f572bb2501f9ea609e1d20e68f0b38b
	https://git.kernel.org/stable/c/472bd4787406bef2e8b41ee4c74d960a06a49a48
	https://git.kernel.org/stable/c/017278f141141367f7d14b203e930b45b6ffffb9
	https://git.kernel.org/stable/c/d667fe301dcbcb12d1d6494fc4b8abee2cb75d90
	https://git.kernel.org/stable/c/fafb51a67fb883eb2dde352539df939a251851be

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.550Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/72775cad7f572bb2501f9ea609e1d20e68f0b38b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/472bd4787406bef2e8b41ee4c74d960a06a49a48"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/017278f141141367f7d14b203e930b45b6ffffb9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d667fe301dcbcb12d1d6494fc4b8abee2cb75d90"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fafb51a67fb883eb2dde352539df939a251851be"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52762",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:09.603259Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:55.655Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/block/virtio_blk.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "72775cad7f57",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "472bd4787406",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "017278f14114",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d667fe301dcb",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "fafb51a67fb8",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/block/virtio_blk.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-blk: fix implicit overflow on virtio_max_dma_size\n\nThe following codes have an implicit conversion from size_t to u32:\n(u32)max_size = (size_t)virtio_max_dma_size(vdev);\n\nThis may lead overflow, Ex (size_t)4G -\u003e (u32)0. Once\nvirtio_max_dma_size() has a larger size than U32_MAX, use U32_MAX\ninstead."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:11.878Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/72775cad7f572bb2501f9ea609e1d20e68f0b38b"
        },
        {
          "url": "https://git.kernel.org/stable/c/472bd4787406bef2e8b41ee4c74d960a06a49a48"
        },
        {
          "url": "https://git.kernel.org/stable/c/017278f141141367f7d14b203e930b45b6ffffb9"
        },
        {
          "url": "https://git.kernel.org/stable/c/d667fe301dcbcb12d1d6494fc4b8abee2cb75d90"
        },
        {
          "url": "https://git.kernel.org/stable/c/fafb51a67fb883eb2dde352539df939a251851be"
        }
      ],
      "title": "virtio-blk: fix implicit overflow on virtio_max_dma_size",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52762",
    "datePublished": "2024-05-21T15:30:47.724Z",
    "dateReserved": "2024-05-21T15:19:24.238Z",
    "dateUpdated": "2024-11-04T14:52:11.878Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47456

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:06

Severity ?

8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

can: peak_pci: peak_pci_remove(): fix UAF

References

▼	URL	Tags
	https://git.kernel.org/stable/c/1c616528ba4aeb1125a06b407572ab7b56acae38
	https://git.kernel.org/stable/c/447d44cd2f67a20b596ede3ca3cd67086dfd9ca9
	https://git.kernel.org/stable/c/34914971bb3244db4ce2be44e9438a9b30c56250
	https://git.kernel.org/stable/c/adbda14730aacce41c0d3596415aa39ad63eafd9
	https://git.kernel.org/stable/c/1248582e47a9f7ce0ecd156c39fc61f8b6aa3699
	https://git.kernel.org/stable/c/28f28e4bc3a5e0051faa963f10b778ab38c1db69
	https://git.kernel.org/stable/c/0e5afdc2315b0737edcf55bede4ee1640d2d464d
	https://git.kernel.org/stable/c/949fe9b35570361bc6ee2652f89a0561b26eec98

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "e6d9c80b7ca1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "3.4"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "4.4.290"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "4.9.288"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "4.14.253"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "4.19.214"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.4.156"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.10.76"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.14.15"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.15"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 8.4,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47456",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T14:47:53.013850Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          },
          {
            "descriptions": [
              {
                "cweId": "CWE-467",
                "description": "CWE-467 Use of sizeof() on a Pointer Type",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:15:08.225Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.411Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1c616528ba4aeb1125a06b407572ab7b56acae38"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/447d44cd2f67a20b596ede3ca3cd67086dfd9ca9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/34914971bb3244db4ce2be44e9438a9b30c56250"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/adbda14730aacce41c0d3596415aa39ad63eafd9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1248582e47a9f7ce0ecd156c39fc61f8b6aa3699"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/28f28e4bc3a5e0051faa963f10b778ab38c1db69"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0e5afdc2315b0737edcf55bede4ee1640d2d464d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/949fe9b35570361bc6ee2652f89a0561b26eec98"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/can/sja1000/peak_pci.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1c616528ba4a",
              "status": "affected",
              "version": "e6d9c80b7ca1",
              "versionType": "git"
            },
            {
              "lessThan": "447d44cd2f67",
              "status": "affected",
              "version": "e6d9c80b7ca1",
              "versionType": "git"
            },
            {
              "lessThan": "34914971bb32",
              "status": "affected",
              "version": "e6d9c80b7ca1",
              "versionType": "git"
            },
            {
              "lessThan": "adbda14730aa",
              "status": "affected",
              "version": "e6d9c80b7ca1",
              "versionType": "git"
            },
            {
              "lessThan": "1248582e47a9",
              "status": "affected",
              "version": "e6d9c80b7ca1",
              "versionType": "git"
            },
            {
              "lessThan": "28f28e4bc3a5",
              "status": "affected",
              "version": "e6d9c80b7ca1",
              "versionType": "git"
            },
            {
              "lessThan": "0e5afdc2315b",
              "status": "affected",
              "version": "e6d9c80b7ca1",
              "versionType": "git"
            },
            {
              "lessThan": "949fe9b35570",
              "status": "affected",
              "version": "e6d9c80b7ca1",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/can/sja1000/peak_pci.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.4"
            },
            {
              "lessThan": "3.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.288",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.253",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.214",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.156",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.76",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: peak_pci: peak_pci_remove(): fix UAF\n\nWhen remove the module peek_pci, referencing \u0027chan\u0027 again after\nreleasing \u0027dev\u0027 will cause UAF.\n\nFix this by releasing \u0027dev\u0027 later.\n\nThe following log reveals it:\n\n[   35.961814 ] BUG: KASAN: use-after-free in peak_pci_remove+0x16f/0x270 [peak_pci]\n[   35.963414 ] Read of size 8 at addr ffff888136998ee8 by task modprobe/5537\n[   35.965513 ] Call Trace:\n[   35.965718 ]  dump_stack_lvl+0xa8/0xd1\n[   35.966028 ]  print_address_description+0x87/0x3b0\n[   35.966420 ]  kasan_report+0x172/0x1c0\n[   35.966725 ]  ? peak_pci_remove+0x16f/0x270 [peak_pci]\n[   35.967137 ]  ? trace_irq_enable_rcuidle+0x10/0x170\n[   35.967529 ]  ? peak_pci_remove+0x16f/0x270 [peak_pci]\n[   35.967945 ]  __asan_report_load8_noabort+0x14/0x20\n[   35.968346 ]  peak_pci_remove+0x16f/0x270 [peak_pci]\n[   35.968752 ]  pci_device_remove+0xa9/0x250"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:17.867Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1c616528ba4aeb1125a06b407572ab7b56acae38"
        },
        {
          "url": "https://git.kernel.org/stable/c/447d44cd2f67a20b596ede3ca3cd67086dfd9ca9"
        },
        {
          "url": "https://git.kernel.org/stable/c/34914971bb3244db4ce2be44e9438a9b30c56250"
        },
        {
          "url": "https://git.kernel.org/stable/c/adbda14730aacce41c0d3596415aa39ad63eafd9"
        },
        {
          "url": "https://git.kernel.org/stable/c/1248582e47a9f7ce0ecd156c39fc61f8b6aa3699"
        },
        {
          "url": "https://git.kernel.org/stable/c/28f28e4bc3a5e0051faa963f10b778ab38c1db69"
        },
        {
          "url": "https://git.kernel.org/stable/c/0e5afdc2315b0737edcf55bede4ee1640d2d464d"
        },
        {
          "url": "https://git.kernel.org/stable/c/949fe9b35570361bc6ee2652f89a0561b26eec98"
        }
      ],
      "title": "can: peak_pci: peak_pci_remove(): fix UAF",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47456",
    "datePublished": "2024-05-22T06:19:45.363Z",
    "dateReserved": "2024-05-21T14:58:30.833Z",
    "dateUpdated": "2024-11-04T12:06:17.867Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47470

Vulnerability from cvelistv5

Published

2024-05-22 06:23

Modified

2024-11-04 12:06

Severity ?

Summary

mm, slub: fix potential use-after-free in slab_debugfs_fops

References

▼	URL	Tags
	https://git.kernel.org/stable/c/159d8cfbd0428d487c53be4722f33cdab0d25d83
	https://git.kernel.org/stable/c/67823a544414def2a36c212abadb55b23bcda00c

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.395Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/159d8cfbd0428d487c53be4722f33cdab0d25d83"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/67823a544414def2a36c212abadb55b23bcda00c"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47470",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:05.363526Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:53.419Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "mm/slub.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "159d8cfbd042",
              "status": "affected",
              "version": "64dd68497be7",
              "versionType": "git"
            },
            {
              "lessThan": "67823a544414",
              "status": "affected",
              "version": "64dd68497be7",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "mm/slub.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "lessThan": "5.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm, slub: fix potential use-after-free in slab_debugfs_fops\n\nWhen sysfs_slab_add failed, we shouldn\u0027t call debugfs_slab_add() for s\nbecause s will be freed soon.  And slab_debugfs_fops will use s later\nleading to a use-after-free."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:34.296Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/159d8cfbd0428d487c53be4722f33cdab0d25d83"
        },
        {
          "url": "https://git.kernel.org/stable/c/67823a544414def2a36c212abadb55b23bcda00c"
        }
      ],
      "title": "mm, slub: fix potential use-after-free in slab_debugfs_fops",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47470",
    "datePublished": "2024-05-22T06:23:28.263Z",
    "dateReserved": "2024-05-22T06:20:56.199Z",
    "dateUpdated": "2024-11-04T12:06:34.296Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52817

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL

References

▼	URL	Tags
	https://git.kernel.org/stable/c/bf2d51eedf03bd61e3556e35d74d49e2e6112398
	https://git.kernel.org/stable/c/437e0fa907ba39b4d7eda863c03ea9cf48bd93a9
	https://git.kernel.org/stable/c/f475d5502f33a6c5b149b0afe96316ad1962a64a
	https://git.kernel.org/stable/c/174f62a0aa15c211e60208b41ee9e7cdfb73d455
	https://git.kernel.org/stable/c/6c1b3d89a2dda79881726bb6e37af19c0936d736
	https://git.kernel.org/stable/c/820daf9ffe2b0afb804567b10983fb38bc5ae288
	https://git.kernel.org/stable/c/ba3c0796d292de84f2932cc5bbb0f771fc720996
	https://git.kernel.org/stable/c/5104fdf50d326db2c1a994f8b35dcd46e63ae4ad

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.057Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bf2d51eedf03bd61e3556e35d74d49e2e6112398"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/437e0fa907ba39b4d7eda863c03ea9cf48bd93a9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f475d5502f33a6c5b149b0afe96316ad1962a64a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/174f62a0aa15c211e60208b41ee9e7cdfb73d455"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6c1b3d89a2dda79881726bb6e37af19c0936d736"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/820daf9ffe2b0afb804567b10983fb38bc5ae288"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ba3c0796d292de84f2932cc5bbb0f771fc720996"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5104fdf50d326db2c1a994f8b35dcd46e63ae4ad"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 8.4,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52817",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-08T14:18:47.738827Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-08T14:19:04.428Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "bf2d51eedf03",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "437e0fa907ba",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "f475d5502f33",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "174f62a0aa15",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6c1b3d89a2dd",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "820daf9ffe2b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "ba3c0796d292",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "5104fdf50d32",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL\n\nIn certain types of chips, such as VEGA20, reading the amdgpu_regs_smc file could result in an abnormal null pointer access when the smc_rreg pointer is NULL. Below are the steps to reproduce this issue and the corresponding exception log:\n\n1. Navigate to the directory: /sys/kernel/debug/dri/0\n2. Execute command: cat amdgpu_regs_smc\n3. Exception Log::\n[4005007.702554] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[4005007.702562] #PF: supervisor instruction fetch in kernel mode\n[4005007.702567] #PF: error_code(0x0010) - not-present page\n[4005007.702570] PGD 0 P4D 0\n[4005007.702576] Oops: 0010 [#1] SMP NOPTI\n[4005007.702581] CPU: 4 PID: 62563 Comm: cat Tainted: G           OE     5.15.0-43-generic #46-Ubunt       u\n[4005007.702590] RIP: 0010:0x0\n[4005007.702598] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.\n[4005007.702600] RSP: 0018:ffffa82b46d27da0 EFLAGS: 00010206\n[4005007.702605] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffa82b46d27e68\n[4005007.702609] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff9940656e0000\n[4005007.702612] RBP: ffffa82b46d27dd8 R08: 0000000000000000 R09: ffff994060c07980\n[4005007.702615] R10: 0000000000020000 R11: 0000000000000000 R12: 00007f5e06753000\n[4005007.702618] R13: ffff9940656e0000 R14: ffffa82b46d27e68 R15: 00007f5e06753000\n[4005007.702622] FS:  00007f5e0755b740(0000) GS:ffff99479d300000(0000) knlGS:0000000000000000\n[4005007.702626] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[4005007.702629] CR2: ffffffffffffffd6 CR3: 00000003253fc000 CR4: 00000000003506e0\n[4005007.702633] Call Trace:\n[4005007.702636]  \u003cTASK\u003e\n[4005007.702640]  amdgpu_debugfs_regs_smc_read+0xb0/0x120 [amdgpu]\n[4005007.703002]  full_proxy_read+0x5c/0x80\n[4005007.703011]  vfs_read+0x9f/0x1a0\n[4005007.703019]  ksys_read+0x67/0xe0\n[4005007.703023]  __x64_sys_read+0x19/0x20\n[4005007.703028]  do_syscall_64+0x5c/0xc0\n[4005007.703034]  ? do_user_addr_fault+0x1e3/0x670\n[4005007.703040]  ? exit_to_user_mode_prepare+0x37/0xb0\n[4005007.703047]  ? irqentry_exit_to_user_mode+0x9/0x20\n[4005007.703052]  ? irqentry_exit+0x19/0x30\n[4005007.703057]  ? exc_page_fault+0x89/0x160\n[4005007.703062]  ? asm_exc_page_fault+0x8/0x30\n[4005007.703068]  entry_SYSCALL_64_after_hwframe+0x44/0xae\n[4005007.703075] RIP: 0033:0x7f5e07672992\n[4005007.703079] Code: c0 e9 b2 fe ff ff 50 48 8d 3d fa b2 0c 00 e8 c5 1d 02 00 0f 1f 44 00 00 f3 0f        1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 e       c 28 48 89 54 24\n[4005007.703083] RSP: 002b:00007ffe03097898 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\n[4005007.703088] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f5e07672992\n[4005007.703091] RDX: 0000000000020000 RSI: 00007f5e06753000 RDI: 0000000000000003\n[4005007.703094] RBP: 00007f5e06753000 R08: 00007f5e06752010 R09: 00007f5e06752010\n[4005007.703096] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000022000\n[4005007.703099] R13: 0000000000000003 R14: 0000000000020000 R15: 0000000000020000\n[4005007.703105]  \u003c/TASK\u003e\n[4005007.703107] Modules linked in: nf_tables libcrc32c nfnetlink algif_hash af_alg binfmt_misc nls_       iso8859_1 ipmi_ssif ast intel_rapl_msr intel_rapl_common drm_vram_helper drm_ttm_helper amd64_edac t       tm edac_mce_amd kvm_amd ccp mac_hid k10temp kvm acpi_ipmi ipmi_si rapl sch_fq_codel ipmi_devintf ipm       i_msghandler msr parport_pc ppdev lp parport mtd pstore_blk efi_pstore ramoops pstore_zone reed_solo       mon ip_tables x_tables autofs4 ib_uverbs ib_core amdgpu(OE) amddrm_ttm_helper(OE) amdttm(OE) iommu_v       2 amd_sched(OE) amdkcl(OE) drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops cec rc_core        drm igb ahci xhci_pci libahci i2c_piix4 i2c_algo_bit xhci_pci_renesas dca\n[4005007.703184] CR2: 0000000000000000\n[4005007.703188] ---[ en\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:17.554Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/bf2d51eedf03bd61e3556e35d74d49e2e6112398"
        },
        {
          "url": "https://git.kernel.org/stable/c/437e0fa907ba39b4d7eda863c03ea9cf48bd93a9"
        },
        {
          "url": "https://git.kernel.org/stable/c/f475d5502f33a6c5b149b0afe96316ad1962a64a"
        },
        {
          "url": "https://git.kernel.org/stable/c/174f62a0aa15c211e60208b41ee9e7cdfb73d455"
        },
        {
          "url": "https://git.kernel.org/stable/c/6c1b3d89a2dda79881726bb6e37af19c0936d736"
        },
        {
          "url": "https://git.kernel.org/stable/c/820daf9ffe2b0afb804567b10983fb38bc5ae288"
        },
        {
          "url": "https://git.kernel.org/stable/c/ba3c0796d292de84f2932cc5bbb0f771fc720996"
        },
        {
          "url": "https://git.kernel.org/stable/c/5104fdf50d326db2c1a994f8b35dcd46e63ae4ad"
        }
      ],
      "title": "drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52817",
    "datePublished": "2024-05-21T15:31:24.225Z",
    "dateReserved": "2024-05-21T15:19:24.249Z",
    "dateUpdated": "2024-11-04T14:53:17.554Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52863

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:54

Severity ?

Summary

hwmon: (axi-fan-control) Fix possible NULL pointer dereference

References

▼	URL	Tags
	https://git.kernel.org/stable/c/7d870088db4863c514a7f8751cd593751983029a
	https://git.kernel.org/stable/c/b3e7eb23a6e97642ff3190431c06475d9ca1e062
	https://git.kernel.org/stable/c/33de53a2706066d526173dc743faf43d92c62105
	https://git.kernel.org/stable/c/f62b8969847850ba7596cb145cc47c65ea57dae0
	https://git.kernel.org/stable/c/c49f14cc1bb12c625a1c572e8a95b6adefd4d8eb
	https://git.kernel.org/stable/c/2a5b3370a1d9750eca325292e291c8c7cb8cf2e0

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52863",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T17:54:12.271284Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:25.382Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.245Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7d870088db4863c514a7f8751cd593751983029a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b3e7eb23a6e97642ff3190431c06475d9ca1e062"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/33de53a2706066d526173dc743faf43d92c62105"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f62b8969847850ba7596cb145cc47c65ea57dae0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c49f14cc1bb12c625a1c572e8a95b6adefd4d8eb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2a5b3370a1d9750eca325292e291c8c7cb8cf2e0"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/hwmon/axi-fan-control.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7d870088db48",
              "status": "affected",
              "version": "8412b410fa5e",
              "versionType": "git"
            },
            {
              "lessThan": "b3e7eb23a6e9",
              "status": "affected",
              "version": "8412b410fa5e",
              "versionType": "git"
            },
            {
              "lessThan": "33de53a27060",
              "status": "affected",
              "version": "8412b410fa5e",
              "versionType": "git"
            },
            {
              "lessThan": "f62b89698478",
              "status": "affected",
              "version": "8412b410fa5e",
              "versionType": "git"
            },
            {
              "lessThan": "c49f14cc1bb1",
              "status": "affected",
              "version": "8412b410fa5e",
              "versionType": "git"
            },
            {
              "lessThan": "2a5b3370a1d9",
              "status": "affected",
              "version": "8412b410fa5e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/hwmon/axi-fan-control.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.7"
            },
            {
              "lessThan": "5.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (axi-fan-control) Fix possible NULL pointer dereference\n\naxi_fan_control_irq_handler(), dependent on the private\naxi_fan_control_data structure, might be called before the hwmon\ndevice is registered. That will cause an \"Unable to handle kernel\nNULL pointer dereference\" error."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:06.801Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7d870088db4863c514a7f8751cd593751983029a"
        },
        {
          "url": "https://git.kernel.org/stable/c/b3e7eb23a6e97642ff3190431c06475d9ca1e062"
        },
        {
          "url": "https://git.kernel.org/stable/c/33de53a2706066d526173dc743faf43d92c62105"
        },
        {
          "url": "https://git.kernel.org/stable/c/f62b8969847850ba7596cb145cc47c65ea57dae0"
        },
        {
          "url": "https://git.kernel.org/stable/c/c49f14cc1bb12c625a1c572e8a95b6adefd4d8eb"
        },
        {
          "url": "https://git.kernel.org/stable/c/2a5b3370a1d9750eca325292e291c8c7cb8cf2e0"
        }
      ],
      "title": "hwmon: (axi-fan-control) Fix possible NULL pointer dereference",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52863",
    "datePublished": "2024-05-21T15:31:55.198Z",
    "dateReserved": "2024-05-21T15:19:24.261Z",
    "dateUpdated": "2024-11-04T14:54:06.801Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47433

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:05

Severity ?

Summary

btrfs: fix abort logic in btrfs_replace_file_extents

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0e32a2b85c7d92ece86c17dfef390c5ed79c6378
	https://git.kernel.org/stable/c/0e309e1152fc34ef75991d9d69b165dbf75bf26c
	https://git.kernel.org/stable/c/4afb912f439c4bc4e6a4f3e7547f2e69e354108f

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47433",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-10T18:56:43.265826Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-10T18:57:31.785Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.455Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0e32a2b85c7d92ece86c17dfef390c5ed79c6378"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0e309e1152fc34ef75991d9d69b165dbf75bf26c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4afb912f439c4bc4e6a4f3e7547f2e69e354108f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/btrfs/file.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0e32a2b85c7d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "0e309e1152fc",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "4afb912f439c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/btrfs/file.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.75",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix abort logic in btrfs_replace_file_extents\n\nError injection testing uncovered a case where we\u0027d end up with a\ncorrupt file system with a missing extent in the middle of a file.  This\noccurs because the if statement to decide if we should abort is wrong.\n\nThe only way we would abort in this case is if we got a ret !=\n-EOPNOTSUPP and we called from the file clone code.  However the\nprealloc code uses this path too.  Instead we need to abort if there is\nan error, and the only error we _don\u0027t_ abort on is -EOPNOTSUPP and only\nif we came from the clone file code."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:49.359Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0e32a2b85c7d92ece86c17dfef390c5ed79c6378"
        },
        {
          "url": "https://git.kernel.org/stable/c/0e309e1152fc34ef75991d9d69b165dbf75bf26c"
        },
        {
          "url": "https://git.kernel.org/stable/c/4afb912f439c4bc4e6a4f3e7547f2e69e354108f"
        }
      ],
      "title": "btrfs: fix abort logic in btrfs_replace_file_extents",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47433",
    "datePublished": "2024-05-22T06:19:30.244Z",
    "dateReserved": "2024-05-21T14:58:30.830Z",
    "dateUpdated": "2024-11-04T12:05:49.359Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47471

Vulnerability from cvelistv5

Published

2024-05-22 06:23

Modified

2024-11-04 12:06

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

drm: mxsfb: Fix NULL pointer dereference crash on unload

References

▼	URL	Tags
	https://git.kernel.org/stable/c/f40c2281d2c0674d32ba732fee45222d76495472
	https://git.kernel.org/stable/c/b0e6db0656ddfd8bb57303c2ef61ee1c1cc694a8
	https://git.kernel.org/stable/c/3cfc183052c3dbf8eae57b6c1685dab00ed3db4a

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47471",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T18:40:54.294735Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-31T15:35:16.391Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.405Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f40c2281d2c0674d32ba732fee45222d76495472"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b0e6db0656ddfd8bb57303c2ef61ee1c1cc694a8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3cfc183052c3dbf8eae57b6c1685dab00ed3db4a"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/mxsfb/mxsfb_drv.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f40c2281d2c0",
              "status": "affected",
              "version": "ae1ed0093281",
              "versionType": "git"
            },
            {
              "lessThan": "b0e6db0656dd",
              "status": "affected",
              "version": "ae1ed0093281",
              "versionType": "git"
            },
            {
              "lessThan": "3cfc183052c3",
              "status": "affected",
              "version": "ae1ed0093281",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/mxsfb/mxsfb_drv.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.10"
            },
            {
              "lessThan": "5.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.76",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: mxsfb: Fix NULL pointer dereference crash on unload\n\nThe mxsfb-\u003ecrtc.funcs may already be NULL when unloading the driver,\nin which case calling mxsfb_irq_disable() via drm_irq_uninstall() from\nmxsfb_unload() leads to NULL pointer dereference.\n\nSince all we care about is masking the IRQ and mxsfb-\u003ebase is still\nvalid, just use that to clear and mask the IRQ."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:35.470Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f40c2281d2c0674d32ba732fee45222d76495472"
        },
        {
          "url": "https://git.kernel.org/stable/c/b0e6db0656ddfd8bb57303c2ef61ee1c1cc694a8"
        },
        {
          "url": "https://git.kernel.org/stable/c/3cfc183052c3dbf8eae57b6c1685dab00ed3db4a"
        }
      ],
      "title": "drm: mxsfb: Fix NULL pointer dereference crash on unload",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47471",
    "datePublished": "2024-05-22T06:23:28.903Z",
    "dateReserved": "2024-05-22T06:20:56.199Z",
    "dateUpdated": "2024-11-04T12:06:35.470Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52702

Vulnerability from cvelistv5

Published

2024-05-21 15:22

Modified

2024-11-04 14:51

Severity ?

Summary

net: openvswitch: fix possible memory leak in ovs_meter_cmd_set()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/c0f65ee0a3329eb4b94beaef0268633696e2d0c6
	https://git.kernel.org/stable/c/1563e998a938f095548054ef09e277b562b79536
	https://git.kernel.org/stable/c/e336a9e08618203a456fb5367f1387b14554f55e
	https://git.kernel.org/stable/c/2fa28f5c6fcbfc794340684f36d2581b4f2d20b5

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52702",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T19:06:04.936886Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T19:06:29.409Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.071Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c0f65ee0a3329eb4b94beaef0268633696e2d0c6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1563e998a938f095548054ef09e277b562b79536"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e336a9e08618203a456fb5367f1387b14554f55e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2fa28f5c6fcbfc794340684f36d2581b4f2d20b5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/openvswitch/meter.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c0f65ee0a332",
              "status": "affected",
              "version": "c7c4c44c9a95",
              "versionType": "git"
            },
            {
              "lessThan": "1563e998a938",
              "status": "affected",
              "version": "c7c4c44c9a95",
              "versionType": "git"
            },
            {
              "lessThan": "e336a9e08618",
              "status": "affected",
              "version": "c7c4c44c9a95",
              "versionType": "git"
            },
            {
              "lessThan": "2fa28f5c6fcb",
              "status": "affected",
              "version": "c7c4c44c9a95",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/openvswitch/meter.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            },
            {
              "lessThan": "5.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.169",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.95",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix possible memory leak in ovs_meter_cmd_set()\n\nold_meter needs to be free after it is detached regardless of whether\nthe new meter is successfully attached."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:27.761Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c0f65ee0a3329eb4b94beaef0268633696e2d0c6"
        },
        {
          "url": "https://git.kernel.org/stable/c/1563e998a938f095548054ef09e277b562b79536"
        },
        {
          "url": "https://git.kernel.org/stable/c/e336a9e08618203a456fb5367f1387b14554f55e"
        },
        {
          "url": "https://git.kernel.org/stable/c/2fa28f5c6fcbfc794340684f36d2581b4f2d20b5"
        }
      ],
      "title": "net: openvswitch: fix possible memory leak in ovs_meter_cmd_set()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52702",
    "datePublished": "2024-05-21T15:22:52.017Z",
    "dateReserved": "2024-03-07T14:49:46.891Z",
    "dateUpdated": "2024-11-04T14:51:27.761Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52826

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference

References

▼	URL	Tags
	https://git.kernel.org/stable/c/9acc2bc00135e9ecd13a70ce1140e2673e504cdc
	https://git.kernel.org/stable/c/84c923d898905187ebfd4c0ef38cd1450af7e0ea
	https://git.kernel.org/stable/c/d0bc9ab0a161a9745273f5bf723733a8e6c57aca
	https://git.kernel.org/stable/c/9268bfd76bebc85ff221691b61498cc16d75451c
	https://git.kernel.org/stable/c/eaede6900c0961b072669d6bd97fe8f90ed1900f
	https://git.kernel.org/stable/c/f22def5970c423ea7f87d5247bd0ef91416b0658

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52826",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T16:22:54.826543Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:44.202Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.076Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9acc2bc00135e9ecd13a70ce1140e2673e504cdc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/84c923d898905187ebfd4c0ef38cd1450af7e0ea"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d0bc9ab0a161a9745273f5bf723733a8e6c57aca"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9268bfd76bebc85ff221691b61498cc16d75451c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eaede6900c0961b072669d6bd97fe8f90ed1900f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f22def5970c423ea7f87d5247bd0ef91416b0658"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/panel/panel-tpo-tpg110.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9acc2bc00135",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "84c923d89890",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d0bc9ab0a161",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "9268bfd76beb",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "eaede6900c09",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "f22def5970c4",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/panel/panel-tpo-tpg110.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panel/panel-tpo-tpg110: fix a possible null pointer dereference\n\nIn tpg110_get_modes(), the return value of drm_mode_duplicate() is\nassigned to mode, which will lead to a NULL pointer dereference on\nfailure of drm_mode_duplicate(). Add a check to avoid npd."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:23.449Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9acc2bc00135e9ecd13a70ce1140e2673e504cdc"
        },
        {
          "url": "https://git.kernel.org/stable/c/84c923d898905187ebfd4c0ef38cd1450af7e0ea"
        },
        {
          "url": "https://git.kernel.org/stable/c/d0bc9ab0a161a9745273f5bf723733a8e6c57aca"
        },
        {
          "url": "https://git.kernel.org/stable/c/9268bfd76bebc85ff221691b61498cc16d75451c"
        },
        {
          "url": "https://git.kernel.org/stable/c/eaede6900c0961b072669d6bd97fe8f90ed1900f"
        },
        {
          "url": "https://git.kernel.org/stable/c/f22def5970c423ea7f87d5247bd0ef91416b0658"
        }
      ],
      "title": "drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52826",
    "datePublished": "2024-05-21T15:31:30.184Z",
    "dateReserved": "2024-05-21T15:19:24.251Z",
    "dateUpdated": "2024-11-04T14:53:23.449Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52841

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

media: vidtv: mux: Add check and kfree for kstrdup

References

▼	URL	Tags
	https://git.kernel.org/stable/c/64863ba8e6b7651d994c6e6d506cc8aa2ac45edb
	https://git.kernel.org/stable/c/980be4c3b0d51c0f873fd750117774561c66cf68
	https://git.kernel.org/stable/c/a254ee1ddc592ae1efcce96b8c014e1bd2d5a2b4
	https://git.kernel.org/stable/c/cb13001411999adb158b39e76d94705eb2da100d
	https://git.kernel.org/stable/c/aae7598aff291d4d140be1355aa20930af948785
	https://git.kernel.org/stable/c/1fd6eb12642e0c32692924ff359c07de4b781d78

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52841",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T17:57:18.576854Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:05.969Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.231Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/64863ba8e6b7651d994c6e6d506cc8aa2ac45edb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/980be4c3b0d51c0f873fd750117774561c66cf68"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a254ee1ddc592ae1efcce96b8c014e1bd2d5a2b4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cb13001411999adb158b39e76d94705eb2da100d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/aae7598aff291d4d140be1355aa20930af948785"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1fd6eb12642e0c32692924ff359c07de4b781d78"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/test-drivers/vidtv/vidtv_mux.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "64863ba8e6b7",
              "status": "affected",
              "version": "c2f78f0cb294",
              "versionType": "git"
            },
            {
              "lessThan": "980be4c3b0d5",
              "status": "affected",
              "version": "c2f78f0cb294",
              "versionType": "git"
            },
            {
              "lessThan": "a254ee1ddc59",
              "status": "affected",
              "version": "c2f78f0cb294",
              "versionType": "git"
            },
            {
              "lessThan": "cb1300141199",
              "status": "affected",
              "version": "c2f78f0cb294",
              "versionType": "git"
            },
            {
              "lessThan": "aae7598aff29",
              "status": "affected",
              "version": "c2f78f0cb294",
              "versionType": "git"
            },
            {
              "lessThan": "1fd6eb12642e",
              "status": "affected",
              "version": "c2f78f0cb294",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/test-drivers/vidtv/vidtv_mux.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.10"
            },
            {
              "lessThan": "5.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: mux: Add check and kfree for kstrdup\n\nAdd check for the return value of kstrdup() and return the error\nif it fails in order to avoid NULL pointer dereference.\nMoreover, use kfree() in the later error handling in order to avoid\nmemory leak."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:39.761Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/64863ba8e6b7651d994c6e6d506cc8aa2ac45edb"
        },
        {
          "url": "https://git.kernel.org/stable/c/980be4c3b0d51c0f873fd750117774561c66cf68"
        },
        {
          "url": "https://git.kernel.org/stable/c/a254ee1ddc592ae1efcce96b8c014e1bd2d5a2b4"
        },
        {
          "url": "https://git.kernel.org/stable/c/cb13001411999adb158b39e76d94705eb2da100d"
        },
        {
          "url": "https://git.kernel.org/stable/c/aae7598aff291d4d140be1355aa20930af948785"
        },
        {
          "url": "https://git.kernel.org/stable/c/1fd6eb12642e0c32692924ff359c07de4b781d78"
        }
      ],
      "title": "media: vidtv: mux: Add check and kfree for kstrdup",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52841",
    "datePublished": "2024-05-21T15:31:40.529Z",
    "dateReserved": "2024-05-21T15:19:24.253Z",
    "dateUpdated": "2024-11-04T14:53:39.761Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47438

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:05

Severity ?

Summary

net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path

References

▼	URL	Tags
	https://git.kernel.org/stable/c/4f7bddf8c5c01cac74373443b13a68e1c6723a94
	https://git.kernel.org/stable/c/ed8aafea4fec9c654e63445236e0b505e27ed3a7
	https://git.kernel.org/stable/c/94b960b9deffc02fc0747afc01f72cc62ab099e3

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47438",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T18:03:33.416738Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T18:04:18.552Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.306Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4f7bddf8c5c01cac74373443b13a68e1c6723a94"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ed8aafea4fec9c654e63445236e0b505e27ed3a7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/94b960b9deffc02fc0747afc01f72cc62ab099e3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/cq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4f7bddf8c5c0",
              "status": "affected",
              "version": "e126ba97dba9",
              "versionType": "git"
            },
            {
              "lessThan": "ed8aafea4fec",
              "status": "affected",
              "version": "e126ba97dba9",
              "versionType": "git"
            },
            {
              "lessThan": "94b960b9deff",
              "status": "affected",
              "version": "e126ba97dba9",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/cq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.11"
            },
            {
              "lessThan": "3.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.75",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path\n\nPrior to this patch in case mlx5_core_destroy_cq() failed it returns\nwithout completing all destroy operations and that leads to memory leak.\nInstead, complete the destroy flow before return error.\n\nAlso move mlx5_debug_cq_remove() to the beginning of mlx5_core_destroy_cq()\nto be symmetrical with mlx5_core_create_cq().\n\nkmemleak complains on:\n\nunreferenced object 0xc000000038625100 (size 64):\n  comm \"ethtool\", pid 28301, jiffies 4298062946 (age 785.380s)\n  hex dump (first 32 bytes):\n    60 01 48 94 00 00 00 c0 b8 05 34 c3 00 00 00 c0  `.H.......4.....\n    02 00 00 00 00 00 00 00 00 db 7d c1 00 00 00 c0  ..........}.....\n  backtrace:\n    [\u003c000000009e8643cb\u003e] add_res_tree+0xd0/0x270 [mlx5_core]\n    [\u003c00000000e7cb8e6c\u003e] mlx5_debug_cq_add+0x5c/0xc0 [mlx5_core]\n    [\u003c000000002a12918f\u003e] mlx5_core_create_cq+0x1d0/0x2d0 [mlx5_core]\n    [\u003c00000000cef0a696\u003e] mlx5e_create_cq+0x210/0x3f0 [mlx5_core]\n    [\u003c000000009c642c26\u003e] mlx5e_open_cq+0xb4/0x130 [mlx5_core]\n    [\u003c0000000058dfa578\u003e] mlx5e_ptp_open+0x7f4/0xe10 [mlx5_core]\n    [\u003c0000000081839561\u003e] mlx5e_open_channels+0x9cc/0x13e0 [mlx5_core]\n    [\u003c0000000009cf05d4\u003e] mlx5e_switch_priv_channels+0xa4/0x230\n[mlx5_core]\n    [\u003c0000000042bbedd8\u003e] mlx5e_safe_switch_params+0x14c/0x300\n[mlx5_core]\n    [\u003c0000000004bc9db8\u003e] set_pflag_tx_port_ts+0x9c/0x160 [mlx5_core]\n    [\u003c00000000a0553443\u003e] mlx5e_set_priv_flags+0xd0/0x1b0 [mlx5_core]\n    [\u003c00000000a8f3d84b\u003e] ethnl_set_privflags+0x234/0x2d0\n    [\u003c00000000fd27f27c\u003e] genl_family_rcv_msg_doit+0x108/0x1d0\n    [\u003c00000000f495e2bb\u003e] genl_family_rcv_msg+0xe4/0x1f0\n    [\u003c00000000646c5c2c\u003e] genl_rcv_msg+0x78/0x120\n    [\u003c00000000d53e384e\u003e] netlink_rcv_skb+0x74/0x1a0"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:54.101Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4f7bddf8c5c01cac74373443b13a68e1c6723a94"
        },
        {
          "url": "https://git.kernel.org/stable/c/ed8aafea4fec9c654e63445236e0b505e27ed3a7"
        },
        {
          "url": "https://git.kernel.org/stable/c/94b960b9deffc02fc0747afc01f72cc62ab099e3"
        }
      ],
      "title": "net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47438",
    "datePublished": "2024-05-22T06:19:33.537Z",
    "dateReserved": "2024-05-21T14:58:30.831Z",
    "dateUpdated": "2024-11-04T12:05:54.101Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52799

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:52

Severity ?

Summary

jfs: fix array-index-out-of-bounds in dbFindLeaf

References

▼	URL	Tags
	https://git.kernel.org/stable/c/20f9310a18e3e99fc031e036fcbed67105ae1859
	https://git.kernel.org/stable/c/86df90f3fea7c5591f05c8a0010871d435e83046
	https://git.kernel.org/stable/c/ecfb47f13b08b02cf28b7b50d4941eefa21954d2
	https://git.kernel.org/stable/c/81aa58cd8495b8c3b527f58ccbe19478d8087f61
	https://git.kernel.org/stable/c/da3da5e1e6f71c21d8e6149d7076d936ef5d4cb9
	https://git.kernel.org/stable/c/a50b796d36719757526ee094c703378895ab5e67
	https://git.kernel.org/stable/c/88b7894a8f8705bf4e7ea90b10229376abf14514
	https://git.kernel.org/stable/c/87c681ab49e99039ff2dd3e71852417381b13878
	https://git.kernel.org/stable/c/22cad8bc1d36547cdae0eef316c47d917ce3147c

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52799",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T17:20:55.514685Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:02.467Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.041Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/20f9310a18e3e99fc031e036fcbed67105ae1859"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/86df90f3fea7c5591f05c8a0010871d435e83046"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ecfb47f13b08b02cf28b7b50d4941eefa21954d2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/81aa58cd8495b8c3b527f58ccbe19478d8087f61"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/da3da5e1e6f71c21d8e6149d7076d936ef5d4cb9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a50b796d36719757526ee094c703378895ab5e67"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/88b7894a8f8705bf4e7ea90b10229376abf14514"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/87c681ab49e99039ff2dd3e71852417381b13878"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/22cad8bc1d36547cdae0eef316c47d917ce3147c"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/jfs/jfs_dmap.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "20f9310a18e3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "86df90f3fea7",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "ecfb47f13b08",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "81aa58cd8495",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "da3da5e1e6f7",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a50b796d3671",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "88b7894a8f87",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "87c681ab49e9",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "22cad8bc1d36",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/jfs/jfs_dmap.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.331",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds in dbFindLeaf\n\nCurrently while searching for dmtree_t for sufficient free blocks there\nis an array out of bounds while getting element in tp-\u003edm_stree. To add\nthe required check for out of bound we first need to determine the type\nof dmtree. Thus added an extra parameter to dbFindLeaf so that the type\nof tree can be determined and the required check can be applied."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:57.316Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/20f9310a18e3e99fc031e036fcbed67105ae1859"
        },
        {
          "url": "https://git.kernel.org/stable/c/86df90f3fea7c5591f05c8a0010871d435e83046"
        },
        {
          "url": "https://git.kernel.org/stable/c/ecfb47f13b08b02cf28b7b50d4941eefa21954d2"
        },
        {
          "url": "https://git.kernel.org/stable/c/81aa58cd8495b8c3b527f58ccbe19478d8087f61"
        },
        {
          "url": "https://git.kernel.org/stable/c/da3da5e1e6f71c21d8e6149d7076d936ef5d4cb9"
        },
        {
          "url": "https://git.kernel.org/stable/c/a50b796d36719757526ee094c703378895ab5e67"
        },
        {
          "url": "https://git.kernel.org/stable/c/88b7894a8f8705bf4e7ea90b10229376abf14514"
        },
        {
          "url": "https://git.kernel.org/stable/c/87c681ab49e99039ff2dd3e71852417381b13878"
        },
        {
          "url": "https://git.kernel.org/stable/c/22cad8bc1d36547cdae0eef316c47d917ce3147c"
        }
      ],
      "title": "jfs: fix array-index-out-of-bounds in dbFindLeaf",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52799",
    "datePublished": "2024-05-21T15:31:12.351Z",
    "dateReserved": "2024-05-21T15:19:24.246Z",
    "dateUpdated": "2024-11-04T14:52:57.316Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52871

Vulnerability from cvelistv5

Published

2024-05-21 15:32

Modified

2024-11-04 14:54

Severity ?

Summary

soc: qcom: llcc: Handle a second device without data corruption

References

▼	URL	Tags
	https://git.kernel.org/stable/c/cc1a1dcb411fe224f48553cfdcdfe6e61395b69c
	https://git.kernel.org/stable/c/5e5b85ea0f4bc484bfe4cc73ead51fa48d2366a0
	https://git.kernel.org/stable/c/995ee1e84e8db7fa5dcdde7dfe0bd7bb6f9bbb8c
	https://git.kernel.org/stable/c/f0ef883cae309bc5e8cdfcdbc1b4822732ce20a8
	https://git.kernel.org/stable/c/3565684309e54fa998ea27f37028d67cc3e1dff2
	https://git.kernel.org/stable/c/1143bfb9b055897975aeaea254da148e19524493
	https://git.kernel.org/stable/c/f1a1bc8775b26345aba2be278118999e7f661d3d

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52871",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T18:17:57.620656Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:42.515Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.044Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cc1a1dcb411fe224f48553cfdcdfe6e61395b69c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5e5b85ea0f4bc484bfe4cc73ead51fa48d2366a0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/995ee1e84e8db7fa5dcdde7dfe0bd7bb6f9bbb8c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f0ef883cae309bc5e8cdfcdbc1b4822732ce20a8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3565684309e54fa998ea27f37028d67cc3e1dff2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1143bfb9b055897975aeaea254da148e19524493"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f1a1bc8775b26345aba2be278118999e7f661d3d"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/soc/qcom/llcc-qcom.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "cc1a1dcb411f",
              "status": "affected",
              "version": "a3134fb09e0b",
              "versionType": "git"
            },
            {
              "lessThan": "5e5b85ea0f4b",
              "status": "affected",
              "version": "a3134fb09e0b",
              "versionType": "git"
            },
            {
              "lessThan": "995ee1e84e8d",
              "status": "affected",
              "version": "a3134fb09e0b",
              "versionType": "git"
            },
            {
              "lessThan": "f0ef883cae30",
              "status": "affected",
              "version": "a3134fb09e0b",
              "versionType": "git"
            },
            {
              "lessThan": "3565684309e5",
              "status": "affected",
              "version": "a3134fb09e0b",
              "versionType": "git"
            },
            {
              "lessThan": "1143bfb9b055",
              "status": "affected",
              "version": "a3134fb09e0b",
              "versionType": "git"
            },
            {
              "lessThan": "f1a1bc8775b2",
              "status": "affected",
              "version": "a3134fb09e0b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/soc/qcom/llcc-qcom.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.19"
            },
            {
              "lessThan": "4.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.261",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: llcc: Handle a second device without data corruption\n\nUsually there is only one llcc device. But if there were a second, even\na failed probe call would modify the global drv_data pointer. So check\nif drv_data is valid before overwriting it."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:17.175Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/cc1a1dcb411fe224f48553cfdcdfe6e61395b69c"
        },
        {
          "url": "https://git.kernel.org/stable/c/5e5b85ea0f4bc484bfe4cc73ead51fa48d2366a0"
        },
        {
          "url": "https://git.kernel.org/stable/c/995ee1e84e8db7fa5dcdde7dfe0bd7bb6f9bbb8c"
        },
        {
          "url": "https://git.kernel.org/stable/c/f0ef883cae309bc5e8cdfcdbc1b4822732ce20a8"
        },
        {
          "url": "https://git.kernel.org/stable/c/3565684309e54fa998ea27f37028d67cc3e1dff2"
        },
        {
          "url": "https://git.kernel.org/stable/c/1143bfb9b055897975aeaea254da148e19524493"
        },
        {
          "url": "https://git.kernel.org/stable/c/f1a1bc8775b26345aba2be278118999e7f661d3d"
        }
      ],
      "title": "soc: qcom: llcc: Handle a second device without data corruption",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52871",
    "datePublished": "2024-05-21T15:32:00.922Z",
    "dateReserved": "2024-05-21T15:19:24.263Z",
    "dateUpdated": "2024-11-04T14:54:17.175Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52705

Vulnerability from cvelistv5

Published

2024-05-21 15:22

Modified

2024-11-04 14:51

Severity ?

Summary

nilfs2: fix underflow in second superblock position calculations

References

▼	URL	Tags
	https://git.kernel.org/stable/c/2f7a1135b202977b82457adde7db6c390056863b
	https://git.kernel.org/stable/c/b96591e2c35c8b47db0ec816b5fc6cb8868000ff
	https://git.kernel.org/stable/c/52844d8382cd9166d708032def8905ffc3ae550f
	https://git.kernel.org/stable/c/0ee5ed0126a2211f7174492da2ca2c29f43755c5
	https://git.kernel.org/stable/c/a158782b56b070485d54d25fc9aaf2c8f3752205
	https://git.kernel.org/stable/c/a8ef5109f93cea9933bbac0455d8c18757b3fcb4
	https://git.kernel.org/stable/c/99b9402a36f0799f25feee4465bfa4b8dfa74b4d

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52705",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T17:32:06.834863Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:07.362Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:34.922Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2f7a1135b202977b82457adde7db6c390056863b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b96591e2c35c8b47db0ec816b5fc6cb8868000ff"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/52844d8382cd9166d708032def8905ffc3ae550f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0ee5ed0126a2211f7174492da2ca2c29f43755c5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a158782b56b070485d54d25fc9aaf2c8f3752205"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a8ef5109f93cea9933bbac0455d8c18757b3fcb4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/99b9402a36f0799f25feee4465bfa4b8dfa74b4d"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/nilfs2/ioctl.c",
            "fs/nilfs2/super.c",
            "fs/nilfs2/the_nilfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2f7a1135b202",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "b96591e2c35c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "52844d8382cd",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "0ee5ed0126a2",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a158782b56b0",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a8ef5109f93c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "99b9402a36f0",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/nilfs2/ioctl.c",
            "fs/nilfs2/super.c",
            "fs/nilfs2/the_nilfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.306",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.273",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.232",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.169",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.95",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix underflow in second superblock position calculations\n\nMacro NILFS_SB2_OFFSET_BYTES, which computes the position of the second\nsuperblock, underflows when the argument device size is less than 4096\nbytes.  Therefore, when using this macro, it is necessary to check in\nadvance that the device size is not less than a lower limit, or at least\nthat underflow does not occur.\n\nThe current nilfs2 implementation lacks this check, causing out-of-bound\nblock access when mounting devices smaller than 4096 bytes:\n\n I/O error, dev loop0, sector 36028797018963960 op 0x0:(READ) flags 0x0\n phys_seg 1 prio class 2\n NILFS (loop0): unable to read secondary superblock (blocksize = 1024)\n\nIn addition, when trying to resize the filesystem to a size below 4096\nbytes, this underflow occurs in nilfs_resize_fs(), passing a huge number\nof segments to nilfs_sufile_resize(), corrupting parameters such as the\nnumber of segments in superblocks.  This causes excessive loop iterations\nin nilfs_sufile_resize() during a subsequent resize ioctl, causing\nsemaphore ns_segctor_sem to block for a long time and hang the writer\nthread:\n\n INFO: task segctord:5067 blocked for more than 143 seconds.\n      Not tainted 6.2.0-rc8-syzkaller-00015-gf6feea56f66d #0\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:segctord        state:D stack:23456 pid:5067  ppid:2\n flags:0x00004000\n Call Trace:\n  \u003cTASK\u003e\n  context_switch kernel/sched/core.c:5293 [inline]\n  __schedule+0x1409/0x43f0 kernel/sched/core.c:6606\n  schedule+0xc3/0x190 kernel/sched/core.c:6682\n  rwsem_down_write_slowpath+0xfcf/0x14a0 kernel/locking/rwsem.c:1190\n  nilfs_transaction_lock+0x25c/0x4f0 fs/nilfs2/segment.c:357\n  nilfs_segctor_thread_construct fs/nilfs2/segment.c:2486 [inline]\n  nilfs_segctor_thread+0x52f/0x1140 fs/nilfs2/segment.c:2570\n  kthread+0x270/0x300 kernel/kthread.c:376\n  ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308\n  \u003c/TASK\u003e\n ...\n Call Trace:\n  \u003cTASK\u003e\n  folio_mark_accessed+0x51c/0xf00 mm/swap.c:515\n  __nilfs_get_page_block fs/nilfs2/page.c:42 [inline]\n  nilfs_grab_buffer+0x3d3/0x540 fs/nilfs2/page.c:61\n  nilfs_mdt_submit_block+0xd7/0x8f0 fs/nilfs2/mdt.c:121\n  nilfs_mdt_read_block+0xeb/0x430 fs/nilfs2/mdt.c:176\n  nilfs_mdt_get_block+0x12d/0xbb0 fs/nilfs2/mdt.c:251\n  nilfs_sufile_get_segment_usage_block fs/nilfs2/sufile.c:92 [inline]\n  nilfs_sufile_truncate_range fs/nilfs2/sufile.c:679 [inline]\n  nilfs_sufile_resize+0x7a3/0x12b0 fs/nilfs2/sufile.c:777\n  nilfs_resize_fs+0x20c/0xed0 fs/nilfs2/super.c:422\n  nilfs_ioctl_resize fs/nilfs2/ioctl.c:1033 [inline]\n  nilfs_ioctl+0x137c/0x2440 fs/nilfs2/ioctl.c:1301\n  ...\n\nThis fixes these issues by inserting appropriate minimum device size\nchecks or anti-underflow checks, depending on where the macro is used."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:32.108Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2f7a1135b202977b82457adde7db6c390056863b"
        },
        {
          "url": "https://git.kernel.org/stable/c/b96591e2c35c8b47db0ec816b5fc6cb8868000ff"
        },
        {
          "url": "https://git.kernel.org/stable/c/52844d8382cd9166d708032def8905ffc3ae550f"
        },
        {
          "url": "https://git.kernel.org/stable/c/0ee5ed0126a2211f7174492da2ca2c29f43755c5"
        },
        {
          "url": "https://git.kernel.org/stable/c/a158782b56b070485d54d25fc9aaf2c8f3752205"
        },
        {
          "url": "https://git.kernel.org/stable/c/a8ef5109f93cea9933bbac0455d8c18757b3fcb4"
        },
        {
          "url": "https://git.kernel.org/stable/c/99b9402a36f0799f25feee4465bfa4b8dfa74b4d"
        }
      ],
      "title": "nilfs2: fix underflow in second superblock position calculations",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52705",
    "datePublished": "2024-05-21T15:22:54.015Z",
    "dateReserved": "2024-03-07T14:49:46.891Z",
    "dateUpdated": "2024-11-04T14:51:32.108Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52767

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

tls: fix NULL deref on tls_sw_splice_eof() with empty record

References

▼	URL	Tags
	https://git.kernel.org/stable/c/944900fe2736c07288efe2d9394db4d3ca23f2c9
	https://git.kernel.org/stable/c/2214e2bb5489145aba944874d0ee1652a0a63dc8
	https://git.kernel.org/stable/c/53f2cb491b500897a619ff6abd72f565933760f0

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52767",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T18:35:50.400144Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:42.766Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.999Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/944900fe2736c07288efe2d9394db4d3ca23f2c9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2214e2bb5489145aba944874d0ee1652a0a63dc8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/53f2cb491b500897a619ff6abd72f565933760f0"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/tls/tls_sw.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "944900fe2736",
              "status": "affected",
              "version": "5ad627faed13",
              "versionType": "git"
            },
            {
              "lessThan": "2214e2bb5489",
              "status": "affected",
              "version": "df720d288dbb",
              "versionType": "git"
            },
            {
              "lessThan": "53f2cb491b50",
              "status": "affected",
              "version": "df720d288dbb",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/tls/tls_sw.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.5"
            },
            {
              "lessThan": "6.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix NULL deref on tls_sw_splice_eof() with empty record\n\nsyzkaller discovered that if tls_sw_splice_eof() is executed as part of\nsendfile() when the plaintext/ciphertext sk_msg are empty, the send path\ngets confused because the empty ciphertext buffer does not have enough\nspace for the encryption overhead. This causes tls_push_record() to go on\nthe `split = true` path (which is only supposed to be used when interacting\nwith an attached BPF program), and then get further confused and hit the\ntls_merge_open_record() path, which then assumes that there must be at\nleast one populated buffer element, leading to a NULL deref.\n\nIt is possible to have empty plaintext/ciphertext buffers if we previously\nbailed from tls_sw_sendmsg_locked() via the tls_trim_both_msgs() path.\ntls_sw_push_pending_record() already handles this case correctly; let\u0027s do\nthe same check in tls_sw_splice_eof()."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:18.239Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/944900fe2736c07288efe2d9394db4d3ca23f2c9"
        },
        {
          "url": "https://git.kernel.org/stable/c/2214e2bb5489145aba944874d0ee1652a0a63dc8"
        },
        {
          "url": "https://git.kernel.org/stable/c/53f2cb491b500897a619ff6abd72f565933760f0"
        }
      ],
      "title": "tls: fix NULL deref on tls_sw_splice_eof() with empty record",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52767",
    "datePublished": "2024-05-21T15:30:50.993Z",
    "dateReserved": "2024-05-21T15:19:24.238Z",
    "dateUpdated": "2024-11-04T14:52:18.239Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52820

Vulnerability from cvelistv5

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2024-05-24T15:26:37.788Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52820",
    "datePublished": "2024-05-21T15:31:26.238Z",
    "dateRejected": "2024-05-24T15:26:37.788Z",
    "dateReserved": "2024-05-21T15:19:24.249Z",
    "dateUpdated": "2024-05-24T15:26:37.788Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52768

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-05 17:17

Severity ?

5.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H

Summary

wifi: wilc1000: use vmm_table as array in wilc struct

References

▼	URL	Tags
	https://git.kernel.org/stable/c/541b3757fd443a68ed8d25968eae511a8275e7c8
	https://git.kernel.org/stable/c/4b0d6ddb6466d10df878a7787f175a0e4adc3e27
	https://git.kernel.org/stable/c/6aaf7cd8bdfe245d3c9a8b48fe70c2011965948e
	https://git.kernel.org/stable/c/3ce1c2c3999b232258f7aabab311d47dda75605c
	https://git.kernel.org/stable/c/05ac1a198a63ad66bf5ae8b7321407c102d40ef3

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.6,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52768",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T18:50:15.574062Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-05T17:17:15.027Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.520Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/541b3757fd443a68ed8d25968eae511a8275e7c8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4b0d6ddb6466d10df878a7787f175a0e4adc3e27"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6aaf7cd8bdfe245d3c9a8b48fe70c2011965948e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3ce1c2c3999b232258f7aabab311d47dda75605c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/05ac1a198a63ad66bf5ae8b7321407c102d40ef3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/microchip/wilc1000/wlan.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "541b3757fd44",
              "status": "affected",
              "version": "32dd0b22a5ba",
              "versionType": "git"
            },
            {
              "lessThan": "4b0d6ddb6466",
              "status": "affected",
              "version": "40b717bfcefa",
              "versionType": "git"
            },
            {
              "lessThan": "6aaf7cd8bdfe",
              "status": "affected",
              "version": "40b717bfcefa",
              "versionType": "git"
            },
            {
              "lessThan": "3ce1c2c3999b",
              "status": "affected",
              "version": "40b717bfcefa",
              "versionType": "git"
            },
            {
              "lessThan": "05ac1a198a63",
              "status": "affected",
              "version": "40b717bfcefa",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/microchip/wilc1000/wlan.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.0"
            },
            {
              "lessThan": "6.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: use vmm_table as array in wilc struct\n\nEnabling KASAN and running some iperf tests raises some memory issues with\nvmm_table:\n\nBUG: KASAN: slab-out-of-bounds in wilc_wlan_handle_txq+0x6ac/0xdb4\nWrite of size 4 at addr c3a61540 by task wlan0-tx/95\n\nKASAN detects that we are writing data beyond range allocated to vmm_table.\nThere is indeed a mismatch between the size passed to allocator in\nwilc_wlan_init, and the range of possible indexes used later: allocation\nsize is missing a multiplication by sizeof(u32)"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:19.457Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/541b3757fd443a68ed8d25968eae511a8275e7c8"
        },
        {
          "url": "https://git.kernel.org/stable/c/4b0d6ddb6466d10df878a7787f175a0e4adc3e27"
        },
        {
          "url": "https://git.kernel.org/stable/c/6aaf7cd8bdfe245d3c9a8b48fe70c2011965948e"
        },
        {
          "url": "https://git.kernel.org/stable/c/3ce1c2c3999b232258f7aabab311d47dda75605c"
        },
        {
          "url": "https://git.kernel.org/stable/c/05ac1a198a63ad66bf5ae8b7321407c102d40ef3"
        }
      ],
      "title": "wifi: wilc1000: use vmm_table as array in wilc struct",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52768",
    "datePublished": "2024-05-21T15:30:51.656Z",
    "dateReserved": "2024-05-21T15:19:24.238Z",
    "dateUpdated": "2024-11-05T17:17:15.027Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52849

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

cxl/mem: Fix shutdown order

References

▼	URL	Tags
	https://git.kernel.org/stable/c/20bd0198bebdd706bd4614b3933ef70d7c19618f
	https://git.kernel.org/stable/c/7c7371b41a14e86f53e7dbe5baa7b1d3e0ab324b
	https://git.kernel.org/stable/c/cad22a757029c3a1985c221a2d4a6491ad4035ae
	https://git.kernel.org/stable/c/0ca074f7d788627a4e0b047ca5fbdb5fc567220c
	https://git.kernel.org/stable/c/88d3917f82ed4215a2154432c26de1480a61b209

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52849",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-10T19:16:24.136793Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-10T19:16:37.413Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.944Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/20bd0198bebdd706bd4614b3933ef70d7c19618f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7c7371b41a14e86f53e7dbe5baa7b1d3e0ab324b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cad22a757029c3a1985c221a2d4a6491ad4035ae"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0ca074f7d788627a4e0b047ca5fbdb5fc567220c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/88d3917f82ed4215a2154432c26de1480a61b209"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/cxl/core/memdev.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "20bd0198bebd",
              "status": "affected",
              "version": "9cc238c7a526",
              "versionType": "git"
            },
            {
              "lessThan": "7c7371b41a14",
              "status": "affected",
              "version": "9cc238c7a526",
              "versionType": "git"
            },
            {
              "lessThan": "cad22a757029",
              "status": "affected",
              "version": "9cc238c7a526",
              "versionType": "git"
            },
            {
              "lessThan": "0ca074f7d788",
              "status": "affected",
              "version": "9cc238c7a526",
              "versionType": "git"
            },
            {
              "lessThan": "88d3917f82ed",
              "status": "affected",
              "version": "9cc238c7a526",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/cxl/core/memdev.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.15"
            },
            {
              "lessThan": "5.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/mem: Fix shutdown order\n\nIra reports that removing cxl_mock_mem causes a crash with the following\ntrace:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000044\n [..]\n RIP: 0010:cxl_region_decode_reset+0x7f/0x180 [cxl_core]\n [..]\n Call Trace:\n  \u003cTASK\u003e\n  cxl_region_detach+0xe8/0x210 [cxl_core]\n  cxl_decoder_kill_region+0x27/0x40 [cxl_core]\n  cxld_unregister+0x29/0x40 [cxl_core]\n  devres_release_all+0xb8/0x110\n  device_unbind_cleanup+0xe/0x70\n  device_release_driver_internal+0x1d2/0x210\n  bus_remove_device+0xd7/0x150\n  device_del+0x155/0x3e0\n  device_unregister+0x13/0x60\n  devm_release_action+0x4d/0x90\n  ? __pfx_unregister_port+0x10/0x10 [cxl_core]\n  delete_endpoint+0x121/0x130 [cxl_core]\n  devres_release_all+0xb8/0x110\n  device_unbind_cleanup+0xe/0x70\n  device_release_driver_internal+0x1d2/0x210\n  bus_remove_device+0xd7/0x150\n  device_del+0x155/0x3e0\n  ? lock_release+0x142/0x290\n  cdev_device_del+0x15/0x50\n  cxl_memdev_unregister+0x54/0x70 [cxl_core]\n\nThis crash is due to the clearing out the cxl_memdev\u0027s driver context\n(@cxlds) before the subsystem is done with it. This is ultimately due to\nthe region(s), that this memdev is a member, being torn down and expecting\nto be able to de-reference @cxlds, like here:\n\nstatic int cxl_region_decode_reset(struct cxl_region *cxlr, int count)\n...\n                if (cxlds-\u003ercd)\n                        goto endpoint_reset;\n...\n\nFix it by keeping the driver context valid until memdev-device\nunregistration, and subsequently the entire stack of related\ndependencies, unwinds."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:49.363Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/20bd0198bebdd706bd4614b3933ef70d7c19618f"
        },
        {
          "url": "https://git.kernel.org/stable/c/7c7371b41a14e86f53e7dbe5baa7b1d3e0ab324b"
        },
        {
          "url": "https://git.kernel.org/stable/c/cad22a757029c3a1985c221a2d4a6491ad4035ae"
        },
        {
          "url": "https://git.kernel.org/stable/c/0ca074f7d788627a4e0b047ca5fbdb5fc567220c"
        },
        {
          "url": "https://git.kernel.org/stable/c/88d3917f82ed4215a2154432c26de1480a61b209"
        }
      ],
      "title": "cxl/mem: Fix shutdown order",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52849",
    "datePublished": "2024-05-21T15:31:45.884Z",
    "dateReserved": "2024-05-21T15:19:24.255Z",
    "dateUpdated": "2024-11-04T14:53:49.363Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52779

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-06 14:23

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

fs: Pass AT_GETATTR_NOSEC flag to getattr interface function

References

▼	URL	Tags
	https://git.kernel.org/stable/c/3fb0fa08641903304b9d81d52a379ff031dc41d4
	https://git.kernel.org/stable/c/8a924db2d7b5eb69ba08b1a0af46e9f1359a9bdf

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52779",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T18:48:07.766160Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T14:23:53.810Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.013Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3fb0fa08641903304b9d81d52a379ff031dc41d4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8a924db2d7b5eb69ba08b1a0af46e9f1359a9bdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/ecryptfs/inode.c",
            "fs/overlayfs/inode.c",
            "fs/overlayfs/overlayfs.h",
            "fs/stat.c",
            "include/uapi/linux/fcntl.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "3fb0fa086419",
              "status": "affected",
              "version": "db1d1e8b9867",
              "versionType": "git"
            },
            {
              "lessThan": "8a924db2d7b5",
              "status": "affected",
              "version": "db1d1e8b9867",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/ecryptfs/inode.c",
            "fs/overlayfs/inode.c",
            "fs/overlayfs/overlayfs.h",
            "fs/stat.c",
            "include/uapi/linux/fcntl.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.5"
            },
            {
              "lessThan": "6.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: Pass AT_GETATTR_NOSEC flag to getattr interface function\n\nWhen vfs_getattr_nosec() calls a filesystem\u0027s getattr interface function\nthen the \u0027nosec\u0027 should propagate into this function so that\nvfs_getattr_nosec() can again be called from the filesystem\u0027s gettattr\nrather than vfs_getattr(). The latter would add unnecessary security\nchecks that the initial vfs_getattr_nosec() call wanted to avoid.\nTherefore, introduce the getattr flag GETATTR_NOSEC and allow to pass\nwith the new getattr_flags parameter to the getattr interface function.\nIn overlayfs and ecryptfs use this flag to determine which one of the\ntwo functions to call.\n\nIn a recent code change introduced to IMA vfs_getattr_nosec() ended up\ncalling vfs_getattr() in overlayfs, which in turn called\nsecurity_inode_getattr() on an exiting process that did not have\ncurrent-\u003efs set anymore, which then caused a kernel NULL pointer\ndereference. With this change the call to security_inode_getattr() can\nbe avoided, thus avoiding the NULL pointer dereference."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:33.962Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/3fb0fa08641903304b9d81d52a379ff031dc41d4"
        },
        {
          "url": "https://git.kernel.org/stable/c/8a924db2d7b5eb69ba08b1a0af46e9f1359a9bdf"
        }
      ],
      "title": "fs: Pass AT_GETATTR_NOSEC flag to getattr interface function",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52779",
    "datePublished": "2024-05-21T15:30:58.899Z",
    "dateReserved": "2024-05-21T15:19:24.240Z",
    "dateUpdated": "2024-11-06T14:23:53.810Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47427

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

scsi: iscsi: Fix iscsi_task use after free

References

▼	URL	Tags
	https://git.kernel.org/stable/c/1642f51ac0d4f2b55d5748094c49ff8f7191b93c
	https://git.kernel.org/stable/c/258aad75c62146453d03028a44f2f1590d58e1f6

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.381Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1642f51ac0d4f2b55d5748094c49ff8f7191b93c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/258aad75c62146453d03028a44f2f1590d58e1f6"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47427",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:44.486165Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:37.669Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/libiscsi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1642f51ac0d4",
              "status": "affected",
              "version": "d39df158518c",
              "versionType": "git"
            },
            {
              "lessThan": "258aad75c621",
              "status": "affected",
              "version": "d39df158518c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/libiscsi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "lessThan": "5.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: iscsi: Fix iscsi_task use after free\n\nCommit d39df158518c (\"scsi: iscsi: Have abort handler get ref to conn\")\nadded iscsi_get_conn()/iscsi_put_conn() calls during abort handling but\nthen also changed the handling of the case where we detect an already\ncompleted task where we now end up doing a goto to the common put/cleanup\ncode. This results in a iscsi_task use after free, because the common\ncleanup code will do a put on the iscsi_task.\n\nThis reverts the goto and moves the iscsi_get_conn() to after we\u0027ve checked\nif the iscsi_task is valid."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:42.361Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1642f51ac0d4f2b55d5748094c49ff8f7191b93c"
        },
        {
          "url": "https://git.kernel.org/stable/c/258aad75c62146453d03028a44f2f1590d58e1f6"
        }
      ],
      "title": "scsi: iscsi: Fix iscsi_task use after free",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47427",
    "datePublished": "2024-05-21T15:04:13.244Z",
    "dateReserved": "2024-05-21T14:58:30.828Z",
    "dateUpdated": "2024-11-04T12:05:42.361Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47451

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:06

Severity ?

Summary

netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value

References

▼	URL	Tags
	https://git.kernel.org/stable/c/2a670c323055282c9b72794a491d53cef86bbeaf
	https://git.kernel.org/stable/c/cae7cab804c943d723d52724a3aeb07a3f4a2650
	https://git.kernel.org/stable/c/902c0b1887522a099aa4e1e6b4b476c2fe5dd13e

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47451",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-24T19:25:32.208577Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:53.967Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.385Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2a670c323055282c9b72794a491d53cef86bbeaf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cae7cab804c943d723d52724a3aeb07a3f4a2650"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/902c0b1887522a099aa4e1e6b4b476c2fe5dd13e"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/xt_IDLETIMER.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2a670c323055",
              "status": "affected",
              "version": "68983a354a65",
              "versionType": "git"
            },
            {
              "lessThan": "cae7cab804c9",
              "status": "affected",
              "version": "68983a354a65",
              "versionType": "git"
            },
            {
              "lessThan": "902c0b188752",
              "status": "affected",
              "version": "68983a354a65",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/xt_IDLETIMER.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.7"
            },
            {
              "lessThan": "5.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.76",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value\n\nCurrently, when the rule related to IDLETIMER is added, idletimer_tg timer\nstructure is initialized by kmalloc on executing idletimer_tg_create\nfunction. However, in this process timer-\u003etimer_type is not defined to\na specific value. Thus, timer-\u003etimer_type has garbage value and it occurs\nkernel panic. So, this commit fixes the panic by initializing\ntimer-\u003etimer_type using kzalloc instead of kmalloc.\n\nTest commands:\n    # iptables -A OUTPUT -j IDLETIMER --timeout 1 --label test\n    $ cat /sys/class/xt_idletimer/timers/test\n      Killed\n\nSplat looks like:\n    BUG: KASAN: user-memory-access in alarm_expires_remaining+0x49/0x70\n    Read of size 8 at addr 0000002e8c7bc4c8 by task cat/917\n    CPU: 12 PID: 917 Comm: cat Not tainted 5.14.0+ #3 79940a339f71eb14fc81aee1757a20d5bf13eb0e\n    Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n    Call Trace:\n     dump_stack_lvl+0x6e/0x9c\n     kasan_report.cold+0x112/0x117\n     ? alarm_expires_remaining+0x49/0x70\n     __asan_load8+0x86/0xb0\n     alarm_expires_remaining+0x49/0x70\n     idletimer_tg_show+0xe5/0x19b [xt_IDLETIMER 11219304af9316a21bee5ba9d58f76a6b9bccc6d]\n     dev_attr_show+0x3c/0x60\n     sysfs_kf_seq_show+0x11d/0x1f0\n     ? device_remove_bin_file+0x20/0x20\n     kernfs_seq_show+0xa4/0xb0\n     seq_read_iter+0x29c/0x750\n     kernfs_fop_read_iter+0x25a/0x2c0\n     ? __fsnotify_parent+0x3d1/0x570\n     ? iov_iter_init+0x70/0x90\n     new_sync_read+0x2a7/0x3d0\n     ? __x64_sys_llseek+0x230/0x230\n     ? rw_verify_area+0x81/0x150\n     vfs_read+0x17b/0x240\n     ksys_read+0xd9/0x180\n     ? vfs_write+0x460/0x460\n     ? do_syscall_64+0x16/0xc0\n     ? lockdep_hardirqs_on+0x79/0x120\n     __x64_sys_read+0x43/0x50\n     do_syscall_64+0x3b/0xc0\n     entry_SYSCALL_64_after_hwframe+0x44/0xae\n    RIP: 0033:0x7f0cdc819142\n    Code: c0 e9 c2 fe ff ff 50 48 8d 3d 3a ca 0a 00 e8 f5 19 02 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 ec 28 48 89 54 24\n    RSP: 002b:00007fff28eee5b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\n    RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f0cdc819142\n    RDX: 0000000000020000 RSI: 00007f0cdc032000 RDI: 0000000000000003\n    RBP: 00007f0cdc032000 R08: 00007f0cdc031010 R09: 0000000000000000\n    R10: 0000000000000022 R11: 0000000000000246 R12: 00005607e9ee31f0\n    R13: 0000000000000003 R14: 0000000000020000 R15: 0000000000020000"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:11.022Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2a670c323055282c9b72794a491d53cef86bbeaf"
        },
        {
          "url": "https://git.kernel.org/stable/c/cae7cab804c943d723d52724a3aeb07a3f4a2650"
        },
        {
          "url": "https://git.kernel.org/stable/c/902c0b1887522a099aa4e1e6b4b476c2fe5dd13e"
        }
      ],
      "title": "netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47451",
    "datePublished": "2024-05-22T06:19:42.082Z",
    "dateReserved": "2024-05-21T14:58:30.832Z",
    "dateUpdated": "2024-11-04T12:06:11.022Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47405

Vulnerability from cvelistv5

Published

2024-05-21 15:03

Modified

2024-11-04 12:05

Severity ?

Summary

HID: usbhid: free raw_report buffers in usbhid_stop

References

▼	URL	Tags
	https://git.kernel.org/stable/c/7ce4e49146612261265671b1d30d117139021030
	https://git.kernel.org/stable/c/efc5c8d29256955cc90d8d570849b2d6121ed09f
	https://git.kernel.org/stable/c/c3156fea4d8a0e643625dff69a0421e872d1fdae
	https://git.kernel.org/stable/c/764ac04de056801dfe52a716da63f6e7018e7f3b
	https://git.kernel.org/stable/c/965147067fa1bedff3ae1f07ce3f89f1a14d2df3
	https://git.kernel.org/stable/c/f7ac4d24e1610b92689946fa88177673f1e88a3f
	https://git.kernel.org/stable/c/2b704864c92dcec2b295f276fcfbfb81d9831f81
	https://git.kernel.org/stable/c/f7744fa16b96da57187dc8e5634152d3b63d72de

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.329Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7ce4e49146612261265671b1d30d117139021030"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/efc5c8d29256955cc90d8d570849b2d6121ed09f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c3156fea4d8a0e643625dff69a0421e872d1fdae"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/764ac04de056801dfe52a716da63f6e7018e7f3b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/965147067fa1bedff3ae1f07ce3f89f1a14d2df3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f7ac4d24e1610b92689946fa88177673f1e88a3f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2b704864c92dcec2b295f276fcfbfb81d9831f81"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f7744fa16b96da57187dc8e5634152d3b63d72de"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47405",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:38:03.910355Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:57.407Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/hid/usbhid/hid-core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7ce4e4914661",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "efc5c8d29256",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c3156fea4d8a",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "764ac04de056",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "965147067fa1",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "f7ac4d24e161",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2b704864c92d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "f7744fa16b96",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/hid/usbhid/hid-core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.286",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.285",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.249",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.209",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.151",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.71",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: usbhid: free raw_report buffers in usbhid_stop\n\nFree the unsent raw_report buffers when the device is removed.\n\nFixes a memory leak reported by syzbot at:\nhttps://syzkaller.appspot.com/bug?id=7b4fa7cb1a7c2d3342a2a8a6c53371c8c418ab47"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:17.800Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7ce4e49146612261265671b1d30d117139021030"
        },
        {
          "url": "https://git.kernel.org/stable/c/efc5c8d29256955cc90d8d570849b2d6121ed09f"
        },
        {
          "url": "https://git.kernel.org/stable/c/c3156fea4d8a0e643625dff69a0421e872d1fdae"
        },
        {
          "url": "https://git.kernel.org/stable/c/764ac04de056801dfe52a716da63f6e7018e7f3b"
        },
        {
          "url": "https://git.kernel.org/stable/c/965147067fa1bedff3ae1f07ce3f89f1a14d2df3"
        },
        {
          "url": "https://git.kernel.org/stable/c/f7ac4d24e1610b92689946fa88177673f1e88a3f"
        },
        {
          "url": "https://git.kernel.org/stable/c/2b704864c92dcec2b295f276fcfbfb81d9831f81"
        },
        {
          "url": "https://git.kernel.org/stable/c/f7744fa16b96da57187dc8e5634152d3b63d72de"
        }
      ],
      "title": "HID: usbhid: free raw_report buffers in usbhid_stop",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47405",
    "datePublished": "2024-05-21T15:03:58.680Z",
    "dateReserved": "2024-05-21T14:58:30.816Z",
    "dateUpdated": "2024-11-04T12:05:17.800Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47459

Vulnerability from cvelistv5

Published

2024-05-22 06:23

Modified

2024-11-04 12:06

Severity ?

Summary

can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv

References

▼	URL	Tags
	https://git.kernel.org/stable/c/a0e47d2833b4f65e6c799f28c6b636d36b8b936d
	https://git.kernel.org/stable/c/864e77771a24c877aaf53aee019f78619cbcd668
	https://git.kernel.org/stable/c/6e8811707e2df0c6ba920f0cad3a3bca7b42132f
	https://git.kernel.org/stable/c/d9d52a3ebd284882f5562c88e55991add5d01586

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.451Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a0e47d2833b4f65e6c799f28c6b636d36b8b936d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/864e77771a24c877aaf53aee019f78619cbcd668"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6e8811707e2df0c6ba920f0cad3a3bca7b42132f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d9d52a3ebd284882f5562c88e55991add5d01586"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47459",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:14.848678Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:25.941Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/can/j1939/main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a0e47d2833b4",
              "status": "affected",
              "version": "9d71dd0c7009",
              "versionType": "git"
            },
            {
              "lessThan": "864e77771a24",
              "status": "affected",
              "version": "9d71dd0c7009",
              "versionType": "git"
            },
            {
              "lessThan": "6e8811707e2d",
              "status": "affected",
              "version": "9d71dd0c7009",
              "versionType": "git"
            },
            {
              "lessThan": "d9d52a3ebd28",
              "status": "affected",
              "version": "9d71dd0c7009",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/can/j1939/main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.4"
            },
            {
              "lessThan": "5.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.156",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.76",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv\n\nIt will trigger UAF for rx_kref of j1939_priv as following.\n\n        cpu0                                    cpu1\nj1939_sk_bind(socket0, ndev0, ...)\nj1939_netdev_start\n                                        j1939_sk_bind(socket1, ndev0, ...)\n                                        j1939_netdev_start\nj1939_priv_set\n                                        j1939_priv_get_by_ndev_locked\nj1939_jsk_add\n.....\nj1939_netdev_stop\nkref_put_lock(\u0026priv-\u003erx_kref, ...)\n                                        kref_get(\u0026priv-\u003erx_kref, ...)\n                                        REFCOUNT_WARN(\"addition on 0;...\")\n\n====================================================\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 1 PID: 20874 at lib/refcount.c:25 refcount_warn_saturate+0x169/0x1e0\nRIP: 0010:refcount_warn_saturate+0x169/0x1e0\nCall Trace:\n j1939_netdev_start+0x68b/0x920\n j1939_sk_bind+0x426/0xeb0\n ? security_socket_bind+0x83/0xb0\n\nThe rx_kref\u0027s kref_get() and kref_put() should use j1939_netdev_lock to\nprotect."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:21.353Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a0e47d2833b4f65e6c799f28c6b636d36b8b936d"
        },
        {
          "url": "https://git.kernel.org/stable/c/864e77771a24c877aaf53aee019f78619cbcd668"
        },
        {
          "url": "https://git.kernel.org/stable/c/6e8811707e2df0c6ba920f0cad3a3bca7b42132f"
        },
        {
          "url": "https://git.kernel.org/stable/c/d9d52a3ebd284882f5562c88e55991add5d01586"
        }
      ],
      "title": "can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47459",
    "datePublished": "2024-05-22T06:23:21.061Z",
    "dateReserved": "2024-05-22T06:20:56.197Z",
    "dateUpdated": "2024-11-04T12:06:21.353Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47461

Vulnerability from cvelistv5

Published

2024-05-22 06:23

Modified

2024-11-04 12:06

Severity ?

Summary

userfaultfd: fix a race between writeprotect and exit_mmap()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/3cda4bfffd4f755645577aaa9e96a606657b4525
	https://git.kernel.org/stable/c/149958ecd0627a9f1e9c678c25c665400054cd6a
	https://git.kernel.org/stable/c/cb185d5f1ebf900f4ae3bf84cee212e6dd035aca

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47461",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:15:05.306200Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:15:25.867Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.468Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3cda4bfffd4f755645577aaa9e96a606657b4525"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/149958ecd0627a9f1e9c678c25c665400054cd6a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cb185d5f1ebf900f4ae3bf84cee212e6dd035aca"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/userfaultfd.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "3cda4bfffd4f",
              "status": "affected",
              "version": "63b2d4174c4a",
              "versionType": "git"
            },
            {
              "lessThan": "149958ecd062",
              "status": "affected",
              "version": "63b2d4174c4a",
              "versionType": "git"
            },
            {
              "lessThan": "cb185d5f1ebf",
              "status": "affected",
              "version": "63b2d4174c4a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/userfaultfd.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.7"
            },
            {
              "lessThan": "5.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.76",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nuserfaultfd: fix a race between writeprotect and exit_mmap()\n\nA race is possible when a process exits, its VMAs are removed by\nexit_mmap() and at the same time userfaultfd_writeprotect() is called.\n\nThe race was detected by KASAN on a development kernel, but it appears\nto be possible on vanilla kernels as well.\n\nUse mmget_not_zero() to prevent the race as done in other userfaultfd\noperations."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:23.637Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/3cda4bfffd4f755645577aaa9e96a606657b4525"
        },
        {
          "url": "https://git.kernel.org/stable/c/149958ecd0627a9f1e9c678c25c665400054cd6a"
        },
        {
          "url": "https://git.kernel.org/stable/c/cb185d5f1ebf900f4ae3bf84cee212e6dd035aca"
        }
      ],
      "title": "userfaultfd: fix a race between writeprotect and exit_mmap()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47461",
    "datePublished": "2024-05-22T06:23:22.373Z",
    "dateReserved": "2024-05-22T06:20:56.197Z",
    "dateUpdated": "2024-11-04T12:06:23.637Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52755

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

ksmbd: fix slab out of bounds write in smb_inherit_dacl()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/aaf0a07d60887d6c36fc46a24de0083744f07819
	https://git.kernel.org/stable/c/8387c94d73ec66eb597c7a23a8d9eadf64bfbafa
	https://git.kernel.org/stable/c/09d9d8b40a3338193619c14ed4dc040f4f119e70
	https://git.kernel.org/stable/c/712e01f32e577e7e48ab0adb5fe550646a3d93cb
	https://git.kernel.org/stable/c/eebff19acaa35820cb09ce2ccb3d21bee2156ffb

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "aaf0a07d6088",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "git"
              },
              {
                "lessThan": "8387c94d73ec",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "git"
              },
              {
                "lessThan": "09d9d8b40a33",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "git"
              },
              {
                "lessThan": "712e01f32e57",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "git"
              },
              {
                "lessThan": "eebff19acaa3",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "git"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 8.4,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52755",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-01T03:55:53.690996Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-01T13:46:35.727Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.921Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/aaf0a07d60887d6c36fc46a24de0083744f07819"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8387c94d73ec66eb597c7a23a8d9eadf64bfbafa"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/09d9d8b40a3338193619c14ed4dc040f4f119e70"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/712e01f32e577e7e48ab0adb5fe550646a3d93cb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eebff19acaa35820cb09ce2ccb3d21bee2156ffb"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/server/smbacl.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "aaf0a07d6088",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8387c94d73ec",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "09d9d8b40a33",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "712e01f32e57",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "eebff19acaa3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/server/smbacl.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix slab out of bounds write in smb_inherit_dacl()\n\nslab out-of-bounds write is caused by that offsets is bigger than pntsd\nallocation size. This patch add the check to validate 3 offsets using\nallocation size."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:05.792Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/aaf0a07d60887d6c36fc46a24de0083744f07819"
        },
        {
          "url": "https://git.kernel.org/stable/c/8387c94d73ec66eb597c7a23a8d9eadf64bfbafa"
        },
        {
          "url": "https://git.kernel.org/stable/c/09d9d8b40a3338193619c14ed4dc040f4f119e70"
        },
        {
          "url": "https://git.kernel.org/stable/c/712e01f32e577e7e48ab0adb5fe550646a3d93cb"
        },
        {
          "url": "https://git.kernel.org/stable/c/eebff19acaa35820cb09ce2ccb3d21bee2156ffb"
        }
      ],
      "title": "ksmbd: fix slab out of bounds write in smb_inherit_dacl()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52755",
    "datePublished": "2024-05-21T15:30:42.898Z",
    "dateReserved": "2024-05-21T15:19:24.235Z",
    "dateUpdated": "2024-11-04T14:52:05.792Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52701

Vulnerability from cvelistv5

Published

2024-05-21 15:22

Modified

2024-11-04 14:51

Severity ?

Summary

net: use a bounce buffer for copying skb->mark

References

▼	URL	Tags
	https://git.kernel.org/stable/c/863a7de987f02a901bf215509276a7de0370e0f9
	https://git.kernel.org/stable/c/2558b8039d059342197610498c8749ad294adee5

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52701",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T17:32:19.425671Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:51.546Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.233Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/863a7de987f02a901bf215509276a7de0370e0f9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2558b8039d059342197610498c8749ad294adee5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/socket.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "863a7de987f0",
              "status": "affected",
              "version": "6fd1d51cfa25",
              "versionType": "git"
            },
            {
              "lessThan": "2558b8039d05",
              "status": "affected",
              "version": "6fd1d51cfa25",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/socket.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.19"
            },
            {
              "lessThan": "5.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: use a bounce buffer for copying skb-\u003emark\n\nsyzbot found arm64 builds would crash in sock_recv_mark()\nwhen CONFIG_HARDENED_USERCOPY=y\n\nx86 and powerpc are not detecting the issue because\nthey define user_access_begin.\nThis will be handled in a different patch,\nbecause a check_object_size() is missing.\n\nOnly data from skb-\u003ecb[] can be copied directly to/from user space,\nas explained in commit 79a8a642bf05 (\"net: Whitelist\nthe skbuff_head_cache \"cb\" field\")\n\nsyzbot report was:\nusercopy: Kernel memory exposure attempt detected from SLUB object \u0027skbuff_head_cache\u0027 (offset 168, size 4)!\n------------[ cut here ]------------\nkernel BUG at mm/usercopy.c:102 !\nInternal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\nModules linked in:\nCPU: 0 PID: 4410 Comm: syz-executor533 Not tainted 6.2.0-rc7-syzkaller-17907-g2d3827b3f393 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : usercopy_abort+0x90/0x94 mm/usercopy.c:90\nlr : usercopy_abort+0x90/0x94 mm/usercopy.c:90\nsp : ffff80000fb9b9a0\nx29: ffff80000fb9b9b0 x28: ffff0000c6073400 x27: 0000000020001a00\nx26: 0000000000000014 x25: ffff80000cf52000 x24: fffffc0000000000\nx23: 05ffc00000000200 x22: fffffc000324bf80 x21: ffff0000c92fe1a8\nx20: 0000000000000001 x19: 0000000000000004 x18: 0000000000000000\nx17: 656a626f2042554c x16: ffff0000c6073dd0 x15: ffff80000dbd2118\nx14: ffff0000c6073400 x13: 00000000ffffffff x12: ffff0000c6073400\nx11: ff808000081bbb4c x10: 0000000000000000 x9 : 7b0572d7cc0ccf00\nx8 : 7b0572d7cc0ccf00 x7 : ffff80000bf650d4 x6 : 0000000000000000\nx5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000000\nx2 : ffff0001fefbff08 x1 : 0000000100000000 x0 : 000000000000006c\nCall trace:\nusercopy_abort+0x90/0x94 mm/usercopy.c:90\n__check_heap_object+0xa8/0x100 mm/slub.c:4761\ncheck_heap_object mm/usercopy.c:196 [inline]\n__check_object_size+0x208/0x6b8 mm/usercopy.c:251\ncheck_object_size include/linux/thread_info.h:199 [inline]\n__copy_to_user include/linux/uaccess.h:115 [inline]\nput_cmsg+0x408/0x464 net/core/scm.c:238\nsock_recv_mark net/socket.c:975 [inline]\n__sock_recv_cmsgs+0x1fc/0x248 net/socket.c:984\nsock_recv_cmsgs include/net/sock.h:2728 [inline]\npacket_recvmsg+0x2d8/0x678 net/packet/af_packet.c:3482\n____sys_recvmsg+0x110/0x3a0\n___sys_recvmsg net/socket.c:2737 [inline]\n__sys_recvmsg+0x194/0x210 net/socket.c:2767\n__do_sys_recvmsg net/socket.c:2777 [inline]\n__se_sys_recvmsg net/socket.c:2774 [inline]\n__arm64_sys_recvmsg+0x2c/0x3c net/socket.c:2774\n__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]\ninvoke_syscall+0x64/0x178 arch/arm64/kernel/syscall.c:52\nel0_svc_common+0xbc/0x180 arch/arm64/kernel/syscall.c:142\ndo_el0_svc+0x48/0x110 arch/arm64/kernel/syscall.c:193\nel0_svc+0x58/0x14c arch/arm64/kernel/entry-common.c:637\nel0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655\nel0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591\nCode: 91388800 aa0903e1 f90003e8 94e6d752 (d4210000)"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:25.575Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/863a7de987f02a901bf215509276a7de0370e0f9"
        },
        {
          "url": "https://git.kernel.org/stable/c/2558b8039d059342197610498c8749ad294adee5"
        }
      ],
      "title": "net: use a bounce buffer for copying skb-\u003emark",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52701",
    "datePublished": "2024-05-21T15:22:51.354Z",
    "dateReserved": "2024-03-07T14:49:46.891Z",
    "dateUpdated": "2024-11-04T14:51:25.575Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52861

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:54

Severity ?

6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

drm: bridge: it66121: Fix invalid connector dereference

References

▼	URL	Tags
	https://git.kernel.org/stable/c/2c80c4f0d2845645f41cbb7c9304c8efbdbd4331
	https://git.kernel.org/stable/c/1669d7b21a664aa531856ce85b01359a376baebc
	https://git.kernel.org/stable/c/1374561a7cbc9a000b77bb0473bb2c19daf18d86
	https://git.kernel.org/stable/c/d0375f6858c4ff7244b62b02eb5e93428e1916cd

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "e0fd83dbe924"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "5.19"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.1.63"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.5.12"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.6.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.7"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.2,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52861",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T18:51:01.322814Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:59.483Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.979Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2c80c4f0d2845645f41cbb7c9304c8efbdbd4331"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1669d7b21a664aa531856ce85b01359a376baebc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1374561a7cbc9a000b77bb0473bb2c19daf18d86"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d0375f6858c4ff7244b62b02eb5e93428e1916cd"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/bridge/ite-it66121.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2c80c4f0d284",
              "status": "affected",
              "version": "e0fd83dbe924",
              "versionType": "git"
            },
            {
              "lessThan": "1669d7b21a66",
              "status": "affected",
              "version": "e0fd83dbe924",
              "versionType": "git"
            },
            {
              "lessThan": "1374561a7cbc",
              "status": "affected",
              "version": "e0fd83dbe924",
              "versionType": "git"
            },
            {
              "lessThan": "d0375f6858c4",
              "status": "affected",
              "version": "e0fd83dbe924",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/bridge/ite-it66121.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.19"
            },
            {
              "lessThan": "5.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: bridge: it66121: Fix invalid connector dereference\n\nFix the NULL pointer dereference when no monitor is connected, and the\nsound card is opened from userspace.\n\nInstead return an empty buffer (of zeroes) as the EDID information to\nthe sound framework if there is no connector attached."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:04.183Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2c80c4f0d2845645f41cbb7c9304c8efbdbd4331"
        },
        {
          "url": "https://git.kernel.org/stable/c/1669d7b21a664aa531856ce85b01359a376baebc"
        },
        {
          "url": "https://git.kernel.org/stable/c/1374561a7cbc9a000b77bb0473bb2c19daf18d86"
        },
        {
          "url": "https://git.kernel.org/stable/c/d0375f6858c4ff7244b62b02eb5e93428e1916cd"
        }
      ],
      "title": "drm: bridge: it66121: Fix invalid connector dereference",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52861",
    "datePublished": "2024-05-21T15:31:53.904Z",
    "dateReserved": "2024-05-21T15:19:24.261Z",
    "dateUpdated": "2024-11-04T14:54:04.183Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47453

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:06

Severity ?

Summary

ice: Avoid crash from unnecessary IDA free

References

▼	URL	Tags
	https://git.kernel.org/stable/c/777682e59840e24e6c5672197e6ffbcf4bff823b
	https://git.kernel.org/stable/c/73e30a62b19b9fbb4e6a3465c59da186630d5f2e

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47453",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-24T19:24:44.764547Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:21.088Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.466Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/777682e59840e24e6c5672197e6ffbcf4bff823b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/73e30a62b19b9fbb4e6a3465c59da186630d5f2e"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/ice/ice_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "777682e59840",
              "status": "affected",
              "version": "d25a0fc41c1f",
              "versionType": "git"
            },
            {
              "lessThan": "73e30a62b19b",
              "status": "affected",
              "version": "d25a0fc41c1f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/ice/ice_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "lessThan": "5.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Avoid crash from unnecessary IDA free\n\nIn the remove path, there is an attempt to free the aux_idx IDA whether\nit was allocated or not.  This can potentially cause a crash when\nunloading the driver on systems that do not initialize support for RDMA.\nBut, this free cannot be gated by the status bit for RDMA, since it is\nallocated if the driver detects support for RDMA at probe time, but the\ndriver can enter into a state where RDMA is not supported after the IDA\nhas been allocated at probe time and this would lead to a memory leak.\n\nInitialize aux_idx to an invalid value and check for a valid value when\nunloading to determine if an IDA free is necessary."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:14.265Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/777682e59840e24e6c5672197e6ffbcf4bff823b"
        },
        {
          "url": "https://git.kernel.org/stable/c/73e30a62b19b9fbb4e6a3465c59da186630d5f2e"
        }
      ],
      "title": "ice: Avoid crash from unnecessary IDA free",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47453",
    "datePublished": "2024-05-22T06:19:43.374Z",
    "dateReserved": "2024-05-21T14:58:30.833Z",
    "dateUpdated": "2024-11-04T12:06:14.265Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47434

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:05

Severity ?

Summary

xhci: Fix command ring pointer corruption while aborting a command

References

▼	URL	Tags
	https://git.kernel.org/stable/c/22bcb65ea41072ab5d03c0c6290e04e0df6d09a0
	https://git.kernel.org/stable/c/62c182b5e763e5f4062e72678e72ce3e02dd4d1b
	https://git.kernel.org/stable/c/01c2dcb67e71c351006dd17cbba86c26b7f61eaf
	https://git.kernel.org/stable/c/dec944bb7079b37968cf69c8a438f91f15c4cc61
	https://git.kernel.org/stable/c/e54abefe703ab7c4e5983e889babd1447738ca42
	https://git.kernel.org/stable/c/ff0e50d3564f33b7f4b35cadeabd951d66cfc570

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47434",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:19:19.923791Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:46.138Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.365Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/22bcb65ea41072ab5d03c0c6290e04e0df6d09a0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/62c182b5e763e5f4062e72678e72ce3e02dd4d1b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/01c2dcb67e71c351006dd17cbba86c26b7f61eaf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dec944bb7079b37968cf69c8a438f91f15c4cc61"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e54abefe703ab7c4e5983e889babd1447738ca42"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ff0e50d3564f33b7f4b35cadeabd951d66cfc570"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/host/xhci-ring.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "22bcb65ea410",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "62c182b5e763",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "01c2dcb67e71",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "dec944bb7079",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e54abefe703a",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "ff0e50d3564f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/host/xhci-ring.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.252",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.213",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.155",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.75",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxhci: Fix command ring pointer corruption while aborting a command\n\nThe command ring pointer is located at [6:63] bits of the command\nring control register (CRCR). All the control bits like command stop,\nabort are located at [0:3] bits. While aborting a command, we read the\nCRCR and set the abort bit and write to the CRCR. The read will always\ngive command ring pointer as all zeros. So we essentially write only\nthe control bits. Since we split the 64 bit write into two 32 bit writes,\nthere is a possibility of xHC command ring stopped before the upper\ndword (all zeros) is written. If that happens, xHC updates the upper\ndword of its internal command ring pointer with all zeros. Next time,\nwhen the command ring is restarted, we see xHC memory access failures.\nFix this issue by only writing to the lower dword of CRCR where all\ncontrol bits are located."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:50.574Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/22bcb65ea41072ab5d03c0c6290e04e0df6d09a0"
        },
        {
          "url": "https://git.kernel.org/stable/c/62c182b5e763e5f4062e72678e72ce3e02dd4d1b"
        },
        {
          "url": "https://git.kernel.org/stable/c/01c2dcb67e71c351006dd17cbba86c26b7f61eaf"
        },
        {
          "url": "https://git.kernel.org/stable/c/dec944bb7079b37968cf69c8a438f91f15c4cc61"
        },
        {
          "url": "https://git.kernel.org/stable/c/e54abefe703ab7c4e5983e889babd1447738ca42"
        },
        {
          "url": "https://git.kernel.org/stable/c/ff0e50d3564f33b7f4b35cadeabd951d66cfc570"
        }
      ],
      "title": "xhci: Fix command ring pointer corruption while aborting a command",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47434",
    "datePublished": "2024-05-22T06:19:30.896Z",
    "dateReserved": "2024-05-21T14:58:30.830Z",
    "dateUpdated": "2024-11-04T12:05:50.574Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52758

Vulnerability from cvelistv5

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2024-05-24T15:27:25.169Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52758",
    "datePublished": "2024-05-21T15:30:45.122Z",
    "dateRejected": "2024-05-24T15:27:25.169Z",
    "dateReserved": "2024-05-21T15:19:24.237Z",
    "dateUpdated": "2024-05-24T15:27:25.169Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52770

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

f2fs: split initial and dynamic conditions for extent_cache

References

▼	URL	Tags
	https://git.kernel.org/stable/c/9de787139b0258a5dd1f498780c26d76b61d2958
	https://git.kernel.org/stable/c/d83309e7e006cee8afca83523559017c824fbf7a
	https://git.kernel.org/stable/c/f803982190f0265fd36cf84670aa6daefc2b0768

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52770",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T17:30:42.335957Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:27.194Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.015Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9de787139b0258a5dd1f498780c26d76b61d2958"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d83309e7e006cee8afca83523559017c824fbf7a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f803982190f0265fd36cf84670aa6daefc2b0768"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/f2fs/extent_cache.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9de787139b02",
              "status": "affected",
              "version": "72840cccc0a1",
              "versionType": "git"
            },
            {
              "lessThan": "d83309e7e006",
              "status": "affected",
              "version": "72840cccc0a1",
              "versionType": "git"
            },
            {
              "lessThan": "f803982190f0",
              "status": "affected",
              "version": "72840cccc0a1",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/f2fs/extent_cache.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "lessThan": "6.2",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: split initial and dynamic conditions for extent_cache\n\nLet\u0027s allocate the extent_cache tree without dynamic conditions to avoid a\nmissing condition causing a panic as below.\n\n # create a file w/ a compressed flag\n # disable the compression\n # panic while updating extent_cache\n\nF2FS-fs (dm-64): Swapfile: last extent is not aligned to section\nF2FS-fs (dm-64): Swapfile (3) is not align to section: 1) creat(), 2) ioctl(F2FS_IOC_SET_PIN_FILE), 3) fallocate(2097152 * N)\nAdding 124996k swap on ./swap-file.  Priority:0 extents:2 across:17179494468k\n==================================================================\nBUG: KASAN: null-ptr-deref in instrument_atomic_read_write out/common/include/linux/instrumented.h:101 [inline]\nBUG: KASAN: null-ptr-deref in atomic_try_cmpxchg_acquire out/common/include/asm-generic/atomic-instrumented.h:705 [inline]\nBUG: KASAN: null-ptr-deref in queued_write_lock out/common/include/asm-generic/qrwlock.h:92 [inline]\nBUG: KASAN: null-ptr-deref in __raw_write_lock out/common/include/linux/rwlock_api_smp.h:211 [inline]\nBUG: KASAN: null-ptr-deref in _raw_write_lock+0x5a/0x110 out/common/kernel/locking/spinlock.c:295\nWrite of size 4 at addr 0000000000000030 by task syz-executor154/3327\n\nCPU: 0 PID: 3327 Comm: syz-executor154 Tainted: G           O      5.10.185 #1\nHardware name: emulation qemu-x86/qemu-x86, BIOS 2023.01-21885-gb3cc1cd24d 01/01/2023\nCall Trace:\n __dump_stack out/common/lib/dump_stack.c:77 [inline]\n dump_stack_lvl+0x17e/0x1c4 out/common/lib/dump_stack.c:118\n __kasan_report+0x16c/0x260 out/common/mm/kasan/report.c:415\n kasan_report+0x51/0x70 out/common/mm/kasan/report.c:428\n kasan_check_range+0x2f3/0x340 out/common/mm/kasan/generic.c:186\n __kasan_check_write+0x14/0x20 out/common/mm/kasan/shadow.c:37\n instrument_atomic_read_write out/common/include/linux/instrumented.h:101 [inline]\n atomic_try_cmpxchg_acquire out/common/include/asm-generic/atomic-instrumented.h:705 [inline]\n queued_write_lock out/common/include/asm-generic/qrwlock.h:92 [inline]\n __raw_write_lock out/common/include/linux/rwlock_api_smp.h:211 [inline]\n _raw_write_lock+0x5a/0x110 out/common/kernel/locking/spinlock.c:295\n __drop_extent_tree+0xdf/0x2f0 out/common/fs/f2fs/extent_cache.c:1155\n f2fs_drop_extent_tree+0x17/0x30 out/common/fs/f2fs/extent_cache.c:1172\n f2fs_insert_range out/common/fs/f2fs/file.c:1600 [inline]\n f2fs_fallocate+0x19fd/0x1f40 out/common/fs/f2fs/file.c:1764\n vfs_fallocate+0x514/0x9b0 out/common/fs/open.c:310\n ksys_fallocate out/common/fs/open.c:333 [inline]\n __do_sys_fallocate out/common/fs/open.c:341 [inline]\n __se_sys_fallocate out/common/fs/open.c:339 [inline]\n __x64_sys_fallocate+0xb8/0x100 out/common/fs/open.c:339\n do_syscall_64+0x35/0x50 out/common/arch/x86/entry/common.c:46"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:21.882Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9de787139b0258a5dd1f498780c26d76b61d2958"
        },
        {
          "url": "https://git.kernel.org/stable/c/d83309e7e006cee8afca83523559017c824fbf7a"
        },
        {
          "url": "https://git.kernel.org/stable/c/f803982190f0265fd36cf84670aa6daefc2b0768"
        }
      ],
      "title": "f2fs: split initial and dynamic conditions for extent_cache",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52770",
    "datePublished": "2024-05-21T15:30:52.970Z",
    "dateReserved": "2024-05-21T15:19:24.239Z",
    "dateUpdated": "2024-11-04T14:52:21.882Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52858

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:54

Severity ?

6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data

References

▼	URL	Tags
	https://git.kernel.org/stable/c/e8ae4b49dd9cfde69d8de8c0c0cd7cf1b004482e
	https://git.kernel.org/stable/c/4f861b63945e076f9f003a5fad958174096df1ee
	https://git.kernel.org/stable/c/e964d21dc034b650d719c4ea39564bec72b42f94
	https://git.kernel.org/stable/c/a836efc21ef04608333d6d05753e558ebd1f85d0
	https://git.kernel.org/stable/c/1d89430fc3158f872d492f1b88d07262f48290c0
	https://git.kernel.org/stable/c/5fbea47eebff5daeca7d918c99289bcd3ae4dc8d
	https://git.kernel.org/stable/c/2befa515c1bb6cdd33c262b909d93d1973a219aa

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "3b5e748615e7"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "5.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.4.261"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.10.201"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "\t5.15.139"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.1.63"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.5.12"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.6.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.7"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.2,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52858",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T19:00:23.134670Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:43.603Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.988Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e8ae4b49dd9cfde69d8de8c0c0cd7cf1b004482e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4f861b63945e076f9f003a5fad958174096df1ee"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e964d21dc034b650d719c4ea39564bec72b42f94"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a836efc21ef04608333d6d05753e558ebd1f85d0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1d89430fc3158f872d492f1b88d07262f48290c0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5fbea47eebff5daeca7d918c99289bcd3ae4dc8d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2befa515c1bb6cdd33c262b909d93d1973a219aa"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/clk/mediatek/clk-mt7629.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e8ae4b49dd9c",
              "status": "affected",
              "version": "3b5e748615e7",
              "versionType": "git"
            },
            {
              "lessThan": "4f861b63945e",
              "status": "affected",
              "version": "3b5e748615e7",
              "versionType": "git"
            },
            {
              "lessThan": "e964d21dc034",
              "status": "affected",
              "version": "3b5e748615e7",
              "versionType": "git"
            },
            {
              "lessThan": "a836efc21ef0",
              "status": "affected",
              "version": "3b5e748615e7",
              "versionType": "git"
            },
            {
              "lessThan": "1d89430fc315",
              "status": "affected",
              "version": "3b5e748615e7",
              "versionType": "git"
            },
            {
              "lessThan": "5fbea47eebff",
              "status": "affected",
              "version": "3b5e748615e7",
              "versionType": "git"
            },
            {
              "lessThan": "2befa515c1bb",
              "status": "affected",
              "version": "3b5e748615e7",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/clk/mediatek/clk-mt7629.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.0"
            },
            {
              "lessThan": "5.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.261",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:00.268Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e8ae4b49dd9cfde69d8de8c0c0cd7cf1b004482e"
        },
        {
          "url": "https://git.kernel.org/stable/c/4f861b63945e076f9f003a5fad958174096df1ee"
        },
        {
          "url": "https://git.kernel.org/stable/c/e964d21dc034b650d719c4ea39564bec72b42f94"
        },
        {
          "url": "https://git.kernel.org/stable/c/a836efc21ef04608333d6d05753e558ebd1f85d0"
        },
        {
          "url": "https://git.kernel.org/stable/c/1d89430fc3158f872d492f1b88d07262f48290c0"
        },
        {
          "url": "https://git.kernel.org/stable/c/5fbea47eebff5daeca7d918c99289bcd3ae4dc8d"
        },
        {
          "url": "https://git.kernel.org/stable/c/2befa515c1bb6cdd33c262b909d93d1973a219aa"
        }
      ],
      "title": "clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52858",
    "datePublished": "2024-05-21T15:31:51.891Z",
    "dateReserved": "2024-05-21T15:19:24.258Z",
    "dateUpdated": "2024-11-04T14:54:00.268Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52815

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

drm/amdgpu/vkms: fix a possible null pointer dereference

References

▼	URL	Tags
	https://git.kernel.org/stable/c/eaa03ea366c85ae3cb69c8d4bbc67c8bc2167a27
	https://git.kernel.org/stable/c/33fb1a555354bd593f785935ddcb5d9dd4d3847f
	https://git.kernel.org/stable/c/8c6c85a073768df68c1a3fea143d013a38c66d34
	https://git.kernel.org/stable/c/70f831f21155c692bb336c434936fd6f24f3f81a
	https://git.kernel.org/stable/c/cd90511557fdfb394bb4ac4c3b539b007383914c

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52815",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:24:04.849816Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:38.588Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.678Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eaa03ea366c85ae3cb69c8d4bbc67c8bc2167a27"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/33fb1a555354bd593f785935ddcb5d9dd4d3847f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8c6c85a073768df68c1a3fea143d013a38c66d34"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/70f831f21155c692bb336c434936fd6f24f3f81a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cd90511557fdfb394bb4ac4c3b539b007383914c"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu_vkms.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "eaa03ea366c8",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "33fb1a555354",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8c6c85a07376",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "70f831f21155",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "cd90511557fd",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu_vkms.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/vkms: fix a possible null pointer dereference\n\nIn amdgpu_vkms_conn_get_modes(), the return value of drm_cvt_mode()\nis assigned to mode, which will lead to a NULL pointer dereference\non failure of drm_cvt_mode(). Add a check to avoid null pointer\ndereference."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:15.223Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/eaa03ea366c85ae3cb69c8d4bbc67c8bc2167a27"
        },
        {
          "url": "https://git.kernel.org/stable/c/33fb1a555354bd593f785935ddcb5d9dd4d3847f"
        },
        {
          "url": "https://git.kernel.org/stable/c/8c6c85a073768df68c1a3fea143d013a38c66d34"
        },
        {
          "url": "https://git.kernel.org/stable/c/70f831f21155c692bb336c434936fd6f24f3f81a"
        },
        {
          "url": "https://git.kernel.org/stable/c/cd90511557fdfb394bb4ac4c3b539b007383914c"
        }
      ],
      "title": "drm/amdgpu/vkms: fix a possible null pointer dereference",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52815",
    "datePublished": "2024-05-21T15:31:22.918Z",
    "dateReserved": "2024-05-21T15:19:24.248Z",
    "dateUpdated": "2024-11-04T14:53:15.223Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47420

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

drm/amdkfd: fix a potential ttm->sg memory leak

References

▼	URL	Tags
	https://git.kernel.org/stable/c/7e5ce6029b627efb4a004746cfdc1eeff850e6eb
	https://git.kernel.org/stable/c/b072ef1215aca33186e3a10109e872e528a9e516

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47420",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T17:26:39.842792Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T17:26:55.110Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.450Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7e5ce6029b627efb4a004746cfdc1eeff850e6eb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b072ef1215aca33186e3a10109e872e528a9e516"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7e5ce6029b62",
              "status": "affected",
              "version": "264fb4d332f5",
              "versionType": "git"
            },
            {
              "lessThan": "b072ef1215ac",
              "status": "affected",
              "version": "264fb4d332f5",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "lessThan": "5.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: fix a potential ttm-\u003esg memory leak\n\nMemory is allocated for ttm-\u003esg by kmalloc in kfd_mem_dmamap_userptr,\nbut isn\u0027t freed by kfree in kfd_mem_dmaunmap_userptr. Free it!"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:34.133Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7e5ce6029b627efb4a004746cfdc1eeff850e6eb"
        },
        {
          "url": "https://git.kernel.org/stable/c/b072ef1215aca33186e3a10109e872e528a9e516"
        }
      ],
      "title": "drm/amdkfd: fix a potential ttm-\u003esg memory leak",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47420",
    "datePublished": "2024-05-21T15:04:08.635Z",
    "dateReserved": "2024-05-21T14:58:30.820Z",
    "dateUpdated": "2024-11-04T12:05:34.133Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52874

Vulnerability from cvelistv5

Published

2024-05-21 15:32

Modified

2024-11-04 14:54

Severity ?

Summary

x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro

References

▼	URL	Tags
	https://git.kernel.org/stable/c/2191950d35d8f81620ea8d4e04d983f664fe3a8a
	https://git.kernel.org/stable/c/de4c5bacca4f50233f1f791bec9eeb4dee1b14cd
	https://git.kernel.org/stable/c/5d092b66119d774853cc9308522620299048a662

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.236Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2191950d35d8f81620ea8d4e04d983f664fe3a8a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/de4c5bacca4f50233f1f791bec9eeb4dee1b14cd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5d092b66119d774853cc9308522620299048a662"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52874",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:24.980070Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:54.047Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/coco/tdx/tdcall.S"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2191950d35d8",
              "status": "affected",
              "version": "7a3a401874be",
              "versionType": "git"
            },
            {
              "lessThan": "de4c5bacca4f",
              "status": "affected",
              "version": "7a3a401874be",
              "versionType": "git"
            },
            {
              "lessThan": "5d092b66119d",
              "status": "affected",
              "version": "7a3a401874be",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/coco/tdx/tdcall.S"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "lessThan": "6.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro\n\nIn the TDX_HYPERCALL asm, after the TDCALL instruction returns from the\nuntrusted VMM, the registers that the TDX guest shares to the VMM need\nto be cleared to avoid speculative execution of VMM-provided values.\n\nRSI is specified in the bitmap of those registers, but it is missing\nwhen zeroing out those registers in the current TDX_HYPERCALL.\n\nIt was there when it was originally added in commit 752d13305c78\n(\"x86/tdx: Expand __tdx_hypercall() to handle more arguments\"), but was\nlater removed in commit 1e70c680375a (\"x86/tdx: Do not corrupt\nframe-pointer in __tdx_hypercall()\"), which was correct because %rsi is\nlater restored in the \"pop %rsi\".  However a later commit 7a3a401874be\n(\"x86/tdx: Drop flags from __tdx_hypercall()\") removed that \"pop %rsi\"\nbut forgot to add the \"xor %rsi, %rsi\" back.\n\nFix by adding it back."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:20.855Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2191950d35d8f81620ea8d4e04d983f664fe3a8a"
        },
        {
          "url": "https://git.kernel.org/stable/c/de4c5bacca4f50233f1f791bec9eeb4dee1b14cd"
        },
        {
          "url": "https://git.kernel.org/stable/c/5d092b66119d774853cc9308522620299048a662"
        }
      ],
      "title": "x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52874",
    "datePublished": "2024-05-21T15:32:07.937Z",
    "dateReserved": "2024-05-21T15:19:24.264Z",
    "dateUpdated": "2024-11-04T14:54:20.855Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52795

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:52

Severity ?

Summary

vhost-vdpa: fix use after free in vhost_vdpa_probe()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/c0f8b8fb7df9d1a38652eb5aa817afccd3c56111
	https://git.kernel.org/stable/c/ae8ea4e200675a940c365b496ef8e3fb4123601c
	https://git.kernel.org/stable/c/bf04132cd64ccde4e9e9765d489c83fe83c09b7f
	https://git.kernel.org/stable/c/e07754e0a1ea2d63fb29574253d1fd7405607343

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52795",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T17:45:54.468862Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:53.184Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.679Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c0f8b8fb7df9d1a38652eb5aa817afccd3c56111"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ae8ea4e200675a940c365b496ef8e3fb4123601c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bf04132cd64ccde4e9e9765d489c83fe83c09b7f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e07754e0a1ea2d63fb29574253d1fd7405607343"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/vhost/vdpa.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c0f8b8fb7df9",
              "status": "affected",
              "version": "ebe6a354fa7e",
              "versionType": "git"
            },
            {
              "lessThan": "ae8ea4e20067",
              "status": "affected",
              "version": "ebe6a354fa7e",
              "versionType": "git"
            },
            {
              "lessThan": "bf04132cd64c",
              "status": "affected",
              "version": "ebe6a354fa7e",
              "versionType": "git"
            },
            {
              "lessThan": "e07754e0a1ea",
              "status": "affected",
              "version": "ebe6a354fa7e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/vhost/vdpa.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.0"
            },
            {
              "lessThan": "6.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost-vdpa: fix use after free in vhost_vdpa_probe()\n\nThe put_device() calls vhost_vdpa_release_dev() which calls\nida_simple_remove() and frees \"v\".  So this call to\nida_simple_remove() is a use after free and a double free."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:52.450Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c0f8b8fb7df9d1a38652eb5aa817afccd3c56111"
        },
        {
          "url": "https://git.kernel.org/stable/c/ae8ea4e200675a940c365b496ef8e3fb4123601c"
        },
        {
          "url": "https://git.kernel.org/stable/c/bf04132cd64ccde4e9e9765d489c83fe83c09b7f"
        },
        {
          "url": "https://git.kernel.org/stable/c/e07754e0a1ea2d63fb29574253d1fd7405607343"
        }
      ],
      "title": "vhost-vdpa: fix use after free in vhost_vdpa_probe()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52795",
    "datePublished": "2024-05-21T15:31:09.623Z",
    "dateReserved": "2024-05-21T15:19:24.246Z",
    "dateUpdated": "2024-11-04T14:52:52.450Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52834

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

atl1c: Work around the DMA RX overflow issue

References

▼	URL	Tags
	https://git.kernel.org/stable/c/c29a89b23f67ee592f4dee61f9d7efbf86d60315
	https://git.kernel.org/stable/c/57e44ff9c2c9747b2b1a53556810b0e5192655d6
	https://git.kernel.org/stable/c/54a6152da4993ec8e4b53dc3cf577f5a2c829afa
	https://git.kernel.org/stable/c/32f08b7b430ee01ec47d730f961a3306c1c7b6fb
	https://git.kernel.org/stable/c/86565682e9053e5deb128193ea9e88531bbae9cf

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52834",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T18:09:31.471989Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:26.205Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.046Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c29a89b23f67ee592f4dee61f9d7efbf86d60315"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/57e44ff9c2c9747b2b1a53556810b0e5192655d6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/54a6152da4993ec8e4b53dc3cf577f5a2c829afa"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/32f08b7b430ee01ec47d730f961a3306c1c7b6fb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/86565682e9053e5deb128193ea9e88531bbae9cf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/atheros/atl1c/atl1c.h",
            "drivers/net/ethernet/atheros/atl1c/atl1c_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c29a89b23f67",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "57e44ff9c2c9",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "54a6152da499",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "32f08b7b430e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "86565682e905",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/atheros/atl1c/atl1c.h",
            "drivers/net/ethernet/atheros/atl1c/atl1c_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\natl1c: Work around the DMA RX overflow issue\n\nThis is based on alx driver commit 881d0327db37 (\"net: alx: Work around\nthe DMA RX overflow issue\").\n\nThe alx and atl1c drivers had RX overflow error which was why a custom\nallocator was created to avoid certain addresses. The simpler workaround\nthen created for alx driver, but not for atl1c due to lack of tester.\n\nInstead of using a custom allocator, check the allocated skb address and\nuse skb_reserve() to move away from problematic 0x...fc0 address.\n\nTested on AR8131 on Acer 4540."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:31.511Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c29a89b23f67ee592f4dee61f9d7efbf86d60315"
        },
        {
          "url": "https://git.kernel.org/stable/c/57e44ff9c2c9747b2b1a53556810b0e5192655d6"
        },
        {
          "url": "https://git.kernel.org/stable/c/54a6152da4993ec8e4b53dc3cf577f5a2c829afa"
        },
        {
          "url": "https://git.kernel.org/stable/c/32f08b7b430ee01ec47d730f961a3306c1c7b6fb"
        },
        {
          "url": "https://git.kernel.org/stable/c/86565682e9053e5deb128193ea9e88531bbae9cf"
        }
      ],
      "title": "atl1c: Work around the DMA RX overflow issue",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52834",
    "datePublished": "2024-05-21T15:31:35.575Z",
    "dateReserved": "2024-05-21T15:19:24.252Z",
    "dateUpdated": "2024-11-04T14:53:31.511Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47304

Vulnerability from cvelistv5

Published

2024-05-21 14:35

Modified

2024-11-04 12:03

Severity ?

Summary

tcp: fix tcp_init_transfer() to not reset icsk_ca_initialized

References

▼	URL	Tags
	https://git.kernel.org/stable/c/ad4ba3404931745a5977ad12db4f0c34080e52f7
	https://git.kernel.org/stable/c/fe77b85828ca9ddc42977b79de9e40d18545b4fe
	https://git.kernel.org/stable/c/be5d1b61a2ad28c7e57fe8bfa277373e8ecffcdc

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47304",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T15:35:43.044493Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:55.263Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:08.445Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ad4ba3404931745a5977ad12db4f0c34080e52f7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fe77b85828ca9ddc42977b79de9e40d18545b4fe"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/be5d1b61a2ad28c7e57fe8bfa277373e8ecffcdc"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/ipv4/tcp_input.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ad4ba3404931",
              "status": "affected",
              "version": "8919a9b31eb4",
              "versionType": "git"
            },
            {
              "lessThan": "fe77b85828ca",
              "status": "affected",
              "version": "8919a9b31eb4",
              "versionType": "git"
            },
            {
              "lessThan": "be5d1b61a2ad",
              "status": "affected",
              "version": "8919a9b31eb4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/ipv4/tcp_input.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.10"
            },
            {
              "lessThan": "5.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.53",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.13.*",
              "status": "unaffected",
              "version": "5.13.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix tcp_init_transfer() to not reset icsk_ca_initialized\n\nThis commit fixes a bug (found by syzkaller) that could cause spurious\ndouble-initializations for congestion control modules, which could cause\nmemory leaks or other problems for congestion control modules (like CDG)\nthat allocate memory in their init functions.\n\nThe buggy scenario constructed by syzkaller was something like:\n\n(1) create a TCP socket\n(2) initiate a TFO connect via sendto()\n(3) while socket is in TCP_SYN_SENT, call setsockopt(TCP_CONGESTION),\n    which calls:\n       tcp_set_congestion_control() -\u003e\n         tcp_reinit_congestion_control() -\u003e\n           tcp_init_congestion_control()\n(4) receive ACK, connection is established, call tcp_init_transfer(),\n    set icsk_ca_initialized=0 (without first calling cc-\u003erelease()),\n    call tcp_init_congestion_control() again.\n\nNote that in this sequence tcp_init_congestion_control() is called\ntwice without a cc-\u003erelease() call in between. Thus, for CC modules\nthat allocate memory in their init() function, e.g, CDG, a memory leak\nmay occur. The syzkaller tool managed to find a reproducer that\ntriggered such a leak in CDG.\n\nThe bug was introduced when that commit 8919a9b31eb4 (\"tcp: Only init\ncongestion control if not initialized already\")\nintroduced icsk_ca_initialized and set icsk_ca_initialized to 0 in\ntcp_init_transfer(), missing the possibility for a sequence like the\none above, where a process could call setsockopt(TCP_CONGESTION) in\nstate TCP_SYN_SENT (i.e. after the connect() or TFO open sendmsg()),\nwhich would call tcp_init_congestion_control(). It did not intend to\nreset any initialization that the user had already explicitly made;\nit just missed the possibility of that particular sequence (which\nsyzkaller managed to find)."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:03:20.656Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ad4ba3404931745a5977ad12db4f0c34080e52f7"
        },
        {
          "url": "https://git.kernel.org/stable/c/fe77b85828ca9ddc42977b79de9e40d18545b4fe"
        },
        {
          "url": "https://git.kernel.org/stable/c/be5d1b61a2ad28c7e57fe8bfa277373e8ecffcdc"
        }
      ],
      "title": "tcp: fix tcp_init_transfer() to not reset icsk_ca_initialized",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47304",
    "datePublished": "2024-05-21T14:35:24.670Z",
    "dateReserved": "2024-05-21T13:27:52.133Z",
    "dateUpdated": "2024-11-04T12:03:20.656Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47480

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:06

Severity ?

Summary

scsi: core: Put LLD module refcnt after SCSI device is released

References

▼	URL	Tags
	https://git.kernel.org/stable/c/1105573d964f7b78734348466b01f5f6ba8a1813
	https://git.kernel.org/stable/c/8e4814a461787e15a31d322d9efbe0d4f6822428
	https://git.kernel.org/stable/c/61a0faa89f21861d1f8d059123b5c285a5d9ffee
	https://git.kernel.org/stable/c/c2df161f69fb1c67f63adbd193368b47f511edc0
	https://git.kernel.org/stable/c/1ce287eff9f23181d5644db787f472463a61f68b
	https://git.kernel.org/stable/c/7b57c38d12aed1b5d92f74748bed25e0d041729f
	https://git.kernel.org/stable/c/f30822c0b4c35ec86187ab055263943dc71a6836
	https://git.kernel.org/stable/c/f2b85040acec9a928b4eb1b57a989324e8e38d3f

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.500Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1105573d964f7b78734348466b01f5f6ba8a1813"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8e4814a461787e15a31d322d9efbe0d4f6822428"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/61a0faa89f21861d1f8d059123b5c285a5d9ffee"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c2df161f69fb1c67f63adbd193368b47f511edc0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1ce287eff9f23181d5644db787f472463a61f68b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7b57c38d12aed1b5d92f74748bed25e0d041729f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f30822c0b4c35ec86187ab055263943dc71a6836"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f2b85040acec9a928b4eb1b57a989324e8e38d3f"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47480",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:02.036772Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:53.299Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/scsi.c",
            "drivers/scsi/scsi_sysfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1105573d964f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8e4814a46178",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "61a0faa89f21",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c2df161f69fb",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "1ce287eff9f2",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "7b57c38d12ae",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "f30822c0b4c3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "f2b85040acec",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/scsi.c",
            "drivers/scsi/scsi_sysfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.292",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.255",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.216",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.158",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.78",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.17",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Put LLD module refcnt after SCSI device is released\n\nSCSI host release is triggered when SCSI device is freed. We have to make\nsure that the low-level device driver module won\u0027t be unloaded before SCSI\nhost instance is released because shost-\u003ehostt is required in the release\nhandler.\n\nMake sure to put LLD module refcnt after SCSI device is released.\n\nFixes a kernel panic of \u0027BUG: unable to handle page fault for address\u0027\nreported by Changhui and Yi."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:44.875Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1105573d964f7b78734348466b01f5f6ba8a1813"
        },
        {
          "url": "https://git.kernel.org/stable/c/8e4814a461787e15a31d322d9efbe0d4f6822428"
        },
        {
          "url": "https://git.kernel.org/stable/c/61a0faa89f21861d1f8d059123b5c285a5d9ffee"
        },
        {
          "url": "https://git.kernel.org/stable/c/c2df161f69fb1c67f63adbd193368b47f511edc0"
        },
        {
          "url": "https://git.kernel.org/stable/c/1ce287eff9f23181d5644db787f472463a61f68b"
        },
        {
          "url": "https://git.kernel.org/stable/c/7b57c38d12aed1b5d92f74748bed25e0d041729f"
        },
        {
          "url": "https://git.kernel.org/stable/c/f30822c0b4c35ec86187ab055263943dc71a6836"
        },
        {
          "url": "https://git.kernel.org/stable/c/f2b85040acec9a928b4eb1b57a989324e8e38d3f"
        }
      ],
      "title": "scsi: core: Put LLD module refcnt after SCSI device is released",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47480",
    "datePublished": "2024-05-22T08:19:32.839Z",
    "dateReserved": "2024-05-22T06:20:56.200Z",
    "dateUpdated": "2024-11-04T12:06:44.875Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47417

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

libbpf: Fix memory leak in strset

References

▼	URL	Tags
	https://git.kernel.org/stable/c/9e8e7504e09831c469b67d6dc11d9a72654bdb8c
	https://git.kernel.org/stable/c/b0e875bac0fab3e7a7431c2eee36a8ccc0c712ac

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.250Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9e8e7504e09831c469b67d6dc11d9a72654bdb8c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b0e875bac0fab3e7a7431c2eee36a8ccc0c712ac"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47417",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:53.956444Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:38.930Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "tools/lib/bpf/strset.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9e8e7504e098",
              "status": "affected",
              "version": "90d76d3ececc",
              "versionType": "git"
            },
            {
              "lessThan": "b0e875bac0fa",
              "status": "affected",
              "version": "90d76d3ececc",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "tools/lib/bpf/strset.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.13"
            },
            {
              "lessThan": "5.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibbpf: Fix memory leak in strset\n\nFree struct strset itself, not just its internal parts."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:30.601Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9e8e7504e09831c469b67d6dc11d9a72654bdb8c"
        },
        {
          "url": "https://git.kernel.org/stable/c/b0e875bac0fab3e7a7431c2eee36a8ccc0c712ac"
        }
      ],
      "title": "libbpf: Fix memory leak in strset",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47417",
    "datePublished": "2024-05-21T15:04:06.683Z",
    "dateReserved": "2024-05-21T14:58:30.818Z",
    "dateUpdated": "2024-11-04T12:05:30.601Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52864

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:54

Severity ?

Summary

platform/x86: wmi: Fix opening of char device

References

▼	URL	Tags
	https://git.kernel.org/stable/c/cf098e937dd125c0317a0d6f261ac2a950a233d6
	https://git.kernel.org/stable/c/9fb0eed09e1470cd4021ff52b2b9dfcbcee4c203
	https://git.kernel.org/stable/c/d426a2955e45a95b2282764105fcfb110a540453
	https://git.kernel.org/stable/c/e0bf076b734a2fab92d8fddc2b8b03462eee7097
	https://git.kernel.org/stable/c/44a96796d25809502c75771d40ee693c2e44724e
	https://git.kernel.org/stable/c/36d85fa7ae0d6be651c1a745191fa7ef055db43e
	https://git.kernel.org/stable/c/fb7b06b59c6887659c6ed0ecd3110835eecbb6a3
	https://git.kernel.org/stable/c/eba9ac7abab91c8f6d351460239108bef5e7a0b6

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52864",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:21:10.578430Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:07.966Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.054Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cf098e937dd125c0317a0d6f261ac2a950a233d6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9fb0eed09e1470cd4021ff52b2b9dfcbcee4c203"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d426a2955e45a95b2282764105fcfb110a540453"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e0bf076b734a2fab92d8fddc2b8b03462eee7097"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/44a96796d25809502c75771d40ee693c2e44724e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/36d85fa7ae0d6be651c1a745191fa7ef055db43e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fb7b06b59c6887659c6ed0ecd3110835eecbb6a3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eba9ac7abab91c8f6d351460239108bef5e7a0b6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/platform/x86/wmi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "cf098e937dd1",
              "status": "affected",
              "version": "44b6b7661132",
              "versionType": "git"
            },
            {
              "lessThan": "9fb0eed09e14",
              "status": "affected",
              "version": "44b6b7661132",
              "versionType": "git"
            },
            {
              "lessThan": "d426a2955e45",
              "status": "affected",
              "version": "44b6b7661132",
              "versionType": "git"
            },
            {
              "lessThan": "e0bf076b734a",
              "status": "affected",
              "version": "44b6b7661132",
              "versionType": "git"
            },
            {
              "lessThan": "44a96796d258",
              "status": "affected",
              "version": "44b6b7661132",
              "versionType": "git"
            },
            {
              "lessThan": "36d85fa7ae0d",
              "status": "affected",
              "version": "44b6b7661132",
              "versionType": "git"
            },
            {
              "lessThan": "fb7b06b59c68",
              "status": "affected",
              "version": "44b6b7661132",
              "versionType": "git"
            },
            {
              "lessThan": "eba9ac7abab9",
              "status": "affected",
              "version": "44b6b7661132",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/platform/x86/wmi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.15"
            },
            {
              "lessThan": "4.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.299",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.261",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: wmi: Fix opening of char device\n\nSince commit fa1f68db6ca7 (\"drivers: misc: pass miscdevice pointer via\nfile private data\"), the miscdevice stores a pointer to itself inside\nfilp-\u003eprivate_data, which means that private_data will not be NULL when\nwmi_char_open() is called. This might cause memory corruption should\nwmi_char_open() be unable to find its driver, something which can\nhappen when the associated WMI device is deleted in wmi_free_devices().\n\nFix the problem by using the miscdevice pointer to retrieve the WMI\ndevice data associated with a char device using container_of(). This\nalso avoids wmi_char_open() picking a wrong WMI device bound to a\ndriver with the same name as the original driver."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:08.126Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/cf098e937dd125c0317a0d6f261ac2a950a233d6"
        },
        {
          "url": "https://git.kernel.org/stable/c/9fb0eed09e1470cd4021ff52b2b9dfcbcee4c203"
        },
        {
          "url": "https://git.kernel.org/stable/c/d426a2955e45a95b2282764105fcfb110a540453"
        },
        {
          "url": "https://git.kernel.org/stable/c/e0bf076b734a2fab92d8fddc2b8b03462eee7097"
        },
        {
          "url": "https://git.kernel.org/stable/c/44a96796d25809502c75771d40ee693c2e44724e"
        },
        {
          "url": "https://git.kernel.org/stable/c/36d85fa7ae0d6be651c1a745191fa7ef055db43e"
        },
        {
          "url": "https://git.kernel.org/stable/c/fb7b06b59c6887659c6ed0ecd3110835eecbb6a3"
        },
        {
          "url": "https://git.kernel.org/stable/c/eba9ac7abab91c8f6d351460239108bef5e7a0b6"
        }
      ],
      "title": "platform/x86: wmi: Fix opening of char device",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52864",
    "datePublished": "2024-05-21T15:31:55.875Z",
    "dateReserved": "2024-05-21T15:19:24.261Z",
    "dateUpdated": "2024-11-04T14:54:08.126Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47454

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:06

Severity ?

Summary

powerpc/smp: do not decrement idle task preempt count in CPU offline

References

▼	URL	Tags
	https://git.kernel.org/stable/c/53770a411559cf7bc0906d1df319cc533d2f4f58
	https://git.kernel.org/stable/c/3ea0b497a7a2fff6a4b7090310c9f52c91975934
	https://git.kernel.org/stable/c/787252a10d9422f3058df9a4821f389e5326c440

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47454",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T19:49:10.356521Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:30.604Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.627Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/53770a411559cf7bc0906d1df319cc533d2f4f58"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3ea0b497a7a2fff6a4b7090310c9f52c91975934"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/787252a10d9422f3058df9a4821f389e5326c440"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/powerpc/kernel/smp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "53770a411559",
              "status": "affected",
              "version": "bdf4d33e8342",
              "versionType": "git"
            },
            {
              "lessThan": "3ea0b497a7a2",
              "status": "affected",
              "version": "2c669ef6979c",
              "versionType": "git"
            },
            {
              "lessThan": "787252a10d94",
              "status": "affected",
              "version": "2c669ef6979c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/powerpc/kernel/smp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "lessThan": "5.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.76",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/smp: do not decrement idle task preempt count in CPU offline\n\nWith PREEMPT_COUNT=y, when a CPU is offlined and then onlined again, we\nget:\n\nBUG: scheduling while atomic: swapper/1/0/0x00000000\nno locks held by swapper/1/0.\nCPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.15.0-rc2+ #100\nCall Trace:\n dump_stack_lvl+0xac/0x108\n __schedule_bug+0xac/0xe0\n __schedule+0xcf8/0x10d0\n schedule_idle+0x3c/0x70\n do_idle+0x2d8/0x4a0\n cpu_startup_entry+0x38/0x40\n start_secondary+0x2ec/0x3a0\n start_secondary_prolog+0x10/0x14\n\nThis is because powerpc\u0027s arch_cpu_idle_dead() decrements the idle task\u0027s\npreempt count, for reasons explained in commit a7c2bb8279d2 (\"powerpc:\nRe-enable preemption before cpu_die()\"), specifically \"start_secondary()\nexpects a preempt_count() of 0.\"\n\nHowever, since commit 2c669ef6979c (\"powerpc/preempt: Don\u0027t touch the idle\ntask\u0027s preempt_count during hotplug\") and commit f1a0a376ca0c (\"sched/core:\nInitialize the idle task with preemption disabled\"), that justification no\nlonger holds.\n\nThe idle task isn\u0027t supposed to re-enable preemption, so remove the\nvestigial preempt_enable() from the CPU offline path.\n\nTested with pseries and powernv in qemu, and pseries on PowerVM."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:15.558Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/53770a411559cf7bc0906d1df319cc533d2f4f58"
        },
        {
          "url": "https://git.kernel.org/stable/c/3ea0b497a7a2fff6a4b7090310c9f52c91975934"
        },
        {
          "url": "https://git.kernel.org/stable/c/787252a10d9422f3058df9a4821f389e5326c440"
        }
      ],
      "title": "powerpc/smp: do not decrement idle task preempt count in CPU offline",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47454",
    "datePublished": "2024-05-22T06:19:44.040Z",
    "dateReserved": "2024-05-21T14:58:30.833Z",
    "dateUpdated": "2024-11-04T12:06:15.558Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52773

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/fb5c134ca589fe670430acc9e7ebf2691ca2476d
	https://git.kernel.org/stable/c/5b14cf37b9f01de0b28c6f8960019d4c7883ce42
	https://git.kernel.org/stable/c/1d07b7e84276777dad3c8cfebdf8e739606f90c9
	https://git.kernel.org/stable/c/b71f4ade1b8900d30c661d6c27f87c35214c398c

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52773",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-24T15:34:16.322339Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-24T15:34:25.209Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.003Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fb5c134ca589fe670430acc9e7ebf2691ca2476d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5b14cf37b9f01de0b28c6f8960019d4c7883ce42"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1d07b7e84276777dad3c8cfebdf8e739606f90c9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b71f4ade1b8900d30c661d6c27f87c35214c398c"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "fb5c134ca589",
              "status": "affected",
              "version": "22676bc500c2",
              "versionType": "git"
            },
            {
              "lessThan": "5b14cf37b9f0",
              "status": "affected",
              "version": "22676bc500c2",
              "versionType": "git"
            },
            {
              "lessThan": "1d07b7e84276",
              "status": "affected",
              "version": "22676bc500c2",
              "versionType": "git"
            },
            {
              "lessThan": "b71f4ade1b89",
              "status": "affected",
              "version": "22676bc500c2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.0"
            },
            {
              "lessThan": "6.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()\n\nWhen ddc_service_construct() is called, it explicitly checks both the\nlink type and whether there is something on the link which will\ndictate whether the pin is marked as hw_supported.\n\nIf the pin isn\u0027t set or the link is not set (such as from\nunloading/reloading amdgpu in an IGT test) then fail the\namdgpu_dm_i2c_xfer() call."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:25.516Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/fb5c134ca589fe670430acc9e7ebf2691ca2476d"
        },
        {
          "url": "https://git.kernel.org/stable/c/5b14cf37b9f01de0b28c6f8960019d4c7883ce42"
        },
        {
          "url": "https://git.kernel.org/stable/c/1d07b7e84276777dad3c8cfebdf8e739606f90c9"
        },
        {
          "url": "https://git.kernel.org/stable/c/b71f4ade1b8900d30c661d6c27f87c35214c398c"
        }
      ],
      "title": "drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52773",
    "datePublished": "2024-05-21T15:30:54.932Z",
    "dateReserved": "2024-05-21T15:19:24.239Z",
    "dateUpdated": "2024-11-04T14:52:25.516Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47497

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:07

Severity ?

Summary

nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells

References

▼	URL	Tags
	https://git.kernel.org/stable/c/abcb8d33e4d2215ccde5ab5ccf9f730a59d79d97
	https://git.kernel.org/stable/c/60df06bbdf497e37ed25ad40572c362e5b0998df
	https://git.kernel.org/stable/c/2df6c023050205c4d04ffc121bc549f65cb8d1df
	https://git.kernel.org/stable/c/eb0fc8e7170e61eaf65d28dee4a8baf4e86b19ca
	https://git.kernel.org/stable/c/0594f1d048d8dc338eb9a240021b1d00ae1eb082
	https://git.kernel.org/stable/c/57e48886401b14cd351423fabfec2cfd18df4f66
	https://git.kernel.org/stable/c/0e822e5413da1af28cca350cb1cb42b6133bdcae
	https://git.kernel.org/stable/c/5d388fa01fa6eb310ac023a363a6cb216d9d8fe9

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47497",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T17:50:37.993929Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:32.686Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.611Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/abcb8d33e4d2215ccde5ab5ccf9f730a59d79d97"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/60df06bbdf497e37ed25ad40572c362e5b0998df"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2df6c023050205c4d04ffc121bc549f65cb8d1df"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eb0fc8e7170e61eaf65d28dee4a8baf4e86b19ca"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0594f1d048d8dc338eb9a240021b1d00ae1eb082"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/57e48886401b14cd351423fabfec2cfd18df4f66"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0e822e5413da1af28cca350cb1cb42b6133bdcae"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5d388fa01fa6eb310ac023a363a6cb216d9d8fe9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/nvmem/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "abcb8d33e4d2",
              "status": "affected",
              "version": "69aba7948cbe",
              "versionType": "git"
            },
            {
              "lessThan": "60df06bbdf49",
              "status": "affected",
              "version": "69aba7948cbe",
              "versionType": "git"
            },
            {
              "lessThan": "2df6c0230502",
              "status": "affected",
              "version": "69aba7948cbe",
              "versionType": "git"
            },
            {
              "lessThan": "eb0fc8e7170e",
              "status": "affected",
              "version": "69aba7948cbe",
              "versionType": "git"
            },
            {
              "lessThan": "0594f1d048d8",
              "status": "affected",
              "version": "69aba7948cbe",
              "versionType": "git"
            },
            {
              "lessThan": "57e48886401b",
              "status": "affected",
              "version": "69aba7948cbe",
              "versionType": "git"
            },
            {
              "lessThan": "0e822e5413da",
              "status": "affected",
              "version": "69aba7948cbe",
              "versionType": "git"
            },
            {
              "lessThan": "5d388fa01fa6",
              "status": "affected",
              "version": "69aba7948cbe",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/nvmem/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.3"
            },
            {
              "lessThan": "4.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.288",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.252",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.213",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.155",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.75",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmem: Fix shift-out-of-bound (UBSAN) with byte size cells\n\nIf a cell has \u0027nbits\u0027 equal to a multiple of BITS_PER_BYTE the logic\n\n *p \u0026= GENMASK((cell-\u003enbits%BITS_PER_BYTE) - 1, 0);\n\nwill become undefined behavior because nbits modulo BITS_PER_BYTE is 0, and we\nsubtract one from that making a large number that is then shifted more than the\nnumber of bits that fit into an unsigned long.\n\nUBSAN reports this problem:\n\n UBSAN: shift-out-of-bounds in drivers/nvmem/core.c:1386:8\n shift exponent 64 is too large for 64-bit type \u0027unsigned long\u0027\n CPU: 6 PID: 7 Comm: kworker/u16:0 Not tainted 5.15.0-rc3+ #9\n Hardware name: Google Lazor (rev3+) with KB Backlight (DT)\n Workqueue: events_unbound deferred_probe_work_func\n Call trace:\n  dump_backtrace+0x0/0x170\n  show_stack+0x24/0x30\n  dump_stack_lvl+0x64/0x7c\n  dump_stack+0x18/0x38\n  ubsan_epilogue+0x10/0x54\n  __ubsan_handle_shift_out_of_bounds+0x180/0x194\n  __nvmem_cell_read+0x1ec/0x21c\n  nvmem_cell_read+0x58/0x94\n  nvmem_cell_read_variable_common+0x4c/0xb0\n  nvmem_cell_read_variable_le_u32+0x40/0x100\n  a6xx_gpu_init+0x170/0x2f4\n  adreno_bind+0x174/0x284\n  component_bind_all+0xf0/0x264\n  msm_drm_bind+0x1d8/0x7a0\n  try_to_bring_up_master+0x164/0x1ac\n  __component_add+0xbc/0x13c\n  component_add+0x20/0x2c\n  dp_display_probe+0x340/0x384\n  platform_probe+0xc0/0x100\n  really_probe+0x110/0x304\n  __driver_probe_device+0xb8/0x120\n  driver_probe_device+0x4c/0xfc\n  __device_attach_driver+0xb0/0x128\n  bus_for_each_drv+0x90/0xdc\n  __device_attach+0xc8/0x174\n  device_initial_probe+0x20/0x2c\n  bus_probe_device+0x40/0xa4\n  deferred_probe_work_func+0x7c/0xb8\n  process_one_work+0x128/0x21c\n  process_scheduled_works+0x40/0x54\n  worker_thread+0x1ec/0x2a8\n  kthread+0x138/0x158\n  ret_from_fork+0x10/0x20\n\nFix it by making sure there are any bits to mask out."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:07:04.372Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/abcb8d33e4d2215ccde5ab5ccf9f730a59d79d97"
        },
        {
          "url": "https://git.kernel.org/stable/c/60df06bbdf497e37ed25ad40572c362e5b0998df"
        },
        {
          "url": "https://git.kernel.org/stable/c/2df6c023050205c4d04ffc121bc549f65cb8d1df"
        },
        {
          "url": "https://git.kernel.org/stable/c/eb0fc8e7170e61eaf65d28dee4a8baf4e86b19ca"
        },
        {
          "url": "https://git.kernel.org/stable/c/0594f1d048d8dc338eb9a240021b1d00ae1eb082"
        },
        {
          "url": "https://git.kernel.org/stable/c/57e48886401b14cd351423fabfec2cfd18df4f66"
        },
        {
          "url": "https://git.kernel.org/stable/c/0e822e5413da1af28cca350cb1cb42b6133bdcae"
        },
        {
          "url": "https://git.kernel.org/stable/c/5d388fa01fa6eb310ac023a363a6cb216d9d8fe9"
        }
      ],
      "title": "nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47497",
    "datePublished": "2024-05-22T08:19:44.144Z",
    "dateReserved": "2024-05-22T06:20:56.203Z",
    "dateUpdated": "2024-11-04T12:07:04.372Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52790

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:52

Severity ?

Summary

swiotlb: fix out-of-bounds TLB allocations with CONFIG_SWIOTLB_DYNAMIC

References

▼	URL	Tags
	https://git.kernel.org/stable/c/ce7612496a4ba6068bc68aa1fa9d947dadb4ad9b
	https://git.kernel.org/stable/c/53c87e846e335e3c18044c397cc35178163d7827

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52790",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T19:32:04.825201Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:14.167Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.050Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ce7612496a4ba6068bc68aa1fa9d947dadb4ad9b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/53c87e846e335e3c18044c397cc35178163d7827"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/dma/swiotlb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ce7612496a4b",
              "status": "affected",
              "version": "79636caad361",
              "versionType": "git"
            },
            {
              "lessThan": "53c87e846e33",
              "status": "affected",
              "version": "79636caad361",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/dma/swiotlb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.6"
            },
            {
              "lessThan": "6.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nswiotlb: fix out-of-bounds TLB allocations with CONFIG_SWIOTLB_DYNAMIC\n\nLimit the free list length to the size of the IO TLB. Transient pool can be\nsmaller than IO_TLB_SEGSIZE, but the free list is initialized with the\nassumption that the total number of slots is a multiple of IO_TLB_SEGSIZE.\nAs a result, swiotlb_area_find_slots() may allocate slots past the end of\na transient IO TLB buffer."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:47.728Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ce7612496a4ba6068bc68aa1fa9d947dadb4ad9b"
        },
        {
          "url": "https://git.kernel.org/stable/c/53c87e846e335e3c18044c397cc35178163d7827"
        }
      ],
      "title": "swiotlb: fix out-of-bounds TLB allocations with CONFIG_SWIOTLB_DYNAMIC",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52790",
    "datePublished": "2024-05-21T15:31:06.319Z",
    "dateReserved": "2024-05-21T15:19:24.241Z",
    "dateUpdated": "2024-11-04T14:52:47.728Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52761

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

riscv: VMAP_STACK overflow detection thread-safe

References

▼	URL	Tags
	https://git.kernel.org/stable/c/1493baaf09e3c1899959c8a107cd1207e16d1788
	https://git.kernel.org/stable/c/eff53aea3855f71992c043cebb1c00988c17ee20
	https://git.kernel.org/stable/c/be97d0db5f44c0674480cb79ac6f5b0529b84c76

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52761",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T15:20:22.458093Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T15:20:32.175Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.808Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1493baaf09e3c1899959c8a107cd1207e16d1788"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eff53aea3855f71992c043cebb1c00988c17ee20"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/be97d0db5f44c0674480cb79ac6f5b0529b84c76"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/riscv/include/asm/asm-prototypes.h",
            "arch/riscv/include/asm/asm.h",
            "arch/riscv/include/asm/thread_info.h",
            "arch/riscv/kernel/asm-offsets.c",
            "arch/riscv/kernel/entry.S",
            "arch/riscv/kernel/traps.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1493baaf09e3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "eff53aea3855",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "be97d0db5f44",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/riscv/include/asm/asm-prototypes.h",
            "arch/riscv/include/asm/asm.h",
            "arch/riscv/include/asm/thread_info.h",
            "arch/riscv/kernel/asm-offsets.c",
            "arch/riscv/kernel/entry.S",
            "arch/riscv/kernel/traps.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: VMAP_STACK overflow detection thread-safe\n\ncommit 31da94c25aea (\"riscv: add VMAP_STACK overflow detection\") added\nsupport for CONFIG_VMAP_STACK. If overflow is detected, CPU switches to\n`shadow_stack` temporarily before switching finally to per-cpu\n`overflow_stack`.\n\nIf two CPUs/harts are racing and end up in over flowing kernel stack, one\nor both will end up corrupting each other state because `shadow_stack` is\nnot per-cpu. This patch optimizes per-cpu overflow stack switch by\ndirectly picking per-cpu `overflow_stack` and gets rid of `shadow_stack`.\n\nFollowing are the changes in this patch\n\n - Defines an asm macro to obtain per-cpu symbols in destination\n   register.\n - In entry.S, when overflow is detected, per-cpu overflow stack is\n   located using per-cpu asm macro. Computing per-cpu symbol requires\n   a temporary register. x31 is saved away into CSR_SCRATCH\n   (CSR_SCRATCH is anyways zero since we\u0027re in kernel).\n\nPlease see Links for additional relevant disccussion and alternative\nsolution.\n\nTested by `echo EXHAUST_STACK \u003e /sys/kernel/debug/provoke-crash/DIRECT`\nKernel crash log below\n\n Insufficient stack space to handle exception!/debug/provoke-crash/DIRECT\n Task stack:     [0xff20000010a98000..0xff20000010a9c000]\n Overflow stack: [0xff600001f7d98370..0xff600001f7d99370]\n CPU: 1 PID: 205 Comm: bash Not tainted 6.1.0-rc2-00001-g328a1f96f7b9 #34\n Hardware name: riscv-virtio,qemu (DT)\n epc : __memset+0x60/0xfc\n  ra : recursive_loop+0x48/0xc6 [lkdtm]\n epc : ffffffff808de0e4 ra : ffffffff0163a752 sp : ff20000010a97e80\n  gp : ffffffff815c0330 tp : ff600000820ea280 t0 : ff20000010a97e88\n  t1 : 000000000000002e t2 : 3233206874706564 s0 : ff20000010a982b0\n  s1 : 0000000000000012 a0 : ff20000010a97e88 a1 : 0000000000000000\n  a2 : 0000000000000400 a3 : ff20000010a98288 a4 : 0000000000000000\n  a5 : 0000000000000000 a6 : fffffffffffe43f0 a7 : 00007fffffffffff\n  s2 : ff20000010a97e88 s3 : ffffffff01644680 s4 : ff20000010a9be90\n  s5 : ff600000842ba6c0 s6 : 00aaaaaac29e42b0 s7 : 00fffffff0aa3684\n  s8 : 00aaaaaac2978040 s9 : 0000000000000065 s10: 00ffffff8a7cad10\n  s11: 00ffffff8a76a4e0 t3 : ffffffff815dbaf4 t4 : ffffffff815dbaf4\n  t5 : ffffffff815dbab8 t6 : ff20000010a9bb48\n status: 0000000200000120 badaddr: ff20000010a97e88 cause: 000000000000000f\n Kernel panic - not syncing: Kernel stack overflow\n CPU: 1 PID: 205 Comm: bash Not tainted 6.1.0-rc2-00001-g328a1f96f7b9 #34\n Hardware name: riscv-virtio,qemu (DT)\n Call Trace:\n [\u003cffffffff80006754\u003e] dump_backtrace+0x30/0x38\n [\u003cffffffff808de798\u003e] show_stack+0x40/0x4c\n [\u003cffffffff808ea2a8\u003e] dump_stack_lvl+0x44/0x5c\n [\u003cffffffff808ea2d8\u003e] dump_stack+0x18/0x20\n [\u003cffffffff808dec06\u003e] panic+0x126/0x2fe\n [\u003cffffffff800065ea\u003e] walk_stackframe+0x0/0xf0\n [\u003cffffffff0163a752\u003e] recursive_loop+0x48/0xc6 [lkdtm]\n SMP: stopping secondary CPUs\n ---[ end Kernel panic - not syncing: Kernel stack overflow ]---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:10.614Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1493baaf09e3c1899959c8a107cd1207e16d1788"
        },
        {
          "url": "https://git.kernel.org/stable/c/eff53aea3855f71992c043cebb1c00988c17ee20"
        },
        {
          "url": "https://git.kernel.org/stable/c/be97d0db5f44c0674480cb79ac6f5b0529b84c76"
        }
      ],
      "title": "riscv: VMAP_STACK overflow detection thread-safe",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52761",
    "datePublished": "2024-05-21T15:30:47.086Z",
    "dateReserved": "2024-05-21T15:19:24.237Z",
    "dateUpdated": "2024-11-04T14:52:10.614Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52856

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

drm/bridge: lt8912b: Fix crash on bridge detach

References

▼	URL	Tags
	https://git.kernel.org/stable/c/42071feab712ba2a139b8928f7e0f8d3a6fc719e
	https://git.kernel.org/stable/c/7bf0cb8f40280a85034990dfe42be8ca8f80f37a
	https://git.kernel.org/stable/c/fcd9895e365474709844eeb31cfe53d912c3596e
	https://git.kernel.org/stable/c/b65e3249f3ca96e3c736af889461d80d675feab6
	https://git.kernel.org/stable/c/44283993144a03af9df31934d6c32bbd42d1a347

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52856",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T18:18:14.046128Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:17.443Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.060Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/42071feab712ba2a139b8928f7e0f8d3a6fc719e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7bf0cb8f40280a85034990dfe42be8ca8f80f37a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fcd9895e365474709844eeb31cfe53d912c3596e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b65e3249f3ca96e3c736af889461d80d675feab6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/44283993144a03af9df31934d6c32bbd42d1a347"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/bridge/lontium-lt8912b.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "42071feab712",
              "status": "affected",
              "version": "30e2ae943c26",
              "versionType": "git"
            },
            {
              "lessThan": "7bf0cb8f4028",
              "status": "affected",
              "version": "30e2ae943c26",
              "versionType": "git"
            },
            {
              "lessThan": "fcd9895e3654",
              "status": "affected",
              "version": "30e2ae943c26",
              "versionType": "git"
            },
            {
              "lessThan": "b65e3249f3ca",
              "status": "affected",
              "version": "30e2ae943c26",
              "versionType": "git"
            },
            {
              "lessThan": "44283993144a",
              "status": "affected",
              "version": "30e2ae943c26",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/bridge/lontium-lt8912b.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.13"
            },
            {
              "lessThan": "5.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/bridge: lt8912b: Fix crash on bridge detach\n\nThe lt8912b driver, in its bridge detach function, calls\ndrm_connector_unregister() and drm_connector_cleanup().\n\ndrm_connector_unregister() should be called only for connectors\nexplicitly registered with drm_connector_register(), which is not the\ncase in lt8912b.\n\nThe driver\u0027s drm_connector_funcs.destroy hook is set to\ndrm_connector_cleanup().\n\nThus the driver should not call either drm_connector_unregister() nor\ndrm_connector_cleanup() in its lt8912_bridge_detach(), as they cause a\ncrash on bridge detach:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\nMem abort info:\n  ESR = 0x0000000096000006\n  EC = 0x25: DABT (current EL), IL = 32 bits\n  SET = 0, FnV = 0\n  EA = 0, S1PTW = 0\n  FSC = 0x06: level 2 translation fault\nData abort info:\n  ISV = 0, ISS = 0x00000006, ISS2 = 0x00000000\n  CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n  GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=00000000858f3000\n[0000000000000000] pgd=0800000085918003, p4d=0800000085918003, pud=0800000085431003, pmd=0000000000000000\nInternal error: Oops: 0000000096000006 [#1] PREEMPT SMP\nModules linked in: tidss(-) display_connector lontium_lt8912b tc358768 panel_lvds panel_simple drm_dma_helper drm_kms_helper drm drm_panel_orientation_quirks\nCPU: 3 PID: 462 Comm: rmmod Tainted: G        W          6.5.0-rc2+ #2\nHardware name: Toradex Verdin AM62 on Verdin Development Board (DT)\npstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : drm_connector_cleanup+0x78/0x2d4 [drm]\nlr : lt8912_bridge_detach+0x54/0x6c [lontium_lt8912b]\nsp : ffff800082ed3a90\nx29: ffff800082ed3a90 x28: ffff0000040c1940 x27: 0000000000000000\nx26: 0000000000000000 x25: dead000000000122 x24: dead000000000122\nx23: dead000000000100 x22: ffff000003fb6388 x21: 0000000000000000\nx20: 0000000000000000 x19: ffff000003fb6260 x18: fffffffffffe56e8\nx17: 0000000000000000 x16: 0010000000000000 x15: 0000000000000038\nx14: 0000000000000000 x13: ffff800081914b48 x12: 000000000000040e\nx11: 000000000000015a x10: ffff80008196ebb8 x9 : ffff800081914b48\nx8 : 00000000ffffefff x7 : ffff0000040c1940 x6 : ffff80007aa649d0\nx5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff80008159e008\nx2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\nCall trace:\n drm_connector_cleanup+0x78/0x2d4 [drm]\n lt8912_bridge_detach+0x54/0x6c [lontium_lt8912b]\n drm_bridge_detach+0x44/0x84 [drm]\n drm_encoder_cleanup+0x40/0xb8 [drm]\n drmm_encoder_alloc_release+0x1c/0x30 [drm]\n drm_managed_release+0xac/0x148 [drm]\n drm_dev_put.part.0+0x88/0xb8 [drm]\n devm_drm_dev_init_release+0x14/0x24 [drm]\n devm_action_release+0x14/0x20\n release_nodes+0x5c/0x90\n devres_release_all+0x8c/0xe0\n device_unbind_cleanup+0x18/0x68\n device_release_driver_internal+0x208/0x23c\n driver_detach+0x4c/0x94\n bus_remove_driver+0x70/0xf4\n driver_unregister+0x30/0x60\n platform_driver_unregister+0x14/0x20\n tidss_platform_driver_exit+0x18/0xb2c [tidss]\n __arm64_sys_delete_module+0x1a0/0x2b4\n invoke_syscall+0x48/0x110\n el0_svc_common.constprop.0+0x60/0x10c\n do_el0_svc_compat+0x1c/0x40\n el0_svc_compat+0x40/0xac\n el0t_32_sync_handler+0xb0/0x138\n el0t_32_sync+0x194/0x198\nCode: 9104a276 f2fbd5b7 aa0203e1 91008af8 (f85c0420)"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:57.681Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/42071feab712ba2a139b8928f7e0f8d3a6fc719e"
        },
        {
          "url": "https://git.kernel.org/stable/c/7bf0cb8f40280a85034990dfe42be8ca8f80f37a"
        },
        {
          "url": "https://git.kernel.org/stable/c/fcd9895e365474709844eeb31cfe53d912c3596e"
        },
        {
          "url": "https://git.kernel.org/stable/c/b65e3249f3ca96e3c736af889461d80d675feab6"
        },
        {
          "url": "https://git.kernel.org/stable/c/44283993144a03af9df31934d6c32bbd42d1a347"
        }
      ],
      "title": "drm/bridge: lt8912b: Fix crash on bridge detach",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52856",
    "datePublished": "2024-05-21T15:31:50.569Z",
    "dateReserved": "2024-05-21T15:19:24.257Z",
    "dateUpdated": "2024-11-04T14:53:57.681Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52878

Vulnerability from cvelistv5

Published

2024-05-21 15:32

Modified

2024-11-04 14:54

Severity ?

Summary

can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds

References

▼	URL	Tags
	https://git.kernel.org/stable/c/826120c9ba68f2d0dbae58e99013929c883d1444
	https://git.kernel.org/stable/c/0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4
	https://git.kernel.org/stable/c/53c468008a7c9ca3f5fc985951f35ec2acae85bc
	https://git.kernel.org/stable/c/8ab67da060157362b2e0926692c659808784708f
	https://git.kernel.org/stable/c/6411959c10fe917288cbb1038886999148560057

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52878",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T17:05:12.659416Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:41.925Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:18:41.163Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/826120c9ba68f2d0dbae58e99013929c883d1444"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/53c468008a7c9ca3f5fc985951f35ec2acae85bc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8ab67da060157362b2e0926692c659808784708f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6411959c10fe917288cbb1038886999148560057"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/can/dev/skb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "826120c9ba68",
              "status": "affected",
              "version": "a6e4bc530403",
              "versionType": "git"
            },
            {
              "lessThan": "0d30931f1fa0",
              "status": "affected",
              "version": "a6e4bc530403",
              "versionType": "git"
            },
            {
              "lessThan": "53c468008a7c",
              "status": "affected",
              "version": "a6e4bc530403",
              "versionType": "git"
            },
            {
              "lessThan": "8ab67da06015",
              "status": "affected",
              "version": "a6e4bc530403",
              "versionType": "git"
            },
            {
              "lessThan": "6411959c10fe",
              "status": "affected",
              "version": "a6e4bc530403",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/can/dev/skb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.33"
            },
            {
              "lessThan": "2.6.33",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: dev: can_put_echo_skb(): don\u0027t crash kernel if can_priv::echo_skb is accessed out of bounds\n\nIf the \"struct can_priv::echoo_skb\" is accessed out of bounds, this\nwould cause a kernel crash. Instead, issue a meaningful warning\nmessage and return with an error."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:26.015Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/826120c9ba68f2d0dbae58e99013929c883d1444"
        },
        {
          "url": "https://git.kernel.org/stable/c/0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4"
        },
        {
          "url": "https://git.kernel.org/stable/c/53c468008a7c9ca3f5fc985951f35ec2acae85bc"
        },
        {
          "url": "https://git.kernel.org/stable/c/8ab67da060157362b2e0926692c659808784708f"
        },
        {
          "url": "https://git.kernel.org/stable/c/6411959c10fe917288cbb1038886999148560057"
        }
      ],
      "title": "can: dev: can_put_echo_skb(): don\u0027t crash kernel if can_priv::echo_skb is accessed out of bounds",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52878",
    "datePublished": "2024-05-21T15:32:10.616Z",
    "dateReserved": "2024-05-21T15:19:24.264Z",
    "dateUpdated": "2024-11-04T14:54:26.015Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47370

Vulnerability from cvelistv5

Published

2024-05-21 15:03

Modified

2024-11-04 11:39

Severity ?

Summary

mptcp: ensure tx skbs always have the MPTCP ext

References

▼	URL	Tags
	https://git.kernel.org/stable/c/f8ff625a8082db8c2b58dcb5229b27928943b94b
	https://git.kernel.org/stable/c/977d293e23b48a1129830d7968605f61c4af71a0

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47370",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T18:22:09.218884Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:02.794Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:08.671Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f8ff625a8082db8c2b58dcb5229b27928943b94b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/977d293e23b48a1129830d7968605f61c4af71a0"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/mptcp/protocol.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f8ff625a8082",
              "status": "affected",
              "version": "e35820fb5641",
              "versionType": "git"
            },
            {
              "lessThan": "977d293e23b4",
              "status": "affected",
              "version": "1094c6fe7280",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/mptcp/protocol.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5.14.9",
              "status": "affected",
              "version": "5.14.7",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: ensure tx skbs always have the MPTCP ext\n\nDue to signed/unsigned comparison, the expression:\n\n\tinfo-\u003esize_goal - skb-\u003elen \u003e 0\n\nevaluates to true when the size goal is smaller than the\nskb size. That results in lack of tx cache refill, so that\nthe skb allocated by the core TCP code lacks the required\nMPTCP skb extensions.\n\nDue to the above, syzbot is able to trigger the following WARN_ON():\n\nWARNING: CPU: 1 PID: 810 at net/mptcp/protocol.c:1366 mptcp_sendmsg_frag+0x1362/0x1bc0 net/mptcp/protocol.c:1366\nModules linked in:\nCPU: 1 PID: 810 Comm: syz-executor.4 Not tainted 5.14.0-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:mptcp_sendmsg_frag+0x1362/0x1bc0 net/mptcp/protocol.c:1366\nCode: ff 4c 8b 74 24 50 48 8b 5c 24 58 e9 0f fb ff ff e8 13 44 8b f8 4c 89 e7 45 31 ed e8 98 57 2e fe e9 81 f4 ff ff e8 fe 43 8b f8 \u003c0f\u003e 0b 41 bd ea ff ff ff e9 6f f4 ff ff 4c 89 e7 e8 b9 8e d2 f8 e9\nRSP: 0018:ffffc9000531f6a0 EFLAGS: 00010216\nRAX: 000000000000697f RBX: 0000000000000000 RCX: ffffc90012107000\nRDX: 0000000000040000 RSI: ffffffff88eac9e2 RDI: 0000000000000003\nRBP: ffff888078b15780 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff88eac017 R11: 0000000000000000 R12: ffff88801de0a280\nR13: 0000000000006b58 R14: ffff888066278280 R15: ffff88803c2fe9c0\nFS:  00007fd9f866e700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007faebcb2f718 CR3: 00000000267cb000 CR4: 00000000001506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n __mptcp_push_pending+0x1fb/0x6b0 net/mptcp/protocol.c:1547\n mptcp_release_cb+0xfe/0x210 net/mptcp/protocol.c:3003\n release_sock+0xb4/0x1b0 net/core/sock.c:3206\n sk_stream_wait_memory+0x604/0xed0 net/core/stream.c:145\n mptcp_sendmsg+0xc39/0x1bc0 net/mptcp/protocol.c:1749\n inet6_sendmsg+0x99/0xe0 net/ipv6/af_inet6.c:643\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n sock_write_iter+0x2a0/0x3e0 net/socket.c:1057\n call_write_iter include/linux/fs.h:2163 [inline]\n new_sync_write+0x40b/0x640 fs/read_write.c:507\n vfs_write+0x7cf/0xae0 fs/read_write.c:594\n ksys_write+0x1ee/0x250 fs/read_write.c:647\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x4665f9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fd9f866e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665f9\nRDX: 00000000000e7b78 RSI: 0000000020000000 RDI: 0000000000000003\nRBP: 00000000004bfcc4 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038\nR13: 0000000000a9fb1f R14: 00007fd9f866e300 R15: 0000000000022000\n\nFix the issue rewriting the relevant expression to avoid\nsign-related problems - note: size_goal is always \u003e= 0.\n\nAdditionally, ensure that the skb in the tx cache always carries\nthe relevant extension."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:39:54.140Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f8ff625a8082db8c2b58dcb5229b27928943b94b"
        },
        {
          "url": "https://git.kernel.org/stable/c/977d293e23b48a1129830d7968605f61c4af71a0"
        }
      ],
      "title": "mptcp: ensure tx skbs always have the MPTCP ext",
      "x_generator": {
        "engine": "bippy-c8e10e5f6187"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47370",
    "datePublished": "2024-05-21T15:03:35.810Z",
    "dateReserved": "2024-05-21T14:58:30.810Z",
    "dateUpdated": "2024-11-04T11:39:54.140Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-48709

Vulnerability from cvelistv5

Published

2024-05-21 15:22

Modified

2024-11-04 12:14

Severity ?

Summary

ice: switch: fix potential memleak in ice_add_adv_recipe()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/47f4ff6f23f00f5501ff2d7054c1a37c170a7aa0
	https://git.kernel.org/stable/c/4a606ce68426c88ff2563382b33cc34f3485fe57

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-48709",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:28:35.234316Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:16:42.951Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:17:55.857Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/47f4ff6f23f00f5501ff2d7054c1a37c170a7aa0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4a606ce68426c88ff2563382b33cc34f3485fe57"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/ice/ice_switch.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "47f4ff6f23f0",
              "status": "affected",
              "version": "8b032a55c1bd",
              "versionType": "git"
            },
            {
              "lessThan": "4a606ce68426",
              "status": "affected",
              "version": "8b032a55c1bd",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/ice/ice_switch.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.16"
            },
            {
              "lessThan": "5.16",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: switch: fix potential memleak in ice_add_adv_recipe()\n\nWhen ice_add_special_words() fails, the \u0027rm\u0027 is not released, which will\nlead to a memory leak. Fix this up by going to \u0027err_unroll\u0027 label.\n\nCompile tested only."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:14:59.462Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/47f4ff6f23f00f5501ff2d7054c1a37c170a7aa0"
        },
        {
          "url": "https://git.kernel.org/stable/c/4a606ce68426c88ff2563382b33cc34f3485fe57"
        }
      ],
      "title": "ice: switch: fix potential memleak in ice_add_adv_recipe()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-48709",
    "datePublished": "2024-05-21T15:22:50.054Z",
    "dateReserved": "2024-05-03T14:55:07.148Z",
    "dateUpdated": "2024-11-04T12:14:59.462Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47440

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:05

Severity ?

2.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

Summary

net: encx24j600: check error in devm_regmap_init_encx24j600

References

▼	URL	Tags
	https://git.kernel.org/stable/c/66358471fa75a713fd76bc8a4bd74cb14cd50a4f
	https://git.kernel.org/stable/c/f043fac1133a6c5ef960a8422c0f6dd711dee462
	https://git.kernel.org/stable/c/fddc7f678d7fb93caa0d7bc512f968ff1e2bddbc
	https://git.kernel.org/stable/c/5e5494e6fc8a29c927e0478bec4a078a40da8901
	https://git.kernel.org/stable/c/4c2eb80fc90b05559ce6ed1b8dfb2348420b5644
	https://git.kernel.org/stable/c/e19c10d6e07c59c96e90fe053a72683ad8b0397e
	https://git.kernel.org/stable/c/322c0e53496309e634d9db7349678eaad1d25b55
	https://git.kernel.org/stable/c/f03dca0c9e2297c84a018e306f8a9cd534ee4287

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "LOW",
              "baseScore": 2.3,
              "baseSeverity": "LOW",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47440",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T20:20:31.324423Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-01T16:30:42.379Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:58.978Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/66358471fa75a713fd76bc8a4bd74cb14cd50a4f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f043fac1133a6c5ef960a8422c0f6dd711dee462"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fddc7f678d7fb93caa0d7bc512f968ff1e2bddbc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5e5494e6fc8a29c927e0478bec4a078a40da8901"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4c2eb80fc90b05559ce6ed1b8dfb2348420b5644"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e19c10d6e07c59c96e90fe053a72683ad8b0397e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/322c0e53496309e634d9db7349678eaad1d25b55"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f03dca0c9e2297c84a018e306f8a9cd534ee4287"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/microchip/encx24j600-regmap.c",
            "drivers/net/ethernet/microchip/encx24j600.c",
            "drivers/net/ethernet/microchip/encx24j600_hw.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "66358471fa75",
              "status": "affected",
              "version": "04fbfce7a222",
              "versionType": "git"
            },
            {
              "lessThan": "f043fac1133a",
              "status": "affected",
              "version": "04fbfce7a222",
              "versionType": "git"
            },
            {
              "lessThan": "fddc7f678d7f",
              "status": "affected",
              "version": "04fbfce7a222",
              "versionType": "git"
            },
            {
              "lessThan": "5e5494e6fc8a",
              "status": "affected",
              "version": "04fbfce7a222",
              "versionType": "git"
            },
            {
              "lessThan": "4c2eb80fc90b",
              "status": "affected",
              "version": "04fbfce7a222",
              "versionType": "git"
            },
            {
              "lessThan": "e19c10d6e07c",
              "status": "affected",
              "version": "04fbfce7a222",
              "versionType": "git"
            },
            {
              "lessThan": "322c0e534963",
              "status": "affected",
              "version": "04fbfce7a222",
              "versionType": "git"
            },
            {
              "lessThan": "f03dca0c9e22",
              "status": "affected",
              "version": "04fbfce7a222",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/microchip/encx24j600-regmap.c",
            "drivers/net/ethernet/microchip/encx24j600.c",
            "drivers/net/ethernet/microchip/encx24j600_hw.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.4"
            },
            {
              "lessThan": "4.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.288",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.252",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.213",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.155",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.75",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: encx24j600: check error in devm_regmap_init_encx24j600\n\ndevm_regmap_init may return error which caused by like out of memory,\nthis will results in null pointer dereference later when reading\nor writing register:\n\ngeneral protection fault in encx24j600_spi_probe\nKASAN: null-ptr-deref in range [0x0000000000000090-0x0000000000000097]\nCPU: 0 PID: 286 Comm: spi-encx24j600- Not tainted 5.15.0-rc2-00142-g9978db750e31-dirty #11 9c53a778c1306b1b02359f3c2bbedc0222cba652\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\nRIP: 0010:regcache_cache_bypass drivers/base/regmap/regcache.c:540\nCode: 54 41 89 f4 55 53 48 89 fb 48 83 ec 08 e8 26 94 a8 fe 48 8d bb a0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 4a 03 00 00 4c 8d ab b0 00 00 00 48 8b ab a0 00\nRSP: 0018:ffffc900010476b8 EFLAGS: 00010207\nRAX: dffffc0000000000 RBX: fffffffffffffff4 RCX: 0000000000000000\nRDX: 0000000000000012 RSI: ffff888002de0000 RDI: 0000000000000094\nRBP: ffff888013c9a000 R08: 0000000000000000 R09: fffffbfff3f9cc6a\nR10: ffffc900010476e8 R11: fffffbfff3f9cc69 R12: 0000000000000001\nR13: 000000000000000a R14: ffff888013c9af54 R15: ffff888013c9ad08\nFS:  00007ffa984ab580(0000) GS:ffff88801fe00000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000055a6384136c8 CR3: 000000003bbe6003 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n encx24j600_spi_probe drivers/net/ethernet/microchip/encx24j600.c:459\n spi_probe drivers/spi/spi.c:397\n really_probe drivers/base/dd.c:517\n __driver_probe_device drivers/base/dd.c:751\n driver_probe_device drivers/base/dd.c:782\n __device_attach_driver drivers/base/dd.c:899\n bus_for_each_drv drivers/base/bus.c:427\n __device_attach drivers/base/dd.c:971\n bus_probe_device drivers/base/bus.c:487\n device_add drivers/base/core.c:3364\n __spi_add_device drivers/spi/spi.c:599\n spi_add_device drivers/spi/spi.c:641\n spi_new_device drivers/spi/spi.c:717\n new_device_store+0x18c/0x1f1 [spi_stub 4e02719357f1ff33f5a43d00630982840568e85e]\n dev_attr_store drivers/base/core.c:2074\n sysfs_kf_write fs/sysfs/file.c:139\n kernfs_fop_write_iter fs/kernfs/file.c:300\n new_sync_write fs/read_write.c:508 (discriminator 4)\n vfs_write fs/read_write.c:594\n ksys_write fs/read_write.c:648\n do_syscall_64 arch/x86/entry/common.c:50\n entry_SYSCALL_64_after_hwframe arch/x86/entry/entry_64.S:113\n\nAdd error check in devm_regmap_init_encx24j600 to avoid this situation."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:56.441Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/66358471fa75a713fd76bc8a4bd74cb14cd50a4f"
        },
        {
          "url": "https://git.kernel.org/stable/c/f043fac1133a6c5ef960a8422c0f6dd711dee462"
        },
        {
          "url": "https://git.kernel.org/stable/c/fddc7f678d7fb93caa0d7bc512f968ff1e2bddbc"
        },
        {
          "url": "https://git.kernel.org/stable/c/5e5494e6fc8a29c927e0478bec4a078a40da8901"
        },
        {
          "url": "https://git.kernel.org/stable/c/4c2eb80fc90b05559ce6ed1b8dfb2348420b5644"
        },
        {
          "url": "https://git.kernel.org/stable/c/e19c10d6e07c59c96e90fe053a72683ad8b0397e"
        },
        {
          "url": "https://git.kernel.org/stable/c/322c0e53496309e634d9db7349678eaad1d25b55"
        },
        {
          "url": "https://git.kernel.org/stable/c/f03dca0c9e2297c84a018e306f8a9cd534ee4287"
        }
      ],
      "title": "net: encx24j600: check error in devm_regmap_init_encx24j600",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47440",
    "datePublished": "2024-05-22T06:19:34.890Z",
    "dateReserved": "2024-05-21T14:58:30.831Z",
    "dateUpdated": "2024-11-04T12:05:56.441Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52733

Vulnerability from cvelistv5

Published

2024-05-21 15:22

Modified

2024-11-04 14:51

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

s390/decompressor: specify __decompress() buf len to avoid overflow

References

▼	URL	Tags
	https://git.kernel.org/stable/c/16409f7d9ca5bb8220e1049ea9aae0d3c94d2dfb
	https://git.kernel.org/stable/c/55dbd6f4ea954751340f4f73d5dcd7c8f12208b2
	https://git.kernel.org/stable/c/9ed522143f959630f8b7782ddc212900d8f609a9
	https://git.kernel.org/stable/c/f1eb22d0ff064ad458b3b1a1eaa84ac3996206c2
	https://git.kernel.org/stable/c/7ab41c2c08a32132ba8c14624910e2fe8ce4ba4b

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "1da177e4c3f4"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.4.232"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.10.169"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.15.95"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.1.13"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.2"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52733",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:53:36.981536Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-120",
                "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:57.298Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.875Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/16409f7d9ca5bb8220e1049ea9aae0d3c94d2dfb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/55dbd6f4ea954751340f4f73d5dcd7c8f12208b2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9ed522143f959630f8b7782ddc212900d8f609a9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f1eb22d0ff064ad458b3b1a1eaa84ac3996206c2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7ab41c2c08a32132ba8c14624910e2fe8ce4ba4b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/s390/boot/decompressor.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "16409f7d9ca5",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "55dbd6f4ea95",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "9ed522143f95",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "f1eb22d0ff06",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "7ab41c2c08a3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/s390/boot/decompressor.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.232",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.169",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.95",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/decompressor: specify __decompress() buf len to avoid overflow\n\nHistorically calls to __decompress() didn\u0027t specify \"out_len\" parameter\non many architectures including s390, expecting that no writes beyond\nuncompressed kernel image are performed. This has changed since commit\n2aa14b1ab2c4 (\"zstd: import usptream v1.5.2\") which includes zstd library\ncommit 6a7ede3dfccb (\"Reduce size of dctx by reutilizing dst buffer\n(#2751)\"). Now zstd decompression code might store literal buffer in\nthe unwritten portion of the destination buffer. Since \"out_len\" is\nnot set, it is considered to be unlimited and hence free to use for\noptimization needs. On s390 this might corrupt initrd or ipl report\nwhich are often placed right after the decompressor buffer. Luckily the\nsize of uncompressed kernel image is already known to the decompressor,\nso to avoid the problem simply specify it in the \"out_len\" parameter."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:40.228Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/16409f7d9ca5bb8220e1049ea9aae0d3c94d2dfb"
        },
        {
          "url": "https://git.kernel.org/stable/c/55dbd6f4ea954751340f4f73d5dcd7c8f12208b2"
        },
        {
          "url": "https://git.kernel.org/stable/c/9ed522143f959630f8b7782ddc212900d8f609a9"
        },
        {
          "url": "https://git.kernel.org/stable/c/f1eb22d0ff064ad458b3b1a1eaa84ac3996206c2"
        },
        {
          "url": "https://git.kernel.org/stable/c/7ab41c2c08a32132ba8c14624910e2fe8ce4ba4b"
        }
      ],
      "title": "s390/decompressor: specify __decompress() buf len to avoid overflow",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52733",
    "datePublished": "2024-05-21T15:22:58.605Z",
    "dateReserved": "2024-05-21T15:19:24.232Z",
    "dateUpdated": "2024-11-04T14:51:40.228Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52788

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:52

Severity ?

Summary

i915/perf: Fix NULL deref bugs with drm_dbg() calls

References

▼	URL	Tags
	https://git.kernel.org/stable/c/1566e8be73fd5fa424e88d2a4cffdc34f970f0e1
	https://git.kernel.org/stable/c/55db76caa782baa4a1bf02296e2773c38a524a3e
	https://git.kernel.org/stable/c/bf8e105030083e7b71591cdf437e464bcd8a0c09
	https://git.kernel.org/stable/c/10f49cdfd5fb342a1a9641930dc040c570694e98
	https://git.kernel.org/stable/c/471aa951bf1206d3c10d0daa67005b8e4db4ff83

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52788",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T17:27:01.312532Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:43.170Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.790Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1566e8be73fd5fa424e88d2a4cffdc34f970f0e1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/55db76caa782baa4a1bf02296e2773c38a524a3e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bf8e105030083e7b71591cdf437e464bcd8a0c09"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/10f49cdfd5fb342a1a9641930dc040c570694e98"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/471aa951bf1206d3c10d0daa67005b8e4db4ff83"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/i915/i915_perf.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1566e8be73fd",
              "status": "affected",
              "version": "9b344cf6aea0",
              "versionType": "git"
            },
            {
              "lessThan": "55db76caa782",
              "status": "affected",
              "version": "2fec539112e8",
              "versionType": "git"
            },
            {
              "lessThan": "bf8e10503008",
              "status": "affected",
              "version": "2fec539112e8",
              "versionType": "git"
            },
            {
              "lessThan": "10f49cdfd5fb",
              "status": "affected",
              "version": "2fec539112e8",
              "versionType": "git"
            },
            {
              "lessThan": "471aa951bf12",
              "status": "affected",
              "version": "2fec539112e8",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/i915/i915_perf.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.0"
            },
            {
              "lessThan": "6.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni915/perf: Fix NULL deref bugs with drm_dbg() calls\n\nWhen i915 perf interface is not available dereferencing it will lead to\nNULL dereferences.\n\nAs returning -ENOTSUPP is pretty clear return when perf interface is not\navailable.\n\n[tursulin: added stable tag]\n(cherry picked from commit 36f27350ff745bd228ab04d7845dfbffc177a889)"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:45.286Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1566e8be73fd5fa424e88d2a4cffdc34f970f0e1"
        },
        {
          "url": "https://git.kernel.org/stable/c/55db76caa782baa4a1bf02296e2773c38a524a3e"
        },
        {
          "url": "https://git.kernel.org/stable/c/bf8e105030083e7b71591cdf437e464bcd8a0c09"
        },
        {
          "url": "https://git.kernel.org/stable/c/10f49cdfd5fb342a1a9641930dc040c570694e98"
        },
        {
          "url": "https://git.kernel.org/stable/c/471aa951bf1206d3c10d0daa67005b8e4db4ff83"
        }
      ],
      "title": "i915/perf: Fix NULL deref bugs with drm_dbg() calls",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52788",
    "datePublished": "2024-05-21T15:31:04.980Z",
    "dateReserved": "2024-05-21T15:19:24.241Z",
    "dateUpdated": "2024-11-04T14:52:45.286Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52830

Vulnerability from cvelistv5

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2024-05-22T11:37:09.061Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52830",
    "datePublished": "2024-05-21T15:31:32.881Z",
    "dateRejected": "2024-05-22T11:37:09.061Z",
    "dateReserved": "2024-05-21T15:19:24.251Z",
    "dateUpdated": "2024-05-22T11:37:09.061Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52784

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:52

Severity ?

Summary

bonding: stop the device in bond_setup_by_slave()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/b4f0e605a508f6d7cda6df2f03a0c676b778b1fe
	https://git.kernel.org/stable/c/396baca6683f415b5bc2b380289387bef1406edc
	https://git.kernel.org/stable/c/53064e8239dd2ecfefc5634e991f1025abc2ee0c
	https://git.kernel.org/stable/c/19554aa901b5833787df4417a05ccdebf351b7f4
	https://git.kernel.org/stable/c/87c49806a37f88eddde3f537c162fd0c2834170c
	https://git.kernel.org/stable/c/d98c91215a5748a0f536e7ccea26027005196859
	https://git.kernel.org/stable/c/3cffa2ddc4d3fcf70cde361236f5a614f81a09b2

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52784",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T18:34:45.558216Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:37.337Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.053Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b4f0e605a508f6d7cda6df2f03a0c676b778b1fe"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/396baca6683f415b5bc2b380289387bef1406edc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/53064e8239dd2ecfefc5634e991f1025abc2ee0c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/19554aa901b5833787df4417a05ccdebf351b7f4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/87c49806a37f88eddde3f537c162fd0c2834170c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d98c91215a5748a0f536e7ccea26027005196859"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3cffa2ddc4d3fcf70cde361236f5a614f81a09b2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/bonding/bond_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b4f0e605a508",
              "status": "affected",
              "version": "872254dd6b1f",
              "versionType": "git"
            },
            {
              "lessThan": "396baca6683f",
              "status": "affected",
              "version": "872254dd6b1f",
              "versionType": "git"
            },
            {
              "lessThan": "53064e8239dd",
              "status": "affected",
              "version": "872254dd6b1f",
              "versionType": "git"
            },
            {
              "lessThan": "19554aa901b5",
              "status": "affected",
              "version": "872254dd6b1f",
              "versionType": "git"
            },
            {
              "lessThan": "87c49806a37f",
              "status": "affected",
              "version": "872254dd6b1f",
              "versionType": "git"
            },
            {
              "lessThan": "d98c91215a57",
              "status": "affected",
              "version": "872254dd6b1f",
              "versionType": "git"
            },
            {
              "lessThan": "3cffa2ddc4d3",
              "status": "affected",
              "version": "872254dd6b1f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/bonding/bond_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.24"
            },
            {
              "lessThan": "2.6.24",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: stop the device in bond_setup_by_slave()\n\nCommit 9eed321cde22 (\"net: lapbether: only support ethernet devices\")\nhas been able to keep syzbot away from net/lapb, until today.\n\nIn the following splat [1], the issue is that a lapbether device has\nbeen created on a bonding device without members. Then adding a non\nARPHRD_ETHER member forced the bonding master to change its type.\n\nThe fix is to make sure we call dev_close() in bond_setup_by_slave()\nso that the potential linked lapbether devices (or any other devices\nhaving assumptions on the physical device) are removed.\n\nA similar bug has been addressed in commit 40baec225765\n(\"bonding: fix panic on non-ARPHRD_ETHER enslave failure\")\n\n[1]\nskbuff: skb_under_panic: text:ffff800089508810 len:44 put:40 head:ffff0000c78e7c00 data:ffff0000c78e7bea tail:0x16 end:0x140 dev:bond0\nkernel BUG at net/core/skbuff.c:192 !\nInternal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\nModules linked in:\nCPU: 0 PID: 6007 Comm: syz-executor383 Not tainted 6.6.0-rc3-syzkaller-gbf6547d8715b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : skb_panic net/core/skbuff.c:188 [inline]\npc : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nlr : skb_panic net/core/skbuff.c:188 [inline]\nlr : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nsp : ffff800096a06aa0\nx29: ffff800096a06ab0 x28: ffff800096a06ba0 x27: dfff800000000000\nx26: ffff0000ce9b9b50 x25: 0000000000000016 x24: ffff0000c78e7bea\nx23: ffff0000c78e7c00 x22: 000000000000002c x21: 0000000000000140\nx20: 0000000000000028 x19: ffff800089508810 x18: ffff800096a06100\nx17: 0000000000000000 x16: ffff80008a629a3c x15: 0000000000000001\nx14: 1fffe00036837a32 x13: 0000000000000000 x12: 0000000000000000\nx11: 0000000000000201 x10: 0000000000000000 x9 : cb50b496c519aa00\nx8 : cb50b496c519aa00 x7 : 0000000000000001 x6 : 0000000000000001\nx5 : ffff800096a063b8 x4 : ffff80008e280f80 x3 : ffff8000805ad11c\nx2 : 0000000000000001 x1 : 0000000100000201 x0 : 0000000000000086\nCall trace:\nskb_panic net/core/skbuff.c:188 [inline]\nskb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nskb_push+0xf0/0x108 net/core/skbuff.c:2446\nip6gre_header+0xbc/0x738 net/ipv6/ip6_gre.c:1384\ndev_hard_header include/linux/netdevice.h:3136 [inline]\nlapbeth_data_transmit+0x1c4/0x298 drivers/net/wan/lapbether.c:257\nlapb_data_transmit+0x8c/0xb0 net/lapb/lapb_iface.c:447\nlapb_transmit_buffer+0x178/0x204 net/lapb/lapb_out.c:149\nlapb_send_control+0x220/0x320 net/lapb/lapb_subr.c:251\n__lapb_disconnect_request+0x9c/0x17c net/lapb/lapb_iface.c:326\nlapb_device_event+0x288/0x4e0 net/lapb/lapb_iface.c:492\nnotifier_call_chain+0x1a4/0x510 kernel/notifier.c:93\nraw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461\ncall_netdevice_notifiers_info net/core/dev.c:1970 [inline]\ncall_netdevice_notifiers_extack net/core/dev.c:2008 [inline]\ncall_netdevice_notifiers net/core/dev.c:2022 [inline]\n__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508\ndev_close_many+0x1e0/0x470 net/core/dev.c:1559\ndev_close+0x174/0x250 net/core/dev.c:1585\nlapbeth_device_event+0x2e4/0x958 drivers/net/wan/lapbether.c:466\nnotifier_call_chain+0x1a4/0x510 kernel/notifier.c:93\nraw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461\ncall_netdevice_notifiers_info net/core/dev.c:1970 [inline]\ncall_netdevice_notifiers_extack net/core/dev.c:2008 [inline]\ncall_netdevice_notifiers net/core/dev.c:2022 [inline]\n__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508\ndev_close_many+0x1e0/0x470 net/core/dev.c:1559\ndev_close+0x174/0x250 net/core/dev.c:1585\nbond_enslave+0x2298/0x30cc drivers/net/bonding/bond_main.c:2332\nbond_do_ioctl+0x268/0xc64 drivers/net/bonding/bond_main.c:4539\ndev_ifsioc+0x754/0x9ac\ndev_ioctl+0x4d8/0xd34 net/core/dev_ioctl.c:786\nsock_do_ioctl+0x1d4/0x2d0 net/socket.c:1217\nsock_ioctl+0x4e8/0x834 net/socket.c:1322\nvfs_ioctl fs/ioctl.c:51 [inline]\n__do_\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:40.349Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b4f0e605a508f6d7cda6df2f03a0c676b778b1fe"
        },
        {
          "url": "https://git.kernel.org/stable/c/396baca6683f415b5bc2b380289387bef1406edc"
        },
        {
          "url": "https://git.kernel.org/stable/c/53064e8239dd2ecfefc5634e991f1025abc2ee0c"
        },
        {
          "url": "https://git.kernel.org/stable/c/19554aa901b5833787df4417a05ccdebf351b7f4"
        },
        {
          "url": "https://git.kernel.org/stable/c/87c49806a37f88eddde3f537c162fd0c2834170c"
        },
        {
          "url": "https://git.kernel.org/stable/c/d98c91215a5748a0f536e7ccea26027005196859"
        },
        {
          "url": "https://git.kernel.org/stable/c/3cffa2ddc4d3fcf70cde361236f5a614f81a09b2"
        }
      ],
      "title": "bonding: stop the device in bond_setup_by_slave()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52784",
    "datePublished": "2024-05-21T15:31:02.362Z",
    "dateReserved": "2024-05-21T15:19:24.240Z",
    "dateUpdated": "2024-11-04T14:52:40.349Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52833

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

Bluetooth: btusb: Add date->evt_skb is NULL check

References

▼	URL	Tags
	https://git.kernel.org/stable/c/9f8e4d1a4ca1179aaeb43f91f3e2a386e7e616b3
	https://git.kernel.org/stable/c/f9de14bde56dcbb0765284c6dfc35842b021733c
	https://git.kernel.org/stable/c/a556f2ef556a04790f67f2fa272f1a77336d15a0
	https://git.kernel.org/stable/c/0048ddf045bddc4dacb3e783fd869a2f8fb5be30
	https://git.kernel.org/stable/c/13b1ebad4c175e6a9b0748acbf133c21a15d282a
	https://git.kernel.org/stable/c/624820f7c8826dd010e8b1963303c145f99816e9

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52833",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T20:52:00.965162Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:07.090Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.958Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9f8e4d1a4ca1179aaeb43f91f3e2a386e7e616b3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f9de14bde56dcbb0765284c6dfc35842b021733c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a556f2ef556a04790f67f2fa272f1a77336d15a0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0048ddf045bddc4dacb3e783fd869a2f8fb5be30"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/13b1ebad4c175e6a9b0748acbf133c21a15d282a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/624820f7c8826dd010e8b1963303c145f99816e9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/bluetooth/btusb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9f8e4d1a4ca1",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "f9de14bde56d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a556f2ef556a",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "0048ddf045bd",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "13b1ebad4c17",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "624820f7c882",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/bluetooth/btusb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btusb: Add date-\u003eevt_skb is NULL check\n\nfix crash because of null pointers\n\n[ 6104.969662] BUG: kernel NULL pointer dereference, address: 00000000000000c8\n[ 6104.969667] #PF: supervisor read access in kernel mode\n[ 6104.969668] #PF: error_code(0x0000) - not-present page\n[ 6104.969670] PGD 0 P4D 0\n[ 6104.969673] Oops: 0000 [#1] SMP NOPTI\n[ 6104.969684] RIP: 0010:btusb_mtk_hci_wmt_sync+0x144/0x220 [btusb]\n[ 6104.969688] RSP: 0018:ffffb8d681533d48 EFLAGS: 00010246\n[ 6104.969689] RAX: 0000000000000000 RBX: ffff8ad560bb2000 RCX: 0000000000000006\n[ 6104.969691] RDX: 0000000000000000 RSI: ffffb8d681533d08 RDI: 0000000000000000\n[ 6104.969692] RBP: ffffb8d681533d70 R08: 0000000000000001 R09: 0000000000000001\n[ 6104.969694] R10: 0000000000000001 R11: 00000000fa83b2da R12: ffff8ad461d1d7c0\n[ 6104.969695] R13: 0000000000000000 R14: ffff8ad459618c18 R15: ffffb8d681533d90\n[ 6104.969697] FS:  00007f5a1cab9d40(0000) GS:ffff8ad578200000(0000) knlGS:00000\n[ 6104.969699] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 6104.969700] CR2: 00000000000000c8 CR3: 000000018620c001 CR4: 0000000000760ef0\n[ 6104.969701] PKRU: 55555554\n[ 6104.969702] Call Trace:\n[ 6104.969708]  btusb_mtk_shutdown+0x44/0x80 [btusb]\n[ 6104.969732]  hci_dev_do_close+0x470/0x5c0 [bluetooth]\n[ 6104.969748]  hci_rfkill_set_block+0x56/0xa0 [bluetooth]\n[ 6104.969753]  rfkill_set_block+0x92/0x160\n[ 6104.969755]  rfkill_fop_write+0x136/0x1e0\n[ 6104.969759]  __vfs_write+0x18/0x40\n[ 6104.969761]  vfs_write+0xdf/0x1c0\n[ 6104.969763]  ksys_write+0xb1/0xe0\n[ 6104.969765]  __x64_sys_write+0x1a/0x20\n[ 6104.969769]  do_syscall_64+0x51/0x180\n[ 6104.969771]  entry_SYSCALL_64_after_hwframe+0x44/0xa9\n[ 6104.969773] RIP: 0033:0x7f5a21f18fef\n[ 6104.9] RSP: 002b:00007ffeefe39010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001\n[ 6104.969780] RAX: ffffffffffffffda RBX: 000055c10a7560a0 RCX: 00007f5a21f18fef\n[ 6104.969781] RDX: 0000000000000008 RSI: 00007ffeefe39060 RDI: 0000000000000012\n[ 6104.969782] RBP: 00007ffeefe39060 R08: 0000000000000000 R09: 0000000000000017\n[ 6104.969784] R10: 00007ffeefe38d97 R11: 0000000000000293 R12: 0000000000000002\n[ 6104.969785] R13: 00007ffeefe39220 R14: 00007ffeefe391a0 R15: 000055c10a72acf0"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:30.276Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9f8e4d1a4ca1179aaeb43f91f3e2a386e7e616b3"
        },
        {
          "url": "https://git.kernel.org/stable/c/f9de14bde56dcbb0765284c6dfc35842b021733c"
        },
        {
          "url": "https://git.kernel.org/stable/c/a556f2ef556a04790f67f2fa272f1a77336d15a0"
        },
        {
          "url": "https://git.kernel.org/stable/c/0048ddf045bddc4dacb3e783fd869a2f8fb5be30"
        },
        {
          "url": "https://git.kernel.org/stable/c/13b1ebad4c175e6a9b0748acbf133c21a15d282a"
        },
        {
          "url": "https://git.kernel.org/stable/c/624820f7c8826dd010e8b1963303c145f99816e9"
        }
      ],
      "title": "Bluetooth: btusb: Add date-\u003eevt_skb is NULL check",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52833",
    "datePublished": "2024-05-21T15:31:34.915Z",
    "dateReserved": "2024-05-21T15:19:24.252Z",
    "dateUpdated": "2024-11-04T14:53:30.276Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47376

Vulnerability from cvelistv5

Published

2024-05-21 15:03

Modified

2024-11-04 12:04

Severity ?

Summary

bpf: Add oversize check before call kvcalloc()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/93937596e0652d50973f9dc944fea1694ac8cdfd
	https://git.kernel.org/stable/c/6345a0bee80139ea00a341c4202ebfd1534b5eb0
	https://git.kernel.org/stable/c/b5fe7cdfee5901ce5513c30e554d51536e003bde
	https://git.kernel.org/stable/c/0e6491b559704da720f6da09dd0a52c4df44c514

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47376",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T18:56:40.431373Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T18:57:16.694Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:08.600Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/93937596e0652d50973f9dc944fea1694ac8cdfd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6345a0bee80139ea00a341c4202ebfd1534b5eb0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b5fe7cdfee5901ce5513c30e554d51536e003bde"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0e6491b559704da720f6da09dd0a52c4df44c514"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/bpf/verifier.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "93937596e065",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6345a0bee801",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "b5fe7cdfee59",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "0e6491b55970",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/bpf/verifier.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.150",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.70",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Add oversize check before call kvcalloc()\n\nCommit 7661809d493b (\"mm: don\u0027t allow oversized kvmalloc() calls\") add the\noversize check. When the allocation is larger than what kmalloc() supports,\nthe following warning triggered:\n\nWARNING: CPU: 0 PID: 8408 at mm/util.c:597 kvmalloc_node+0x108/0x110 mm/util.c:597\nModules linked in:\nCPU: 0 PID: 8408 Comm: syz-executor221 Not tainted 5.14.0-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:kvmalloc_node+0x108/0x110 mm/util.c:597\nCall Trace:\n kvmalloc include/linux/mm.h:806 [inline]\n kvmalloc_array include/linux/mm.h:824 [inline]\n kvcalloc include/linux/mm.h:829 [inline]\n check_btf_line kernel/bpf/verifier.c:9925 [inline]\n check_btf_info kernel/bpf/verifier.c:10049 [inline]\n bpf_check+0xd634/0x150d0 kernel/bpf/verifier.c:13759\n bpf_prog_load kernel/bpf/syscall.c:2301 [inline]\n __sys_bpf+0x11181/0x126e0 kernel/bpf/syscall.c:4587\n __do_sys_bpf kernel/bpf/syscall.c:4691 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:4689 [inline]\n __x64_sys_bpf+0x78/0x90 kernel/bpf/syscall.c:4689\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:04:43.432Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/93937596e0652d50973f9dc944fea1694ac8cdfd"
        },
        {
          "url": "https://git.kernel.org/stable/c/6345a0bee80139ea00a341c4202ebfd1534b5eb0"
        },
        {
          "url": "https://git.kernel.org/stable/c/b5fe7cdfee5901ce5513c30e554d51536e003bde"
        },
        {
          "url": "https://git.kernel.org/stable/c/0e6491b559704da720f6da09dd0a52c4df44c514"
        }
      ],
      "title": "bpf: Add oversize check before call kvcalloc()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47376",
    "datePublished": "2024-05-21T15:03:39.738Z",
    "dateReserved": "2024-05-21T14:58:30.811Z",
    "dateUpdated": "2024-11-04T12:04:43.432Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52814

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Summary

drm/amdgpu: Fix potential null pointer derefernce

References

▼	URL	Tags
	https://git.kernel.org/stable/c/b93a25de28af153312f0fc979b0663fc4bd3442b
	https://git.kernel.org/stable/c/c11cf5e117f50f5a767054600885acd981449afe
	https://git.kernel.org/stable/c/9b70fc7d70e8ef7c4a65034c9487f58609e708a1
	https://git.kernel.org/stable/c/b0702ee4d811708251cdf54d4a1d3e888d365111
	https://git.kernel.org/stable/c/da46e63482fdc5e35c008865c22ac64027f6f0c2
	https://git.kernel.org/stable/c/80285ae1ec8717b597b20de38866c29d84d321a1

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "1da177e4c3f4"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.10.202"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.15.140"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.1.64"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.5.13"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.6.3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.7"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52814",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T17:07:24.937431Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:33.076Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.899Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b93a25de28af153312f0fc979b0663fc4bd3442b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c11cf5e117f50f5a767054600885acd981449afe"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9b70fc7d70e8ef7c4a65034c9487f58609e708a1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b0702ee4d811708251cdf54d4a1d3e888d365111"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/da46e63482fdc5e35c008865c22ac64027f6f0c2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/80285ae1ec8717b597b20de38866c29d84d321a1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu_device.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b93a25de28af",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c11cf5e117f5",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "9b70fc7d70e8",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "b0702ee4d811",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "da46e63482fd",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "80285ae1ec87",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu_device.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential null pointer derefernce\n\nThe amdgpu_ras_get_context may return NULL if device\nnot support ras feature, so add check before using."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:14.005Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b93a25de28af153312f0fc979b0663fc4bd3442b"
        },
        {
          "url": "https://git.kernel.org/stable/c/c11cf5e117f50f5a767054600885acd981449afe"
        },
        {
          "url": "https://git.kernel.org/stable/c/9b70fc7d70e8ef7c4a65034c9487f58609e708a1"
        },
        {
          "url": "https://git.kernel.org/stable/c/b0702ee4d811708251cdf54d4a1d3e888d365111"
        },
        {
          "url": "https://git.kernel.org/stable/c/da46e63482fdc5e35c008865c22ac64027f6f0c2"
        },
        {
          "url": "https://git.kernel.org/stable/c/80285ae1ec8717b597b20de38866c29d84d321a1"
        }
      ],
      "title": "drm/amdgpu: Fix potential null pointer derefernce",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52814",
    "datePublished": "2024-05-21T15:31:22.263Z",
    "dateReserved": "2024-05-21T15:19:24.248Z",
    "dateUpdated": "2024-11-04T14:53:14.005Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52827

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

wifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/79527c21a3ce04cffc35ea54f74ee087e532be57
	https://git.kernel.org/stable/c/c9e44111da221246efb2e623ae1be40a5cf6542c
	https://git.kernel.org/stable/c/1bc44a505a229bb1dd4957e11aa594edeea3690e

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52827",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:23:07.677346Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:45.297Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.061Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/79527c21a3ce04cffc35ea54f74ee087e532be57"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c9e44111da221246efb2e623ae1be40a5cf6542c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1bc44a505a229bb1dd4957e11aa594edeea3690e"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath12k/dp_rx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "79527c21a3ce",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c9e44111da22",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "1bc44a505a22",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath12k/dp_rx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats()\n\nlen is extracted from HTT message and could be an unexpected value in\ncase errors happen, so add validation before using to avoid possible\nout-of-bound read in the following message iteration and parsing.\n\nThe same issue also applies to ppdu_info-\u003eppdu_stats.common.num_users,\nso validate it before using too.\n\nThese are found during code review.\n\nCompile test only."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:24.614Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/79527c21a3ce04cffc35ea54f74ee087e532be57"
        },
        {
          "url": "https://git.kernel.org/stable/c/c9e44111da221246efb2e623ae1be40a5cf6542c"
        },
        {
          "url": "https://git.kernel.org/stable/c/1bc44a505a229bb1dd4957e11aa594edeea3690e"
        }
      ],
      "title": "wifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52827",
    "datePublished": "2024-05-21T15:31:30.837Z",
    "dateReserved": "2024-05-21T15:19:24.251Z",
    "dateUpdated": "2024-11-04T14:53:24.614Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47418

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

net_sched: fix NULL deref in fifo_set_limit()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0dd7ddc462b9c2d31eb5a9926a2cc63eaa3e9f52
	https://git.kernel.org/stable/c/08d7056e8e250fd2e67dbea5be5fdecdd75bf6b4
	https://git.kernel.org/stable/c/26af64d71b6277841285fa40e3f7164a378dfda9
	https://git.kernel.org/stable/c/d07098f45be868a9cdce6c616563c36c64dbbd87
	https://git.kernel.org/stable/c/c951a3be5e8803e93bb49a0aca0d30457d3c1b67
	https://git.kernel.org/stable/c/acff2d182c0768a713cee77442caeb07668bd68f
	https://git.kernel.org/stable/c/fb58cd7991747b5e0b110c98c922d7b0e47a1f14
	https://git.kernel.org/stable/c/560ee196fe9e5037e5015e2cdb14b3aecb1cd7dc

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.126Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0dd7ddc462b9c2d31eb5a9926a2cc63eaa3e9f52"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/08d7056e8e250fd2e67dbea5be5fdecdd75bf6b4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/26af64d71b6277841285fa40e3f7164a378dfda9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d07098f45be868a9cdce6c616563c36c64dbbd87"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c951a3be5e8803e93bb49a0aca0d30457d3c1b67"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/acff2d182c0768a713cee77442caeb07668bd68f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fb58cd7991747b5e0b110c98c922d7b0e47a1f14"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/560ee196fe9e5037e5015e2cdb14b3aecb1cd7dc"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47418",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:50.787552Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:56.839Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/sched/sch_fifo.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0dd7ddc462b9",
              "status": "affected",
              "version": "fb0305ce1b03",
              "versionType": "git"
            },
            {
              "lessThan": "08d7056e8e25",
              "status": "affected",
              "version": "fb0305ce1b03",
              "versionType": "git"
            },
            {
              "lessThan": "26af64d71b62",
              "status": "affected",
              "version": "fb0305ce1b03",
              "versionType": "git"
            },
            {
              "lessThan": "d07098f45be8",
              "status": "affected",
              "version": "fb0305ce1b03",
              "versionType": "git"
            },
            {
              "lessThan": "c951a3be5e88",
              "status": "affected",
              "version": "fb0305ce1b03",
              "versionType": "git"
            },
            {
              "lessThan": "acff2d182c07",
              "status": "affected",
              "version": "fb0305ce1b03",
              "versionType": "git"
            },
            {
              "lessThan": "fb58cd799174",
              "status": "affected",
              "version": "fb0305ce1b03",
              "versionType": "git"
            },
            {
              "lessThan": "560ee196fe9e",
              "status": "affected",
              "version": "fb0305ce1b03",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/sched/sch_fifo.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.27"
            },
            {
              "lessThan": "2.6.27",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.289",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.287",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.251",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.211",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.153",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.73",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: fix NULL deref in fifo_set_limit()\n\nsyzbot reported another NULL deref in fifo_set_limit() [1]\n\nI could repro the issue with :\n\nunshare -n\ntc qd add dev lo root handle 1:0 tbf limit 200000 burst 70000 rate 100Mbit\ntc qd replace dev lo parent 1:0 pfifo_fast\ntc qd change dev lo root handle 1:0 tbf limit 300000 burst 70000 rate 100Mbit\n\npfifo_fast does not have a change() operation.\nMake fifo_set_limit() more robust about this.\n\n[1]\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 1cf99067 P4D 1cf99067 PUD 7ca49067 PMD 0\nOops: 0010 [#1] PREEMPT SMP KASAN\nCPU: 1 PID: 14443 Comm: syz-executor959 Not tainted 5.15.0-rc3-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at RIP 0xffffffffffffffd6.\nRSP: 0018:ffffc9000e2f7310 EFLAGS: 00010246\nRAX: dffffc0000000000 RBX: ffffffff8d6ecc00 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffff888024c27910 RDI: ffff888071e34000\nRBP: ffff888071e34000 R08: 0000000000000001 R09: ffffffff8fcfb947\nR10: 0000000000000001 R11: 0000000000000000 R12: ffff888024c27910\nR13: ffff888071e34018 R14: 0000000000000000 R15: ffff88801ef74800\nFS:  00007f321d897700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffffffffd6 CR3: 00000000722c3000 CR4: 00000000003506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n fifo_set_limit net/sched/sch_fifo.c:242 [inline]\n fifo_set_limit+0x198/0x210 net/sched/sch_fifo.c:227\n tbf_change+0x6ec/0x16d0 net/sched/sch_tbf.c:418\n qdisc_change net/sched/sch_api.c:1332 [inline]\n tc_modify_qdisc+0xd9a/0x1a60 net/sched/sch_api.c:1634\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5572\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2504\n netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1340\n netlink_sendmsg+0x86d/0xdb0 net/netlink/af_netlink.c:1929\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2463\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:31.803Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0dd7ddc462b9c2d31eb5a9926a2cc63eaa3e9f52"
        },
        {
          "url": "https://git.kernel.org/stable/c/08d7056e8e250fd2e67dbea5be5fdecdd75bf6b4"
        },
        {
          "url": "https://git.kernel.org/stable/c/26af64d71b6277841285fa40e3f7164a378dfda9"
        },
        {
          "url": "https://git.kernel.org/stable/c/d07098f45be868a9cdce6c616563c36c64dbbd87"
        },
        {
          "url": "https://git.kernel.org/stable/c/c951a3be5e8803e93bb49a0aca0d30457d3c1b67"
        },
        {
          "url": "https://git.kernel.org/stable/c/acff2d182c0768a713cee77442caeb07668bd68f"
        },
        {
          "url": "https://git.kernel.org/stable/c/fb58cd7991747b5e0b110c98c922d7b0e47a1f14"
        },
        {
          "url": "https://git.kernel.org/stable/c/560ee196fe9e5037e5015e2cdb14b3aecb1cd7dc"
        }
      ],
      "title": "net_sched: fix NULL deref in fifo_set_limit()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47418",
    "datePublished": "2024-05-21T15:04:07.333Z",
    "dateReserved": "2024-05-21T14:58:30.818Z",
    "dateUpdated": "2024-11-04T12:05:31.803Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47468

Vulnerability from cvelistv5

Published

2024-05-22 06:23

Modified

2024-11-04 12:06

Severity ?

Summary

isdn: mISDN: Fix sleeping function called from invalid context

References

▼	URL	Tags
	https://git.kernel.org/stable/c/6f95c97e0f9d6eb39c3f2cb45e8fa4268d1b372b
	https://git.kernel.org/stable/c/ef269a8808cb1759245a98a7fe16fceaebad894c
	https://git.kernel.org/stable/c/37e4f57b22cc5ebb3f80cf0f74fdeb487f082367
	https://git.kernel.org/stable/c/a5b34409d3fc52114c828be4adbc30744fa3258b
	https://git.kernel.org/stable/c/4054b869dc263228d30a4755800b78f0f2ba0c89
	https://git.kernel.org/stable/c/9f591cbdbed3d7822b2bdba89b34a6d7b434317d
	https://git.kernel.org/stable/c/f5966ba53013149bcf94e1536644a958dd00a026
	https://git.kernel.org/stable/c/6510e80a0b81b5d814e3aea6297ba42f5e76f73c

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.530Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6f95c97e0f9d6eb39c3f2cb45e8fa4268d1b372b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ef269a8808cb1759245a98a7fe16fceaebad894c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/37e4f57b22cc5ebb3f80cf0f74fdeb487f082367"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a5b34409d3fc52114c828be4adbc30744fa3258b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4054b869dc263228d30a4755800b78f0f2ba0c89"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9f591cbdbed3d7822b2bdba89b34a6d7b434317d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f5966ba53013149bcf94e1536644a958dd00a026"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6510e80a0b81b5d814e3aea6297ba42f5e76f73c"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47468",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:08.496744Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:53.524Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/isdn/hardware/mISDN/netjet.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6f95c97e0f9d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "ef269a8808cb",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "37e4f57b22cc",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a5b34409d3fc",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "4054b869dc26",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "9f591cbdbed3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "f5966ba53013",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6510e80a0b81",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/isdn/hardware/mISDN/netjet.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.288",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.253",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.214",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.156",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.76",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nisdn: mISDN: Fix sleeping function called from invalid context\n\nThe driver can call card-\u003eisac.release() function from an atomic\ncontext.\n\nFix this by calling this function after releasing the lock.\n\nThe following log reveals it:\n\n[   44.168226 ] BUG: sleeping function called from invalid context at kernel/workqueue.c:3018\n[   44.168941 ] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5475, name: modprobe\n[   44.169574 ] INFO: lockdep is turned off.\n[   44.169899 ] irq event stamp: 0\n[   44.170160 ] hardirqs last  enabled at (0): [\u003c0000000000000000\u003e] 0x0\n[   44.170627 ] hardirqs last disabled at (0): [\u003cffffffff814209ed\u003e] copy_process+0x132d/0x3e00\n[   44.171240 ] softirqs last  enabled at (0): [\u003cffffffff81420a1a\u003e] copy_process+0x135a/0x3e00\n[   44.171852 ] softirqs last disabled at (0): [\u003c0000000000000000\u003e] 0x0\n[   44.172318 ] Preemption disabled at:\n[   44.172320 ] [\u003cffffffffa009b0a9\u003e] nj_release+0x69/0x500 [netjet]\n[   44.174441 ] Call Trace:\n[   44.174630 ]  dump_stack_lvl+0xa8/0xd1\n[   44.174912 ]  dump_stack+0x15/0x17\n[   44.175166 ]  ___might_sleep+0x3a2/0x510\n[   44.175459 ]  ? nj_release+0x69/0x500 [netjet]\n[   44.175791 ]  __might_sleep+0x82/0xe0\n[   44.176063 ]  ? start_flush_work+0x20/0x7b0\n[   44.176375 ]  start_flush_work+0x33/0x7b0\n[   44.176672 ]  ? trace_irq_enable_rcuidle+0x85/0x170\n[   44.177034 ]  ? kasan_quarantine_put+0xaa/0x1f0\n[   44.177372 ]  ? kasan_quarantine_put+0xaa/0x1f0\n[   44.177711 ]  __flush_work+0x11a/0x1a0\n[   44.177991 ]  ? flush_work+0x20/0x20\n[   44.178257 ]  ? lock_release+0x13c/0x8f0\n[   44.178550 ]  ? __kasan_check_write+0x14/0x20\n[   44.178872 ]  ? do_raw_spin_lock+0x148/0x360\n[   44.179187 ]  ? read_lock_is_recursive+0x20/0x20\n[   44.179530 ]  ? __kasan_check_read+0x11/0x20\n[   44.179846 ]  ? do_raw_spin_unlock+0x55/0x900\n[   44.180168 ]  ? ____kasan_slab_free+0x116/0x140\n[   44.180505 ]  ? _raw_spin_unlock_irqrestore+0x41/0x60\n[   44.180878 ]  ? skb_queue_purge+0x1a3/0x1c0\n[   44.181189 ]  ? kfree+0x13e/0x290\n[   44.181438 ]  flush_work+0x17/0x20\n[   44.181695 ]  mISDN_freedchannel+0xe8/0x100\n[   44.182006 ]  isac_release+0x210/0x260 [mISDNipac]\n[   44.182366 ]  nj_release+0xf6/0x500 [netjet]\n[   44.182685 ]  nj_remove+0x48/0x70 [netjet]\n[   44.182989 ]  pci_device_remove+0xa9/0x250"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:31.999Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6f95c97e0f9d6eb39c3f2cb45e8fa4268d1b372b"
        },
        {
          "url": "https://git.kernel.org/stable/c/ef269a8808cb1759245a98a7fe16fceaebad894c"
        },
        {
          "url": "https://git.kernel.org/stable/c/37e4f57b22cc5ebb3f80cf0f74fdeb487f082367"
        },
        {
          "url": "https://git.kernel.org/stable/c/a5b34409d3fc52114c828be4adbc30744fa3258b"
        },
        {
          "url": "https://git.kernel.org/stable/c/4054b869dc263228d30a4755800b78f0f2ba0c89"
        },
        {
          "url": "https://git.kernel.org/stable/c/9f591cbdbed3d7822b2bdba89b34a6d7b434317d"
        },
        {
          "url": "https://git.kernel.org/stable/c/f5966ba53013149bcf94e1536644a958dd00a026"
        },
        {
          "url": "https://git.kernel.org/stable/c/6510e80a0b81b5d814e3aea6297ba42f5e76f73c"
        }
      ],
      "title": "isdn: mISDN: Fix sleeping function called from invalid context",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47468",
    "datePublished": "2024-05-22T06:23:26.982Z",
    "dateReserved": "2024-05-22T06:20:56.199Z",
    "dateUpdated": "2024-11-04T12:06:31.999Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52870

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-06 18:52

Severity ?

4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

Summary

clk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data

References

▼	URL	Tags
	https://git.kernel.org/stable/c/2617aa8ceaf30e41d3eb7f5fef3445542bef193a
	https://git.kernel.org/stable/c/533ca5153ad6c7b7d47ae0114b14d0333964b946
	https://git.kernel.org/stable/c/dd1f30d68fa98eb672c0a259297b761656a9025f
	https://git.kernel.org/stable/c/10cc81124407d862f0f747db4baa9c006510b480
	https://git.kernel.org/stable/c/b5ff3e89b4e7f46ad2aa0de7e08d18e6f87d71bc
	https://git.kernel.org/stable/c/b82681042724924ae3ba0f2f2eeec217fa31e830

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 4.1,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52870",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T18:46:17.967898Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T18:52:22.777Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.057Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2617aa8ceaf30e41d3eb7f5fef3445542bef193a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/533ca5153ad6c7b7d47ae0114b14d0333964b946"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dd1f30d68fa98eb672c0a259297b761656a9025f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/10cc81124407d862f0f747db4baa9c006510b480"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b5ff3e89b4e7f46ad2aa0de7e08d18e6f87d71bc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b82681042724924ae3ba0f2f2eeec217fa31e830"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/clk/mediatek/clk-mt6765.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2617aa8ceaf3",
              "status": "affected",
              "version": "1aca9939bf72",
              "versionType": "git"
            },
            {
              "lessThan": "533ca5153ad6",
              "status": "affected",
              "version": "1aca9939bf72",
              "versionType": "git"
            },
            {
              "lessThan": "dd1f30d68fa9",
              "status": "affected",
              "version": "1aca9939bf72",
              "versionType": "git"
            },
            {
              "lessThan": "10cc81124407",
              "status": "affected",
              "version": "1aca9939bf72",
              "versionType": "git"
            },
            {
              "lessThan": "b5ff3e89b4e7",
              "status": "affected",
              "version": "1aca9939bf72",
              "versionType": "git"
            },
            {
              "lessThan": "b82681042724",
              "status": "affected",
              "version": "1aca9939bf72",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/clk/mediatek/clk-mt6765.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            },
            {
              "lessThan": "5.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:15.935Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2617aa8ceaf30e41d3eb7f5fef3445542bef193a"
        },
        {
          "url": "https://git.kernel.org/stable/c/533ca5153ad6c7b7d47ae0114b14d0333964b946"
        },
        {
          "url": "https://git.kernel.org/stable/c/dd1f30d68fa98eb672c0a259297b761656a9025f"
        },
        {
          "url": "https://git.kernel.org/stable/c/10cc81124407d862f0f747db4baa9c006510b480"
        },
        {
          "url": "https://git.kernel.org/stable/c/b5ff3e89b4e7f46ad2aa0de7e08d18e6f87d71bc"
        },
        {
          "url": "https://git.kernel.org/stable/c/b82681042724924ae3ba0f2f2eeec217fa31e830"
        }
      ],
      "title": "clk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52870",
    "datePublished": "2024-05-21T15:31:59.836Z",
    "dateReserved": "2024-05-21T15:19:24.263Z",
    "dateUpdated": "2024-11-06T18:52:22.777Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52804

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

fs/jfs: Add validity check for db_maxag and db_agpref

References

▼	URL	Tags
	https://git.kernel.org/stable/c/a0649e2dd4a3595b5595a29d0064d047c2fae2fb
	https://git.kernel.org/stable/c/ce15b0f1a431168f07b1cc6c9f71206a2db5c809
	https://git.kernel.org/stable/c/32bd8f1cbcf8b663e29dd1f908ba3a129541a11b
	https://git.kernel.org/stable/c/c6c8863fb3f57700ab583d875adda04caaf2278a
	https://git.kernel.org/stable/c/1f74d336990f37703a8eee77153463d65b67f70e
	https://git.kernel.org/stable/c/5013f8269887642cca784adc8db9b5f0b771533f
	https://git.kernel.org/stable/c/dca403bb035a565bb98ecc1dda5d30f676feda40
	https://git.kernel.org/stable/c/2323de34a3ae61a9f9b544c18583f71cea86721f
	https://git.kernel.org/stable/c/64933ab7b04881c6c18b21ff206c12278341c72e

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.034Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a0649e2dd4a3595b5595a29d0064d047c2fae2fb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ce15b0f1a431168f07b1cc6c9f71206a2db5c809"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/32bd8f1cbcf8b663e29dd1f908ba3a129541a11b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c6c8863fb3f57700ab583d875adda04caaf2278a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1f74d336990f37703a8eee77153463d65b67f70e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5013f8269887642cca784adc8db9b5f0b771533f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dca403bb035a565bb98ecc1dda5d30f676feda40"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2323de34a3ae61a9f9b544c18583f71cea86721f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/64933ab7b04881c6c18b21ff206c12278341c72e"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52804",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:50.346379Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:54.971Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/jfs/jfs_dmap.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a0649e2dd4a3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "ce15b0f1a431",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "32bd8f1cbcf8",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c6c8863fb3f5",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "1f74d336990f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "5013f8269887",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "dca403bb035a",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2323de34a3ae",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "64933ab7b048",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/jfs/jfs_dmap.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.331",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Add validity check for db_maxag and db_agpref\n\nBoth db_maxag and db_agpref are used as the index of the\ndb_agfree array, but there is currently no validity check for\ndb_maxag and db_agpref, which can lead to errors.\n\nThe following is related bug reported by Syzbot:\n\nUBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:639:20\nindex 7936 is out of range for type \u0027atomic_t[128]\u0027\n\nAdd checking that the values of db_maxag and db_agpref are valid\nindexes for the db_agfree array."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:02.217Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a0649e2dd4a3595b5595a29d0064d047c2fae2fb"
        },
        {
          "url": "https://git.kernel.org/stable/c/ce15b0f1a431168f07b1cc6c9f71206a2db5c809"
        },
        {
          "url": "https://git.kernel.org/stable/c/32bd8f1cbcf8b663e29dd1f908ba3a129541a11b"
        },
        {
          "url": "https://git.kernel.org/stable/c/c6c8863fb3f57700ab583d875adda04caaf2278a"
        },
        {
          "url": "https://git.kernel.org/stable/c/1f74d336990f37703a8eee77153463d65b67f70e"
        },
        {
          "url": "https://git.kernel.org/stable/c/5013f8269887642cca784adc8db9b5f0b771533f"
        },
        {
          "url": "https://git.kernel.org/stable/c/dca403bb035a565bb98ecc1dda5d30f676feda40"
        },
        {
          "url": "https://git.kernel.org/stable/c/2323de34a3ae61a9f9b544c18583f71cea86721f"
        },
        {
          "url": "https://git.kernel.org/stable/c/64933ab7b04881c6c18b21ff206c12278341c72e"
        }
      ],
      "title": "fs/jfs: Add validity check for db_maxag and db_agpref",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52804",
    "datePublished": "2024-05-21T15:31:15.720Z",
    "dateReserved": "2024-05-21T15:19:24.247Z",
    "dateUpdated": "2024-11-04T14:53:02.217Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52857

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

drm/mediatek: Fix coverity issue with unintentional integer overflow

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0d8a1df39d3fc34560e2cc663b5c340d06a25396
	https://git.kernel.org/stable/c/96312a251d4dcee5d36e32edba3002bfde0ddd9c
	https://git.kernel.org/stable/c/b0b0d811eac6b4c52cb9ad632fa6384cf48869e7

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52857",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-24T19:34:11.546564Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:02.750Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.048Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0d8a1df39d3fc34560e2cc663b5c340d06a25396"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/96312a251d4dcee5d36e32edba3002bfde0ddd9c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b0b0d811eac6b4c52cb9ad632fa6384cf48869e7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/mediatek/mtk_drm_gem.c",
            "drivers/gpu/drm/mediatek/mtk_drm_plane.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0d8a1df39d3f",
              "status": "affected",
              "version": "1a64a7aff8da",
              "versionType": "git"
            },
            {
              "lessThan": "96312a251d4d",
              "status": "affected",
              "version": "1a64a7aff8da",
              "versionType": "git"
            },
            {
              "lessThan": "b0b0d811eac6",
              "status": "affected",
              "version": "1a64a7aff8da",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/mediatek/mtk_drm_gem.c",
            "drivers/gpu/drm/mediatek/mtk_drm_plane.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "lessThan": "5.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: Fix coverity issue with unintentional integer overflow\n\n1. Instead of multiplying 2 variable of different types. Change to\nassign a value of one variable and then multiply the other variable.\n\n2. Add a int variable for multiplier calculation instead of calculating\ndifferent types multiplier with dma_addr_t variable directly."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:58.971Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0d8a1df39d3fc34560e2cc663b5c340d06a25396"
        },
        {
          "url": "https://git.kernel.org/stable/c/96312a251d4dcee5d36e32edba3002bfde0ddd9c"
        },
        {
          "url": "https://git.kernel.org/stable/c/b0b0d811eac6b4c52cb9ad632fa6384cf48869e7"
        }
      ],
      "title": "drm/mediatek: Fix coverity issue with unintentional integer overflow",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52857",
    "datePublished": "2024-05-21T15:31:51.232Z",
    "dateReserved": "2024-05-21T15:19:24.258Z",
    "dateUpdated": "2024-11-04T14:53:58.971Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47425

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

i2c: acpi: fix resource leak in reconfiguration device addition

References

▼	URL	Tags
	https://git.kernel.org/stable/c/b8090a84d7758b929d348bafbd86bb7a10c5fb63
	https://git.kernel.org/stable/c/3d9d458a8aaafa47268ea4f1b4114a9f12927989
	https://git.kernel.org/stable/c/60bacf259e8c2eb2324f3e13275200baaee9494b
	https://git.kernel.org/stable/c/f86de018fd7a24ee07372d55ffa7824f0c674a95
	https://git.kernel.org/stable/c/90f1077c9184ec2ae9989e4642f211263f301694
	https://git.kernel.org/stable/c/6558b646ce1c2a872fe1c2c7cb116f05a2c1950f

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47425",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T17:32:39.731015Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:05.025Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.439Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b8090a84d7758b929d348bafbd86bb7a10c5fb63"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3d9d458a8aaafa47268ea4f1b4114a9f12927989"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/60bacf259e8c2eb2324f3e13275200baaee9494b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f86de018fd7a24ee07372d55ffa7824f0c674a95"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/90f1077c9184ec2ae9989e4642f211263f301694"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6558b646ce1c2a872fe1c2c7cb116f05a2c1950f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/i2c/i2c-core-acpi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b8090a84d775",
              "status": "affected",
              "version": "525e6fabeae2",
              "versionType": "git"
            },
            {
              "lessThan": "3d9d458a8aaa",
              "status": "affected",
              "version": "525e6fabeae2",
              "versionType": "git"
            },
            {
              "lessThan": "60bacf259e8c",
              "status": "affected",
              "version": "525e6fabeae2",
              "versionType": "git"
            },
            {
              "lessThan": "f86de018fd7a",
              "status": "affected",
              "version": "525e6fabeae2",
              "versionType": "git"
            },
            {
              "lessThan": "90f1077c9184",
              "status": "affected",
              "version": "525e6fabeae2",
              "versionType": "git"
            },
            {
              "lessThan": "6558b646ce1c",
              "status": "affected",
              "version": "525e6fabeae2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/i2c/i2c-core-acpi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.8"
            },
            {
              "lessThan": "4.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.251",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.211",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.153",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.73",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: acpi: fix resource leak in reconfiguration device addition\n\nacpi_i2c_find_adapter_by_handle() calls bus_find_device() which takes a\nreference on the adapter which is never released which will result in a\nreference count leak and render the adapter unremovable.  Make sure to\nput the adapter after creating the client in the same manner that we do\nfor OF.\n\n[wsa: fixed title]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:40.044Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b8090a84d7758b929d348bafbd86bb7a10c5fb63"
        },
        {
          "url": "https://git.kernel.org/stable/c/3d9d458a8aaafa47268ea4f1b4114a9f12927989"
        },
        {
          "url": "https://git.kernel.org/stable/c/60bacf259e8c2eb2324f3e13275200baaee9494b"
        },
        {
          "url": "https://git.kernel.org/stable/c/f86de018fd7a24ee07372d55ffa7824f0c674a95"
        },
        {
          "url": "https://git.kernel.org/stable/c/90f1077c9184ec2ae9989e4642f211263f301694"
        },
        {
          "url": "https://git.kernel.org/stable/c/6558b646ce1c2a872fe1c2c7cb116f05a2c1950f"
        }
      ],
      "title": "i2c: acpi: fix resource leak in reconfiguration device addition",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47425",
    "datePublished": "2024-05-21T15:04:11.931Z",
    "dateReserved": "2024-05-21T14:58:30.827Z",
    "dateUpdated": "2024-11-04T12:05:40.044Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52703

Vulnerability from cvelistv5

Published

2024-05-21 15:22

Modified

2024-11-07 16:41

Severity ?

3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Summary

net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path

References

▼	URL	Tags
	https://git.kernel.org/stable/c/1b5de7d44890b78519acbcc80d8d1f23ff2872e5
	https://git.kernel.org/stable/c/723ef7b66f37c0841f5a451ccbce47ee1641e081
	https://git.kernel.org/stable/c/a753352622b4f3c0219e0e9c73114b2848ae6042
	https://git.kernel.org/stable/c/525bdcb0838d19d918c7786151ee14661967a030
	https://git.kernel.org/stable/c/338f826d3afead6e4df521f7972a4bef04a72efb
	https://git.kernel.org/stable/c/02df3170c04a8356cd571ab9155a42f030190abc
	https://git.kernel.org/stable/c/c68f345b7c425b38656e1791a0486769a8797016

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "LOW",
              "baseScore": 3.3,
              "baseSeverity": "LOW",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52703",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T17:57:22.463182Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T16:41:20.808Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.557Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1b5de7d44890b78519acbcc80d8d1f23ff2872e5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/723ef7b66f37c0841f5a451ccbce47ee1641e081"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a753352622b4f3c0219e0e9c73114b2848ae6042"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/525bdcb0838d19d918c7786151ee14661967a030"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/338f826d3afead6e4df521f7972a4bef04a72efb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/02df3170c04a8356cd571ab9155a42f030190abc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c68f345b7c425b38656e1791a0486769a8797016"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/usb/kalmia.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1b5de7d44890",
              "status": "affected",
              "version": "d40261236e8e",
              "versionType": "git"
            },
            {
              "lessThan": "723ef7b66f37",
              "status": "affected",
              "version": "d40261236e8e",
              "versionType": "git"
            },
            {
              "lessThan": "a753352622b4",
              "status": "affected",
              "version": "d40261236e8e",
              "versionType": "git"
            },
            {
              "lessThan": "525bdcb0838d",
              "status": "affected",
              "version": "d40261236e8e",
              "versionType": "git"
            },
            {
              "lessThan": "338f826d3afe",
              "status": "affected",
              "version": "d40261236e8e",
              "versionType": "git"
            },
            {
              "lessThan": "02df3170c04a",
              "status": "affected",
              "version": "d40261236e8e",
              "versionType": "git"
            },
            {
              "lessThan": "c68f345b7c42",
              "status": "affected",
              "version": "d40261236e8e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/usb/kalmia.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.0"
            },
            {
              "lessThan": "3.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.306",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.273",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.232",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.169",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.95",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/usb: kalmia: Don\u0027t pass act_len in usb_bulk_msg error path\n\nsyzbot reported that act_len in kalmia_send_init_packet() is\nuninitialized when passing it to the first usb_bulk_msg error path. Jiri\nPirko noted that it\u0027s pointless to pass it in the error path, and that\nthe value that would be printed in the second error path would be the\nvalue of act_len from the first call to usb_bulk_msg.[1]\n\nWith this in mind, let\u0027s just not pass act_len to the usb_bulk_msg error\npaths.\n\n1: https://lore.kernel.org/lkml/Y9pY61y1nwTuzMOa@nanopsycho/"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:29.319Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1b5de7d44890b78519acbcc80d8d1f23ff2872e5"
        },
        {
          "url": "https://git.kernel.org/stable/c/723ef7b66f37c0841f5a451ccbce47ee1641e081"
        },
        {
          "url": "https://git.kernel.org/stable/c/a753352622b4f3c0219e0e9c73114b2848ae6042"
        },
        {
          "url": "https://git.kernel.org/stable/c/525bdcb0838d19d918c7786151ee14661967a030"
        },
        {
          "url": "https://git.kernel.org/stable/c/338f826d3afead6e4df521f7972a4bef04a72efb"
        },
        {
          "url": "https://git.kernel.org/stable/c/02df3170c04a8356cd571ab9155a42f030190abc"
        },
        {
          "url": "https://git.kernel.org/stable/c/c68f345b7c425b38656e1791a0486769a8797016"
        }
      ],
      "title": "net/usb: kalmia: Don\u0027t pass act_len in usb_bulk_msg error path",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52703",
    "datePublished": "2024-05-21T15:22:52.687Z",
    "dateReserved": "2024-03-07T14:49:46.891Z",
    "dateUpdated": "2024-11-07T16:41:20.808Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52853

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

hid: cp2112: Fix duplicate workqueue initialization

References

▼	URL	Tags
	https://git.kernel.org/stable/c/df0daac2709473531d6a3472997cc65301ac06d6
	https://git.kernel.org/stable/c/727203e6e7e7020e1246fc1628cbdb8d90177819
	https://git.kernel.org/stable/c/3d959406c8fff2334d83d0c352d54fd6f5b2e7cd
	https://git.kernel.org/stable/c/012d0c66f9392a99232ac28217229f32dd3a70cf
	https://git.kernel.org/stable/c/bafb12b629b7c3ad59812dd1ac1b0618062e0e38
	https://git.kernel.org/stable/c/fb5718bc67337dde1528661f419ffcf275757592
	https://git.kernel.org/stable/c/eb1121fac7986b30915ba20c5a04cc01fdcf160c
	https://git.kernel.org/stable/c/e3c2d2d144c082dd71596953193adf9891491f42

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52853",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:51:33.652573Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:57.826Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.048Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/df0daac2709473531d6a3472997cc65301ac06d6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/727203e6e7e7020e1246fc1628cbdb8d90177819"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3d959406c8fff2334d83d0c352d54fd6f5b2e7cd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/012d0c66f9392a99232ac28217229f32dd3a70cf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bafb12b629b7c3ad59812dd1ac1b0618062e0e38"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fb5718bc67337dde1528661f419ffcf275757592"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eb1121fac7986b30915ba20c5a04cc01fdcf160c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e3c2d2d144c082dd71596953193adf9891491f42"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/hid/hid-cp2112.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "df0daac27094",
              "status": "affected",
              "version": "13de9cca514e",
              "versionType": "git"
            },
            {
              "lessThan": "727203e6e7e7",
              "status": "affected",
              "version": "13de9cca514e",
              "versionType": "git"
            },
            {
              "lessThan": "3d959406c8ff",
              "status": "affected",
              "version": "13de9cca514e",
              "versionType": "git"
            },
            {
              "lessThan": "012d0c66f939",
              "status": "affected",
              "version": "13de9cca514e",
              "versionType": "git"
            },
            {
              "lessThan": "bafb12b629b7",
              "status": "affected",
              "version": "13de9cca514e",
              "versionType": "git"
            },
            {
              "lessThan": "fb5718bc6733",
              "status": "affected",
              "version": "13de9cca514e",
              "versionType": "git"
            },
            {
              "lessThan": "eb1121fac798",
              "status": "affected",
              "version": "13de9cca514e",
              "versionType": "git"
            },
            {
              "lessThan": "e3c2d2d144c0",
              "status": "affected",
              "version": "13de9cca514e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/hid/hid-cp2112.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.10"
            },
            {
              "lessThan": "4.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.299",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.261",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhid: cp2112: Fix duplicate workqueue initialization\n\nPreviously the cp2112 driver called INIT_DELAYED_WORK within\ncp2112_gpio_irq_startup, resulting in duplicate initilizations of the\nworkqueue on subsequent IRQ startups following an initial request. This\nresulted in a warning in set_work_data in workqueue.c, as well as a rare\nNULL dereference within process_one_work in workqueue.c.\n\nInitialize the workqueue within _probe instead."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:54.174Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/df0daac2709473531d6a3472997cc65301ac06d6"
        },
        {
          "url": "https://git.kernel.org/stable/c/727203e6e7e7020e1246fc1628cbdb8d90177819"
        },
        {
          "url": "https://git.kernel.org/stable/c/3d959406c8fff2334d83d0c352d54fd6f5b2e7cd"
        },
        {
          "url": "https://git.kernel.org/stable/c/012d0c66f9392a99232ac28217229f32dd3a70cf"
        },
        {
          "url": "https://git.kernel.org/stable/c/bafb12b629b7c3ad59812dd1ac1b0618062e0e38"
        },
        {
          "url": "https://git.kernel.org/stable/c/fb5718bc67337dde1528661f419ffcf275757592"
        },
        {
          "url": "https://git.kernel.org/stable/c/eb1121fac7986b30915ba20c5a04cc01fdcf160c"
        },
        {
          "url": "https://git.kernel.org/stable/c/e3c2d2d144c082dd71596953193adf9891491f42"
        }
      ],
      "title": "hid: cp2112: Fix duplicate workqueue initialization",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52853",
    "datePublished": "2024-05-21T15:31:48.571Z",
    "dateReserved": "2024-05-21T15:19:24.256Z",
    "dateUpdated": "2024-11-04T14:53:54.174Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47412

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

block: don't call rq_qos_ops->done_bio if the bio isn't tracked

References

▼	URL	Tags
	https://git.kernel.org/stable/c/004b8f8a691205a93d9e80d98b786b2b97424d6e
	https://git.kernel.org/stable/c/a647a524a46736786c95cdb553a070322ca096e3

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47412",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T17:28:47.066559Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T17:29:00.823Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.401Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/004b8f8a691205a93d9e80d98b786b2b97424d6e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a647a524a46736786c95cdb553a070322ca096e3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "block/bio.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "004b8f8a6912",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a647a524a467",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "block/bio.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: don\u0027t call rq_qos_ops-\u003edone_bio if the bio isn\u0027t tracked\n\nrq_qos framework is only applied on request based driver, so:\n\n1) rq_qos_done_bio() needn\u0027t to be called for bio based driver\n\n2) rq_qos_done_bio() needn\u0027t to be called for bio which isn\u0027t tracked,\nsuch as bios ended from error handling code.\n\nEspecially in bio_endio():\n\n1) request queue is referred via bio-\u003ebi_bdev-\u003ebd_disk-\u003equeue, which\nmay be gone since request queue refcount may not be held in above two\ncases\n\n2) q-\u003erq_qos may be freed in blk_cleanup_queue() when calling into\n__rq_qos_done_bio()\n\nFix the potential kernel panic by not calling rq_qos_ops-\u003edone_bio if\nthe bio isn\u0027t tracked. This way is safe because both ioc_rqos_done_bio()\nand blkcg_iolatency_done_bio() are nop if the bio isn\u0027t tracked."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:24.826Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/004b8f8a691205a93d9e80d98b786b2b97424d6e"
        },
        {
          "url": "https://git.kernel.org/stable/c/a647a524a46736786c95cdb553a070322ca096e3"
        }
      ],
      "title": "block: don\u0027t call rq_qos_ops-\u003edone_bio if the bio isn\u0027t tracked",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47412",
    "datePublished": "2024-05-21T15:04:03.309Z",
    "dateReserved": "2024-05-21T14:58:30.817Z",
    "dateUpdated": "2024-11-04T12:05:24.826Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47498

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:07

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

dm rq: don't queue request to blk-mq during DM suspend

References

▼	URL	Tags
	https://git.kernel.org/stable/c/8ca9745efe3528feb06ca4e117188038eea2d351
	https://git.kernel.org/stable/c/b4459b11e84092658fa195a2587aff3b9637f0e7

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47498",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T17:07:40.388393Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-01T13:48:59.332Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.748Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8ca9745efe3528feb06ca4e117188038eea2d351"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b4459b11e84092658fa195a2587aff3b9637f0e7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/md/dm-rq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "8ca9745efe35",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "b4459b11e840",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/md/dm-rq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm rq: don\u0027t queue request to blk-mq during DM suspend\n\nDM uses blk-mq\u0027s quiesce/unquiesce to stop/start device mapper queue.\n\nBut blk-mq\u0027s unquiesce may come from outside events, such as elevator\nswitch, updating nr_requests or others, and request may come during\nsuspend, so simply ask for blk-mq to requeue it.\n\nFixes one kernel panic issue when running updating nr_requests and\ndm-mpath suspend/resume stress test."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:07:05.512Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/8ca9745efe3528feb06ca4e117188038eea2d351"
        },
        {
          "url": "https://git.kernel.org/stable/c/b4459b11e84092658fa195a2587aff3b9637f0e7"
        }
      ],
      "title": "dm rq: don\u0027t queue request to blk-mq during DM suspend",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47498",
    "datePublished": "2024-05-22T08:19:44.803Z",
    "dateReserved": "2024-05-22T06:20:56.204Z",
    "dateUpdated": "2024-11-04T12:07:05.512Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52851

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

IB/mlx5: Fix init stage error handling to avoid double free of same QP and UAF

References

▼	URL	Tags
	https://git.kernel.org/stable/c/437f033e30c897bb3723eac9e9003cd9f88d00a3
	https://git.kernel.org/stable/c/4f4a7a7d1404297f2a92df0046f7e64dc5c52dd9
	https://git.kernel.org/stable/c/6387f269d84e6e149499408c4d1fc805017729b2
	https://git.kernel.org/stable/c/2ef422f063b74adcc4a4a9004b0a87bb55e0a836

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52851",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:56:10.534699Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:32.402Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.176Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/437f033e30c897bb3723eac9e9003cd9f88d00a3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4f4a7a7d1404297f2a92df0046f7e64dc5c52dd9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6387f269d84e6e149499408c4d1fc805017729b2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2ef422f063b74adcc4a4a9004b0a87bb55e0a836"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/hw/mlx5/main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "437f033e30c8",
              "status": "affected",
              "version": "04876c12c19e",
              "versionType": "git"
            },
            {
              "lessThan": "4f4a7a7d1404",
              "status": "affected",
              "version": "04876c12c19e",
              "versionType": "git"
            },
            {
              "lessThan": "6387f269d84e",
              "status": "affected",
              "version": "04876c12c19e",
              "versionType": "git"
            },
            {
              "lessThan": "2ef422f063b7",
              "status": "affected",
              "version": "04876c12c19e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/hw/mlx5/main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.19"
            },
            {
              "lessThan": "5.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/mlx5: Fix init stage error handling to avoid double free of same QP and UAF\n\nIn the unlikely event that workqueue allocation fails and returns NULL in\nmlx5_mkey_cache_init(), delete the call to\nmlx5r_umr_resource_cleanup() (which frees the QP) in\nmlx5_ib_stage_post_ib_reg_umr_init().  This will avoid attempted double\nfree of the same QP when __mlx5_ib_add() does its cleanup.\n\nResolves a splat:\n\n   Syzkaller reported a UAF in ib_destroy_qp_user\n\n   workqueue: Failed to create a rescuer kthread for wq \"mkey_cache\": -EINTR\n   infiniband mlx5_0: mlx5_mkey_cache_init:981:(pid 1642):\n   failed to create work queue\n   infiniband mlx5_0: mlx5_ib_stage_post_ib_reg_umr_init:4075:(pid 1642):\n   mr cache init failed -12\n   ==================================================================\n   BUG: KASAN: slab-use-after-free in ib_destroy_qp_user (drivers/infiniband/core/verbs.c:2073)\n   Read of size 8 at addr ffff88810da310a8 by task repro_upstream/1642\n\n   Call Trace:\n   \u003cTASK\u003e\n   kasan_report (mm/kasan/report.c:590)\n   ib_destroy_qp_user (drivers/infiniband/core/verbs.c:2073)\n   mlx5r_umr_resource_cleanup (drivers/infiniband/hw/mlx5/umr.c:198)\n   __mlx5_ib_add (drivers/infiniband/hw/mlx5/main.c:4178)\n   mlx5r_probe (drivers/infiniband/hw/mlx5/main.c:4402)\n   ...\n   \u003c/TASK\u003e\n\n   Allocated by task 1642:\n   __kmalloc (./include/linux/kasan.h:198 mm/slab_common.c:1026\n   mm/slab_common.c:1039)\n   create_qp (./include/linux/slab.h:603 ./include/linux/slab.h:720\n   ./include/rdma/ib_verbs.h:2795 drivers/infiniband/core/verbs.c:1209)\n   ib_create_qp_kernel (drivers/infiniband/core/verbs.c:1347)\n   mlx5r_umr_resource_init (drivers/infiniband/hw/mlx5/umr.c:164)\n   mlx5_ib_stage_post_ib_reg_umr_init (drivers/infiniband/hw/mlx5/main.c:4070)\n   __mlx5_ib_add (drivers/infiniband/hw/mlx5/main.c:4168)\n   mlx5r_probe (drivers/infiniband/hw/mlx5/main.c:4402)\n   ...\n\n   Freed by task 1642:\n   __kmem_cache_free (mm/slub.c:1826 mm/slub.c:3809 mm/slub.c:3822)\n   ib_destroy_qp_user (drivers/infiniband/core/verbs.c:2112)\n   mlx5r_umr_resource_cleanup (drivers/infiniband/hw/mlx5/umr.c:198)\n   mlx5_ib_stage_post_ib_reg_umr_init (drivers/infiniband/hw/mlx5/main.c:4076\n   drivers/infiniband/hw/mlx5/main.c:4065)\n   __mlx5_ib_add (drivers/infiniband/hw/mlx5/main.c:4168)\n   mlx5r_probe (drivers/infiniband/hw/mlx5/main.c:4402)\n   ..."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:51.827Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/437f033e30c897bb3723eac9e9003cd9f88d00a3"
        },
        {
          "url": "https://git.kernel.org/stable/c/4f4a7a7d1404297f2a92df0046f7e64dc5c52dd9"
        },
        {
          "url": "https://git.kernel.org/stable/c/6387f269d84e6e149499408c4d1fc805017729b2"
        },
        {
          "url": "https://git.kernel.org/stable/c/2ef422f063b74adcc4a4a9004b0a87bb55e0a836"
        }
      ],
      "title": "IB/mlx5: Fix init stage error handling to avoid double free of same QP and UAF",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52851",
    "datePublished": "2024-05-21T15:31:47.220Z",
    "dateReserved": "2024-05-21T15:19:24.255Z",
    "dateUpdated": "2024-11-04T14:53:51.827Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47452

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:06

Severity ?

Summary

netfilter: nf_tables: skip netdev events generated on netns removal

References

▼	URL	Tags
	https://git.kernel.org/stable/c/90c7c58aa2bd02c65a4c63b7dfe0b16eab12cf9f
	https://git.kernel.org/stable/c/68a3765c659f809dcaac20030853a054646eb739

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47452",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-10T18:55:58.283625Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-10T18:56:06.393Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:58.991Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/90c7c58aa2bd02c65a4c63b7dfe0b16eab12cf9f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/68a3765c659f809dcaac20030853a054646eb739"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nft_chain_filter.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "90c7c58aa2bd",
              "status": "affected",
              "version": "767d1216bff8",
              "versionType": "git"
            },
            {
              "lessThan": "68a3765c659f",
              "status": "affected",
              "version": "767d1216bff8",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nft_chain_filter.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.11"
            },
            {
              "lessThan": "5.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: skip netdev events generated on netns removal\n\nsyzbot reported following (harmless) WARN:\n\n WARNING: CPU: 1 PID: 2648 at net/netfilter/core.c:468\n  nft_netdev_unregister_hooks net/netfilter/nf_tables_api.c:230 [inline]\n  nf_tables_unregister_hook include/net/netfilter/nf_tables.h:1090 [inline]\n  __nft_release_basechain+0x138/0x640 net/netfilter/nf_tables_api.c:9524\n  nft_netdev_event net/netfilter/nft_chain_filter.c:351 [inline]\n  nf_tables_netdev_event+0x521/0x8a0 net/netfilter/nft_chain_filter.c:382\n\nreproducer:\nunshare -n bash -c \u0027ip link add br0 type bridge; nft add table netdev t ; \\\n nft add chain netdev t ingress \\{ type filter hook ingress device \"br0\" \\\n priority 0\\; policy drop\\; \\}\u0027\n\nProblem is that when netns device exit hooks create the UNREGISTER\nevent, the .pre_exit hook for nf_tables core has already removed the\nbase hook.  Notifier attempts to do this again.\n\nThe need to do base hook unregister unconditionally was needed in the past,\nbecause notifier was last stage where reg-\u003edev dereference was safe.\n\nNow that nf_tables does the hook removal in .pre_exit, this isn\u0027t\nneeded anymore."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:13.123Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/90c7c58aa2bd02c65a4c63b7dfe0b16eab12cf9f"
        },
        {
          "url": "https://git.kernel.org/stable/c/68a3765c659f809dcaac20030853a054646eb739"
        }
      ],
      "title": "netfilter: nf_tables: skip netdev events generated on netns removal",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47452",
    "datePublished": "2024-05-22T06:19:42.721Z",
    "dateReserved": "2024-05-21T14:58:30.833Z",
    "dateUpdated": "2024-11-04T12:06:13.123Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52744

Vulnerability from cvelistv5

Published

2024-05-21 15:23

Modified

2024-11-04 14:51

Severity ?

Summary

RDMA/irdma: Fix potential NULL-ptr-dereference

References

▼	URL	Tags
	https://git.kernel.org/stable/c/8f5fe1cd8e6a97f94840b55f59ed08cbc397086f
	https://git.kernel.org/stable/c/360682fe7df262d94fae54f737c487bec0f9190d
	https://git.kernel.org/stable/c/5d9745cead1f121974322b94ceadfb4d1e67960e

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52744",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:37:02.408361Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:37:32.925Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.755Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8f5fe1cd8e6a97f94840b55f59ed08cbc397086f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/360682fe7df262d94fae54f737c487bec0f9190d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5d9745cead1f121974322b94ceadfb4d1e67960e"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/hw/irdma/cm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "8f5fe1cd8e6a",
              "status": "affected",
              "version": "146b9756f14c",
              "versionType": "git"
            },
            {
              "lessThan": "360682fe7df2",
              "status": "affected",
              "version": "146b9756f14c",
              "versionType": "git"
            },
            {
              "lessThan": "5d9745cead1f",
              "status": "affected",
              "version": "146b9756f14c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/hw/irdma/cm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "lessThan": "5.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.94",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix potential NULL-ptr-dereference\n\nin_dev_get() can return NULL which will cause a failure once idev is\ndereferenced in in_dev_for_each_ifa_rtnl(). This patch adds a\ncheck for NULL value in idev beforehand.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:52.232Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/8f5fe1cd8e6a97f94840b55f59ed08cbc397086f"
        },
        {
          "url": "https://git.kernel.org/stable/c/360682fe7df262d94fae54f737c487bec0f9190d"
        },
        {
          "url": "https://git.kernel.org/stable/c/5d9745cead1f121974322b94ceadfb4d1e67960e"
        }
      ],
      "title": "RDMA/irdma: Fix potential NULL-ptr-dereference",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52744",
    "datePublished": "2024-05-21T15:23:05.937Z",
    "dateReserved": "2024-05-21T15:19:24.233Z",
    "dateUpdated": "2024-11-04T14:51:52.232Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47335

Vulnerability from cvelistv5

Published

2024-05-21 14:35

Modified

2024-11-04 12:03

Severity ?

Summary

f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem instances

References

▼	URL	Tags
	https://git.kernel.org/stable/c/86786603014e0a22d0d6af8e80ae4b8687927048
	https://git.kernel.org/stable/c/79fa5d944c875711253a23b8155b36883c696409
	https://git.kernel.org/stable/c/e472b276a0d2180808009be38105e12754432e2a
	https://git.kernel.org/stable/c/cad83c968c2ebe97905f900326988ed37146c347

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47335",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T17:39:39.785256Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:15:03.198Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:08.535Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/86786603014e0a22d0d6af8e80ae4b8687927048"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/79fa5d944c875711253a23b8155b36883c696409"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e472b276a0d2180808009be38105e12754432e2a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cad83c968c2ebe97905f900326988ed37146c347"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/f2fs/f2fs.h",
            "fs/f2fs/recovery.c",
            "fs/f2fs/super.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "86786603014e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "79fa5d944c87",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e472b276a0d2",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "cad83c968c2e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/f2fs/f2fs.h",
            "fs/f2fs/recovery.c",
            "fs/f2fs/super.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.51",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.13.*",
              "status": "unaffected",
              "version": "5.13.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to avoid racing on fsync_entry_slab by multi filesystem instances\n\nAs syzbot reported, there is an use-after-free issue during f2fs recovery:\n\nUse-after-free write at 0xffff88823bc16040 (in kfence-#10):\n kmem_cache_destroy+0x1f/0x120 mm/slab_common.c:486\n f2fs_recover_fsync_data+0x75b0/0x8380 fs/f2fs/recovery.c:869\n f2fs_fill_super+0x9393/0xa420 fs/f2fs/super.c:3945\n mount_bdev+0x26c/0x3a0 fs/super.c:1367\n legacy_get_tree+0xea/0x180 fs/fs_context.c:592\n vfs_get_tree+0x86/0x270 fs/super.c:1497\n do_new_mount fs/namespace.c:2905 [inline]\n path_mount+0x196f/0x2be0 fs/namespace.c:3235\n do_mount fs/namespace.c:3248 [inline]\n __do_sys_mount fs/namespace.c:3456 [inline]\n __se_sys_mount+0x2f9/0x3b0 fs/namespace.c:3433\n do_syscall_64+0x3f/0xb0 arch/x86/entry/common.c:47\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThe root cause is multi f2fs filesystem instances can race on accessing\nglobal fsync_entry_slab pointer, result in use-after-free issue of slab\ncache, fixes to init/destroy this slab cache only once during module\ninit/destroy procedure to avoid this issue."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:03:54.513Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/86786603014e0a22d0d6af8e80ae4b8687927048"
        },
        {
          "url": "https://git.kernel.org/stable/c/79fa5d944c875711253a23b8155b36883c696409"
        },
        {
          "url": "https://git.kernel.org/stable/c/e472b276a0d2180808009be38105e12754432e2a"
        },
        {
          "url": "https://git.kernel.org/stable/c/cad83c968c2ebe97905f900326988ed37146c347"
        }
      ],
      "title": "f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem instances",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47335",
    "datePublished": "2024-05-21T14:35:45.093Z",
    "dateReserved": "2024-05-21T14:28:16.977Z",
    "dateUpdated": "2024-11-04T12:03:54.513Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47489

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:06

Severity ?

Summary

drm/amdgpu: Fix even more out of bound writes from debugfs

References

▼	URL	Tags
	https://git.kernel.org/stable/c/9eb4bdd554fc31a5ef6bf645a20ff21618ce45a9
	https://git.kernel.org/stable/c/3f4e54bd312d3dafb59daf2b97ffa08abebe60f5

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47489",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:36:36.462454Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:36:44.982Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.769Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9eb4bdd554fc31a5ef6bf645a20ff21618ce45a9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3f4e54bd312d3dafb59daf2b97ffa08abebe60f5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9eb4bdd554fc",
              "status": "affected",
              "version": "918698d5c2b5",
              "versionType": "git"
            },
            {
              "lessThan": "3f4e54bd312d",
              "status": "affected",
              "version": "918698d5c2b5",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.10"
            },
            {
              "lessThan": "5.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix even more out of bound writes from debugfs\n\nCVE-2021-42327 was fixed by:\n\ncommit f23750b5b3d98653b31d4469592935ef6364ad67\nAuthor: Thelford Williams \u003ctdwilliamsiv@gmail.com\u003e\nDate:   Wed Oct 13 16:04:13 2021 -0400\n\n    drm/amdgpu: fix out of bounds write\n\nbut amdgpu_dm_debugfs.c contains more of the same issue so fix the\nremaining ones.\n\nv2:\n\t* Add missing fix in dp_max_bpc_write (Harry Wentland)"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:54.358Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9eb4bdd554fc31a5ef6bf645a20ff21618ce45a9"
        },
        {
          "url": "https://git.kernel.org/stable/c/3f4e54bd312d3dafb59daf2b97ffa08abebe60f5"
        }
      ],
      "title": "drm/amdgpu: Fix even more out of bound writes from debugfs",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47489",
    "datePublished": "2024-05-22T08:19:38.771Z",
    "dateReserved": "2024-05-22T06:20:56.201Z",
    "dateUpdated": "2024-11-04T12:06:54.358Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47448

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:06

Severity ?

Summary

mptcp: fix possible stall on recvmsg()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/1a4554e94f0deff9fc1dc5addf93fa579cc29711
	https://git.kernel.org/stable/c/612f71d7328c14369924384ad2170aae2a6abd92

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.611Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1a4554e94f0deff9fc1dc5addf93fa579cc29711"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/612f71d7328c14369924384ad2170aae2a6abd92"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47448",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:18.098656Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:26.764Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/mptcp/protocol.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1a4554e94f0d",
              "status": "affected",
              "version": "7a6a6cbc3e59",
              "versionType": "git"
            },
            {
              "lessThan": "612f71d7328c",
              "status": "affected",
              "version": "7a6a6cbc3e59",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/mptcp/protocol.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.6"
            },
            {
              "lessThan": "5.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix possible stall on recvmsg()\n\nrecvmsg() can enter an infinite loop if the caller provides the\nMSG_WAITALL, the data present in the receive queue is not sufficient to\nfulfill the request, and no more data is received by the peer.\n\nWhen the above happens, mptcp_wait_data() will always return with\nno wait, as the MPTCP_DATA_READY flag checked by such function is\nset and never cleared in such code path.\n\nLeveraging the above syzbot was able to trigger an RCU stall:\n\nrcu: INFO: rcu_preempt self-detected stall on CPU\nrcu:    0-...!: (10499 ticks this GP) idle=0af/1/0x4000000000000000 softirq=10678/10678 fqs=1\n        (t=10500 jiffies g=13089 q=109)\nrcu: rcu_preempt kthread starved for 10497 jiffies! g13089 f0x0 RCU_GP_WAIT_FQS(5) -\u003estate=0x0 -\u003ecpu=1\nrcu:    Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.\nrcu: RCU grace-period kthread stack dump:\ntask:rcu_preempt     state:R  running task     stack:28696 pid:   14 ppid:     2 flags:0x00004000\nCall Trace:\n context_switch kernel/sched/core.c:4955 [inline]\n __schedule+0x940/0x26f0 kernel/sched/core.c:6236\n schedule+0xd3/0x270 kernel/sched/core.c:6315\n schedule_timeout+0x14a/0x2a0 kernel/time/timer.c:1881\n rcu_gp_fqs_loop+0x186/0x810 kernel/rcu/tree.c:1955\n rcu_gp_kthread+0x1de/0x320 kernel/rcu/tree.c:2128\n kthread+0x405/0x4f0 kernel/kthread.c:327\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\nrcu: Stack dump where RCU GP kthread last ran:\nSending NMI from CPU 0 to CPUs 1:\nNMI backtrace for cpu 1\nCPU: 1 PID: 8510 Comm: syz-executor827 Not tainted 5.15.0-rc2-next-20210920-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:bytes_is_nonzero mm/kasan/generic.c:84 [inline]\nRIP: 0010:memory_is_nonzero mm/kasan/generic.c:102 [inline]\nRIP: 0010:memory_is_poisoned_n mm/kasan/generic.c:128 [inline]\nRIP: 0010:memory_is_poisoned mm/kasan/generic.c:159 [inline]\nRIP: 0010:check_region_inline mm/kasan/generic.c:180 [inline]\nRIP: 0010:kasan_check_range+0xc8/0x180 mm/kasan/generic.c:189\nCode: 38 00 74 ed 48 8d 50 08 eb 09 48 83 c0 01 48 39 d0 74 7a 80 38 00 74 f2 48 89 c2 b8 01 00 00 00 48 85 d2 75 56 5b 5d 41 5c c3 \u003c48\u003e 85 d2 74 5e 48 01 ea eb 09 48 83 c0 01 48 39 d0 74 50 80 38 00\nRSP: 0018:ffffc9000cd676c8 EFLAGS: 00000283\nRAX: ffffed100e9a110e RBX: ffffed100e9a110f RCX: ffffffff88ea062a\nRDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff888074d08870\nRBP: ffffed100e9a110e R08: 0000000000000001 R09: ffff888074d08877\nR10: ffffed100e9a110e R11: 0000000000000000 R12: ffff888074d08000\nR13: ffff888074d08000 R14: ffff888074d08088 R15: ffff888074d08000\nFS:  0000555556d8e300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020000180 CR3: 0000000068909000 CR4: 00000000001506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n instrument_atomic_read_write include/linux/instrumented.h:101 [inline]\n test_and_clear_bit include/asm-generic/bitops/instrumented-atomic.h:83 [inline]\n mptcp_release_cb+0x14a/0x210 net/mptcp/protocol.c:3016\n release_sock+0xb4/0x1b0 net/core/sock.c:3204\n mptcp_wait_data net/mptcp/protocol.c:1770 [inline]\n mptcp_recvmsg+0xfd1/0x27b0 net/mptcp/protocol.c:2080\n inet6_recvmsg+0x11b/0x5e0 net/ipv6/af_inet6.c:659\n sock_recvmsg_nosec net/socket.c:944 [inline]\n ____sys_recvmsg+0x527/0x600 net/socket.c:2626\n ___sys_recvmsg+0x127/0x200 net/socket.c:2670\n do_recvmmsg+0x24d/0x6d0 net/socket.c:2764\n __sys_recvmmsg net/socket.c:2843 [inline]\n __do_sys_recvmmsg net/socket.c:2866 [inline]\n __se_sys_recvmmsg net/socket.c:2859 [inline]\n __x64_sys_recvmmsg+0x20b/0x260 net/socket.c:2859\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7fc200d2\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:06.340Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1a4554e94f0deff9fc1dc5addf93fa579cc29711"
        },
        {
          "url": "https://git.kernel.org/stable/c/612f71d7328c14369924384ad2170aae2a6abd92"
        }
      ],
      "title": "mptcp: fix possible stall on recvmsg()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47448",
    "datePublished": "2024-05-22T06:19:40.141Z",
    "dateReserved": "2024-05-21T14:58:30.832Z",
    "dateUpdated": "2024-11-04T12:06:06.340Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47439

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:05

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

net: dsa: microchip: Added the condition for scheduling ksz_mib_read_work

References

▼	URL	Tags
	https://git.kernel.org/stable/c/f2e1de075018cf71bcd7d628e9f759cb8540b0c3
	https://git.kernel.org/stable/c/383239a33cf29ebee9ce0d4e0e5c900b77a16148
	https://git.kernel.org/stable/c/ef1100ef20f29aec4e62abeccdb5bdbebba1e378

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47439",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T18:42:32.231853Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-31T18:04:47.594Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.767Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f2e1de075018cf71bcd7d628e9f759cb8540b0c3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/383239a33cf29ebee9ce0d4e0e5c900b77a16148"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ef1100ef20f29aec4e62abeccdb5bdbebba1e378"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/dsa/microchip/ksz_common.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f2e1de075018",
              "status": "affected",
              "version": "469b390e1ba3",
              "versionType": "git"
            },
            {
              "lessThan": "383239a33cf2",
              "status": "affected",
              "version": "469b390e1ba3",
              "versionType": "git"
            },
            {
              "lessThan": "ef1100ef20f2",
              "status": "affected",
              "version": "469b390e1ba3",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/dsa/microchip/ksz_common.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.7"
            },
            {
              "lessThan": "5.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.75",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: microchip: Added the condition for scheduling ksz_mib_read_work\n\nWhen the ksz module is installed and removed using rmmod, kernel crashes\nwith null pointer dereferrence error. During rmmod, ksz_switch_remove\nfunction tries to cancel the mib_read_workqueue using\ncancel_delayed_work_sync routine and unregister switch from dsa.\n\nDuring dsa_unregister_switch it calls ksz_mac_link_down, which in turn\nreschedules the workqueue since mib_interval is non-zero.\nDue to which queue executed after mib_interval and it tries to access\ndp-\u003eslave. But the slave is unregistered in the ksz_switch_remove\nfunction. Hence kernel crashes.\n\nTo avoid this crash, before canceling the workqueue, resetted the\nmib_interval to 0.\n\nv1 -\u003e v2:\n-Removed the if condition in ksz_mib_read_work"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:55.266Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f2e1de075018cf71bcd7d628e9f759cb8540b0c3"
        },
        {
          "url": "https://git.kernel.org/stable/c/383239a33cf29ebee9ce0d4e0e5c900b77a16148"
        },
        {
          "url": "https://git.kernel.org/stable/c/ef1100ef20f29aec4e62abeccdb5bdbebba1e378"
        }
      ],
      "title": "net: dsa: microchip: Added the condition for scheduling ksz_mib_read_work",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47439",
    "datePublished": "2024-05-22T06:19:34.192Z",
    "dateReserved": "2024-05-21T14:58:30.831Z",
    "dateUpdated": "2024-11-04T12:05:55.266Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52781

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:52

Severity ?

Summary

usb: config: fix iteration issue in 'usb_get_bos_descriptor()'

References

▼	URL	Tags
	https://git.kernel.org/stable/c/9ef94ec8e52eaf7b9abc5b5f8f5b911751112223
	https://git.kernel.org/stable/c/64c27b7b2357ddb38b6afebaf46d5bff4d250702
	https://git.kernel.org/stable/c/f89fef7710b2ba0f7a1e46594e530dcf2f77be91
	https://git.kernel.org/stable/c/7c0244cc311a4038505b73682b7c8ceaa5c7a8c8
	https://git.kernel.org/stable/c/974bba5c118f4c2baf00de0356e3e4f7928b4cbc

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52781",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T17:27:41.275139Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:33.254Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.495Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9ef94ec8e52eaf7b9abc5b5f8f5b911751112223"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/64c27b7b2357ddb38b6afebaf46d5bff4d250702"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f89fef7710b2ba0f7a1e46594e530dcf2f77be91"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7c0244cc311a4038505b73682b7c8ceaa5c7a8c8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/974bba5c118f4c2baf00de0356e3e4f7928b4cbc"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/core/config.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9ef94ec8e52e",
              "status": "affected",
              "version": "3dd550a2d365",
              "versionType": "git"
            },
            {
              "lessThan": "64c27b7b2357",
              "status": "affected",
              "version": "3dd550a2d365",
              "versionType": "git"
            },
            {
              "lessThan": "f89fef7710b2",
              "status": "affected",
              "version": "3dd550a2d365",
              "versionType": "git"
            },
            {
              "lessThan": "7c0244cc311a",
              "status": "affected",
              "version": "3dd550a2d365",
              "versionType": "git"
            },
            {
              "lessThan": "974bba5c118f",
              "status": "affected",
              "version": "3dd550a2d365",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/core/config.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.4"
            },
            {
              "lessThan": "5.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.203",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.142",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.66",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: config: fix iteration issue in \u0027usb_get_bos_descriptor()\u0027\n\nThe BOS descriptor defines a root descriptor and is the base descriptor for\naccessing a family of related descriptors.\n\nFunction \u0027usb_get_bos_descriptor()\u0027 encounters an iteration issue when\nskipping the \u0027USB_DT_DEVICE_CAPABILITY\u0027 descriptor type. This results in\nthe same descriptor being read repeatedly.\n\nTo address this issue, a \u0027goto\u0027 statement is introduced to ensure that the\npointer and the amount read is updated correctly. This ensures that the\nfunction iterates to the next descriptor instead of reading the same\ndescriptor repeatedly."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:36.483Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9ef94ec8e52eaf7b9abc5b5f8f5b911751112223"
        },
        {
          "url": "https://git.kernel.org/stable/c/64c27b7b2357ddb38b6afebaf46d5bff4d250702"
        },
        {
          "url": "https://git.kernel.org/stable/c/f89fef7710b2ba0f7a1e46594e530dcf2f77be91"
        },
        {
          "url": "https://git.kernel.org/stable/c/7c0244cc311a4038505b73682b7c8ceaa5c7a8c8"
        },
        {
          "url": "https://git.kernel.org/stable/c/974bba5c118f4c2baf00de0356e3e4f7928b4cbc"
        }
      ],
      "title": "usb: config: fix iteration issue in \u0027usb_get_bos_descriptor()\u0027",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52781",
    "datePublished": "2024-05-21T15:31:00.242Z",
    "dateReserved": "2024-05-21T15:19:24.240Z",
    "dateUpdated": "2024-11-04T14:52:36.483Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52808

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs

References

▼	URL	Tags
	https://git.kernel.org/stable/c/f0bfc8a5561fb0b2c48183dcbfe00bdd6d973bd3
	https://git.kernel.org/stable/c/33331b265aac9441ac0c1a5442e3f05d038240ec
	https://git.kernel.org/stable/c/75a2656260fe8c7eeabda6ff4600b29e183f48db
	https://git.kernel.org/stable/c/b4465009e7d60c6111946db4c8f1e50d401ed7be
	https://git.kernel.org/stable/c/6de426f9276c448e2db7238911c97fb157cb23be

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52808",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T19:30:55.612970Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:03.695Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.709Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f0bfc8a5561fb0b2c48183dcbfe00bdd6d973bd3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/33331b265aac9441ac0c1a5442e3f05d038240ec"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/75a2656260fe8c7eeabda6ff4600b29e183f48db"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b4465009e7d60c6111946db4c8f1e50d401ed7be"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6de426f9276c448e2db7238911c97fb157cb23be"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/hisi_sas/hisi_sas_v3_hw.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f0bfc8a5561f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "33331b265aac",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "75a2656260fe",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "b4465009e7d6",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6de426f9276c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/hisi_sas/hisi_sas_v3_hw.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs\n\nIf init debugfs failed during device registration due to memory allocation\nfailure, debugfs_remove_recursive() is called, after which debugfs_dir is\nnot set to NULL. debugfs_remove_recursive() will be called again during\ndevice removal. As a result, illegal pointer is accessed.\n\n[ 1665.467244] hisi_sas_v3_hw 0000:b4:02.0: failed to init debugfs!\n...\n[ 1669.836708] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000a0\n[ 1669.872669] pc : down_write+0x24/0x70\n[ 1669.876315] lr : down_write+0x1c/0x70\n[ 1669.879961] sp : ffff000036f53a30\n[ 1669.883260] x29: ffff000036f53a30 x28: ffffa027c31549f8\n[ 1669.888547] x27: ffffa027c3140000 x26: 0000000000000000\n[ 1669.893834] x25: ffffa027bf37c270 x24: ffffa027bf37c270\n[ 1669.899122] x23: ffff0000095406b8 x22: ffff0000095406a8\n[ 1669.904408] x21: 0000000000000000 x20: ffffa027bf37c310\n[ 1669.909695] x19: 00000000000000a0 x18: ffff8027dcd86f10\n[ 1669.914982] x17: 0000000000000000 x16: 0000000000000000\n[ 1669.920268] x15: 0000000000000000 x14: ffffa0274014f870\n[ 1669.925555] x13: 0000000000000040 x12: 0000000000000228\n[ 1669.930842] x11: 0000000000000020 x10: 0000000000000bb0\n[ 1669.936129] x9 : ffff000036f537f0 x8 : ffff80273088ca10\n[ 1669.941416] x7 : 000000000000001d x6 : 00000000ffffffff\n[ 1669.946702] x5 : ffff000008a36310 x4 : ffff80273088be00\n[ 1669.951989] x3 : ffff000009513e90 x2 : 0000000000000000\n[ 1669.957276] x1 : 00000000000000a0 x0 : ffffffff00000001\n[ 1669.962563] Call trace:\n[ 1669.965000]  down_write+0x24/0x70\n[ 1669.968301]  debugfs_remove_recursive+0x5c/0x1b0\n[ 1669.972905]  hisi_sas_debugfs_exit+0x24/0x30 [hisi_sas_main]\n[ 1669.978541]  hisi_sas_v3_remove+0x130/0x150 [hisi_sas_v3_hw]\n[ 1669.984175]  pci_device_remove+0x48/0xd8\n[ 1669.988082]  device_release_driver_internal+0x1b4/0x250\n[ 1669.993282]  device_release_driver+0x28/0x38\n[ 1669.997534]  pci_stop_bus_device+0x84/0xb8\n[ 1670.001611]  pci_stop_and_remove_bus_device_locked+0x24/0x40\n[ 1670.007244]  remove_store+0xfc/0x140\n[ 1670.010802]  dev_attr_store+0x44/0x60\n[ 1670.014448]  sysfs_kf_write+0x58/0x80\n[ 1670.018095]  kernfs_fop_write+0xe8/0x1f0\n[ 1670.022000]  __vfs_write+0x60/0x190\n[ 1670.025472]  vfs_write+0xac/0x1c0\n[ 1670.028771]  ksys_write+0x6c/0xd8\n[ 1670.032071]  __arm64_sys_write+0x24/0x30\n[ 1670.035977]  el0_svc_common+0x78/0x130\n[ 1670.039710]  el0_svc_handler+0x38/0x78\n[ 1670.043442]  el0_svc+0x8/0xc\n\nTo fix this, set debugfs_dir to NULL after debugfs_remove_recursive()."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:06.905Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f0bfc8a5561fb0b2c48183dcbfe00bdd6d973bd3"
        },
        {
          "url": "https://git.kernel.org/stable/c/33331b265aac9441ac0c1a5442e3f05d038240ec"
        },
        {
          "url": "https://git.kernel.org/stable/c/75a2656260fe8c7eeabda6ff4600b29e183f48db"
        },
        {
          "url": "https://git.kernel.org/stable/c/b4465009e7d60c6111946db4c8f1e50d401ed7be"
        },
        {
          "url": "https://git.kernel.org/stable/c/6de426f9276c448e2db7238911c97fb157cb23be"
        }
      ],
      "title": "scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52808",
    "datePublished": "2024-05-21T15:31:18.330Z",
    "dateReserved": "2024-05-21T15:19:24.248Z",
    "dateUpdated": "2024-11-04T14:53:06.905Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52824

Vulnerability from cvelistv5

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2024-05-24T15:26:11.440Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52824",
    "datePublished": "2024-05-21T15:31:28.872Z",
    "dateRejected": "2024-05-24T15:26:11.440Z",
    "dateReserved": "2024-05-21T15:19:24.250Z",
    "dateUpdated": "2024-05-24T15:26:11.440Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-36010

Vulnerability from cvelistv5

Published

2024-05-22 11:46

Modified

2024-11-05 09:26

Severity ?

Summary

igb: Fix string truncation warnings in igb_set_fw_version

References

▼	URL	Tags
	https://git.kernel.org/stable/c/c56d055893cbe97848611855d1c97d0ab171eccc

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36010",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T15:07:27.450256Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:47:56.678Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:30:12.517Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c56d055893cbe97848611855d1c97d0ab171eccc"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/igb/igb.h",
            "drivers/net/ethernet/intel/igb/igb_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c56d055893cb",
              "status": "affected",
              "version": "1978d3ead82c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/igb/igb.h",
            "drivers/net/ethernet/intel/igb/igb_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.7"
            },
            {
              "lessThan": "6.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Fix string truncation warnings in igb_set_fw_version\n\nCommit 1978d3ead82c (\"intel: fix string truncation warnings\")\nfixes \u0027-Wformat-truncation=\u0027 warnings in igb_main.c by using kasprintf.\n\ndrivers/net/ethernet/intel/igb/igb_main.c:3092:53: warning\uff1a\u2018%d\u2019 directive output may be truncated writing between 1 and 5 bytes into a region of size between 1 and 13 [-Wformat-truncation=]\n 3092 |                                  \"%d.%d, 0x%08x, %d.%d.%d\",\n      |                                                     ^~\ndrivers/net/ethernet/intel/igb/igb_main.c:3092:34: note\uff1adirective argument in the range [0, 65535]\n 3092 |                                  \"%d.%d, 0x%08x, %d.%d.%d\",\n      |                                  ^~~~~~~~~~~~~~~~~~~~~~~~~\ndrivers/net/ethernet/intel/igb/igb_main.c:3092:34: note\uff1adirective argument in the range [0, 65535]\ndrivers/net/ethernet/intel/igb/igb_main.c:3090:25: note\uff1a\u2018snprintf\u2019 output between 23 and 43 bytes into a destination of size 32\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.\n\nFix this warning by using a larger space for adapter-\u003efw_version,\nand then fall back and continue to use snprintf."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:26:43.679Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c56d055893cbe97848611855d1c97d0ab171eccc"
        }
      ],
      "title": "igb: Fix string truncation warnings in igb_set_fw_version",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-36010",
    "datePublished": "2024-05-22T11:46:32.984Z",
    "dateReserved": "2024-05-17T13:50:33.152Z",
    "dateUpdated": "2024-11-05T09:26:43.679Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52862

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-06 16:46

Severity ?

4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

Summary

drm/amd/display: Fix null pointer dereference in error message

References

▼	URL	Tags
	https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898
	https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019
	https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 4.1,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52862",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T17:11:35.315228Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:46:54.715Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.134Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "97ef07182ac4",
              "status": "affected",
              "version": "9788d087caff",
              "versionType": "git"
            },
            {
              "lessThan": "8b72c5d4a5d2",
              "status": "affected",
              "version": "9788d087caff",
              "versionType": "git"
            },
            {
              "lessThan": "0c3601a2fbfb",
              "status": "affected",
              "version": "9788d087caff",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.5"
            },
            {
              "lessThan": "6.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null pointer dereference in error message\n\nThis patch fixes a null pointer dereference in the error message that is\nprinted when the Display Core (DC) fails to initialize. The original\nmessage includes the DC version number, which is undefined if the DC is\nnot initialized."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:05.554Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898"
        },
        {
          "url": "https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019"
        },
        {
          "url": "https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112"
        }
      ],
      "title": "drm/amd/display: Fix null pointer dereference in error message",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52862",
    "datePublished": "2024-05-21T15:31:54.544Z",
    "dateReserved": "2024-05-21T15:19:24.261Z",
    "dateUpdated": "2024-11-06T16:46:54.715Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47416

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

phy: mdio: fix memory leak

References

▼	URL	Tags
	https://git.kernel.org/stable/c/25e9f88c7e3cc35f5e3d3db199660d28a15df639
	https://git.kernel.org/stable/c/2250392d930bd0d989f24d355d6355b0150256e7
	https://git.kernel.org/stable/c/f4f502a04ee1e543825af78f47eb7785015cd9f6
	https://git.kernel.org/stable/c/2397b9e118721292429fea8807a698e71b94795f
	https://git.kernel.org/stable/c/414bb4ead1362ef2c8592db723c017258f213988
	https://git.kernel.org/stable/c/0d2dd40a7be61b89a7c99dae8ee96389d27b413a
	https://git.kernel.org/stable/c/064c2616234a7394867c924b5c1303974f3a4f4d
	https://git.kernel.org/stable/c/ca6e11c337daf7925ff8a2aac8e84490a8691905

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47416",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T17:32:44.904318Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:15:14.542Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.091Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/25e9f88c7e3cc35f5e3d3db199660d28a15df639"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2250392d930bd0d989f24d355d6355b0150256e7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f4f502a04ee1e543825af78f47eb7785015cd9f6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2397b9e118721292429fea8807a698e71b94795f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/414bb4ead1362ef2c8592db723c017258f213988"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0d2dd40a7be61b89a7c99dae8ee96389d27b413a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/064c2616234a7394867c924b5c1303974f3a4f4d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ca6e11c337daf7925ff8a2aac8e84490a8691905"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/phy/mdio_bus.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "25e9f88c7e3c",
              "status": "affected",
              "version": "46abc02175b3",
              "versionType": "git"
            },
            {
              "lessThan": "2250392d930b",
              "status": "affected",
              "version": "46abc02175b3",
              "versionType": "git"
            },
            {
              "lessThan": "f4f502a04ee1",
              "status": "affected",
              "version": "46abc02175b3",
              "versionType": "git"
            },
            {
              "lessThan": "2397b9e11872",
              "status": "affected",
              "version": "46abc02175b3",
              "versionType": "git"
            },
            {
              "lessThan": "414bb4ead136",
              "status": "affected",
              "version": "46abc02175b3",
              "versionType": "git"
            },
            {
              "lessThan": "0d2dd40a7be6",
              "status": "affected",
              "version": "46abc02175b3",
              "versionType": "git"
            },
            {
              "lessThan": "064c2616234a",
              "status": "affected",
              "version": "46abc02175b3",
              "versionType": "git"
            },
            {
              "lessThan": "ca6e11c337da",
              "status": "affected",
              "version": "46abc02175b3",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/phy/mdio_bus.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.28"
            },
            {
              "lessThan": "2.6.28",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.289",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.287",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.251",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.211",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.153",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.73",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: mdio: fix memory leak\n\nSyzbot reported memory leak in MDIO bus interface, the problem was in\nwrong state logic.\n\nMDIOBUS_ALLOCATED indicates 2 states:\n\t1. Bus is only allocated\n\t2. Bus allocated and __mdiobus_register() fails, but\n\t   device_register() was called\n\nIn case of device_register() has been called we should call put_device()\nto correctly free the memory allocated for this device, but mdiobus_free()\ncalls just kfree(dev) in case of MDIOBUS_ALLOCATED state\n\nTo avoid this behaviour we need to set bus-\u003estate to MDIOBUS_UNREGISTERED\n_before_ calling device_register(), because put_device() should be\ncalled even in case of device_register() failure."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:29.449Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/25e9f88c7e3cc35f5e3d3db199660d28a15df639"
        },
        {
          "url": "https://git.kernel.org/stable/c/2250392d930bd0d989f24d355d6355b0150256e7"
        },
        {
          "url": "https://git.kernel.org/stable/c/f4f502a04ee1e543825af78f47eb7785015cd9f6"
        },
        {
          "url": "https://git.kernel.org/stable/c/2397b9e118721292429fea8807a698e71b94795f"
        },
        {
          "url": "https://git.kernel.org/stable/c/414bb4ead1362ef2c8592db723c017258f213988"
        },
        {
          "url": "https://git.kernel.org/stable/c/0d2dd40a7be61b89a7c99dae8ee96389d27b413a"
        },
        {
          "url": "https://git.kernel.org/stable/c/064c2616234a7394867c924b5c1303974f3a4f4d"
        },
        {
          "url": "https://git.kernel.org/stable/c/ca6e11c337daf7925ff8a2aac8e84490a8691905"
        }
      ],
      "title": "phy: mdio: fix memory leak",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47416",
    "datePublished": "2024-05-21T15:04:06.042Z",
    "dateReserved": "2024-05-21T14:58:30.818Z",
    "dateUpdated": "2024-11-04T12:05:29.449Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47407

Vulnerability from cvelistv5

Published

2024-05-21 15:03

Modified

2024-11-04 12:05

Severity ?

Summary

KVM: x86: Handle SRCU initialization failure during page track init

References

▼	URL	Tags
	https://git.kernel.org/stable/c/deb2949417677649e2413266d7ce8c2ff73952b4
	https://git.kernel.org/stable/c/4664318f73e496cd22c71b10888e75434a123e23
	https://git.kernel.org/stable/c/eb7511bf9182292ef1df1082d23039e856d1ddfb

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:58.900Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/deb2949417677649e2413266d7ce8c2ff73952b4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4664318f73e496cd22c71b10888e75434a123e23"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eb7511bf9182292ef1df1082d23039e856d1ddfb"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47407",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:38:00.602784Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:57.180Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/include/asm/kvm_page_track.h",
            "arch/x86/kvm/mmu/page_track.c",
            "arch/x86/kvm/x86.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "deb294941767",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "4664318f73e4",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "eb7511bf9182",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/include/asm/kvm_page_track.h",
            "arch/x86/kvm/mmu/page_track.c",
            "arch/x86/kvm/x86.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.71",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Handle SRCU initialization failure during page track init\n\nCheck the return of init_srcu_struct(), which can fail due to OOM, when\ninitializing the page track mechanism.  Lack of checking leads to a NULL\npointer deref found by a modified syzkaller.\n\n[Move the call towards the beginning of kvm_arch_init_vm. - Paolo]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:20.118Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/deb2949417677649e2413266d7ce8c2ff73952b4"
        },
        {
          "url": "https://git.kernel.org/stable/c/4664318f73e496cd22c71b10888e75434a123e23"
        },
        {
          "url": "https://git.kernel.org/stable/c/eb7511bf9182292ef1df1082d23039e856d1ddfb"
        }
      ],
      "title": "KVM: x86: Handle SRCU initialization failure during page track init",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47407",
    "datePublished": "2024-05-21T15:03:59.991Z",
    "dateReserved": "2024-05-21T14:58:30.817Z",
    "dateUpdated": "2024-11-04T12:05:20.118Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52812

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

drm/amd: check num of link levels when update pcie param

References

▼	URL	Tags
	https://git.kernel.org/stable/c/5b4574b663d0a1a0a62d5232429b7db9ae6d0670
	https://git.kernel.org/stable/c/09f617219fe9ccd8d7b65dc3e879b5889f663b5a
	https://git.kernel.org/stable/c/406e8845356d18bdf3d3a23b347faf67706472ec

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52812",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:36:42.933997Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:36:56.947Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.059Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5b4574b663d0a1a0a62d5232429b7db9ae6d0670"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/09f617219fe9ccd8d7b65dc3e879b5889f663b5a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/406e8845356d18bdf3d3a23b347faf67706472ec"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5b4574b663d0",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "09f617219fe9",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "406e8845356d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: check num of link levels when update pcie param\n\nIn SR-IOV environment, the value of pcie_table-\u003enum_of_link_levels will\nbe 0, and num_of_levels - 1 will cause array index out of bounds"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:11.688Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/5b4574b663d0a1a0a62d5232429b7db9ae6d0670"
        },
        {
          "url": "https://git.kernel.org/stable/c/09f617219fe9ccd8d7b65dc3e879b5889f663b5a"
        },
        {
          "url": "https://git.kernel.org/stable/c/406e8845356d18bdf3d3a23b347faf67706472ec"
        }
      ],
      "title": "drm/amd: check num of link levels when update pcie param",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52812",
    "datePublished": "2024-05-21T15:31:20.940Z",
    "dateReserved": "2024-05-21T15:19:24.248Z",
    "dateUpdated": "2024-11-04T14:53:11.688Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47337

Vulnerability from cvelistv5

Published

2024-05-21 14:35

Modified

2024-11-04 12:03

Severity ?

Summary

scsi: core: Fix bad pointer dereference when ehandler kthread is invalid

References

▼	URL	Tags
	https://git.kernel.org/stable/c/d2f0b960d07e52bb664471b4de0ed8b08c636b3a
	https://git.kernel.org/stable/c/f3d0a109240c9bed5c60d819014786be3a2fe515
	https://git.kernel.org/stable/c/e1bd3fac2baa3d5c04375980c1d5263a3335af92
	https://git.kernel.org/stable/c/887bfae2732b5b02a86a859fd239d34f7ff93c05
	https://git.kernel.org/stable/c/ea518b70ed5e4598c8d706f37fc16f7b06e440bd
	https://git.kernel.org/stable/c/8e4212ecf0713dd57d0e3209a66201da582149b1
	https://git.kernel.org/stable/c/c1671d2d2ef8a84837eea1b4d99ca0c6a66fb691
	https://git.kernel.org/stable/c/93aa71ad7379900e61c8adff6a710a4c18c7c99b

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:08.569Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d2f0b960d07e52bb664471b4de0ed8b08c636b3a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f3d0a109240c9bed5c60d819014786be3a2fe515"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e1bd3fac2baa3d5c04375980c1d5263a3335af92"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/887bfae2732b5b02a86a859fd239d34f7ff93c05"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ea518b70ed5e4598c8d706f37fc16f7b06e440bd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8e4212ecf0713dd57d0e3209a66201da582149b1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c1671d2d2ef8a84837eea1b4d99ca0c6a66fb691"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/93aa71ad7379900e61c8adff6a710a4c18c7c99b"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47337",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:38:56.617775Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:50.372Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/hosts.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d2f0b960d07e",
              "status": "affected",
              "version": "8958181c1663",
              "versionType": "git"
            },
            {
              "lessThan": "f3d0a109240c",
              "status": "affected",
              "version": "db08ce595dd6",
              "versionType": "git"
            },
            {
              "lessThan": "e1bd3fac2baa",
              "status": "affected",
              "version": "2dc85045ae65",
              "versionType": "git"
            },
            {
              "lessThan": "887bfae2732b",
              "status": "affected",
              "version": "79296e292d67",
              "versionType": "git"
            },
            {
              "lessThan": "ea518b70ed5e",
              "status": "affected",
              "version": "7a696ce1d5d1",
              "versionType": "git"
            },
            {
              "lessThan": "8e4212ecf071",
              "status": "affected",
              "version": "45d83db47281",
              "versionType": "git"
            },
            {
              "lessThan": "c1671d2d2ef8",
              "status": "affected",
              "version": "66a834d09293",
              "versionType": "git"
            },
            {
              "lessThan": "93aa71ad7379",
              "status": "affected",
              "version": "66a834d09293",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/hosts.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.13"
            },
            {
              "lessThan": "5.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.276",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.240",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.198",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.134",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.52",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.19",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.13.*",
              "status": "unaffected",
              "version": "5.13.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix bad pointer dereference when ehandler kthread is invalid\n\nCommit 66a834d09293 (\"scsi: core: Fix error handling of scsi_host_alloc()\")\nchanged the allocation logic to call put_device() to perform host cleanup\nwith the assumption that IDA removal and stopping the kthread would\nproperly be performed in scsi_host_dev_release(). However, in the unlikely\ncase that the error handler thread fails to spawn, shost-\u003eehandler is set\nto ERR_PTR(-ENOMEM).\n\nThe error handler cleanup code in scsi_host_dev_release() will call\nkthread_stop() if shost-\u003eehandler != NULL which will always be the case\nwhether the kthread was successfully spawned or not. In the case that it\nfailed to spawn this has the nasty side effect of trying to dereference an\ninvalid pointer when kthread_stop() is called. The following splat provides\nan example of this behavior in the wild:\n\nscsi host11: error handler thread failed to spawn, error = -4\nKernel attempted to read user page (10c) - exploit attempt? (uid: 0)\nBUG: Kernel NULL pointer dereference on read at 0x0000010c\nFaulting instruction address: 0xc00000000818e9a8\nOops: Kernel access of bad area, sig: 11 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: ibmvscsi(+) scsi_transport_srp dm_multipath dm_mirror dm_region\n hash dm_log dm_mod fuse overlay squashfs loop\nCPU: 12 PID: 274 Comm: systemd-udevd Not tainted 5.13.0-rc7 #1\nNIP:  c00000000818e9a8 LR: c0000000089846e8 CTR: 0000000000007ee8\nREGS: c000000037d12ea0 TRAP: 0300   Not tainted  (5.13.0-rc7)\nMSR:  800000000280b033 \u0026lt;SF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u0026gt;  CR: 28228228\nXER: 20040001\nCFAR: c0000000089846e4 DAR: 000000000000010c DSISR: 40000000 IRQMASK: 0\nGPR00: c0000000089846e8 c000000037d13140 c000000009cc1100 fffffffffffffffc\nGPR04: 0000000000000001 0000000000000000 0000000000000000 c000000037dc0000\nGPR08: 0000000000000000 c000000037dc0000 0000000000000001 00000000fffff7ff\nGPR12: 0000000000008000 c00000000a049000 c000000037d13d00 000000011134d5a0\nGPR16: 0000000000001740 c0080000190d0000 c0080000190d1740 c000000009129288\nGPR20: c000000037d13bc0 0000000000000001 c000000037d13bc0 c0080000190b7898\nGPR24: c0080000190b7708 0000000000000000 c000000033bb2c48 0000000000000000\nGPR28: c000000046b28280 0000000000000000 000000000000010c fffffffffffffffc\nNIP [c00000000818e9a8] kthread_stop+0x38/0x230\nLR [c0000000089846e8] scsi_host_dev_release+0x98/0x160\nCall Trace:\n[c000000033bb2c48] 0xc000000033bb2c48 (unreliable)\n[c0000000089846e8] scsi_host_dev_release+0x98/0x160\n[c00000000891e960] device_release+0x60/0x100\n[c0000000087e55c4] kobject_release+0x84/0x210\n[c00000000891ec78] put_device+0x28/0x40\n[c000000008984ea4] scsi_host_alloc+0x314/0x430\n[c0080000190b38bc] ibmvscsi_probe+0x54/0xad0 [ibmvscsi]\n[c000000008110104] vio_bus_probe+0xa4/0x4b0\n[c00000000892a860] really_probe+0x140/0x680\n[c00000000892aefc] driver_probe_device+0x15c/0x200\n[c00000000892b63c] device_driver_attach+0xcc/0xe0\n[c00000000892b740] __driver_attach+0xf0/0x200\n[c000000008926f28] bus_for_each_dev+0xa8/0x130\n[c000000008929ce4] driver_attach+0x34/0x50\n[c000000008928fc0] bus_add_driver+0x1b0/0x300\n[c00000000892c798] driver_register+0x98/0x1a0\n[c00000000810eb60] __vio_register_driver+0x80/0xe0\n[c0080000190b4a30] ibmvscsi_module_init+0x9c/0xdc [ibmvscsi]\n[c0000000080121d0] do_one_initcall+0x60/0x2d0\n[c000000008261abc] do_init_module+0x7c/0x320\n[c000000008265700] load_module+0x2350/0x25b0\n[c000000008265cb4] __do_sys_finit_module+0xd4/0x160\n[c000000008031110] system_call_exception+0x150/0x2d0\n[c00000000800d35c] system_call_common+0xec/0x278\n\nFix this be nulling shost-\u003eehandler when the kthread fails to spawn."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:03:56.937Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d2f0b960d07e52bb664471b4de0ed8b08c636b3a"
        },
        {
          "url": "https://git.kernel.org/stable/c/f3d0a109240c9bed5c60d819014786be3a2fe515"
        },
        {
          "url": "https://git.kernel.org/stable/c/e1bd3fac2baa3d5c04375980c1d5263a3335af92"
        },
        {
          "url": "https://git.kernel.org/stable/c/887bfae2732b5b02a86a859fd239d34f7ff93c05"
        },
        {
          "url": "https://git.kernel.org/stable/c/ea518b70ed5e4598c8d706f37fc16f7b06e440bd"
        },
        {
          "url": "https://git.kernel.org/stable/c/8e4212ecf0713dd57d0e3209a66201da582149b1"
        },
        {
          "url": "https://git.kernel.org/stable/c/c1671d2d2ef8a84837eea1b4d99ca0c6a66fb691"
        },
        {
          "url": "https://git.kernel.org/stable/c/93aa71ad7379900e61c8adff6a710a4c18c7c99b"
        }
      ],
      "title": "scsi: core: Fix bad pointer dereference when ehandler kthread is invalid",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47337",
    "datePublished": "2024-05-21T14:35:46.379Z",
    "dateReserved": "2024-05-21T14:28:16.978Z",
    "dateUpdated": "2024-11-04T12:03:56.937Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47432

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 12:05

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

lib/generic-radix-tree.c: Don't overflow in peek()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/784d01f9bbc282abb0c5ade5beb98a87f50343ac
	https://git.kernel.org/stable/c/ec298b958cb0c40d70c68079da933c8f31c5134c
	https://git.kernel.org/stable/c/aa7f1827953100cdde0795289a80c6c077bfe437
	https://git.kernel.org/stable/c/9492261ff2460252cf2d8de89cdf854c7e2b28a0

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47432",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T17:47:48.909736Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-31T15:31:57.716Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.326Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/784d01f9bbc282abb0c5ade5beb98a87f50343ac"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ec298b958cb0c40d70c68079da933c8f31c5134c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/aa7f1827953100cdde0795289a80c6c077bfe437"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9492261ff2460252cf2d8de89cdf854c7e2b28a0"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/linux/generic-radix-tree.h",
            "lib/generic-radix-tree.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "784d01f9bbc2",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "ec298b958cb0",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "aa7f18279531",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "9492261ff246",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "include/linux/generic-radix-tree.h",
            "lib/generic-radix-tree.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib/generic-radix-tree.c: Don\u0027t overflow in peek()\n\nWhen we started spreading new inode numbers throughout most of the 64\nbit inode space, that triggered some corner case bugs, in particular\nsome integer overflows related to the radix tree code. Oops."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:48.114Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/784d01f9bbc282abb0c5ade5beb98a87f50343ac"
        },
        {
          "url": "https://git.kernel.org/stable/c/ec298b958cb0c40d70c68079da933c8f31c5134c"
        },
        {
          "url": "https://git.kernel.org/stable/c/aa7f1827953100cdde0795289a80c6c077bfe437"
        },
        {
          "url": "https://git.kernel.org/stable/c/9492261ff2460252cf2d8de89cdf854c7e2b28a0"
        }
      ],
      "title": "lib/generic-radix-tree.c: Don\u0027t overflow in peek()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47432",
    "datePublished": "2024-05-21T15:30:36.904Z",
    "dateReserved": "2024-05-21T14:58:30.829Z",
    "dateUpdated": "2024-11-04T12:05:48.114Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47455

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:06

Severity ?

Summary

ptp: Fix possible memory leak in ptp_clock_register()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/95c0a0c5ec8839f8f21672be786e87a100319ca8
	https://git.kernel.org/stable/c/4225fea1cb28370086e17e82c0f69bec2779dca0

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47455",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-10T18:55:42.625337Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-10T18:55:51.518Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.400Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/95c0a0c5ec8839f8f21672be786e87a100319ca8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4225fea1cb28370086e17e82c0f69bec2779dca0"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/ptp/ptp_clock.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "95c0a0c5ec88",
              "status": "affected",
              "version": "a33121e5487b",
              "versionType": "git"
            },
            {
              "lessThan": "4225fea1cb28",
              "status": "affected",
              "version": "a33121e5487b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/ptp/ptp_clock.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.5"
            },
            {
              "lessThan": "5.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: Fix possible memory leak in ptp_clock_register()\n\nI got memory leak as follows when doing fault injection test:\n\nunreferenced object 0xffff88800906c618 (size 8):\n  comm \"i2c-idt82p33931\", pid 4421, jiffies 4294948083 (age 13.188s)\n  hex dump (first 8 bytes):\n    70 74 70 30 00 00 00 00                          ptp0....\n  backtrace:\n    [\u003c00000000312ed458\u003e] __kmalloc_track_caller+0x19f/0x3a0\n    [\u003c0000000079f6e2ff\u003e] kvasprintf+0xb5/0x150\n    [\u003c0000000026aae54f\u003e] kvasprintf_const+0x60/0x190\n    [\u003c00000000f323a5f7\u003e] kobject_set_name_vargs+0x56/0x150\n    [\u003c000000004e35abdd\u003e] dev_set_name+0xc0/0x100\n    [\u003c00000000f20cfe25\u003e] ptp_clock_register+0x9f4/0xd30 [ptp]\n    [\u003c000000008bb9f0de\u003e] idt82p33_probe.cold+0x8b6/0x1561 [ptp_idt82p33]\n\nWhen posix_clock_register() returns an error, the name allocated\nin dev_set_name() will be leaked, the put_device() should be used\nto give up the device reference, then the name will be freed in\nkobject_cleanup() and other memory will be freed in ptp_clock_release()."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:16.711Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/95c0a0c5ec8839f8f21672be786e87a100319ca8"
        },
        {
          "url": "https://git.kernel.org/stable/c/4225fea1cb28370086e17e82c0f69bec2779dca0"
        }
      ],
      "title": "ptp: Fix possible memory leak in ptp_clock_register()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47455",
    "datePublished": "2024-05-22T06:19:44.700Z",
    "dateReserved": "2024-05-21T14:58:30.833Z",
    "dateUpdated": "2024-11-04T12:06:16.711Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47374

Vulnerability from cvelistv5

Published

2024-05-21 15:03

Modified

2024-11-04 12:04

Severity ?

Summary

dma-debug: prevent an error message from causing runtime problems

References

▼	URL	Tags
	https://git.kernel.org/stable/c/de4afec2d2946c92c62a15ab341c70b287289e6a
	https://git.kernel.org/stable/c/510e1a724ab1bf38150be2c1acabb303f98d0047

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:08.654Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/de4afec2d2946c92c62a15ab341c70b287289e6a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/510e1a724ab1bf38150be2c1acabb303f98d0047"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47374",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:38:22.986319Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:56.494Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/dma/debug.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "de4afec2d294",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "510e1a724ab1",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/dma/debug.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-debug: prevent an error message from causing runtime problems\n\nFor some drivers, that use the DMA API. This error message can be reached\nseveral millions of times per second, causing spam to the kernel\u0027s printk\nbuffer and bringing the CPU usage up to 100% (so, it should be rate\nlimited). However, since there is at least one driver that is in the\nmainline and suffers from the error condition, it is more useful to\nerr_printk() here instead of just rate limiting the error message (in hopes\nthat it will make it easier for other drivers that suffer from this issue\nto be spotted)."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:04:41.120Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/de4afec2d2946c92c62a15ab341c70b287289e6a"
        },
        {
          "url": "https://git.kernel.org/stable/c/510e1a724ab1bf38150be2c1acabb303f98d0047"
        }
      ],
      "title": "dma-debug: prevent an error message from causing runtime problems",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47374",
    "datePublished": "2024-05-21T15:03:38.436Z",
    "dateReserved": "2024-05-21T14:58:30.811Z",
    "dateUpdated": "2024-11-04T12:04:41.120Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47464

Vulnerability from cvelistv5

Published

2024-05-22 06:23

Modified

2024-11-04 12:06

Severity ?

7.4 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

audit: fix possible null-pointer dereference in audit_filter_rules

References

▼	URL	Tags
	https://git.kernel.org/stable/c/d6f451f1f60c58d73038c7c3177066f8f084e2a2
	https://git.kernel.org/stable/c/16802fa4c33eb1a8efb23f1e93365190e4047d05
	https://git.kernel.org/stable/c/4e9e46a700201b4c85081fd478c99c692a9aaa0d
	https://git.kernel.org/stable/c/6e3ee990c90494561921c756481d0e2125d8b895

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "d6f451f1f60c",
                "status": "affected",
                "version": "bf361231c295",
                "versionType": "custom"
              },
              {
                "lessThan": "16802fa4c33e",
                "status": "affected",
                "version": "bf361231c295",
                "versionType": "custom"
              },
              {
                "lessThan": "4e9e46a70020",
                "status": "affected",
                "version": "bf361231c295",
                "versionType": "custom"
              },
              {
                "lessThan": "6e3ee990c904",
                "status": "affected",
                "version": "bf361231c295",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:5.3:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "5.3"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.4,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47464",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T18:04:07.219306Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T18:04:11.318Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.357Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d6f451f1f60c58d73038c7c3177066f8f084e2a2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/16802fa4c33eb1a8efb23f1e93365190e4047d05"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4e9e46a700201b4c85081fd478c99c692a9aaa0d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6e3ee990c90494561921c756481d0e2125d8b895"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/auditsc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d6f451f1f60c",
              "status": "affected",
              "version": "bf361231c295",
              "versionType": "git"
            },
            {
              "lessThan": "16802fa4c33e",
              "status": "affected",
              "version": "bf361231c295",
              "versionType": "git"
            },
            {
              "lessThan": "4e9e46a70020",
              "status": "affected",
              "version": "bf361231c295",
              "versionType": "git"
            },
            {
              "lessThan": "6e3ee990c904",
              "status": "affected",
              "version": "bf361231c295",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/auditsc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.3"
            },
            {
              "lessThan": "5.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.156",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.76",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naudit: fix possible null-pointer dereference in audit_filter_rules\n\nFix  possible null-pointer dereference in audit_filter_rules.\n\naudit_filter_rules() error: we previously assumed \u0027ctx\u0027 could be null"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:27.118Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d6f451f1f60c58d73038c7c3177066f8f084e2a2"
        },
        {
          "url": "https://git.kernel.org/stable/c/16802fa4c33eb1a8efb23f1e93365190e4047d05"
        },
        {
          "url": "https://git.kernel.org/stable/c/4e9e46a700201b4c85081fd478c99c692a9aaa0d"
        },
        {
          "url": "https://git.kernel.org/stable/c/6e3ee990c90494561921c756481d0e2125d8b895"
        }
      ],
      "title": "audit: fix possible null-pointer dereference in audit_filter_rules",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47464",
    "datePublished": "2024-05-22T06:23:24.355Z",
    "dateReserved": "2024-05-22T06:20:56.198Z",
    "dateUpdated": "2024-11-04T12:06:27.118Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52704

Vulnerability from cvelistv5

Published

2024-05-21 15:22

Modified

2024-11-04 14:51

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

freezer,umh: Fix call_usermode_helper_exec() vs SIGKILL

References

▼	URL	Tags
	https://git.kernel.org/stable/c/7f9f6c54da876b3f0bece2b569456ceb96965ed7
	https://git.kernel.org/stable/c/eedeb787ebb53de5c5dcf7b7b39d01bf1b0f037d

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52704",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T17:51:26.143724Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-31T20:11:31.465Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.365Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7f9f6c54da876b3f0bece2b569456ceb96965ed7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eedeb787ebb53de5c5dcf7b7b39d01bf1b0f037d"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/umh.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7f9f6c54da87",
              "status": "affected",
              "version": "f5d39b020809",
              "versionType": "git"
            },
            {
              "lessThan": "eedeb787ebb5",
              "status": "affected",
              "version": "f5d39b020809",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/umh.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "lessThan": "6.1",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfreezer,umh: Fix call_usermode_helper_exec() vs SIGKILL\n\nTetsuo-San noted that commit f5d39b020809 (\"freezer,sched: Rewrite\ncore freezer logic\") broke call_usermodehelper_exec() for the KILLABLE\ncase.\n\nSpecifically it was missed that the second, unconditional,\nwait_for_completion() was not optional and ensures the on-stack\ncompletion is unused before going out-of-scope."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:30.866Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7f9f6c54da876b3f0bece2b569456ceb96965ed7"
        },
        {
          "url": "https://git.kernel.org/stable/c/eedeb787ebb53de5c5dcf7b7b39d01bf1b0f037d"
        }
      ],
      "title": "freezer,umh: Fix call_usermode_helper_exec() vs SIGKILL",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52704",
    "datePublished": "2024-05-21T15:22:53.343Z",
    "dateReserved": "2024-03-07T14:49:46.891Z",
    "dateUpdated": "2024-11-04T14:51:30.866Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52747

Vulnerability from cvelistv5

Published

2024-05-21 15:23

Modified

2024-11-04 14:51

Severity ?

Summary

IB/hfi1: Restore allocated resources on failed copyout

References

▼	URL	Tags
	https://git.kernel.org/stable/c/00d9e212b8a39e6ffcf31b9d2e503d2bf6009d45
	https://git.kernel.org/stable/c/7896accedf5bf1277d2f305718e36dc8bac7e321
	https://git.kernel.org/stable/c/79b595d9591426156a9e0635a5b5115508a36fef
	https://git.kernel.org/stable/c/9bae58d58b6bb73b572356b31a62d2afc7378d12
	https://git.kernel.org/stable/c/0a4f811f2e5d07bbd0c9226f4afb0a1270a831ae
	https://git.kernel.org/stable/c/6601fc0d15ffc20654e39486f9bef35567106d68

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.817Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/00d9e212b8a39e6ffcf31b9d2e503d2bf6009d45"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7896accedf5bf1277d2f305718e36dc8bac7e321"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/79b595d9591426156a9e0635a5b5115508a36fef"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9bae58d58b6bb73b572356b31a62d2afc7378d12"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0a4f811f2e5d07bbd0c9226f4afb0a1270a831ae"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6601fc0d15ffc20654e39486f9bef35567106d68"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52747",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:25.655553Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:33.803Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/hw/hfi1/file_ops.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "00d9e212b8a3",
              "status": "affected",
              "version": "f404ca4c7ea8",
              "versionType": "git"
            },
            {
              "lessThan": "7896accedf5b",
              "status": "affected",
              "version": "f404ca4c7ea8",
              "versionType": "git"
            },
            {
              "lessThan": "79b595d95914",
              "status": "affected",
              "version": "f404ca4c7ea8",
              "versionType": "git"
            },
            {
              "lessThan": "9bae58d58b6b",
              "status": "affected",
              "version": "f404ca4c7ea8",
              "versionType": "git"
            },
            {
              "lessThan": "0a4f811f2e5d",
              "status": "affected",
              "version": "f404ca4c7ea8",
              "versionType": "git"
            },
            {
              "lessThan": "6601fc0d15ff",
              "status": "affected",
              "version": "f404ca4c7ea8",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/hw/hfi1/file_ops.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.15"
            },
            {
              "lessThan": "4.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.273",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.232",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.168",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.94",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Restore allocated resources on failed copyout\n\nFix a resource leak if an error occurs."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:55.787Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/00d9e212b8a39e6ffcf31b9d2e503d2bf6009d45"
        },
        {
          "url": "https://git.kernel.org/stable/c/7896accedf5bf1277d2f305718e36dc8bac7e321"
        },
        {
          "url": "https://git.kernel.org/stable/c/79b595d9591426156a9e0635a5b5115508a36fef"
        },
        {
          "url": "https://git.kernel.org/stable/c/9bae58d58b6bb73b572356b31a62d2afc7378d12"
        },
        {
          "url": "https://git.kernel.org/stable/c/0a4f811f2e5d07bbd0c9226f4afb0a1270a831ae"
        },
        {
          "url": "https://git.kernel.org/stable/c/6601fc0d15ffc20654e39486f9bef35567106d68"
        }
      ],
      "title": "IB/hfi1: Restore allocated resources on failed copyout",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52747",
    "datePublished": "2024-05-21T15:23:07.916Z",
    "dateReserved": "2024-05-21T15:19:24.234Z",
    "dateUpdated": "2024-11-04T14:51:55.787Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52786

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:52

Severity ?

Summary

ext4: fix racy may inline data check in dio write

References

▼	URL	Tags
	https://git.kernel.org/stable/c/e3b83d87c93eb6fc96a80b5e8527f7dc9f5a11bc
	https://git.kernel.org/stable/c/7343c23ebcadbedc23a7063d1e24d976eccb0d0d
	https://git.kernel.org/stable/c/ce56d21355cd6f6937aca32f1f44ca749d1e4808

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52786",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T19:36:50.287766Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:16.597Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.517Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e3b83d87c93eb6fc96a80b5e8527f7dc9f5a11bc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7343c23ebcadbedc23a7063d1e24d976eccb0d0d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ce56d21355cd6f6937aca32f1f44ca749d1e4808"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/ext4/file.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e3b83d87c93e",
              "status": "affected",
              "version": "310ee0902b8d",
              "versionType": "git"
            },
            {
              "lessThan": "7343c23ebcad",
              "status": "affected",
              "version": "310ee0902b8d",
              "versionType": "git"
            },
            {
              "lessThan": "ce56d21355cd",
              "status": "affected",
              "version": "310ee0902b8d",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/ext4/file.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.5"
            },
            {
              "lessThan": "6.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix racy may inline data check in dio write\n\nsyzbot reports that the following warning from ext4_iomap_begin()\ntriggers as of the commit referenced below:\n\n        if (WARN_ON_ONCE(ext4_has_inline_data(inode)))\n                return -ERANGE;\n\nThis occurs during a dio write, which is never expected to encounter\nan inode with inline data. To enforce this behavior,\next4_dio_write_iter() checks the current inline state of the inode\nand clears the MAY_INLINE_DATA state flag to either fall back to\nbuffered writes, or enforce that any other writers in progress on\nthe inode are not allowed to create inline data.\n\nThe problem is that the check for existing inline data and the state\nflag can span a lock cycle. For example, if the ilock is originally\nlocked shared and subsequently upgraded to exclusive, another writer\nmay have reacquired the lock and created inline data before the dio\nwrite task acquires the lock and proceeds.\n\nThe commit referenced below loosens the lock requirements to allow\nsome forms of unaligned dio writes to occur under shared lock, but\nAFAICT the inline data check was technically already racy for any\ndio write that would have involved a lock cycle. Regardless, lift\nclearing of the state bit to the same lock critical section that\nchecks for preexisting inline data on the inode to close the race."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:42.837Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e3b83d87c93eb6fc96a80b5e8527f7dc9f5a11bc"
        },
        {
          "url": "https://git.kernel.org/stable/c/7343c23ebcadbedc23a7063d1e24d976eccb0d0d"
        },
        {
          "url": "https://git.kernel.org/stable/c/ce56d21355cd6f6937aca32f1f44ca749d1e4808"
        }
      ],
      "title": "ext4: fix racy may inline data check in dio write",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52786",
    "datePublished": "2024-05-21T15:31:03.694Z",
    "dateReserved": "2024-05-21T15:19:24.241Z",
    "dateUpdated": "2024-11-04T14:52:42.837Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52789

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:52

Severity ?

Summary

tty: vcc: Add check for kstrdup() in vcc_probe()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/38cd56fc9de78bf3c878790785e8c231116ef9d3
	https://git.kernel.org/stable/c/909963e0c16778cec28efb1affc21558825f4200
	https://git.kernel.org/stable/c/460284dfb10b207980c6f3f7046e33446ceb38ac
	https://git.kernel.org/stable/c/4ef41a7f33ffe1a335e7db7e1564ddc6afad47cc
	https://git.kernel.org/stable/c/6c80f48912b5bd4965352d1a9a989e21743a4a06
	https://git.kernel.org/stable/c/7cebc86481bf16049e266f6774d90f2fd4f8d5d2
	https://git.kernel.org/stable/c/4a24a31826246b15477399febd13292b0c9f0ee9
	https://git.kernel.org/stable/c/8f8771757b130383732195497e47fba2aba76d3a
	https://git.kernel.org/stable/c/d81ffb87aaa75f842cd7aa57091810353755b3e6

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52789",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T17:26:54.599134Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:29.225Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.668Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/38cd56fc9de78bf3c878790785e8c231116ef9d3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/909963e0c16778cec28efb1affc21558825f4200"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/460284dfb10b207980c6f3f7046e33446ceb38ac"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4ef41a7f33ffe1a335e7db7e1564ddc6afad47cc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6c80f48912b5bd4965352d1a9a989e21743a4a06"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7cebc86481bf16049e266f6774d90f2fd4f8d5d2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4a24a31826246b15477399febd13292b0c9f0ee9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8f8771757b130383732195497e47fba2aba76d3a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d81ffb87aaa75f842cd7aa57091810353755b3e6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/tty/vcc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "38cd56fc9de7",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "909963e0c167",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "460284dfb10b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "4ef41a7f33ff",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6c80f48912b5",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "7cebc86481bf",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "4a24a3182624",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8f8771757b13",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d81ffb87aaa7",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/tty/vcc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.331",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: vcc: Add check for kstrdup() in vcc_probe()\n\nAdd check for the return value of kstrdup() and return the error, if it\nfails in order to avoid NULL pointer dereference."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:46.533Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/38cd56fc9de78bf3c878790785e8c231116ef9d3"
        },
        {
          "url": "https://git.kernel.org/stable/c/909963e0c16778cec28efb1affc21558825f4200"
        },
        {
          "url": "https://git.kernel.org/stable/c/460284dfb10b207980c6f3f7046e33446ceb38ac"
        },
        {
          "url": "https://git.kernel.org/stable/c/4ef41a7f33ffe1a335e7db7e1564ddc6afad47cc"
        },
        {
          "url": "https://git.kernel.org/stable/c/6c80f48912b5bd4965352d1a9a989e21743a4a06"
        },
        {
          "url": "https://git.kernel.org/stable/c/7cebc86481bf16049e266f6774d90f2fd4f8d5d2"
        },
        {
          "url": "https://git.kernel.org/stable/c/4a24a31826246b15477399febd13292b0c9f0ee9"
        },
        {
          "url": "https://git.kernel.org/stable/c/8f8771757b130383732195497e47fba2aba76d3a"
        },
        {
          "url": "https://git.kernel.org/stable/c/d81ffb87aaa75f842cd7aa57091810353755b3e6"
        }
      ],
      "title": "tty: vcc: Add check for kstrdup() in vcc_probe()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52789",
    "datePublished": "2024-05-21T15:31:05.616Z",
    "dateReserved": "2024-05-21T15:19:24.241Z",
    "dateUpdated": "2024-11-04T14:52:46.533Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52765

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

mfd: qcom-spmi-pmic: Fix revid implementation

References

▼	URL	Tags
	https://git.kernel.org/stable/c/db98de0809f12b0edb9cd1be78e1ec1bfeba8f40
	https://git.kernel.org/stable/c/4ce77b023d42a9f1062eecf438df1af4b4072eb2
	https://git.kernel.org/stable/c/affae18838db5e6b463ee30c821385695af56dc2
	https://git.kernel.org/stable/c/7b439aaa62fee474a0d84d67a25f4984467e7b95

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "e9c11c6e3a0e"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "6.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.1.64"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.5.13"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "\t6.6.3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.7"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.2,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52765",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T17:48:20.655650Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:23.227Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.927Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/db98de0809f12b0edb9cd1be78e1ec1bfeba8f40"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4ce77b023d42a9f1062eecf438df1af4b4072eb2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/affae18838db5e6b463ee30c821385695af56dc2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7b439aaa62fee474a0d84d67a25f4984467e7b95"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/mfd/qcom-spmi-pmic.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "db98de0809f1",
              "status": "affected",
              "version": "e9c11c6e3a0e",
              "versionType": "git"
            },
            {
              "lessThan": "4ce77b023d42",
              "status": "affected",
              "version": "e9c11c6e3a0e",
              "versionType": "git"
            },
            {
              "lessThan": "affae18838db",
              "status": "affected",
              "version": "e9c11c6e3a0e",
              "versionType": "git"
            },
            {
              "lessThan": "7b439aaa62fe",
              "status": "affected",
              "version": "e9c11c6e3a0e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/mfd/qcom-spmi-pmic.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.0"
            },
            {
              "lessThan": "6.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: qcom-spmi-pmic: Fix revid implementation\n\nThe Qualcomm SPMI PMIC revid implementation is broken in multiple ways.\n\nFirst, it assumes that just because the sibling base device has been\nregistered that means that it is also bound to a driver, which may not\nbe the case (e.g. due to probe deferral or asynchronous probe). This\ncould trigger a NULL-pointer dereference when attempting to access the\ndriver data of the unbound device.\n\nSecond, it accesses driver data of a sibling device directly and without\nany locking, which means that the driver data may be freed while it is\nbeing accessed (e.g. on driver unbind).\n\nThird, it leaks a struct device reference to the sibling device which is\nlooked up using the spmi_device_from_of() every time a function (child)\ndevice is calling the revid function (e.g. on probe).\n\nFix this mess by reimplementing the revid lookup so that it is done only\nat probe of the PMIC device; the base device fetches the revid info from\nthe hardware, while any secondary SPMI device fetches the information\nfrom the base device and caches it so that it can be accessed safely\nfrom its children. If the base device has not been probed yet then probe\nof a secondary device is deferred."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:15.795Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/db98de0809f12b0edb9cd1be78e1ec1bfeba8f40"
        },
        {
          "url": "https://git.kernel.org/stable/c/4ce77b023d42a9f1062eecf438df1af4b4072eb2"
        },
        {
          "url": "https://git.kernel.org/stable/c/affae18838db5e6b463ee30c821385695af56dc2"
        },
        {
          "url": "https://git.kernel.org/stable/c/7b439aaa62fee474a0d84d67a25f4984467e7b95"
        }
      ],
      "title": "mfd: qcom-spmi-pmic: Fix revid implementation",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52765",
    "datePublished": "2024-05-21T15:30:49.690Z",
    "dateReserved": "2024-05-21T15:19:24.238Z",
    "dateUpdated": "2024-11-04T14:52:15.795Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-48710

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 12:15

Severity ?

Summary

drm/radeon: fix a possible null pointer dereference

References

▼	URL	Tags
	https://git.kernel.org/stable/c/b33f7d99c9226892c7794dc2500fae35966020c9
	https://git.kernel.org/stable/c/16a0f0b63c4c7eb46fc4c3f00bf2836e6ee46a9f
	https://git.kernel.org/stable/c/8a89bfeef9abe93371e3ea8796377f2d132eee29
	https://git.kernel.org/stable/c/28fd384c78d7d8ed8af0d086d778c3e438ba7f60
	https://git.kernel.org/stable/c/fee8ae0a0bb66eb7730c22f44fbd7203f63c2eab
	https://git.kernel.org/stable/c/7b7fba107b2c4ec7673d0f45bdbb9d1af697d9b9
	https://git.kernel.org/stable/c/e938d24f0b7392e142b8aa434f18590d99dbe479
	https://git.kernel.org/stable/c/140d9807b96e1303f6f2675a7ae8710a2094bd17
	https://git.kernel.org/stable/c/a2b28708b645c5632dc93669ab06e97874c8244f

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-48710",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T15:20:52.497034Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T15:21:02.469Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:17:55.832Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b33f7d99c9226892c7794dc2500fae35966020c9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/16a0f0b63c4c7eb46fc4c3f00bf2836e6ee46a9f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8a89bfeef9abe93371e3ea8796377f2d132eee29"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/28fd384c78d7d8ed8af0d086d778c3e438ba7f60"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fee8ae0a0bb66eb7730c22f44fbd7203f63c2eab"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7b7fba107b2c4ec7673d0f45bdbb9d1af697d9b9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e938d24f0b7392e142b8aa434f18590d99dbe479"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/140d9807b96e1303f6f2675a7ae8710a2094bd17"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a2b28708b645c5632dc93669ab06e97874c8244f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/radeon/radeon_connectors.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b33f7d99c922",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "16a0f0b63c4c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8a89bfeef9ab",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "28fd384c78d7",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "fee8ae0a0bb6",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "7b7fba107b2c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e938d24f0b73",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "140d9807b96e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a2b28708b645",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/radeon/radeon_connectors.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.318",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.283",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.247",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.198",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.122",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.47",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.17.*",
              "status": "unaffected",
              "version": "5.17.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.18.*",
              "status": "unaffected",
              "version": "5.18.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.19",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: fix a possible null pointer dereference\n\nIn radeon_fp_native_mode(), the return value of drm_mode_duplicate()\nis assigned to mode, which will lead to a NULL pointer dereference\non failure of drm_mode_duplicate(). Add a check to avoid npd.\n\nThe failure status of drm_cvt_mode() on the other path is checked too."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:15:00.908Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b33f7d99c9226892c7794dc2500fae35966020c9"
        },
        {
          "url": "https://git.kernel.org/stable/c/16a0f0b63c4c7eb46fc4c3f00bf2836e6ee46a9f"
        },
        {
          "url": "https://git.kernel.org/stable/c/8a89bfeef9abe93371e3ea8796377f2d132eee29"
        },
        {
          "url": "https://git.kernel.org/stable/c/28fd384c78d7d8ed8af0d086d778c3e438ba7f60"
        },
        {
          "url": "https://git.kernel.org/stable/c/fee8ae0a0bb66eb7730c22f44fbd7203f63c2eab"
        },
        {
          "url": "https://git.kernel.org/stable/c/7b7fba107b2c4ec7673d0f45bdbb9d1af697d9b9"
        },
        {
          "url": "https://git.kernel.org/stable/c/e938d24f0b7392e142b8aa434f18590d99dbe479"
        },
        {
          "url": "https://git.kernel.org/stable/c/140d9807b96e1303f6f2675a7ae8710a2094bd17"
        },
        {
          "url": "https://git.kernel.org/stable/c/a2b28708b645c5632dc93669ab06e97874c8244f"
        }
      ],
      "title": "drm/radeon: fix a possible null pointer dereference",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-48710",
    "datePublished": "2024-05-21T15:30:37.579Z",
    "dateReserved": "2024-05-03T14:55:07.148Z",
    "dateUpdated": "2024-11-04T12:15:00.908Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52706

Vulnerability from cvelistv5

Published

2024-05-21 15:22

Modified

2024-11-04 14:51

Severity ?

Summary

gpio: sim: fix a memory leak

References

▼	URL	Tags
	https://git.kernel.org/stable/c/854e1ecff266033d3149666d3c5b8b0e174b4210
	https://git.kernel.org/stable/c/79eeab1d85e0fee4c0bc36f3b6ddf3920f39f74b

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52706",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-05T17:18:55.625779Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-05T17:19:03.460Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.922Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/854e1ecff266033d3149666d3c5b8b0e174b4210"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/79eeab1d85e0fee4c0bc36f3b6ddf3920f39f74b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpio/gpio-sim.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "854e1ecff266",
              "status": "affected",
              "version": "cb8c474e79be",
              "versionType": "git"
            },
            {
              "lessThan": "79eeab1d85e0",
              "status": "affected",
              "version": "cb8c474e79be",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpio/gpio-sim.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.17"
            },
            {
              "lessThan": "5.17",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: sim: fix a memory leak\n\nFix an inverted logic bug in gpio_sim_remove_hogs() that leads to GPIO\nhog structures never being freed."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:33.229Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/854e1ecff266033d3149666d3c5b8b0e174b4210"
        },
        {
          "url": "https://git.kernel.org/stable/c/79eeab1d85e0fee4c0bc36f3b6ddf3920f39f74b"
        }
      ],
      "title": "gpio: sim: fix a memory leak",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52706",
    "datePublished": "2024-05-21T15:22:54.679Z",
    "dateReserved": "2024-03-07T14:49:46.891Z",
    "dateUpdated": "2024-11-04T14:51:33.229Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52855

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-05 14:51

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency

References

▼	URL	Tags
	https://git.kernel.org/stable/c/14c9ec34e8118fbffd7f5431814d767726323e72
	https://git.kernel.org/stable/c/fed492aa6493a91a77ebd51da6fb939c98d94a0d
	https://git.kernel.org/stable/c/64c47749fc7507ed732e155c958253968c1d275e
	https://git.kernel.org/stable/c/bdb3dd4096302d6b87441fdc528439f171b04be6
	https://git.kernel.org/stable/c/fcaafb574fc88a52dce817f039f7ff2f9da38001
	https://git.kernel.org/stable/c/6b21a22728852d020a6658d39cd7bb7e14b07790
	https://git.kernel.org/stable/c/3e851a77a13ce944d703721793f49ee82622986d
	https://git.kernel.org/stable/c/a7bee9598afb38004841a41dd8fe68c1faff4e90
	https://git.kernel.org/stable/c/ef307bc6ef04e8c1ea843231db58e3afaafa9fa6

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52855",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T17:15:57.421865Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-05T14:51:47.408Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.070Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/14c9ec34e8118fbffd7f5431814d767726323e72"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fed492aa6493a91a77ebd51da6fb939c98d94a0d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/64c47749fc7507ed732e155c958253968c1d275e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bdb3dd4096302d6b87441fdc528439f171b04be6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fcaafb574fc88a52dce817f039f7ff2f9da38001"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6b21a22728852d020a6658d39cd7bb7e14b07790"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3e851a77a13ce944d703721793f49ee82622986d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a7bee9598afb38004841a41dd8fe68c1faff4e90"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ef307bc6ef04e8c1ea843231db58e3afaafa9fa6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/dwc2/hcd.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "14c9ec34e811",
              "status": "affected",
              "version": "33ad261aa62b",
              "versionType": "git"
            },
            {
              "lessThan": "fed492aa6493",
              "status": "affected",
              "version": "33ad261aa62b",
              "versionType": "git"
            },
            {
              "lessThan": "64c47749fc75",
              "status": "affected",
              "version": "33ad261aa62b",
              "versionType": "git"
            },
            {
              "lessThan": "bdb3dd409630",
              "status": "affected",
              "version": "33ad261aa62b",
              "versionType": "git"
            },
            {
              "lessThan": "fcaafb574fc8",
              "status": "affected",
              "version": "33ad261aa62b",
              "versionType": "git"
            },
            {
              "lessThan": "6b21a2272885",
              "status": "affected",
              "version": "33ad261aa62b",
              "versionType": "git"
            },
            {
              "lessThan": "3e851a77a13c",
              "status": "affected",
              "version": "33ad261aa62b",
              "versionType": "git"
            },
            {
              "lessThan": "a7bee9598afb",
              "status": "affected",
              "version": "33ad261aa62b",
              "versionType": "git"
            },
            {
              "lessThan": "ef307bc6ef04",
              "status": "affected",
              "version": "33ad261aa62b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/dwc2/hcd.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.2"
            },
            {
              "lessThan": "4.2",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.330",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.299",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.261",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: fix possible NULL pointer dereference caused by driver concurrency\n\nIn _dwc2_hcd_urb_enqueue(), \"urb-\u003ehcpriv = NULL\" is executed without\nholding the lock \"hsotg-\u003elock\". In _dwc2_hcd_urb_dequeue():\n\n    spin_lock_irqsave(\u0026hsotg-\u003elock, flags);\n    ...\n\tif (!urb-\u003ehcpriv) {\n\t\tdev_dbg(hsotg-\u003edev, \"## urb-\u003ehcpriv is NULL ##\\n\");\n\t\tgoto out;\n\t}\n    rc = dwc2_hcd_urb_dequeue(hsotg, urb-\u003ehcpriv); // Use urb-\u003ehcpriv\n    ...\nout:\n    spin_unlock_irqrestore(\u0026hsotg-\u003elock, flags);\n\nWhen _dwc2_hcd_urb_enqueue() and _dwc2_hcd_urb_dequeue() are\nconcurrently executed, the NULL check of \"urb-\u003ehcpriv\" can be executed\nbefore \"urb-\u003ehcpriv = NULL\". After urb-\u003ehcpriv is NULL, it can be used\nin the function call to dwc2_hcd_urb_dequeue(), which can cause a NULL\npointer dereference.\n\nThis possible bug is found by an experimental static analysis tool\ndeveloped by myself. This tool analyzes the locking APIs to extract\nfunction pairs that can be concurrently executed, and then analyzes the\ninstructions in the paired functions to identify possible concurrency\nbugs including data races and atomicity violations. The above possible\nbug is reported, when my tool analyzes the source code of Linux 6.5.\n\nTo fix this possible bug, \"urb-\u003ehcpriv = NULL\" should be executed with\nholding the lock \"hsotg-\u003elock\". After using this patch, my tool never\nreports the possible bug, with the kernelconfiguration allyesconfig for\nx86_64. Because I have no associated hardware, I cannot test the patch\nin runtime testing, and just verify it according to the code logic."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:56.495Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/14c9ec34e8118fbffd7f5431814d767726323e72"
        },
        {
          "url": "https://git.kernel.org/stable/c/fed492aa6493a91a77ebd51da6fb939c98d94a0d"
        },
        {
          "url": "https://git.kernel.org/stable/c/64c47749fc7507ed732e155c958253968c1d275e"
        },
        {
          "url": "https://git.kernel.org/stable/c/bdb3dd4096302d6b87441fdc528439f171b04be6"
        },
        {
          "url": "https://git.kernel.org/stable/c/fcaafb574fc88a52dce817f039f7ff2f9da38001"
        },
        {
          "url": "https://git.kernel.org/stable/c/6b21a22728852d020a6658d39cd7bb7e14b07790"
        },
        {
          "url": "https://git.kernel.org/stable/c/3e851a77a13ce944d703721793f49ee82622986d"
        },
        {
          "url": "https://git.kernel.org/stable/c/a7bee9598afb38004841a41dd8fe68c1faff4e90"
        },
        {
          "url": "https://git.kernel.org/stable/c/ef307bc6ef04e8c1ea843231db58e3afaafa9fa6"
        }
      ],
      "title": "usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52855",
    "datePublished": "2024-05-21T15:31:49.909Z",
    "dateReserved": "2024-05-21T15:19:24.257Z",
    "dateUpdated": "2024-11-05T14:51:47.408Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52860

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:54

Severity ?

Summary

drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process

References

▼	URL	Tags
	https://git.kernel.org/stable/c/4589403a343bb0c72a6faf5898386ff964d4e01a
	https://git.kernel.org/stable/c/3f5827371763f2d9c70719c270055a81d030f3d0
	https://git.kernel.org/stable/c/d04ff5437a45f275db5530efb49b68d0ec851f6f
	https://git.kernel.org/stable/c/50b560783f7f71790bcf70e9e9855155fb0af8c1

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52860",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-24T19:33:12.246594Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:19.278Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.033Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4589403a343bb0c72a6faf5898386ff964d4e01a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3f5827371763f2d9c70719c270055a81d030f3d0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d04ff5437a45f275db5530efb49b68d0ec851f6f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/50b560783f7f71790bcf70e9e9855155fb0af8c1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/perf/hisilicon/hns3_pmu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4589403a343b",
              "status": "affected",
              "version": "66637ab137b4",
              "versionType": "git"
            },
            {
              "lessThan": "3f5827371763",
              "status": "affected",
              "version": "66637ab137b4",
              "versionType": "git"
            },
            {
              "lessThan": "d04ff5437a45",
              "status": "affected",
              "version": "66637ab137b4",
              "versionType": "git"
            },
            {
              "lessThan": "50b560783f7f",
              "status": "affected",
              "version": "66637ab137b4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/perf/hisilicon/hns3_pmu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.0"
            },
            {
              "lessThan": "6.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process\n\nWhen tearing down a \u0027hisi_hns3\u0027 PMU, we mistakenly run the CPU hotplug\ncallbacks after the device has been unregistered, leading to fireworks\nwhen we try to execute empty function callbacks within the driver:\n\n  | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n  | CPU: 0 PID: 15 Comm: cpuhp/0 Tainted: G        W  O      5.12.0-rc4+ #1\n  | Hardware name:  , BIOS KpxxxFPGA 1P B600 V143 04/22/2021\n  | pstate: 80400009 (Nzcv daif +PAN -UAO -TCO BTYPE=--)\n  | pc : perf_pmu_migrate_context+0x98/0x38c\n  | lr : perf_pmu_migrate_context+0x94/0x38c\n  |\n  | Call trace:\n  |  perf_pmu_migrate_context+0x98/0x38c\n  |  hisi_hns3_pmu_offline_cpu+0x104/0x12c [hisi_hns3_pmu]\n\nUse cpuhp_state_remove_instance_nocalls() instead of\ncpuhp_state_remove_instance() so that the notifiers don\u0027t execute after\nthe PMU device has been unregistered.\n\n[will: Rewrote commit message]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:02.941Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4589403a343bb0c72a6faf5898386ff964d4e01a"
        },
        {
          "url": "https://git.kernel.org/stable/c/3f5827371763f2d9c70719c270055a81d030f3d0"
        },
        {
          "url": "https://git.kernel.org/stable/c/d04ff5437a45f275db5530efb49b68d0ec851f6f"
        },
        {
          "url": "https://git.kernel.org/stable/c/50b560783f7f71790bcf70e9e9855155fb0af8c1"
        }
      ],
      "title": "drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52860",
    "datePublished": "2024-05-21T15:31:53.194Z",
    "dateReserved": "2024-05-21T15:19:24.261Z",
    "dateUpdated": "2024-11-04T14:54:02.941Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47481

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:06

Severity ?

Summary

RDMA/mlx5: Initialize the ODP xarray when creating an ODP MR

References

▼	URL	Tags
	https://git.kernel.org/stable/c/5f6995295f65d1ee6f36d466d26afd98eb797afe
	https://git.kernel.org/stable/c/5508546631a0f555d7088203dec2614e41b5106e

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47481",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-10T18:54:35.854704Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-10T18:54:46.226Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.754Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5f6995295f65d1ee6f36d466d26afd98eb797afe"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5508546631a0f555d7088203dec2614e41b5106e"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/hw/mlx5/mr.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5f6995295f65",
              "status": "affected",
              "version": "a639e66703ee",
              "versionType": "git"
            },
            {
              "lessThan": "5508546631a0",
              "status": "affected",
              "version": "a639e66703ee",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/hw/mlx5/mr.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.13"
            },
            {
              "lessThan": "5.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Initialize the ODP xarray when creating an ODP MR\n\nNormally the zero fill would hide the missing initialization, but an\nerrant set to desc_size in reg_create() causes a crash:\n\n  BUG: unable to handle page fault for address: 0000000800000000\n  PGD 0 P4D 0\n  Oops: 0000 [#1] SMP PTI\n  CPU: 5 PID: 890 Comm: ib_write_bw Not tainted 5.15.0-rc4+ #47\n  Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n  RIP: 0010:mlx5_ib_dereg_mr+0x14/0x3b0 [mlx5_ib]\n  Code: 48 63 cd 4c 89 f7 48 89 0c 24 e8 37 30 03 e1 48 8b 0c 24 eb a0 90 0f 1f 44 00 00 41 56 41 55 41 54 55 53 48 89 fb 48 83 ec 30 \u003c48\u003e 8b 2f 65 48 8b 04 25 28 00 00 00 48 89 44 24 28 31 c0 8b 87 c8\n  RSP: 0018:ffff88811afa3a60 EFLAGS: 00010286\n  RAX: 000000000000001c RBX: 0000000800000000 RCX: 0000000000000000\n  RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000800000000\n  RBP: 0000000800000000 R08: 0000000000000000 R09: c0000000fffff7ff\n  R10: ffff88811afa38f8 R11: ffff88811afa38f0 R12: ffffffffa02c7ac0\n  R13: 0000000000000000 R14: ffff88811afa3cd8 R15: ffff88810772fa00\n  FS:  00007f47b9080740(0000) GS:ffff88852cd40000(0000) knlGS:0000000000000000\n  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n  CR2: 0000000800000000 CR3: 000000010761e003 CR4: 0000000000370ea0\n  DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n  DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n  Call Trace:\n   mlx5_ib_free_odp_mr+0x95/0xc0 [mlx5_ib]\n   mlx5_ib_dereg_mr+0x128/0x3b0 [mlx5_ib]\n   ib_dereg_mr_user+0x45/0xb0 [ib_core]\n   ? xas_load+0x8/0x80\n   destroy_hw_idr_uobject+0x1a/0x50 [ib_uverbs]\n   uverbs_destroy_uobject+0x2f/0x150 [ib_uverbs]\n   uobj_destroy+0x3c/0x70 [ib_uverbs]\n   ib_uverbs_cmd_verbs+0x467/0xb00 [ib_uverbs]\n   ? uverbs_finalize_object+0x60/0x60 [ib_uverbs]\n   ? ttwu_queue_wakelist+0xa9/0xe0\n   ? pty_write+0x85/0x90\n   ? file_tty_write.isra.33+0x214/0x330\n   ? process_echoes+0x60/0x60\n   ib_uverbs_ioctl+0xa7/0x110 [ib_uverbs]\n   __x64_sys_ioctl+0x10d/0x8e0\n   ? vfs_write+0x17f/0x260\n   do_syscall_64+0x3c/0x80\n   entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nAdd the missing xarray initialization and remove the desc_size set."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:46.058Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/5f6995295f65d1ee6f36d466d26afd98eb797afe"
        },
        {
          "url": "https://git.kernel.org/stable/c/5508546631a0f555d7088203dec2614e41b5106e"
        }
      ],
      "title": "RDMA/mlx5: Initialize the ODP xarray when creating an ODP MR",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47481",
    "datePublished": "2024-05-22T08:19:33.512Z",
    "dateReserved": "2024-05-22T06:20:56.200Z",
    "dateUpdated": "2024-11-04T12:06:46.058Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47475

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:06

Severity ?

Summary

comedi: vmk80xx: fix transfer-buffer overflows

References

▼	URL	Tags
	https://git.kernel.org/stable/c/5229159f1d052821007aff1a1beb7873eacf1a9f
	https://git.kernel.org/stable/c/ec85bcff4ed09260243d8f39faba99e1041718ba
	https://git.kernel.org/stable/c/40d2a7e278e2e7c0a5fd7e997e7eb63945bf93f7
	https://git.kernel.org/stable/c/7a2021b896de1ad559d33b5c5cdd20b982242088
	https://git.kernel.org/stable/c/199acd8c110e3ae62833c24f632b0bb1c9f012a9
	https://git.kernel.org/stable/c/33d7a470730dfe7c9bfc8da84575cf2cedd60d00
	https://git.kernel.org/stable/c/278484ae93297b1bb1ce755f9d3b6d95a48c7d47
	https://git.kernel.org/stable/c/06ac746d57e6d32b062e220415c607b7e2e0fa50
	https://git.kernel.org/stable/c/a23461c47482fc232ffc9b819539d1f837adf2b1

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47475",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T17:52:35.271810Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:48.725Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.742Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5229159f1d052821007aff1a1beb7873eacf1a9f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ec85bcff4ed09260243d8f39faba99e1041718ba"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/40d2a7e278e2e7c0a5fd7e997e7eb63945bf93f7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7a2021b896de1ad559d33b5c5cdd20b982242088"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/199acd8c110e3ae62833c24f632b0bb1c9f012a9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/33d7a470730dfe7c9bfc8da84575cf2cedd60d00"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/278484ae93297b1bb1ce755f9d3b6d95a48c7d47"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/06ac746d57e6d32b062e220415c607b7e2e0fa50"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a23461c47482fc232ffc9b819539d1f837adf2b1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/comedi/drivers/vmk80xx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5229159f1d05",
              "status": "affected",
              "version": "985cafccbf9b",
              "versionType": "git"
            },
            {
              "lessThan": "ec85bcff4ed0",
              "status": "affected",
              "version": "985cafccbf9b",
              "versionType": "git"
            },
            {
              "lessThan": "40d2a7e278e2",
              "status": "affected",
              "version": "985cafccbf9b",
              "versionType": "git"
            },
            {
              "lessThan": "7a2021b896de",
              "status": "affected",
              "version": "985cafccbf9b",
              "versionType": "git"
            },
            {
              "lessThan": "199acd8c110e",
              "status": "affected",
              "version": "985cafccbf9b",
              "versionType": "git"
            },
            {
              "lessThan": "33d7a470730d",
              "status": "affected",
              "version": "985cafccbf9b",
              "versionType": "git"
            },
            {
              "lessThan": "278484ae9329",
              "status": "affected",
              "version": "985cafccbf9b",
              "versionType": "git"
            },
            {
              "lessThan": "06ac746d57e6",
              "status": "affected",
              "version": "985cafccbf9b",
              "versionType": "git"
            },
            {
              "lessThan": "a23461c47482",
              "status": "affected",
              "version": "985cafccbf9b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/comedi/drivers/vmk80xx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.31"
            },
            {
              "lessThan": "2.6.31",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.292",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.255",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.217",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.159",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.79",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: vmk80xx: fix transfer-buffer overflows\n\nThe driver uses endpoint-sized USB transfer buffers but up until\nrecently had no sanity checks on the sizes.\n\nCommit e1f13c879a7c (\"staging: comedi: check validity of wMaxPacketSize\nof usb endpoints found\") inadvertently fixed NULL-pointer dereferences\nwhen accessing the transfer buffers in case a malicious device has a\nzero wMaxPacketSize.\n\nMake sure to allocate buffers large enough to handle also the other\naccesses that are done without a size check (e.g. byte 18 in\nvmk80xx_cnt_insn_read() for the VMK8061_MODEL) to avoid writing beyond\nthe buffers, for example, when doing descriptor fuzzing.\n\nThe original driver was for a low-speed device with 8-byte buffers.\nSupport was later added for a device that uses bulk transfers and is\npresumably a full-speed device with a maximum 64-byte wMaxPacketSize."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:38.963Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/5229159f1d052821007aff1a1beb7873eacf1a9f"
        },
        {
          "url": "https://git.kernel.org/stable/c/ec85bcff4ed09260243d8f39faba99e1041718ba"
        },
        {
          "url": "https://git.kernel.org/stable/c/40d2a7e278e2e7c0a5fd7e997e7eb63945bf93f7"
        },
        {
          "url": "https://git.kernel.org/stable/c/7a2021b896de1ad559d33b5c5cdd20b982242088"
        },
        {
          "url": "https://git.kernel.org/stable/c/199acd8c110e3ae62833c24f632b0bb1c9f012a9"
        },
        {
          "url": "https://git.kernel.org/stable/c/33d7a470730dfe7c9bfc8da84575cf2cedd60d00"
        },
        {
          "url": "https://git.kernel.org/stable/c/278484ae93297b1bb1ce755f9d3b6d95a48c7d47"
        },
        {
          "url": "https://git.kernel.org/stable/c/06ac746d57e6d32b062e220415c607b7e2e0fa50"
        },
        {
          "url": "https://git.kernel.org/stable/c/a23461c47482fc232ffc9b819539d1f837adf2b1"
        }
      ],
      "title": "comedi: vmk80xx: fix transfer-buffer overflows",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47475",
    "datePublished": "2024-05-22T08:19:29.423Z",
    "dateReserved": "2024-05-22T06:20:56.200Z",
    "dateUpdated": "2024-11-04T12:06:38.963Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47441

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:05

Severity ?

7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

Summary

mlxsw: thermal: Fix out-of-bounds memory accesses

References

▼	URL	Tags
	https://git.kernel.org/stable/c/ae0993739e14a102d506aa09e11b0065f3144f10
	https://git.kernel.org/stable/c/e59d839743b50cb1d3f42a786bea48cc5621d254
	https://git.kernel.org/stable/c/df8e58716afb3bee2b59de66b1ba1033f2e26303
	https://git.kernel.org/stable/c/332fdf951df8b870e3da86b122ae304e2aabe88c

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "ae0993739e14",
                "status": "affected",
                "version": "a50c1e35650b",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "4.10"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "4.10",
                "status": "unaffected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.5",
                "status": "unaffected",
                "version": "5.4.155",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.11",
                "status": "unaffected",
                "version": "5.10.75",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.15",
                "status": "unaffected",
                "version": "5.14.14",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "unaffected",
                "version": "5.15",
                "versionType": "custom"
              },
              {
                "lessThan": "e59d839743b5",
                "status": "affected",
                "version": "a50c1e35650b",
                "versionType": "custom"
              },
              {
                "lessThan": "df8e58716afb",
                "status": "affected",
                "version": "a50c1e35650b",
                "versionType": "custom"
              },
              {
                "lessThan": "332fdf951df8",
                "status": "affected",
                "version": "a50c1e35650b",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.3,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "LOW",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47441",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T15:01:53.700681Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-22T18:05:13.999Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.326Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ae0993739e14a102d506aa09e11b0065f3144f10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e59d839743b50cb1d3f42a786bea48cc5621d254"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/df8e58716afb3bee2b59de66b1ba1033f2e26303"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/332fdf951df8b870e3da86b122ae304e2aabe88c"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlxsw/core_thermal.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ae0993739e14",
              "status": "affected",
              "version": "a50c1e35650b",
              "versionType": "git"
            },
            {
              "lessThan": "e59d839743b5",
              "status": "affected",
              "version": "a50c1e35650b",
              "versionType": "git"
            },
            {
              "lessThan": "df8e58716afb",
              "status": "affected",
              "version": "a50c1e35650b",
              "versionType": "git"
            },
            {
              "lessThan": "332fdf951df8",
              "status": "affected",
              "version": "a50c1e35650b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlxsw/core_thermal.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.10"
            },
            {
              "lessThan": "4.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.155",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.75",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: thermal: Fix out-of-bounds memory accesses\n\nCurrently, mlxsw allows cooling states to be set above the maximum\ncooling state supported by the driver:\n\n # cat /sys/class/thermal/thermal_zone2/cdev0/type\n mlxsw_fan\n # cat /sys/class/thermal/thermal_zone2/cdev0/max_state\n 10\n # echo 18 \u003e /sys/class/thermal/thermal_zone2/cdev0/cur_state\n # echo $?\n 0\n\nThis results in out-of-bounds memory accesses when thermal state\ntransition statistics are enabled (CONFIG_THERMAL_STATISTICS=y), as the\ntransition table is accessed with a too large index (state) [1].\n\nAccording to the thermal maintainer, it is the responsibility of the\ndriver to reject such operations [2].\n\nTherefore, return an error when the state to be set exceeds the maximum\ncooling state supported by the driver.\n\nTo avoid dead code, as suggested by the thermal maintainer [3],\npartially revert commit a421ce088ac8 (\"mlxsw: core: Extend cooling\ndevice with cooling levels\") that tried to interpret these invalid\ncooling states (above the maximum) in a special way. The cooling levels\narray is not removed in order to prevent the fans going below 20% PWM,\nwhich would cause them to get stuck at 0% PWM.\n\n[1]\nBUG: KASAN: slab-out-of-bounds in thermal_cooling_device_stats_update+0x271/0x290\nRead of size 4 at addr ffff8881052f7bf8 by task kworker/0:0/5\n\nCPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.15.0-rc3-custom-45935-gce1adf704b14 #122\nHardware name: Mellanox Technologies Ltd. \"MSN2410-CB2FO\"/\"SA000874\", BIOS 4.6.5 03/08/2016\nWorkqueue: events_freezable_power_ thermal_zone_device_check\nCall Trace:\n dump_stack_lvl+0x8b/0xb3\n print_address_description.constprop.0+0x1f/0x140\n kasan_report.cold+0x7f/0x11b\n thermal_cooling_device_stats_update+0x271/0x290\n __thermal_cdev_update+0x15e/0x4e0\n thermal_cdev_update+0x9f/0xe0\n step_wise_throttle+0x770/0xee0\n thermal_zone_device_update+0x3f6/0xdf0\n process_one_work+0xa42/0x1770\n worker_thread+0x62f/0x13e0\n kthread+0x3ee/0x4e0\n ret_from_fork+0x1f/0x30\n\nAllocated by task 1:\n kasan_save_stack+0x1b/0x40\n __kasan_kmalloc+0x7c/0x90\n thermal_cooling_device_setup_sysfs+0x153/0x2c0\n __thermal_cooling_device_register.part.0+0x25b/0x9c0\n thermal_cooling_device_register+0xb3/0x100\n mlxsw_thermal_init+0x5c5/0x7e0\n __mlxsw_core_bus_device_register+0xcb3/0x19c0\n mlxsw_core_bus_device_register+0x56/0xb0\n mlxsw_pci_probe+0x54f/0x710\n local_pci_probe+0xc6/0x170\n pci_device_probe+0x2b2/0x4d0\n really_probe+0x293/0xd10\n __driver_probe_device+0x2af/0x440\n driver_probe_device+0x51/0x1e0\n __driver_attach+0x21b/0x530\n bus_for_each_dev+0x14c/0x1d0\n bus_add_driver+0x3ac/0x650\n driver_register+0x241/0x3d0\n mlxsw_sp_module_init+0xa2/0x174\n do_one_initcall+0xee/0x5f0\n kernel_init_freeable+0x45a/0x4de\n kernel_init+0x1f/0x210\n ret_from_fork+0x1f/0x30\n\nThe buggy address belongs to the object at ffff8881052f7800\n which belongs to the cache kmalloc-1k of size 1024\nThe buggy address is located 1016 bytes inside of\n 1024-byte region [ffff8881052f7800, ffff8881052f7c00)\nThe buggy address belongs to the page:\npage:0000000052355272 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1052f0\nhead:0000000052355272 order:3 compound_mapcount:0 compound_pincount:0\nflags: 0x200000000010200(slab|head|node=0|zone=2)\nraw: 0200000000010200 ffffea0005034800 0000000300000003 ffff888100041dc0\nraw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff8881052f7a80: 00 00 00 00 00 00 04 fc fc fc fc fc fc fc fc fc\n ffff8881052f7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n\u003effff8881052f7b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n                                                                ^\n ffff8881052f7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n ffff8881052f7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n\n[2] https://lore.kernel.org/linux-pm/9aca37cb-1629-5c67-\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:57.598Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ae0993739e14a102d506aa09e11b0065f3144f10"
        },
        {
          "url": "https://git.kernel.org/stable/c/e59d839743b50cb1d3f42a786bea48cc5621d254"
        },
        {
          "url": "https://git.kernel.org/stable/c/df8e58716afb3bee2b59de66b1ba1033f2e26303"
        },
        {
          "url": "https://git.kernel.org/stable/c/332fdf951df8b870e3da86b122ae304e2aabe88c"
        }
      ],
      "title": "mlxsw: thermal: Fix out-of-bounds memory accesses",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47441",
    "datePublished": "2024-05-22T06:19:35.562Z",
    "dateReserved": "2024-05-21T14:58:30.831Z",
    "dateUpdated": "2024-11-04T12:05:57.598Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47436

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 11:41

Severity ?

Summary

usb: musb: dsps: Fix the probe error path

References

▼	URL	Tags
	https://git.kernel.org/stable/c/5ed60a430fb5f3d93e7fef66264daef466b4d10c
	https://git.kernel.org/stable/c/e923bce31ffefe4f60edfc6b84f62d4a858f3676
	https://git.kernel.org/stable/c/9ab5d539bc975b8dcde86eca1b58d836b657732e
	https://git.kernel.org/stable/c/9d89e287116796bf987cc48f5c8632ef3048f8eb
	https://git.kernel.org/stable/c/ff9249aab39820be11b6975a10d94253b7d426fc
	https://git.kernel.org/stable/c/c2115b2b16421d93d4993f3fe4c520e91d6fe801

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47436",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T18:03:36.424310Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T18:04:23.811Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:58.936Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5ed60a430fb5f3d93e7fef66264daef466b4d10c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e923bce31ffefe4f60edfc6b84f62d4a858f3676"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9ab5d539bc975b8dcde86eca1b58d836b657732e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9d89e287116796bf987cc48f5c8632ef3048f8eb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ff9249aab39820be11b6975a10d94253b7d426fc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c2115b2b16421d93d4993f3fe4c520e91d6fe801"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/musb/musb_dsps.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5ed60a430fb5",
              "status": "affected",
              "version": "5269937d1483",
              "versionType": "git"
            },
            {
              "lessThan": "e923bce31ffe",
              "status": "affected",
              "version": "ffc825049ed2",
              "versionType": "git"
            },
            {
              "lessThan": "9ab5d539bc97",
              "status": "affected",
              "version": "9a4a6805294f",
              "versionType": "git"
            },
            {
              "lessThan": "9d89e2871167",
              "status": "affected",
              "version": "8de01a896c1b",
              "versionType": "git"
            },
            {
              "lessThan": "ff9249aab398",
              "status": "affected",
              "version": "72bb3eafcfdd",
              "versionType": "git"
            },
            {
              "lessThan": "c2115b2b1642",
              "status": "affected",
              "version": "7c75bde329d7",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/musb/musb_dsps.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4.14.252",
              "status": "affected",
              "version": "4.14.247",
              "versionType": "semver"
            },
            {
              "lessThan": "4.19.213",
              "status": "affected",
              "version": "4.19.207",
              "versionType": "semver"
            },
            {
              "lessThan": "5.4.155",
              "status": "affected",
              "version": "5.4.148",
              "versionType": "semver"
            },
            {
              "lessThan": "5.10.75",
              "status": "affected",
              "version": "5.10.67",
              "versionType": "semver"
            },
            {
              "lessThan": "5.14.14",
              "status": "affected",
              "version": "5.14.6",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: musb: dsps: Fix the probe error path\n\nCommit 7c75bde329d7 (\"usb: musb: musb_dsps: request_irq() after\ninitializing musb\") has inverted the calls to\ndsps_setup_optional_vbus_irq() and dsps_create_musb_pdev() without\nupdating correctly the error path. dsps_create_musb_pdev() allocates and\nregisters a new platform device which must be unregistered and freed\nwith platform_device_unregister(), and this is missing upon\ndsps_setup_optional_vbus_irq() error.\n\nWhile on the master branch it seems not to trigger any issue, I observed\na kernel crash because of a NULL pointer dereference with a v5.10.70\nstable kernel where the patch mentioned above was backported. With this\nkernel version, -EPROBE_DEFER is returned the first time\ndsps_setup_optional_vbus_irq() is called which triggers the probe to\nerror out without unregistering the platform device. Unfortunately, on\nthe Beagle Bone Black Wireless, the platform device still living in the\nsystem is being used by the USB Ethernet gadget driver, which during the\nboot phase triggers the crash.\n\nMy limited knowledge of the musb world prevents me to revert this commit\nwhich was sent to silence a robot warning which, as far as I understand,\ndoes not make sense. The goal of this patch was to prevent an IRQ to\nfire before the platform device being registered. I think this cannot\never happen due to the fact that enabling the interrupts is done by the\n-\u003eenable() callback of the platform musb device, and this platform\ndevice must be already registered in order for the core or any other\nuser to use this callback.\n\nHence, I decided to fix the error path, which might prevent future\nerrors on mainline kernels while also fixing older ones."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:41:15.170Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/5ed60a430fb5f3d93e7fef66264daef466b4d10c"
        },
        {
          "url": "https://git.kernel.org/stable/c/e923bce31ffefe4f60edfc6b84f62d4a858f3676"
        },
        {
          "url": "https://git.kernel.org/stable/c/9ab5d539bc975b8dcde86eca1b58d836b657732e"
        },
        {
          "url": "https://git.kernel.org/stable/c/9d89e287116796bf987cc48f5c8632ef3048f8eb"
        },
        {
          "url": "https://git.kernel.org/stable/c/ff9249aab39820be11b6975a10d94253b7d426fc"
        },
        {
          "url": "https://git.kernel.org/stable/c/c2115b2b16421d93d4993f3fe4c520e91d6fe801"
        }
      ],
      "title": "usb: musb: dsps: Fix the probe error path",
      "x_generator": {
        "engine": "bippy-c8e10e5f6187"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47436",
    "datePublished": "2024-05-22T06:19:32.220Z",
    "dateReserved": "2024-05-21T14:58:30.830Z",
    "dateUpdated": "2024-11-04T11:41:15.170Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52802

Vulnerability from cvelistv5

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2024-06-08T11:39:04.020Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52802",
    "datePublished": "2024-05-21T15:31:14.377Z",
    "dateRejected": "2024-06-08T11:39:04.020Z",
    "dateReserved": "2024-05-21T15:19:24.247Z",
    "dateUpdated": "2024-06-08T11:39:04.020Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47444

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:06

Severity ?

Summary

drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read

References

▼	URL	Tags
	https://git.kernel.org/stable/c/a7b45024f66f9ec769e8dbb1a51ae83cd05929c7
	https://git.kernel.org/stable/c/09f3946bb452918dbfb1982add56f9ffaae393dc
	https://git.kernel.org/stable/c/97794170b696856483f74b47bfb6049780d2d3a0

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47444",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-24T19:29:09.418657Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:53.878Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.303Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a7b45024f66f9ec769e8dbb1a51ae83cd05929c7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/09f3946bb452918dbfb1982add56f9ffaae393dc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/97794170b696856483f74b47bfb6049780d2d3a0"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/drm_edid.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a7b45024f66f",
              "status": "affected",
              "version": "e11f5bd8228f",
              "versionType": "git"
            },
            {
              "lessThan": "09f3946bb452",
              "status": "affected",
              "version": "e11f5bd8228f",
              "versionType": "git"
            },
            {
              "lessThan": "97794170b696",
              "status": "affected",
              "version": "e11f5bd8228f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/drm_edid.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.7"
            },
            {
              "lessThan": "5.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.75",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read\n\nIn commit e11f5bd8228f (\"drm: Add support for DP 1.4 Compliance edid\ncorruption test\") the function connector_bad_edid() started assuming\nthat the memory for the EDID passed to it was big enough to hold\n`edid[0x7e] + 1` blocks of data (1 extra for the base block). It\ncompletely ignored the fact that the function was passed `num_blocks`\nwhich indicated how much memory had been allocated for the EDID.\n\nLet\u0027s fix this by adding a bounds check.\n\nThis is important for handling the case where there\u0027s an error in the\nfirst block of the EDID. In that case we will call\nconnector_bad_edid() without having re-allocated memory based on\n`edid[0x7e]`."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:01.384Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a7b45024f66f9ec769e8dbb1a51ae83cd05929c7"
        },
        {
          "url": "https://git.kernel.org/stable/c/09f3946bb452918dbfb1982add56f9ffaae393dc"
        },
        {
          "url": "https://git.kernel.org/stable/c/97794170b696856483f74b47bfb6049780d2d3a0"
        }
      ],
      "title": "drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47444",
    "datePublished": "2024-05-22T06:19:37.533Z",
    "dateReserved": "2024-05-21T14:58:30.832Z",
    "dateUpdated": "2024-11-04T12:06:01.384Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47445

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:06

Severity ?

Summary

drm/msm: Fix null pointer dereference on pointer edp

References

▼	URL	Tags
	https://git.kernel.org/stable/c/f175b9a83e5c252d7c74acddc792840016caae0a
	https://git.kernel.org/stable/c/bacac7d26849c8e903ceb7466d9ce8dc3c2797eb
	https://git.kernel.org/stable/c/0cd063aa0a09822cc1620fc59a67fe2f9f6338ac
	https://git.kernel.org/stable/c/7f642b93710b6b1119bdff90be01e6b5a2a5d669
	https://git.kernel.org/stable/c/f302be08e3de94db8863a0b2958b2bb3e8e998e6
	https://git.kernel.org/stable/c/91a340768b012f5b910a203a805b97a345b3db37
	https://git.kernel.org/stable/c/46c8ddede0273d1d132beefa9de8b820326982be
	https://git.kernel.org/stable/c/2133c4fc8e1348dcb752f267a143fe2254613b34

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47445",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-24T19:26:01.524522Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:23.742Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.369Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f175b9a83e5c252d7c74acddc792840016caae0a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bacac7d26849c8e903ceb7466d9ce8dc3c2797eb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0cd063aa0a09822cc1620fc59a67fe2f9f6338ac"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7f642b93710b6b1119bdff90be01e6b5a2a5d669"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f302be08e3de94db8863a0b2958b2bb3e8e998e6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/91a340768b012f5b910a203a805b97a345b3db37"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/46c8ddede0273d1d132beefa9de8b820326982be"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2133c4fc8e1348dcb752f267a143fe2254613b34"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/msm/edp/edp_ctrl.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f175b9a83e5c",
              "status": "affected",
              "version": "ab5b0107ccf3",
              "versionType": "git"
            },
            {
              "lessThan": "bacac7d26849",
              "status": "affected",
              "version": "ab5b0107ccf3",
              "versionType": "git"
            },
            {
              "lessThan": "0cd063aa0a09",
              "status": "affected",
              "version": "ab5b0107ccf3",
              "versionType": "git"
            },
            {
              "lessThan": "7f642b93710b",
              "status": "affected",
              "version": "ab5b0107ccf3",
              "versionType": "git"
            },
            {
              "lessThan": "f302be08e3de",
              "status": "affected",
              "version": "ab5b0107ccf3",
              "versionType": "git"
            },
            {
              "lessThan": "91a340768b01",
              "status": "affected",
              "version": "ab5b0107ccf3",
              "versionType": "git"
            },
            {
              "lessThan": "46c8ddede027",
              "status": "affected",
              "version": "ab5b0107ccf3",
              "versionType": "git"
            },
            {
              "lessThan": "2133c4fc8e13",
              "status": "affected",
              "version": "ab5b0107ccf3",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/msm/edp/edp_ctrl.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.0"
            },
            {
              "lessThan": "4.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.288",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.252",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.213",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.155",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.75",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: Fix null pointer dereference on pointer edp\n\nThe initialization of pointer dev dereferences pointer edp before\nedp is null checked, so there is a potential null pointer deference\nissue. Fix this by only dereferencing edp after edp has been null\nchecked.\n\nAddresses-Coverity: (\"Dereference before null check\")"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:02.743Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f175b9a83e5c252d7c74acddc792840016caae0a"
        },
        {
          "url": "https://git.kernel.org/stable/c/bacac7d26849c8e903ceb7466d9ce8dc3c2797eb"
        },
        {
          "url": "https://git.kernel.org/stable/c/0cd063aa0a09822cc1620fc59a67fe2f9f6338ac"
        },
        {
          "url": "https://git.kernel.org/stable/c/7f642b93710b6b1119bdff90be01e6b5a2a5d669"
        },
        {
          "url": "https://git.kernel.org/stable/c/f302be08e3de94db8863a0b2958b2bb3e8e998e6"
        },
        {
          "url": "https://git.kernel.org/stable/c/91a340768b012f5b910a203a805b97a345b3db37"
        },
        {
          "url": "https://git.kernel.org/stable/c/46c8ddede0273d1d132beefa9de8b820326982be"
        },
        {
          "url": "https://git.kernel.org/stable/c/2133c4fc8e1348dcb752f267a143fe2254613b34"
        }
      ],
      "title": "drm/msm: Fix null pointer dereference on pointer edp",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47445",
    "datePublished": "2024-05-22T06:19:38.184Z",
    "dateReserved": "2024-05-21T14:58:30.832Z",
    "dateUpdated": "2024-11-04T12:06:02.743Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47472

Vulnerability from cvelistv5

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2024-06-17T16:15:59.888Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47472",
    "datePublished": "2024-05-22T06:23:29.555Z",
    "dateRejected": "2024-06-17T16:15:59.888Z",
    "dateReserved": "2024-05-22T06:20:56.199Z",
    "dateUpdated": "2024-06-17T16:15:59.888Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47457

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:06

Severity ?

Summary

can: isotp: isotp_sendmsg(): add result check for wait_event_interruptible()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/053bc12df0d6097c1126d0e14fa778a0a8faeb64
	https://git.kernel.org/stable/c/a76abedd2be3926d6deba236a935c7f98abf9110
	https://git.kernel.org/stable/c/9acf636215a6ce9362fe618e7da4913b8bfe84c8

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47457",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T15:53:56.304705Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:15:15.881Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.247Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/053bc12df0d6097c1126d0e14fa778a0a8faeb64"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a76abedd2be3926d6deba236a935c7f98abf9110"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9acf636215a6ce9362fe618e7da4913b8bfe84c8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/can/isotp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "053bc12df0d6",
              "status": "affected",
              "version": "e057dd3fc20f",
              "versionType": "git"
            },
            {
              "lessThan": "a76abedd2be3",
              "status": "affected",
              "version": "e057dd3fc20f",
              "versionType": "git"
            },
            {
              "lessThan": "9acf636215a6",
              "status": "affected",
              "version": "e057dd3fc20f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/can/isotp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.10"
            },
            {
              "lessThan": "5.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.76",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: isotp: isotp_sendmsg(): add result check for wait_event_interruptible()\n\nUsing wait_event_interruptible() to wait for complete transmission,\nbut do not check the result of wait_event_interruptible() which can be\ninterrupted. It will result in TX buffer has multiple accessors and\nthe later process interferes with the previous process.\n\nFollowing is one of the problems reported by syzbot.\n\n=============================================================\nWARNING: CPU: 0 PID: 0 at net/can/isotp.c:840 isotp_tx_timer_handler+0x2e0/0x4c0\nCPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.13.0-rc7+ #68\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1 04/01/2014\nRIP: 0010:isotp_tx_timer_handler+0x2e0/0x4c0\nCall Trace:\n \u003cIRQ\u003e\n ? isotp_setsockopt+0x390/0x390\n __hrtimer_run_queues+0xb8/0x610\n hrtimer_run_softirq+0x91/0xd0\n ? rcu_read_lock_sched_held+0x4d/0x80\n __do_softirq+0xe8/0x553\n irq_exit_rcu+0xf8/0x100\n sysvec_apic_timer_interrupt+0x9e/0xc0\n \u003c/IRQ\u003e\n asm_sysvec_apic_timer_interrupt+0x12/0x20\n\nAdd result check for wait_event_interruptible() in isotp_sendmsg()\nto avoid multiple accessers for tx buffer."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:19.051Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/053bc12df0d6097c1126d0e14fa778a0a8faeb64"
        },
        {
          "url": "https://git.kernel.org/stable/c/a76abedd2be3926d6deba236a935c7f98abf9110"
        },
        {
          "url": "https://git.kernel.org/stable/c/9acf636215a6ce9362fe618e7da4913b8bfe84c8"
        }
      ],
      "title": "can: isotp: isotp_sendmsg(): add result check for wait_event_interruptible()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47457",
    "datePublished": "2024-05-22T06:19:46.021Z",
    "dateReserved": "2024-05-21T14:58:30.833Z",
    "dateUpdated": "2024-11-04T12:06:19.051Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47377

Vulnerability from cvelistv5

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2024-05-28T19:02:12.595Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47377",
    "datePublished": "2024-05-21T15:03:40.389Z",
    "dateRejected": "2024-05-28T19:02:12.595Z",
    "dateReserved": "2024-05-21T14:58:30.811Z",
    "dateUpdated": "2024-05-28T19:02:12.595Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47411

Vulnerability from cvelistv5

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2024-05-25T13:30:07.769Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47411",
    "datePublished": "2024-05-21T15:04:02.643Z",
    "dateRejected": "2024-05-25T13:30:07.769Z",
    "dateReserved": "2024-05-21T14:58:30.817Z",
    "dateUpdated": "2024-05-25T13:30:07.769Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52854

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

padata: Fix refcnt handling in padata_free_shell()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/41aad9d6953984d134fc50f631f24ef476875d4d
	https://git.kernel.org/stable/c/0dd34a7ad395dbcf6ae60e48e9786050e25b9bc5
	https://git.kernel.org/stable/c/c7c26d0ef5d20f00dbb2ae3befcabbe0efa77275
	https://git.kernel.org/stable/c/1e901bcb8af19416b65f5063a4af7996e5a51d7f
	https://git.kernel.org/stable/c/1734a79e951914f1db2c65e635012a35db1c674b
	https://git.kernel.org/stable/c/7ddc21e317b360c3444de3023bcc83b85fabae2f

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52854",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:22:41.019729Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:36.501Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.064Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/41aad9d6953984d134fc50f631f24ef476875d4d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0dd34a7ad395dbcf6ae60e48e9786050e25b9bc5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c7c26d0ef5d20f00dbb2ae3befcabbe0efa77275"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1e901bcb8af19416b65f5063a4af7996e5a51d7f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1734a79e951914f1db2c65e635012a35db1c674b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7ddc21e317b360c3444de3023bcc83b85fabae2f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/padata.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "41aad9d69539",
              "status": "affected",
              "version": "07928d9bfc81",
              "versionType": "git"
            },
            {
              "lessThan": "0dd34a7ad395",
              "status": "affected",
              "version": "07928d9bfc81",
              "versionType": "git"
            },
            {
              "lessThan": "c7c26d0ef5d2",
              "status": "affected",
              "version": "07928d9bfc81",
              "versionType": "git"
            },
            {
              "lessThan": "1e901bcb8af1",
              "status": "affected",
              "version": "07928d9bfc81",
              "versionType": "git"
            },
            {
              "lessThan": "1734a79e9519",
              "status": "affected",
              "version": "07928d9bfc81",
              "versionType": "git"
            },
            {
              "lessThan": "7ddc21e317b3",
              "status": "affected",
              "version": "07928d9bfc81",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/padata.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.6"
            },
            {
              "lessThan": "5.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: Fix refcnt handling in padata_free_shell()\n\nIn a high-load arm64 environment, the pcrypt_aead01 test in LTP can lead\nto system UAF (Use-After-Free) issues. Due to the lengthy analysis of\nthe pcrypt_aead01 function call, I\u0027ll describe the problem scenario\nusing a simplified model:\n\nSuppose there\u0027s a user of padata named `user_function` that adheres to\nthe padata requirement of calling `padata_free_shell` after `serial()`\nhas been invoked, as demonstrated in the following code:\n\n```c\nstruct request {\n    struct padata_priv padata;\n    struct completion *done;\n};\n\nvoid parallel(struct padata_priv *padata) {\n    do_something();\n}\n\nvoid serial(struct padata_priv *padata) {\n    struct request *request = container_of(padata,\n    \t\t\t\tstruct request,\n\t\t\t\tpadata);\n    complete(request-\u003edone);\n}\n\nvoid user_function() {\n    DECLARE_COMPLETION(done)\n    padata-\u003eparallel = parallel;\n    padata-\u003eserial = serial;\n    padata_do_parallel();\n    wait_for_completion(\u0026done);\n    padata_free_shell();\n}\n```\n\nIn the corresponding padata.c file, there\u0027s the following code:\n\n```c\nstatic void padata_serial_worker(struct work_struct *serial_work) {\n    ...\n    cnt = 0;\n\n    while (!list_empty(\u0026local_list)) {\n        ...\n        padata-\u003eserial(padata);\n        cnt++;\n    }\n\n    local_bh_enable();\n\n    if (refcount_sub_and_test(cnt, \u0026pd-\u003erefcnt))\n        padata_free_pd(pd);\n}\n```\n\nBecause of the high system load and the accumulation of unexecuted\nsoftirq at this moment, `local_bh_enable()` in padata takes longer\nto execute than usual. Subsequently, when accessing `pd-\u003erefcnt`,\n`pd` has already been released by `padata_free_shell()`, resulting\nin a UAF issue with `pd-\u003erefcnt`.\n\nThe fix is straightforward: add `refcount_dec_and_test` before calling\n`padata_free_pd` in `padata_free_shell`."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:55.312Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/41aad9d6953984d134fc50f631f24ef476875d4d"
        },
        {
          "url": "https://git.kernel.org/stable/c/0dd34a7ad395dbcf6ae60e48e9786050e25b9bc5"
        },
        {
          "url": "https://git.kernel.org/stable/c/c7c26d0ef5d20f00dbb2ae3befcabbe0efa77275"
        },
        {
          "url": "https://git.kernel.org/stable/c/1e901bcb8af19416b65f5063a4af7996e5a51d7f"
        },
        {
          "url": "https://git.kernel.org/stable/c/1734a79e951914f1db2c65e635012a35db1c674b"
        },
        {
          "url": "https://git.kernel.org/stable/c/7ddc21e317b360c3444de3023bcc83b85fabae2f"
        }
      ],
      "title": "padata: Fix refcnt handling in padata_free_shell()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52854",
    "datePublished": "2024-05-21T15:31:49.235Z",
    "dateReserved": "2024-05-21T15:19:24.256Z",
    "dateUpdated": "2024-11-04T14:53:55.312Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47234

Vulnerability from cvelistv5

Published

2024-05-21 14:19

Modified

2024-11-04 12:02

Severity ?

Summary

phy: phy-mtk-tphy: Fix some resource leaks in mtk_phy_init()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/9a17907946232d01aa2ec109da5f93b8d31dd425
	https://git.kernel.org/stable/c/6472955af5e88b5489b6d78316082ad56ea3e489
	https://git.kernel.org/stable/c/aaac9a1bd370338ce372669eb9a6059d16b929aa

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47234",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T18:51:08.789493Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:12.606Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:07.418Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9a17907946232d01aa2ec109da5f93b8d31dd425"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6472955af5e88b5489b6d78316082ad56ea3e489"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/aaac9a1bd370338ce372669eb9a6059d16b929aa"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/phy/mediatek/phy-mtk-tphy.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9a1790794623",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6472955af5e8",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "aaac9a1bd370",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/phy/mediatek/phy-mtk-tphy.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.46",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: phy-mtk-tphy: Fix some resource leaks in mtk_phy_init()\n\nUse clk_disable_unprepare() in the error path of mtk_phy_init() to fix\nsome resource leaks."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:02:00.644Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9a17907946232d01aa2ec109da5f93b8d31dd425"
        },
        {
          "url": "https://git.kernel.org/stable/c/6472955af5e88b5489b6d78316082ad56ea3e489"
        },
        {
          "url": "https://git.kernel.org/stable/c/aaac9a1bd370338ce372669eb9a6059d16b929aa"
        }
      ],
      "title": "phy: phy-mtk-tphy: Fix some resource leaks in mtk_phy_init()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47234",
    "datePublished": "2024-05-21T14:19:36.414Z",
    "dateReserved": "2024-04-10T18:59:19.530Z",
    "dateUpdated": "2024-11-04T12:02:00.644Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47404

Vulnerability from cvelistv5

Published

2024-05-21 15:03

Modified

2024-11-04 12:05

Severity ?

Summary

HID: betop: fix slab-out-of-bounds Write in betop_probe

References

▼	URL	Tags
	https://git.kernel.org/stable/c/a4faa7153b87fbcfe4be15f4278676f79ca6e019
	https://git.kernel.org/stable/c/6fc4476dda58f6c00097c7ddec3b772513f57525
	https://git.kernel.org/stable/c/1c83c38dec83d57bc18d0c01d82c413d3b34ccb9
	https://git.kernel.org/stable/c/bb8b72374db69afa25a5b65cf1c092860c6fe914
	https://git.kernel.org/stable/c/fe9bb925e7096509711660d39c0493a1546e9550
	https://git.kernel.org/stable/c/dedfc35a2de2bae9fa3da8210a05bfd515f83fee
	https://git.kernel.org/stable/c/708107b80aa616976d1c5fa60ac0c1390749db5e
	https://git.kernel.org/stable/c/1e4ce418b1cb1a810256b5fb3fd33d22d1325993

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47404",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T17:40:32.628487Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T17:42:16.335Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.325Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a4faa7153b87fbcfe4be15f4278676f79ca6e019"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6fc4476dda58f6c00097c7ddec3b772513f57525"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1c83c38dec83d57bc18d0c01d82c413d3b34ccb9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bb8b72374db69afa25a5b65cf1c092860c6fe914"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fe9bb925e7096509711660d39c0493a1546e9550"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dedfc35a2de2bae9fa3da8210a05bfd515f83fee"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/708107b80aa616976d1c5fa60ac0c1390749db5e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1e4ce418b1cb1a810256b5fb3fd33d22d1325993"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/hid/hid-betopff.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a4faa7153b87",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6fc4476dda58",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "1c83c38dec83",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "bb8b72374db6",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "fe9bb925e709",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "dedfc35a2de2",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "708107b80aa6",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "1e4ce418b1cb",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/hid/hid-betopff.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.286",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.285",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.249",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.209",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.151",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.71",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: betop: fix slab-out-of-bounds Write in betop_probe\n\nSyzbot reported slab-out-of-bounds Write bug in hid-betopff driver.\nThe problem is the driver assumes the device must have an input report but\nsome malicious devices violate this assumption.\n\nSo this patch checks hid_device\u0027s input is non empty before it\u0027s been used."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:16.663Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a4faa7153b87fbcfe4be15f4278676f79ca6e019"
        },
        {
          "url": "https://git.kernel.org/stable/c/6fc4476dda58f6c00097c7ddec3b772513f57525"
        },
        {
          "url": "https://git.kernel.org/stable/c/1c83c38dec83d57bc18d0c01d82c413d3b34ccb9"
        },
        {
          "url": "https://git.kernel.org/stable/c/bb8b72374db69afa25a5b65cf1c092860c6fe914"
        },
        {
          "url": "https://git.kernel.org/stable/c/fe9bb925e7096509711660d39c0493a1546e9550"
        },
        {
          "url": "https://git.kernel.org/stable/c/dedfc35a2de2bae9fa3da8210a05bfd515f83fee"
        },
        {
          "url": "https://git.kernel.org/stable/c/708107b80aa616976d1c5fa60ac0c1390749db5e"
        },
        {
          "url": "https://git.kernel.org/stable/c/1e4ce418b1cb1a810256b5fb3fd33d22d1325993"
        }
      ],
      "title": "HID: betop: fix slab-out-of-bounds Write in betop_probe",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47404",
    "datePublished": "2024-05-21T15:03:58.021Z",
    "dateReserved": "2024-05-21T14:58:30.816Z",
    "dateUpdated": "2024-11-04T12:05:16.663Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47460

Vulnerability from cvelistv5

Published

2024-05-22 06:23

Modified

2024-11-04 12:06

Severity ?

Summary

ocfs2: fix data corruption after conversion from inline format

References

▼	URL	Tags
	https://git.kernel.org/stable/c/560edd14de2bf9dbc0129681eeb4d5ef87cc105f
	https://git.kernel.org/stable/c/8e6bfb4f70168ddfd32fb6dc028ad52faaf1f32e
	https://git.kernel.org/stable/c/a3a089c241cd49b33a8cdd7fcb37cc87a086912a
	https://git.kernel.org/stable/c/b05caf023b14cbed9223bb5b48ecc7bffe38f632
	https://git.kernel.org/stable/c/f1b98569e81c37d7e0deada7172f8f60860c1360
	https://git.kernel.org/stable/c/fa9b6b6c953e3f6441ed6cf83b4c771dac2dae08
	https://git.kernel.org/stable/c/5314454ea3ff6fc746eaf71b9a7ceebed52888fa

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47460",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-26T14:38:02.997186Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-26T14:38:12.616Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:58.992Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/560edd14de2bf9dbc0129681eeb4d5ef87cc105f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8e6bfb4f70168ddfd32fb6dc028ad52faaf1f32e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a3a089c241cd49b33a8cdd7fcb37cc87a086912a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b05caf023b14cbed9223bb5b48ecc7bffe38f632"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f1b98569e81c37d7e0deada7172f8f60860c1360"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fa9b6b6c953e3f6441ed6cf83b4c771dac2dae08"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5314454ea3ff6fc746eaf71b9a7ceebed52888fa"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/ocfs2/alloc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "560edd14de2b",
              "status": "affected",
              "version": "acef5107e2ea",
              "versionType": "git"
            },
            {
              "lessThan": "8e6bfb4f7016",
              "status": "affected",
              "version": "7ed80e77c908",
              "versionType": "git"
            },
            {
              "lessThan": "a3a089c241cd",
              "status": "affected",
              "version": "7ce2b16bad2c",
              "versionType": "git"
            },
            {
              "lessThan": "b05caf023b14",
              "status": "affected",
              "version": "f8a6a2ed4b7d",
              "versionType": "git"
            },
            {
              "lessThan": "f1b98569e81c",
              "status": "affected",
              "version": "6dbf7bb55598",
              "versionType": "git"
            },
            {
              "lessThan": "fa9b6b6c953e",
              "status": "affected",
              "version": "6dbf7bb55598",
              "versionType": "git"
            },
            {
              "lessThan": "5314454ea3ff",
              "status": "affected",
              "version": "6dbf7bb55598",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/ocfs2/alloc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.10"
            },
            {
              "lessThan": "5.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.288",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.253",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.214",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.156",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.76",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix data corruption after conversion from inline format\n\nCommit 6dbf7bb55598 (\"fs: Don\u0027t invalidate page buffers in\nblock_write_full_page()\") uncovered a latent bug in ocfs2 conversion\nfrom inline inode format to a normal inode format.\n\nThe code in ocfs2_convert_inline_data_to_extents() attempts to zero out\nthe whole cluster allocated for file data by grabbing, zeroing, and\ndirtying all pages covering this cluster.  However these pages are\nbeyond i_size, thus writeback code generally ignores these dirty pages\nand no blocks were ever actually zeroed on the disk.\n\nThis oversight was fixed by commit 693c241a5f6a (\"ocfs2: No need to zero\npages past i_size.\") for standard ocfs2 write path, inline conversion\npath was apparently forgotten; the commit log also has a reasoning why\nthe zeroing actually is not needed.\n\nAfter commit 6dbf7bb55598, things became worse as writeback code stopped\ninvalidating buffers on pages beyond i_size and thus these pages end up\nwith clean PageDirty bit but with buffers attached to these pages being\nstill dirty.  So when a file is converted from inline format, then\nwriteback triggers, and then the file is grown so that these pages\nbecome valid, the invalid dirtiness state is preserved,\nmark_buffer_dirty() does nothing on these pages (buffers are already\ndirty) but page is never written back because it is clean.  So data\nwritten to these pages is lost once pages are reclaimed.\n\nSimple reproducer for the problem is:\n\n  xfs_io -f -c \"pwrite 0 2000\" -c \"pwrite 2000 2000\" -c \"fsync\" \\\n    -c \"pwrite 4000 2000\" ocfs2_file\n\nAfter unmounting and mounting the fs again, you can observe that end of\n\u0027ocfs2_file\u0027 has lost its contents.\n\nFix the problem by not doing the pointless zeroing during conversion\nfrom inline format similarly as in the standard write path.\n\n[akpm@linux-foundation.org: fix whitespace, per Joseph]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:22.465Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/560edd14de2bf9dbc0129681eeb4d5ef87cc105f"
        },
        {
          "url": "https://git.kernel.org/stable/c/8e6bfb4f70168ddfd32fb6dc028ad52faaf1f32e"
        },
        {
          "url": "https://git.kernel.org/stable/c/a3a089c241cd49b33a8cdd7fcb37cc87a086912a"
        },
        {
          "url": "https://git.kernel.org/stable/c/b05caf023b14cbed9223bb5b48ecc7bffe38f632"
        },
        {
          "url": "https://git.kernel.org/stable/c/f1b98569e81c37d7e0deada7172f8f60860c1360"
        },
        {
          "url": "https://git.kernel.org/stable/c/fa9b6b6c953e3f6441ed6cf83b4c771dac2dae08"
        },
        {
          "url": "https://git.kernel.org/stable/c/5314454ea3ff6fc746eaf71b9a7ceebed52888fa"
        }
      ],
      "title": "ocfs2: fix data corruption after conversion from inline format",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47460",
    "datePublished": "2024-05-22T06:23:21.724Z",
    "dateReserved": "2024-05-22T06:20:56.197Z",
    "dateUpdated": "2024-11-04T12:06:22.465Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52750

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:51

Severity ?

Summary

arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer

References

▼	URL	Tags
	https://git.kernel.org/stable/c/d08a1e75253b4e19ae290b1c35349f12cfcebc0a
	https://git.kernel.org/stable/c/936c9c10efaefaf1ab3ef020e1f8aaaaff1ad2f9
	https://git.kernel.org/stable/c/ef0224ee5399ea8a46bc07dc6c6494961ed5fdd2
	https://git.kernel.org/stable/c/bd31e534721ab95ef237020fe6995c899ffdf21a
	https://git.kernel.org/stable/c/69e619d2fd056fe1f5d0adf01584f2da669e0d28
	https://git.kernel.org/stable/c/146a15b873353f8ac28dc281c139ff611a3c4848

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.774Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d08a1e75253b4e19ae290b1c35349f12cfcebc0a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/936c9c10efaefaf1ab3ef020e1f8aaaaff1ad2f9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ef0224ee5399ea8a46bc07dc6c6494961ed5fdd2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bd31e534721ab95ef237020fe6995c899ffdf21a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/69e619d2fd056fe1f5d0adf01584f2da669e0d28"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/146a15b873353f8ac28dc281c139ff611a3c4848"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52750",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:19.073827Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:33.056Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/arm64/Kconfig"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d08a1e75253b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "936c9c10efae",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "ef0224ee5399",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "bd31e534721a",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "69e619d2fd05",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "146a15b87335",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/arm64/Kconfig"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer\n\nPrior to LLVM 15.0.0, LLVM\u0027s integrated assembler would incorrectly\nbyte-swap NOP when compiling for big-endian, and the resulting series of\nbytes happened to match the encoding of FNMADD S21, S30, S0, S0.\n\nThis went unnoticed until commit:\n\n  34f66c4c4d5518c1 (\"arm64: Use a positive cpucap for FP/SIMD\")\n\nPrior to that commit, the kernel would always enable the use of FPSIMD\nearly in boot when __cpu_setup() initialized CPACR_EL1, and so usage of\nFNMADD within the kernel was not detected, but could result in the\ncorruption of user or kernel FPSIMD state.\n\nAfter that commit, the instructions happen to trap during boot prior to\nFPSIMD being detected and enabled, e.g.\n\n| Unhandled 64-bit el1h sync exception on CPU0, ESR 0x000000001fe00000 -- ASIMD\n| CPU: 0 PID: 0 Comm: swapper Not tainted 6.6.0-rc3-00013-g34f66c4c4d55 #1\n| Hardware name: linux,dummy-virt (DT)\n| pstate: 400000c9 (nZcv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n| pc : __pi_strcmp+0x1c/0x150\n| lr : populate_properties+0xe4/0x254\n| sp : ffffd014173d3ad0\n| x29: ffffd014173d3af0 x28: fffffbfffddffcb8 x27: 0000000000000000\n| x26: 0000000000000058 x25: fffffbfffddfe054 x24: 0000000000000008\n| x23: fffffbfffddfe000 x22: fffffbfffddfe000 x21: fffffbfffddfe044\n| x20: ffffd014173d3b70 x19: 0000000000000001 x18: 0000000000000005\n| x17: 0000000000000010 x16: 0000000000000000 x15: 00000000413e7000\n| x14: 0000000000000000 x13: 0000000000001bcc x12: 0000000000000000\n| x11: 00000000d00dfeed x10: ffffd414193f2cd0 x9 : 0000000000000000\n| x8 : 0101010101010101 x7 : ffffffffffffffc0 x6 : 0000000000000000\n| x5 : 0000000000000000 x4 : 0101010101010101 x3 : 000000000000002a\n| x2 : 0000000000000001 x1 : ffffd014171f2988 x0 : fffffbfffddffcb8\n| Kernel panic - not syncing: Unhandled exception\n| CPU: 0 PID: 0 Comm: swapper Not tainted 6.6.0-rc3-00013-g34f66c4c4d55 #1\n| Hardware name: linux,dummy-virt (DT)\n| Call trace:\n|  dump_backtrace+0xec/0x108\n|  show_stack+0x18/0x2c\n|  dump_stack_lvl+0x50/0x68\n|  dump_stack+0x18/0x24\n|  panic+0x13c/0x340\n|  el1t_64_irq_handler+0x0/0x1c\n|  el1_abort+0x0/0x5c\n|  el1h_64_sync+0x64/0x68\n|  __pi_strcmp+0x1c/0x150\n|  unflatten_dt_nodes+0x1e8/0x2d8\n|  __unflatten_device_tree+0x5c/0x15c\n|  unflatten_device_tree+0x38/0x50\n|  setup_arch+0x164/0x1e0\n|  start_kernel+0x64/0x38c\n|  __primary_switched+0xbc/0xc4\n\nRestrict CONFIG_CPU_BIG_ENDIAN to a known good assembler, which is\neither GNU as or LLVM\u0027s IAS 15.0.0 and newer, which contains the linked\ncommit."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:59.293Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d08a1e75253b4e19ae290b1c35349f12cfcebc0a"
        },
        {
          "url": "https://git.kernel.org/stable/c/936c9c10efaefaf1ab3ef020e1f8aaaaff1ad2f9"
        },
        {
          "url": "https://git.kernel.org/stable/c/ef0224ee5399ea8a46bc07dc6c6494961ed5fdd2"
        },
        {
          "url": "https://git.kernel.org/stable/c/bd31e534721ab95ef237020fe6995c899ffdf21a"
        },
        {
          "url": "https://git.kernel.org/stable/c/69e619d2fd056fe1f5d0adf01584f2da669e0d28"
        },
        {
          "url": "https://git.kernel.org/stable/c/146a15b873353f8ac28dc281c139ff611a3c4848"
        }
      ],
      "title": "arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52750",
    "datePublished": "2024-05-21T15:30:39.564Z",
    "dateReserved": "2024-05-21T15:19:24.234Z",
    "dateUpdated": "2024-11-04T14:51:59.293Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47483

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:06

Severity ?

Summary

regmap: Fix possible double-free in regcache_rbtree_exit()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/e72dce9afbdbfa70d9b44f5908a50ff6c4858999
	https://git.kernel.org/stable/c/fc081477b47dfc3a6cb50a96087fc29674013fc2
	https://git.kernel.org/stable/c/758ced2c3878ff789801e6fee808e185c5cf08d6
	https://git.kernel.org/stable/c/3dae1a4eced3ee733d7222e69b8a55caf2d61091
	https://git.kernel.org/stable/c/1cead23c1c0bc766dacb900a3b0269f651ad596f
	https://git.kernel.org/stable/c/36e911a16b377bde0ad91a8c679069d0d310b1a6
	https://git.kernel.org/stable/c/50cc1462a668dc62949a1127388bc3af785ce047
	https://git.kernel.org/stable/c/55e6d8037805b3400096d621091dfbf713f97e83

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.752Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e72dce9afbdbfa70d9b44f5908a50ff6c4858999"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fc081477b47dfc3a6cb50a96087fc29674013fc2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/758ced2c3878ff789801e6fee808e185c5cf08d6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3dae1a4eced3ee733d7222e69b8a55caf2d61091"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1cead23c1c0bc766dacb900a3b0269f651ad596f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/36e911a16b377bde0ad91a8c679069d0d310b1a6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/50cc1462a668dc62949a1127388bc3af785ce047"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/55e6d8037805b3400096d621091dfbf713f97e83"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47483",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:35:58.617398Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:53.194Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/base/regmap/regcache-rbtree.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e72dce9afbdb",
              "status": "affected",
              "version": "3f4ff561bc88",
              "versionType": "git"
            },
            {
              "lessThan": "fc081477b47d",
              "status": "affected",
              "version": "3f4ff561bc88",
              "versionType": "git"
            },
            {
              "lessThan": "758ced2c3878",
              "status": "affected",
              "version": "3f4ff561bc88",
              "versionType": "git"
            },
            {
              "lessThan": "3dae1a4eced3",
              "status": "affected",
              "version": "3f4ff561bc88",
              "versionType": "git"
            },
            {
              "lessThan": "1cead23c1c0b",
              "status": "affected",
              "version": "3f4ff561bc88",
              "versionType": "git"
            },
            {
              "lessThan": "36e911a16b37",
              "status": "affected",
              "version": "3f4ff561bc88",
              "versionType": "git"
            },
            {
              "lessThan": "50cc1462a668",
              "status": "affected",
              "version": "3f4ff561bc88",
              "versionType": "git"
            },
            {
              "lessThan": "55e6d8037805",
              "status": "affected",
              "version": "3f4ff561bc88",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/base/regmap/regcache-rbtree.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.12"
            },
            {
              "lessThan": "3.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.291",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.289",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.254",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.215",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.157",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.77",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nregmap: Fix possible double-free in regcache_rbtree_exit()\n\nIn regcache_rbtree_insert_to_block(), when \u0027present\u0027 realloc failed,\nthe \u0027blk\u0027 which is supposed to assign to \u0027rbnode-\u003eblock\u0027 will be freed,\nso \u0027rbnode-\u003eblock\u0027 points a freed memory, in the error handling path of\nregcache_rbtree_init(), \u0027rbnode-\u003eblock\u0027 will be freed again in\nregcache_rbtree_exit(), KASAN will report double-free as follows:\n\nBUG: KASAN: double-free or invalid-free in kfree+0xce/0x390\nCall Trace:\n slab_free_freelist_hook+0x10d/0x240\n kfree+0xce/0x390\n regcache_rbtree_exit+0x15d/0x1a0\n regcache_rbtree_init+0x224/0x2c0\n regcache_init+0x88d/0x1310\n __regmap_init+0x3151/0x4a80\n __devm_regmap_init+0x7d/0x100\n madera_spi_probe+0x10f/0x333 [madera_spi]\n spi_probe+0x183/0x210\n really_probe+0x285/0xc30\n\nTo fix this, moving up the assignment of rbnode-\u003eblock to immediately after\nthe reallocation has succeeded so that the data structure stays valid even\nif the second reallocation fails."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:48.365Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e72dce9afbdbfa70d9b44f5908a50ff6c4858999"
        },
        {
          "url": "https://git.kernel.org/stable/c/fc081477b47dfc3a6cb50a96087fc29674013fc2"
        },
        {
          "url": "https://git.kernel.org/stable/c/758ced2c3878ff789801e6fee808e185c5cf08d6"
        },
        {
          "url": "https://git.kernel.org/stable/c/3dae1a4eced3ee733d7222e69b8a55caf2d61091"
        },
        {
          "url": "https://git.kernel.org/stable/c/1cead23c1c0bc766dacb900a3b0269f651ad596f"
        },
        {
          "url": "https://git.kernel.org/stable/c/36e911a16b377bde0ad91a8c679069d0d310b1a6"
        },
        {
          "url": "https://git.kernel.org/stable/c/50cc1462a668dc62949a1127388bc3af785ce047"
        },
        {
          "url": "https://git.kernel.org/stable/c/55e6d8037805b3400096d621091dfbf713f97e83"
        }
      ],
      "title": "regmap: Fix possible double-free in regcache_rbtree_exit()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47483",
    "datePublished": "2024-05-22T08:19:34.852Z",
    "dateReserved": "2024-05-22T06:20:56.200Z",
    "dateUpdated": "2024-11-04T12:06:48.365Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52800

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-06 19:04

Severity ?

4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Summary

wifi: ath11k: fix htt pktlog locking

References

▼	URL	Tags
	https://git.kernel.org/stable/c/03ed26935bebf6b6fd8a656490bf3dcc71b72679
	https://git.kernel.org/stable/c/3a51e6b4da71fdfa43ec006d6abc020f3e22d14e
	https://git.kernel.org/stable/c/e3199b3fac65c9f103055390b6fd07c5cffa5961
	https://git.kernel.org/stable/c/423762f021825b5e57c3d6f01ff96a9ff19cdcd8
	https://git.kernel.org/stable/c/69cede2a5a5f60e3f5602b901b52cb64edd2ea6c
	https://git.kernel.org/stable/c/3f77c7d605b29df277d77e9ee75d96e7ad145d2d

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 4.4,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52800",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T17:43:54.246107Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T19:04:08.110Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.060Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/03ed26935bebf6b6fd8a656490bf3dcc71b72679"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3a51e6b4da71fdfa43ec006d6abc020f3e22d14e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e3199b3fac65c9f103055390b6fd07c5cffa5961"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/423762f021825b5e57c3d6f01ff96a9ff19cdcd8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/69cede2a5a5f60e3f5602b901b52cb64edd2ea6c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3f77c7d605b29df277d77e9ee75d96e7ad145d2d"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath11k/dp_rx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "03ed26935beb",
              "status": "affected",
              "version": "d5c65159f289",
              "versionType": "git"
            },
            {
              "lessThan": "3a51e6b4da71",
              "status": "affected",
              "version": "d5c65159f289",
              "versionType": "git"
            },
            {
              "lessThan": "e3199b3fac65",
              "status": "affected",
              "version": "d5c65159f289",
              "versionType": "git"
            },
            {
              "lessThan": "423762f02182",
              "status": "affected",
              "version": "d5c65159f289",
              "versionType": "git"
            },
            {
              "lessThan": "69cede2a5a5f",
              "status": "affected",
              "version": "d5c65159f289",
              "versionType": "git"
            },
            {
              "lessThan": "3f77c7d605b2",
              "status": "affected",
              "version": "d5c65159f289",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath11k/dp_rx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.6"
            },
            {
              "lessThan": "5.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix htt pktlog locking\n\nThe ath11k active pdevs are protected by RCU but the htt pktlog handling\ncode calling ath11k_mac_get_ar_by_pdev_id() was not marked as a\nread-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:58.489Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/03ed26935bebf6b6fd8a656490bf3dcc71b72679"
        },
        {
          "url": "https://git.kernel.org/stable/c/3a51e6b4da71fdfa43ec006d6abc020f3e22d14e"
        },
        {
          "url": "https://git.kernel.org/stable/c/e3199b3fac65c9f103055390b6fd07c5cffa5961"
        },
        {
          "url": "https://git.kernel.org/stable/c/423762f021825b5e57c3d6f01ff96a9ff19cdcd8"
        },
        {
          "url": "https://git.kernel.org/stable/c/69cede2a5a5f60e3f5602b901b52cb64edd2ea6c"
        },
        {
          "url": "https://git.kernel.org/stable/c/3f77c7d605b29df277d77e9ee75d96e7ad145d2d"
        }
      ],
      "title": "wifi: ath11k: fix htt pktlog locking",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52800",
    "datePublished": "2024-05-21T15:31:13.033Z",
    "dateReserved": "2024-05-21T15:19:24.247Z",
    "dateUpdated": "2024-11-06T19:04:08.110Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52730

Vulnerability from cvelistv5

Published

2024-05-21 15:22

Modified

2024-11-04 14:51

Severity ?

Summary

mmc: sdio: fix possible resource leaks in some error paths

References

▼	URL	Tags
	https://git.kernel.org/stable/c/92ff03c2563c9b57a027c744750f3b7d2f261c58
	https://git.kernel.org/stable/c/5c7858adada31dbed042448cff6997dd6efc472a
	https://git.kernel.org/stable/c/761db46b29b496946046d8cb33c7ea6de6bef36e
	https://git.kernel.org/stable/c/30716d9f0fa1766e522cf24c8a456244e4fc9931
	https://git.kernel.org/stable/c/1e06cf04239e202248c8fa356bf11449dc73cfbd
	https://git.kernel.org/stable/c/f855d31bb38d663c3ba672345d7cce9324ba3b72
	https://git.kernel.org/stable/c/605d9fb9556f8f5fb4566f4df1480f280f308ded

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.273Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/92ff03c2563c9b57a027c744750f3b7d2f261c58"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5c7858adada31dbed042448cff6997dd6efc472a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/761db46b29b496946046d8cb33c7ea6de6bef36e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/30716d9f0fa1766e522cf24c8a456244e4fc9931"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1e06cf04239e202248c8fa356bf11449dc73cfbd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f855d31bb38d663c3ba672345d7cce9324ba3b72"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/605d9fb9556f8f5fb4566f4df1480f280f308ded"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52730",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:41.339440Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:56.604Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/mmc/core/sdio_bus.c",
            "drivers/mmc/core/sdio_cis.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "92ff03c2563c",
              "status": "affected",
              "version": "3d10a1ba0d37",
              "versionType": "git"
            },
            {
              "lessThan": "5c7858adada3",
              "status": "affected",
              "version": "3d10a1ba0d37",
              "versionType": "git"
            },
            {
              "lessThan": "761db46b29b4",
              "status": "affected",
              "version": "3d10a1ba0d37",
              "versionType": "git"
            },
            {
              "lessThan": "30716d9f0fa1",
              "status": "affected",
              "version": "3d10a1ba0d37",
              "versionType": "git"
            },
            {
              "lessThan": "1e06cf04239e",
              "status": "affected",
              "version": "3d10a1ba0d37",
              "versionType": "git"
            },
            {
              "lessThan": "f855d31bb38d",
              "status": "affected",
              "version": "3d10a1ba0d37",
              "versionType": "git"
            },
            {
              "lessThan": "605d9fb9556f",
              "status": "affected",
              "version": "3d10a1ba0d37",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/mmc/core/sdio_bus.c",
            "drivers/mmc/core/sdio_cis.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.33"
            },
            {
              "lessThan": "2.6.33",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.306",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.273",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.232",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.169",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.95",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdio: fix possible resource leaks in some error paths\n\nIf sdio_add_func() or sdio_init_func() fails, sdio_remove_func() can\nnot release the resources, because the sdio function is not presented\nin these two cases, it won\u0027t call of_node_put() or put_device().\n\nTo fix these leaks, make sdio_func_present() only control whether\ndevice_del() needs to be called or not, then always call of_node_put()\nand put_device().\n\nIn error case in sdio_init_func(), the reference of \u0027card-\u003edev\u0027 is\nnot get, to avoid redundant put in sdio_free_func_cis(), move the\nget_device() to sdio_alloc_func() and put_device() to sdio_release_func(),\nit can keep the get/put function be balanced.\n\nWithout this patch, while doing fault inject test, it can get the\nfollowing leak reports, after this fix, the leak is gone.\n\nunreferenced object 0xffff888112514000 (size 2048):\n  comm \"kworker/3:2\", pid 65, jiffies 4294741614 (age 124.774s)\n  hex dump (first 32 bytes):\n    00 e0 6f 12 81 88 ff ff 60 58 8d 06 81 88 ff ff  ..o.....`X......\n    10 40 51 12 81 88 ff ff 10 40 51 12 81 88 ff ff  .@Q......@Q.....\n  backtrace:\n    [\u003c000000009e5931da\u003e] kmalloc_trace+0x21/0x110\n    [\u003c000000002f839ccb\u003e] mmc_alloc_card+0x38/0xb0 [mmc_core]\n    [\u003c0000000004adcbf6\u003e] mmc_sdio_init_card+0xde/0x170 [mmc_core]\n    [\u003c000000007538fea0\u003e] mmc_attach_sdio+0xcb/0x1b0 [mmc_core]\n    [\u003c00000000d4fdeba7\u003e] mmc_rescan+0x54a/0x640 [mmc_core]\n\nunreferenced object 0xffff888112511000 (size 2048):\n  comm \"kworker/3:2\", pid 65, jiffies 4294741623 (age 124.766s)\n  hex dump (first 32 bytes):\n    00 40 51 12 81 88 ff ff e0 58 8d 06 81 88 ff ff  .@Q......X......\n    10 10 51 12 81 88 ff ff 10 10 51 12 81 88 ff ff  ..Q.......Q.....\n  backtrace:\n    [\u003c000000009e5931da\u003e] kmalloc_trace+0x21/0x110\n    [\u003c00000000fcbe706c\u003e] sdio_alloc_func+0x35/0x100 [mmc_core]\n    [\u003c00000000c68f4b50\u003e] mmc_attach_sdio.cold.18+0xb1/0x395 [mmc_core]\n    [\u003c00000000d4fdeba7\u003e] mmc_rescan+0x54a/0x640 [mmc_core]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:36.766Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/92ff03c2563c9b57a027c744750f3b7d2f261c58"
        },
        {
          "url": "https://git.kernel.org/stable/c/5c7858adada31dbed042448cff6997dd6efc472a"
        },
        {
          "url": "https://git.kernel.org/stable/c/761db46b29b496946046d8cb33c7ea6de6bef36e"
        },
        {
          "url": "https://git.kernel.org/stable/c/30716d9f0fa1766e522cf24c8a456244e4fc9931"
        },
        {
          "url": "https://git.kernel.org/stable/c/1e06cf04239e202248c8fa356bf11449dc73cfbd"
        },
        {
          "url": "https://git.kernel.org/stable/c/f855d31bb38d663c3ba672345d7cce9324ba3b72"
        },
        {
          "url": "https://git.kernel.org/stable/c/605d9fb9556f8f5fb4566f4df1480f280f308ded"
        }
      ],
      "title": "mmc: sdio: fix possible resource leaks in some error paths",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52730",
    "datePublished": "2024-05-21T15:22:56.633Z",
    "dateReserved": "2024-05-21T15:19:24.232Z",
    "dateUpdated": "2024-11-04T14:51:36.766Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47428

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

powerpc/64s: fix program check interrupt emergency stack path

References

▼	URL	Tags
	https://git.kernel.org/stable/c/411b38fe68ba20a8bbe724b0939762c3f16e16ca
	https://git.kernel.org/stable/c/c835b3d1d6362b4a4ebb192da7e7fd27a0a45d01
	https://git.kernel.org/stable/c/3e607dc4df180b72a38e75030cb0f94d12808712

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47428",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T19:45:14.633880Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:19.775Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.228Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/411b38fe68ba20a8bbe724b0939762c3f16e16ca"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c835b3d1d6362b4a4ebb192da7e7fd27a0a45d01"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3e607dc4df180b72a38e75030cb0f94d12808712"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/powerpc/kernel/exceptions-64s.S"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "411b38fe68ba",
              "status": "affected",
              "version": "0a882e28468f",
              "versionType": "git"
            },
            {
              "lessThan": "c835b3d1d636",
              "status": "affected",
              "version": "0a882e28468f",
              "versionType": "git"
            },
            {
              "lessThan": "3e607dc4df18",
              "status": "affected",
              "version": "0a882e28468f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/powerpc/kernel/exceptions-64s.S"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.3"
            },
            {
              "lessThan": "5.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.73",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64s: fix program check interrupt emergency stack path\n\nEmergency stack path was jumping into a 3: label inside the\n__GEN_COMMON_BODY macro for the normal path after it had finished,\nrather than jumping over it. By a small miracle this is the correct\nplace to build up a new interrupt frame with the existing stack\npointer, so things basically worked okay with an added weird looking\n700 trap frame on top (which had the wrong -\u003enip so it didn\u0027t decode\nbug messages either).\n\nFix this by avoiding using numeric labels when jumping over non-trivial\nmacros.\n\nBefore:\n\n LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA PowerNV\n Modules linked in:\n CPU: 0 PID: 88 Comm: sh Not tainted 5.15.0-rc2-00034-ge057cdade6e5 #2637\n NIP:  7265677368657265 LR: c00000000006c0c8 CTR: c0000000000097f0\n REGS: c0000000fffb3a50 TRAP: 0700   Not tainted\n MSR:  9000000000021031 \u003cSF,HV,ME,IR,DR,LE\u003e  CR: 00000700  XER: 20040000\n CFAR: c0000000000098b0 IRQMASK: 0\n GPR00: c00000000006c964 c0000000fffb3cf0 c000000001513800 0000000000000000\n GPR04: 0000000048ab0778 0000000042000000 0000000000000000 0000000000001299\n GPR08: 000001e447c718ec 0000000022424282 0000000000002710 c00000000006bee8\n GPR12: 9000000000009033 c0000000016b0000 00000000000000b0 0000000000000001\n GPR16: 0000000000000000 0000000000000002 0000000000000000 0000000000000ff8\n GPR20: 0000000000001fff 0000000000000007 0000000000000080 00007fff89d90158\n GPR24: 0000000002000000 0000000002000000 0000000000000255 0000000000000300\n GPR28: c000000001270000 0000000042000000 0000000048ab0778 c000000080647e80\n NIP [7265677368657265] 0x7265677368657265\n LR [c00000000006c0c8] ___do_page_fault+0x3f8/0xb10\n Call Trace:\n [c0000000fffb3cf0] [c00000000000bdac] soft_nmi_common+0x13c/0x1d0 (unreliable)\n --- interrupt: 700 at decrementer_common_virt+0xb8/0x230\n NIP:  c0000000000098b8 LR: c00000000006c0c8 CTR: c0000000000097f0\n REGS: c0000000fffb3d60 TRAP: 0700   Not tainted\n MSR:  9000000000021031 \u003cSF,HV,ME,IR,DR,LE\u003e  CR: 22424282  XER: 20040000\n CFAR: c0000000000098b0 IRQMASK: 0\n GPR00: c00000000006c964 0000000000002400 c000000001513800 0000000000000000\n GPR04: 0000000048ab0778 0000000042000000 0000000000000000 0000000000001299\n GPR08: 000001e447c718ec 0000000022424282 0000000000002710 c00000000006bee8\n GPR12: 9000000000009033 c0000000016b0000 00000000000000b0 0000000000000001\n GPR16: 0000000000000000 0000000000000002 0000000000000000 0000000000000ff8\n GPR20: 0000000000001fff 0000000000000007 0000000000000080 00007fff89d90158\n GPR24: 0000000002000000 0000000002000000 0000000000000255 0000000000000300\n GPR28: c000000001270000 0000000042000000 0000000048ab0778 c000000080647e80\n NIP [c0000000000098b8] decrementer_common_virt+0xb8/0x230\n LR [c00000000006c0c8] ___do_page_fault+0x3f8/0xb10\n --- interrupt: 700\n Instruction dump:\n XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX\n XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX\n ---[ end trace 6d28218e0cc3c949 ]---\n\nAfter:\n\n ------------[ cut here ]------------\n kernel BUG at arch/powerpc/kernel/exceptions-64s.S:491!\n Oops: Exception in kernel mode, sig: 5 [#1]\n LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA PowerNV\n Modules linked in:\n CPU: 0 PID: 88 Comm: login Not tainted 5.15.0-rc2-00034-ge057cdade6e5-dirty #2638\n NIP:  c0000000000098b8 LR: c00000000006bf04 CTR: c0000000000097f0\n REGS: c0000000fffb3d60 TRAP: 0700   Not tainted\n MSR:  9000000000021031 \u003cSF,HV,ME,IR,DR,LE\u003e  CR: 24482227  XER: 00040000\n CFAR: c0000000000098b0 IRQMASK: 0\n GPR00: c00000000006bf04 0000000000002400 c000000001513800 c000000001271868\n GPR04: 00000000100f0d29 0000000042000000 0000000000000007 0000000000000009\n GPR08: 00000000100f0d29 0000000024482227 0000000000002710 c000000000181b3c\n GPR12: 9000000000009033 c0000000016b0000 00000000100f0d29 c000000005b22f00\n GPR16: 00000000ffff0000 0000000000000001 0000000000000009 00000000100eed90\n GPR20: 00000000100eed90 00000\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:43.521Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/411b38fe68ba20a8bbe724b0939762c3f16e16ca"
        },
        {
          "url": "https://git.kernel.org/stable/c/c835b3d1d6362b4a4ebb192da7e7fd27a0a45d01"
        },
        {
          "url": "https://git.kernel.org/stable/c/3e607dc4df180b72a38e75030cb0f94d12808712"
        }
      ],
      "title": "powerpc/64s: fix program check interrupt emergency stack path",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47428",
    "datePublished": "2024-05-21T15:04:13.910Z",
    "dateReserved": "2024-05-21T14:58:30.828Z",
    "dateUpdated": "2024-11-04T12:05:43.521Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47496

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:07

Severity ?

Summary

net/tls: Fix flipped sign in tls_err_abort() calls

References

▼	URL	Tags
	https://git.kernel.org/stable/c/e0cfd5159f314d6b304d030363650b06a2299cbb
	https://git.kernel.org/stable/c/f3dec7e7ace38224f82cf83f0049159d067c2e19
	https://git.kernel.org/stable/c/e41473543f75f7dbc5d605007e6f883f1bd13b9a
	https://git.kernel.org/stable/c/da353fac65fede6b8b4cfe207f0d9408e3121105

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.752Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e0cfd5159f314d6b304d030363650b06a2299cbb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f3dec7e7ace38224f82cf83f0049159d067c2e19"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e41473543f75f7dbc5d605007e6f883f1bd13b9a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/da353fac65fede6b8b4cfe207f0d9408e3121105"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47496",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:35:52.280096Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:23.659Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/net/tls.h",
            "net/tls/tls_sw.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e0cfd5159f31",
              "status": "affected",
              "version": "c46234ebb4d1",
              "versionType": "git"
            },
            {
              "lessThan": "f3dec7e7ace3",
              "status": "affected",
              "version": "c46234ebb4d1",
              "versionType": "git"
            },
            {
              "lessThan": "e41473543f75",
              "status": "affected",
              "version": "c46234ebb4d1",
              "versionType": "git"
            },
            {
              "lessThan": "da353fac65fe",
              "status": "affected",
              "version": "c46234ebb4d1",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "include/net/tls.h",
            "net/tls/tls_sw.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.17"
            },
            {
              "lessThan": "4.17",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.157",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.77",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tls: Fix flipped sign in tls_err_abort() calls\n\nsk-\u003esk_err appears to expect a positive value, a convention that ktls\ndoesn\u0027t always follow and that leads to memory corruption in other code.\nFor instance,\n\n    [kworker]\n    tls_encrypt_done(..., err=\u003cnegative error from crypto request\u003e)\n      tls_err_abort(.., err)\n        sk-\u003esk_err = err;\n\n    [task]\n    splice_from_pipe_feed\n      ...\n        tls_sw_do_sendpage\n          if (sk-\u003esk_err) {\n            ret = -sk-\u003esk_err;  // ret is positive\n\n    splice_from_pipe_feed (continued)\n      ret = actor(...)  // ret is still positive and interpreted as bytes\n                        // written, resulting in underflow of buf-\u003elen and\n                        // sd-\u003elen, leading to huge buf-\u003eoffset and bogus\n                        // addresses computed in later calls to actor()\n\nFix all tls_err_abort() callers to pass a negative error code\nconsistently and centralize the error-prone sign flip there, throwing in\na warning to catch future misuse and uninlining the function so it\nreally does only warn once."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:07:03.180Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e0cfd5159f314d6b304d030363650b06a2299cbb"
        },
        {
          "url": "https://git.kernel.org/stable/c/f3dec7e7ace38224f82cf83f0049159d067c2e19"
        },
        {
          "url": "https://git.kernel.org/stable/c/e41473543f75f7dbc5d605007e6f883f1bd13b9a"
        },
        {
          "url": "https://git.kernel.org/stable/c/da353fac65fede6b8b4cfe207f0d9408e3121105"
        }
      ],
      "title": "net/tls: Fix flipped sign in tls_err_abort() calls",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47496",
    "datePublished": "2024-05-22T08:19:43.489Z",
    "dateReserved": "2024-05-22T06:20:56.202Z",
    "dateUpdated": "2024-11-04T12:07:03.180Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47491

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:06

Severity ?

Summary

mm: khugepaged: skip huge page collapse for special files

References

▼	URL	Tags
	https://git.kernel.org/stable/c/6d67b2a73b8e3a079c355bab3c1aef7d85a044b8
	https://git.kernel.org/stable/c/5fcb6fce74ffa614d964667110cf1a516c48c6d9
	https://git.kernel.org/stable/c/a4aeaa06d45e90f9b279f0b09de84bd00006e733

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47491",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:42:55.199651Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:59.526Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.599Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6d67b2a73b8e3a079c355bab3c1aef7d85a044b8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5fcb6fce74ffa614d964667110cf1a516c48c6d9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a4aeaa06d45e90f9b279f0b09de84bd00006e733"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "mm/khugepaged.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6d67b2a73b8e",
              "status": "affected",
              "version": "99cb0dbd47a1",
              "versionType": "git"
            },
            {
              "lessThan": "5fcb6fce74ff",
              "status": "affected",
              "version": "99cb0dbd47a1",
              "versionType": "git"
            },
            {
              "lessThan": "a4aeaa06d45e",
              "status": "affected",
              "version": "99cb0dbd47a1",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "mm/khugepaged.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.4"
            },
            {
              "lessThan": "5.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.78",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: khugepaged: skip huge page collapse for special files\n\nThe read-only THP for filesystems will collapse THP for files opened\nreadonly and mapped with VM_EXEC.  The intended usecase is to avoid TLB\nmisses for large text segments.  But it doesn\u0027t restrict the file types\nso a THP could be collapsed for a non-regular file, for example, block\ndevice, if it is opened readonly and mapped with EXEC permission.  This\nmay cause bugs, like [1] and [2].\n\nThis is definitely not the intended usecase, so just collapse THP for\nregular files in order to close the attack surface.\n\n[shy828301@gmail.com: fix vm_file check [3]]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:56.684Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6d67b2a73b8e3a079c355bab3c1aef7d85a044b8"
        },
        {
          "url": "https://git.kernel.org/stable/c/5fcb6fce74ffa614d964667110cf1a516c48c6d9"
        },
        {
          "url": "https://git.kernel.org/stable/c/a4aeaa06d45e90f9b279f0b09de84bd00006e733"
        }
      ],
      "title": "mm: khugepaged: skip huge page collapse for special files",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47491",
    "datePublished": "2024-05-22T08:19:40.101Z",
    "dateReserved": "2024-05-22T06:20:56.201Z",
    "dateUpdated": "2024-11-04T12:06:56.684Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52845

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING

References

▼	URL	Tags
	https://git.kernel.org/stable/c/6744008c354bca2e4686a5b6056ee6b535d9f67d
	https://git.kernel.org/stable/c/2426425d686b43adbc4f2f4a367b494f06f159d6
	https://git.kernel.org/stable/c/2199260c42e6fbc5af8adae3bf78e623407c91b0
	https://git.kernel.org/stable/c/b33d130f07f1decd756b849ab03c23d11d4dd294
	https://git.kernel.org/stable/c/3907b89cd17fcc23e9a80789c36856f00ece0ba8
	https://git.kernel.org/stable/c/4c731e98fe4d678e87ba3e4d45d3cf0a5a193dc4
	https://git.kernel.org/stable/c/abc1582119e8c4af14cedb0db6541fd603f45a04
	https://git.kernel.org/stable/c/560992f41c0cea44b7603bc9e6c73bffbf6b5709
	https://git.kernel.org/stable/c/19b3f72a41a8751e26bffc093bb7e1cef29ad579

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.894Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6744008c354bca2e4686a5b6056ee6b535d9f67d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2426425d686b43adbc4f2f4a367b494f06f159d6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2199260c42e6fbc5af8adae3bf78e623407c91b0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b33d130f07f1decd756b849ab03c23d11d4dd294"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3907b89cd17fcc23e9a80789c36856f00ece0ba8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4c731e98fe4d678e87ba3e4d45d3cf0a5a193dc4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/abc1582119e8c4af14cedb0db6541fd603f45a04"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/560992f41c0cea44b7603bc9e6c73bffbf6b5709"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/19b3f72a41a8751e26bffc093bb7e1cef29ad579"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52845",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:31.255258Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:54.283Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/tipc/netlink.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6744008c354b",
              "status": "affected",
              "version": "7be57fc69184",
              "versionType": "git"
            },
            {
              "lessThan": "2426425d686b",
              "status": "affected",
              "version": "7be57fc69184",
              "versionType": "git"
            },
            {
              "lessThan": "2199260c42e6",
              "status": "affected",
              "version": "7be57fc69184",
              "versionType": "git"
            },
            {
              "lessThan": "b33d130f07f1",
              "status": "affected",
              "version": "7be57fc69184",
              "versionType": "git"
            },
            {
              "lessThan": "3907b89cd17f",
              "status": "affected",
              "version": "7be57fc69184",
              "versionType": "git"
            },
            {
              "lessThan": "4c731e98fe4d",
              "status": "affected",
              "version": "7be57fc69184",
              "versionType": "git"
            },
            {
              "lessThan": "abc1582119e8",
              "status": "affected",
              "version": "7be57fc69184",
              "versionType": "git"
            },
            {
              "lessThan": "560992f41c0c",
              "status": "affected",
              "version": "7be57fc69184",
              "versionType": "git"
            },
            {
              "lessThan": "19b3f72a41a8",
              "status": "affected",
              "version": "7be57fc69184",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/tipc/netlink.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.19"
            },
            {
              "lessThan": "3.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.330",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.299",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.261",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Change nla_policy for bearer-related names to NLA_NUL_STRING\n\nsyzbot reported the following uninit-value access issue [1]:\n\n=====================================================\nBUG: KMSAN: uninit-value in strlen lib/string.c:418 [inline]\nBUG: KMSAN: uninit-value in strstr+0xb8/0x2f0 lib/string.c:756\n strlen lib/string.c:418 [inline]\n strstr+0xb8/0x2f0 lib/string.c:756\n tipc_nl_node_reset_link_stats+0x3ea/0xb50 net/tipc/node.c:2595\n genl_family_rcv_msg_doit net/netlink/genetlink.c:971 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1051 [inline]\n genl_rcv_msg+0x11ec/0x1290 net/netlink/genetlink.c:1066\n netlink_rcv_skb+0x371/0x650 net/netlink/af_netlink.c:2545\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1075\n netlink_unicast_kernel net/netlink/af_netlink.c:1342 [inline]\n netlink_unicast+0xf47/0x1250 net/netlink/af_netlink.c:1368\n netlink_sendmsg+0x1238/0x13d0 net/netlink/af_netlink.c:1910\n sock_sendmsg_nosec net/socket.c:730 [inline]\n sock_sendmsg net/socket.c:753 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2541\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2595\n __sys_sendmsg net/socket.c:2624 [inline]\n __do_sys_sendmsg net/socket.c:2633 [inline]\n __se_sys_sendmsg net/socket.c:2631 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2631\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nUninit was created at:\n slab_post_alloc_hook+0x12f/0xb70 mm/slab.h:767\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x577/0xa80 mm/slub.c:3523\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:559\n __alloc_skb+0x318/0x740 net/core/skbuff.c:650\n alloc_skb include/linux/skbuff.h:1286 [inline]\n netlink_alloc_large_skb net/netlink/af_netlink.c:1214 [inline]\n netlink_sendmsg+0xb34/0x13d0 net/netlink/af_netlink.c:1885\n sock_sendmsg_nosec net/socket.c:730 [inline]\n sock_sendmsg net/socket.c:753 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2541\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2595\n __sys_sendmsg net/socket.c:2624 [inline]\n __do_sys_sendmsg net/socket.c:2633 [inline]\n __se_sys_sendmsg net/socket.c:2631 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2631\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nTIPC bearer-related names including link names must be null-terminated\nstrings. If a link name which is not null-terminated is passed through\nnetlink, strstr() and similar functions can cause buffer overrun. This\ncauses the above issue.\n\nThis patch changes the nla_policy for bearer-related names from NLA_STRING\nto NLA_NUL_STRING. This resolves the issue by ensuring that only\nnull-terminated strings are accepted as bearer-related names.\n\nsyzbot reported similar uninit-value issue related to bearer names [2]. The\nroot cause of this issue is that a non-null-terminated bearer name was\npassed. This patch also resolved this issue."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:44.618Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6744008c354bca2e4686a5b6056ee6b535d9f67d"
        },
        {
          "url": "https://git.kernel.org/stable/c/2426425d686b43adbc4f2f4a367b494f06f159d6"
        },
        {
          "url": "https://git.kernel.org/stable/c/2199260c42e6fbc5af8adae3bf78e623407c91b0"
        },
        {
          "url": "https://git.kernel.org/stable/c/b33d130f07f1decd756b849ab03c23d11d4dd294"
        },
        {
          "url": "https://git.kernel.org/stable/c/3907b89cd17fcc23e9a80789c36856f00ece0ba8"
        },
        {
          "url": "https://git.kernel.org/stable/c/4c731e98fe4d678e87ba3e4d45d3cf0a5a193dc4"
        },
        {
          "url": "https://git.kernel.org/stable/c/abc1582119e8c4af14cedb0db6541fd603f45a04"
        },
        {
          "url": "https://git.kernel.org/stable/c/560992f41c0cea44b7603bc9e6c73bffbf6b5709"
        },
        {
          "url": "https://git.kernel.org/stable/c/19b3f72a41a8751e26bffc093bb7e1cef29ad579"
        }
      ],
      "title": "tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52845",
    "datePublished": "2024-05-21T15:31:43.181Z",
    "dateReserved": "2024-05-21T15:19:24.254Z",
    "dateUpdated": "2024-11-04T14:53:44.618Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52825

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-05 16:40

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

drm/amdkfd: Fix a race condition of vram buffer unref in svm code

References

▼	URL	Tags
	https://git.kernel.org/stable/c/7d43cdd22cd81a2b079e864c4321b9aba4c6af34
	https://git.kernel.org/stable/c/50f35a907c4f9ed431fd3dbb8b871ef1cbb0718e
	https://git.kernel.org/stable/c/c772eacbd6d0845fc922af8716bb9d29ae27b8cf
	https://git.kernel.org/stable/c/fc0210720127cc6302e6d6f3de48f49c3fcf5659
	https://git.kernel.org/stable/c/709c348261618da7ed89d6c303e2ceb9e453ba74

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52825",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T17:19:26.593963Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-362",
                "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-05T16:40:39.599Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.075Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7d43cdd22cd81a2b079e864c4321b9aba4c6af34"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/50f35a907c4f9ed431fd3dbb8b871ef1cbb0718e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c772eacbd6d0845fc922af8716bb9d29ae27b8cf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fc0210720127cc6302e6d6f3de48f49c3fcf5659"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/709c348261618da7ed89d6c303e2ceb9e453ba74"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdkfd/kfd_svm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7d43cdd22cd8",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "50f35a907c4f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c772eacbd6d0",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "fc0210720127",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "709c34826161",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdkfd/kfd_svm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix a race condition of vram buffer unref in svm code\n\nprange-\u003esvm_bo unref can happen in both mmu callback and a callback after\nmigrate to system ram. Both are async call in different tasks. Sync svm_bo\nunref operation to avoid random \"use-after-free\"."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:22.297Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7d43cdd22cd81a2b079e864c4321b9aba4c6af34"
        },
        {
          "url": "https://git.kernel.org/stable/c/50f35a907c4f9ed431fd3dbb8b871ef1cbb0718e"
        },
        {
          "url": "https://git.kernel.org/stable/c/c772eacbd6d0845fc922af8716bb9d29ae27b8cf"
        },
        {
          "url": "https://git.kernel.org/stable/c/fc0210720127cc6302e6d6f3de48f49c3fcf5659"
        },
        {
          "url": "https://git.kernel.org/stable/c/709c348261618da7ed89d6c303e2ceb9e453ba74"
        }
      ],
      "title": "drm/amdkfd: Fix a race condition of vram buffer unref in svm code",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52825",
    "datePublished": "2024-05-21T15:31:29.517Z",
    "dateReserved": "2024-05-21T15:19:24.250Z",
    "dateUpdated": "2024-11-05T16:40:39.599Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52872

Vulnerability from cvelistv5

Published

2024-05-21 15:32

Modified

2024-11-06 15:02

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

tty: n_gsm: fix race condition in status line change on dead connections

References

▼	URL	Tags
	https://git.kernel.org/stable/c/81a4dd5e6c78f5d8952fa8c9d36565db1fe01444
	https://git.kernel.org/stable/c/df6cfab66ff2a44bd23ad5dd5309cb3421bb6593
	https://git.kernel.org/stable/c/19d34b73234af542cc8a218cf398dee73cdb1890
	https://git.kernel.org/stable/c/ce4df90333c4fe65acb8b5089fdfe9b955ce976a
	https://git.kernel.org/stable/c/3a75b205de43365f80a33b98ec9289785da56243

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52872",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T18:43:05.660039Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-362",
                "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T15:02:28.263Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.237Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/81a4dd5e6c78f5d8952fa8c9d36565db1fe01444"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/df6cfab66ff2a44bd23ad5dd5309cb3421bb6593"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/19d34b73234af542cc8a218cf398dee73cdb1890"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ce4df90333c4fe65acb8b5089fdfe9b955ce976a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3a75b205de43365f80a33b98ec9289785da56243"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/tty/n_gsm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "81a4dd5e6c78",
              "status": "affected",
              "version": "dd37f6573878",
              "versionType": "git"
            },
            {
              "lessThan": "df6cfab66ff2",
              "status": "affected",
              "version": "c568f7086c6e",
              "versionType": "git"
            },
            {
              "lessThan": "19d34b73234a",
              "status": "affected",
              "version": "c568f7086c6e",
              "versionType": "git"
            },
            {
              "lessThan": "ce4df90333c4",
              "status": "affected",
              "version": "c568f7086c6e",
              "versionType": "git"
            },
            {
              "lessThan": "3a75b205de43",
              "status": "affected",
              "version": "c568f7086c6e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/tty/n_gsm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.0"
            },
            {
              "lessThan": "6.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.138",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.62",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: fix race condition in status line change on dead connections\n\ngsm_cleanup_mux() cleans up the gsm by closing all DLCIs, stopping all\ntimers, removing the virtual tty devices and clearing the data queues.\nThis procedure, however, may cause subsequent changes of the virtual modem\nstatus lines of a DLCI. More data is being added the outgoing data queue\nand the deleted kick timer is restarted to handle this. At this point many\nresources have already been removed by the cleanup procedure. Thus, a\nkernel panic occurs.\n\nFix this by proving in gsm_modem_update() that the cleanup procedure has\nnot been started and the mux is still alive.\n\nNote that writing to a virtual tty is already protected by checks against\nthe DLCI specific connection state."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:18.407Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/81a4dd5e6c78f5d8952fa8c9d36565db1fe01444"
        },
        {
          "url": "https://git.kernel.org/stable/c/df6cfab66ff2a44bd23ad5dd5309cb3421bb6593"
        },
        {
          "url": "https://git.kernel.org/stable/c/19d34b73234af542cc8a218cf398dee73cdb1890"
        },
        {
          "url": "https://git.kernel.org/stable/c/ce4df90333c4fe65acb8b5089fdfe9b955ce976a"
        },
        {
          "url": "https://git.kernel.org/stable/c/3a75b205de43365f80a33b98ec9289785da56243"
        }
      ],
      "title": "tty: n_gsm: fix race condition in status line change on dead connections",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52872",
    "datePublished": "2024-05-21T15:32:06.610Z",
    "dateReserved": "2024-05-21T15:19:24.264Z",
    "dateUpdated": "2024-11-06T15:02:28.263Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52835

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

perf/core: Bail out early if the request AUX area is out of bound

References

▼	URL	Tags
	https://git.kernel.org/stable/c/8c504f615d7ed60ae035c51d0c789137ced6797f
	https://git.kernel.org/stable/c/788c0b3442ead737008934947730a6d1ff703734
	https://git.kernel.org/stable/c/1a2a4202c60fcdffbf04f259002ce9bff39edece
	https://git.kernel.org/stable/c/fd0df3f8719201dbe61a4d39083d5aecd705399a
	https://git.kernel.org/stable/c/9ce4e87a8efd37c85766ec08b15e885cab08553a
	https://git.kernel.org/stable/c/2424410f94a94d91230ced094062d859714c984a
	https://git.kernel.org/stable/c/2e905e608e38cf7f8dcddcf8a6036e91a78444cb
	https://git.kernel.org/stable/c/54aee5f15b83437f23b2b2469bcf21bdd9823916

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.062Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8c504f615d7ed60ae035c51d0c789137ced6797f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/788c0b3442ead737008934947730a6d1ff703734"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1a2a4202c60fcdffbf04f259002ce9bff39edece"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fd0df3f8719201dbe61a4d39083d5aecd705399a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9ce4e87a8efd37c85766ec08b15e885cab08553a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2424410f94a94d91230ced094062d859714c984a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2e905e608e38cf7f8dcddcf8a6036e91a78444cb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/54aee5f15b83437f23b2b2469bcf21bdd9823916"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52835",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:37.546418Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:54.507Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/events/ring_buffer.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "8c504f615d7e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "788c0b3442ea",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "1a2a4202c60f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "fd0df3f87192",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "9ce4e87a8efd",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2424410f94a9",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2e905e608e38",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "54aee5f15b83",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/events/ring_buffer.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Bail out early if the request AUX area is out of bound\n\nWhen perf-record with a large AUX area, e.g 4GB, it fails with:\n\n    #perf record -C 0 -m ,4G -e arm_spe_0// -- sleep 1\n    failed to mmap with 12 (Cannot allocate memory)\n\nand it reveals a WARNING with __alloc_pages():\n\n\t------------[ cut here ]------------\n\tWARNING: CPU: 44 PID: 17573 at mm/page_alloc.c:5568 __alloc_pages+0x1ec/0x248\n\tCall trace:\n\t __alloc_pages+0x1ec/0x248\n\t __kmalloc_large_node+0xc0/0x1f8\n\t __kmalloc_node+0x134/0x1e8\n\t rb_alloc_aux+0xe0/0x298\n\t perf_mmap+0x440/0x660\n\t mmap_region+0x308/0x8a8\n\t do_mmap+0x3c0/0x528\n\t vm_mmap_pgoff+0xf4/0x1b8\n\t ksys_mmap_pgoff+0x18c/0x218\n\t __arm64_sys_mmap+0x38/0x58\n\t invoke_syscall+0x50/0x128\n\t el0_svc_common.constprop.0+0x58/0x188\n\t do_el0_svc+0x34/0x50\n\t el0_svc+0x34/0x108\n\t el0t_64_sync_handler+0xb8/0xc0\n\t el0t_64_sync+0x1a4/0x1a8\n\n\u0027rb-\u003eaux_pages\u0027 allocated by kcalloc() is a pointer array which is used to\nmaintains AUX trace pages. The allocated page for this array is physically\ncontiguous (and virtually contiguous) with an order of 0..MAX_ORDER. If the\nsize of pointer array crosses the limitation set by MAX_ORDER, it reveals a\nWARNING.\n\nSo bail out early with -ENOMEM if the request AUX area is out of bound,\ne.g.:\n\n    #perf record -C 0 -m ,4G -e arm_spe_0// -- sleep 1\n    failed to mmap with 12 (Cannot allocate memory)"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:32.668Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/8c504f615d7ed60ae035c51d0c789137ced6797f"
        },
        {
          "url": "https://git.kernel.org/stable/c/788c0b3442ead737008934947730a6d1ff703734"
        },
        {
          "url": "https://git.kernel.org/stable/c/1a2a4202c60fcdffbf04f259002ce9bff39edece"
        },
        {
          "url": "https://git.kernel.org/stable/c/fd0df3f8719201dbe61a4d39083d5aecd705399a"
        },
        {
          "url": "https://git.kernel.org/stable/c/9ce4e87a8efd37c85766ec08b15e885cab08553a"
        },
        {
          "url": "https://git.kernel.org/stable/c/2424410f94a94d91230ced094062d859714c984a"
        },
        {
          "url": "https://git.kernel.org/stable/c/2e905e608e38cf7f8dcddcf8a6036e91a78444cb"
        },
        {
          "url": "https://git.kernel.org/stable/c/54aee5f15b83437f23b2b2469bcf21bdd9823916"
        }
      ],
      "title": "perf/core: Bail out early if the request AUX area is out of bound",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52835",
    "datePublished": "2024-05-21T15:31:36.239Z",
    "dateReserved": "2024-05-21T15:19:24.252Z",
    "dateUpdated": "2024-11-04T14:53:32.668Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52735

Vulnerability from cvelistv5

Published

2024-05-21 15:22

Modified

2024-11-04 14:51

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Summary

bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself

References

▼	URL	Tags
	https://git.kernel.org/stable/c/f312367f5246e04df564d341044286e9e37a97ba
	https://git.kernel.org/stable/c/7499859881488da97589f3c79cc66fa75748ad49
	https://git.kernel.org/stable/c/5b4a79ba65a1ab479903fff2e604865d229b70a9

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "1da177e4c3f4"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.15.95"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.1.13"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.2"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52735",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T17:57:06.250837Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-120",
                "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:39.551Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.223Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f312367f5246e04df564d341044286e9e37a97ba"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7499859881488da97589f3c79cc66fa75748ad49"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5b4a79ba65a1ab479903fff2e604865d229b70a9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/core/sock_map.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f312367f5246",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "749985988148",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "5b4a79ba65a1",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/core/sock_map.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.95",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Don\u0027t let sock_map_{close,destroy,unhash} call itself\n\nsock_map proto callbacks should never call themselves by design. Protect\nagainst bugs like [1] and break out of the recursive loop to avoid a stack\noverflow in favor of a resource leak.\n\n[1] https://lore.kernel.org/all/00000000000073b14905ef2e7401@google.com/"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:41.369Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f312367f5246e04df564d341044286e9e37a97ba"
        },
        {
          "url": "https://git.kernel.org/stable/c/7499859881488da97589f3c79cc66fa75748ad49"
        },
        {
          "url": "https://git.kernel.org/stable/c/5b4a79ba65a1ab479903fff2e604865d229b70a9"
        }
      ],
      "title": "bpf, sockmap: Don\u0027t let sock_map_{close,destroy,unhash} call itself",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52735",
    "datePublished": "2024-05-21T15:22:59.893Z",
    "dateReserved": "2024-05-21T15:19:24.232Z",
    "dateUpdated": "2024-11-04T14:51:41.369Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52738

Vulnerability from cvelistv5

Published

2024-05-21 15:23

Modified

2024-11-06 20:21

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini

References

▼	URL	Tags
	https://git.kernel.org/stable/c/2e557c8ca2c585bdef591b8503ba83b85f5d0afd
	https://git.kernel.org/stable/c/2bcbbef9cace772f5b7128b11401c515982de34b
	https://git.kernel.org/stable/c/5ad7bbf3dba5c4a684338df1f285080f2588b535

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52738",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T18:15:49.184533Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T20:21:18.445Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.070Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2e557c8ca2c585bdef591b8503ba83b85f5d0afd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2bcbbef9cace772f5b7128b11401c515982de34b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5ad7bbf3dba5c4a684338df1f285080f2588b535"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu_fence.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2e557c8ca2c5",
              "status": "affected",
              "version": "067f44c8b459",
              "versionType": "git"
            },
            {
              "lessThan": "2bcbbef9cace",
              "status": "affected",
              "version": "067f44c8b459",
              "versionType": "git"
            },
            {
              "lessThan": "5ad7bbf3dba5",
              "status": "affected",
              "version": "067f44c8b459",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu_fence.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.15"
            },
            {
              "lessThan": "5.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.94",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini\n\nCurrently amdgpu calls drm_sched_fini() from the fence driver sw fini\nroutine - such function is expected to be called only after the\nrespective init function - drm_sched_init() - was executed successfully.\n\nHappens that we faced a driver probe failure in the Steam Deck\nrecently, and the function drm_sched_fini() was called even without\nits counter-part had been previously called, causing the following oops:\n\namdgpu: probe of 0000:04:00.0 failed with error -110\nBUG: kernel NULL pointer dereference, address: 0000000000000090\nPGD 0 P4D 0\nOops: 0002 [#1] PREEMPT SMP NOPTI\nCPU: 0 PID: 609 Comm: systemd-udevd Not tainted 6.2.0-rc3-gpiccoli #338\nHardware name: Valve Jupiter/Jupiter, BIOS F7A0113 11/04/2022\nRIP: 0010:drm_sched_fini+0x84/0xa0 [gpu_sched]\n[...]\nCall Trace:\n \u003cTASK\u003e\n amdgpu_fence_driver_sw_fini+0xc8/0xd0 [amdgpu]\n amdgpu_device_fini_sw+0x2b/0x3b0 [amdgpu]\n amdgpu_driver_release_kms+0x16/0x30 [amdgpu]\n devm_drm_dev_init_release+0x49/0x70\n [...]\n\nTo prevent that, check if the drm_sched was properly initialized for a\ngiven ring before calling its fini counter-part.\n\nNotice ideally we\u0027d use sched.ready for that; such field is set as the latest\nthing on drm_sched_init(). But amdgpu seems to \"override\" the meaning of such\nfield - in the above oops for example, it was a GFX ring causing the crash, and\nthe sched.ready field was set to true in the ring init routine, regardless of\nthe state of the DRM scheduler. Hence, we ended-up using sched.ops as per\nChristian\u0027s suggestion [0], and also removed the no_scheduler check [1].\n\n[0] https://lore.kernel.org/amd-gfx/984ee981-2906-0eaf-ccec-9f80975cb136@amd.com/\n[1] https://lore.kernel.org/amd-gfx/cd0e2994-f85f-d837-609f-7056d5fb7231@amd.com/"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:45.135Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2e557c8ca2c585bdef591b8503ba83b85f5d0afd"
        },
        {
          "url": "https://git.kernel.org/stable/c/2bcbbef9cace772f5b7128b11401c515982de34b"
        },
        {
          "url": "https://git.kernel.org/stable/c/5ad7bbf3dba5c4a684338df1f285080f2588b535"
        }
      ],
      "title": "drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52738",
    "datePublished": "2024-05-21T15:23:01.903Z",
    "dateReserved": "2024-05-21T15:19:24.233Z",
    "dateUpdated": "2024-11-06T20:21:18.445Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52877

Vulnerability from cvelistv5

Published

2024-05-21 15:32

Modified

2024-11-04 14:54

Severity ?

Summary

usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/e5f53a68a596e04df3fde3099273435a30b6fdac
	https://git.kernel.org/stable/c/e7a802447c491903aa7cb45967aa2a934a4e63fc
	https://git.kernel.org/stable/c/9ee038590d808a95d16adf92818dcd4752273c08
	https://git.kernel.org/stable/c/b37a168c0137156042a0ca9626651b5a789e822b
	https://git.kernel.org/stable/c/4987daf86c152ff882d51572d154ad12e4ff3a4b

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52877",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-10T19:16:07.522837Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-10T19:16:15.611Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.091Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e5f53a68a596e04df3fde3099273435a30b6fdac"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e7a802447c491903aa7cb45967aa2a934a4e63fc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9ee038590d808a95d16adf92818dcd4752273c08"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b37a168c0137156042a0ca9626651b5a789e822b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4987daf86c152ff882d51572d154ad12e4ff3a4b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/typec/tcpm/tcpm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e5f53a68a596",
              "status": "affected",
              "version": "5e1d4c49fbc8",
              "versionType": "git"
            },
            {
              "lessThan": "e7a802447c49",
              "status": "affected",
              "version": "5e1d4c49fbc8",
              "versionType": "git"
            },
            {
              "lessThan": "9ee038590d80",
              "status": "affected",
              "version": "5e1d4c49fbc8",
              "versionType": "git"
            },
            {
              "lessThan": "b37a168c0137",
              "status": "affected",
              "version": "5e1d4c49fbc8",
              "versionType": "git"
            },
            {
              "lessThan": "4987daf86c15",
              "status": "affected",
              "version": "5e1d4c49fbc8",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/typec/tcpm/tcpm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.12"
            },
            {
              "lessThan": "5.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.138",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.62",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm()\n\nIt is possible that typec_register_partner() returns ERR_PTR on failure.\nWhen port-\u003epartner is an error, a NULL pointer dereference may occur as\nshown below.\n\n[91222.095236][  T319] typec port0: failed to register partner (-17)\n...\n[91225.061491][  T319] Unable to handle kernel NULL pointer dereference\nat virtual address 000000000000039f\n[91225.274642][  T319] pc : tcpm_pd_data_request+0x310/0x13fc\n[91225.274646][  T319] lr : tcpm_pd_data_request+0x298/0x13fc\n[91225.308067][  T319] Call trace:\n[91225.308070][  T319]  tcpm_pd_data_request+0x310/0x13fc\n[91225.308073][  T319]  tcpm_pd_rx_handler+0x100/0x9e8\n[91225.355900][  T319]  kthread_worker_fn+0x178/0x58c\n[91225.355902][  T319]  kthread+0x150/0x200\n[91225.355905][  T319]  ret_from_fork+0x10/0x30\n\nAdd a check for port-\u003epartner to avoid dereferencing a NULL pointer."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:24.817Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e5f53a68a596e04df3fde3099273435a30b6fdac"
        },
        {
          "url": "https://git.kernel.org/stable/c/e7a802447c491903aa7cb45967aa2a934a4e63fc"
        },
        {
          "url": "https://git.kernel.org/stable/c/9ee038590d808a95d16adf92818dcd4752273c08"
        },
        {
          "url": "https://git.kernel.org/stable/c/b37a168c0137156042a0ca9626651b5a789e822b"
        },
        {
          "url": "https://git.kernel.org/stable/c/4987daf86c152ff882d51572d154ad12e4ff3a4b"
        }
      ],
      "title": "usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52877",
    "datePublished": "2024-05-21T15:32:09.946Z",
    "dateReserved": "2024-05-21T15:19:24.264Z",
    "dateUpdated": "2024-11-04T14:54:24.817Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52798

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-13 17:59

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

wifi: ath11k: fix dfs radar event locking

References

▼	URL	Tags
	https://git.kernel.org/stable/c/f882f51905517575c9f793a3dff567af90ef9a10
	https://git.kernel.org/stable/c/426e718ce9ba60013364a54233feee309356cb82
	https://git.kernel.org/stable/c/ca420ac4f9451f22347bae44b18ab47ba2c267ec
	https://git.kernel.org/stable/c/1fd878e1750190a612b5de2af357cca422ec0822
	https://git.kernel.org/stable/c/21ebb0aba580d347e12f01ce5f6e75044427b3d5
	https://git.kernel.org/stable/c/3b6c14833165f689cc5928574ebafe52bbce5f1e

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52798",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T17:58:25.954317Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:59:26.946Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.920Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f882f51905517575c9f793a3dff567af90ef9a10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/426e718ce9ba60013364a54233feee309356cb82"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ca420ac4f9451f22347bae44b18ab47ba2c267ec"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1fd878e1750190a612b5de2af357cca422ec0822"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/21ebb0aba580d347e12f01ce5f6e75044427b3d5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3b6c14833165f689cc5928574ebafe52bbce5f1e"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath11k/wmi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f882f5190551",
              "status": "affected",
              "version": "d5c65159f289",
              "versionType": "git"
            },
            {
              "lessThan": "426e718ce9ba",
              "status": "affected",
              "version": "d5c65159f289",
              "versionType": "git"
            },
            {
              "lessThan": "ca420ac4f945",
              "status": "affected",
              "version": "d5c65159f289",
              "versionType": "git"
            },
            {
              "lessThan": "1fd878e17501",
              "status": "affected",
              "version": "d5c65159f289",
              "versionType": "git"
            },
            {
              "lessThan": "21ebb0aba580",
              "status": "affected",
              "version": "d5c65159f289",
              "versionType": "git"
            },
            {
              "lessThan": "3b6c14833165",
              "status": "affected",
              "version": "d5c65159f289",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath11k/wmi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.6"
            },
            {
              "lessThan": "5.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix dfs radar event locking\n\nThe ath11k active pdevs are protected by RCU but the DFS radar event\nhandling code calling ath11k_mac_get_ar_by_pdev_id() was not marked as a\nread-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:56.062Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f882f51905517575c9f793a3dff567af90ef9a10"
        },
        {
          "url": "https://git.kernel.org/stable/c/426e718ce9ba60013364a54233feee309356cb82"
        },
        {
          "url": "https://git.kernel.org/stable/c/ca420ac4f9451f22347bae44b18ab47ba2c267ec"
        },
        {
          "url": "https://git.kernel.org/stable/c/1fd878e1750190a612b5de2af357cca422ec0822"
        },
        {
          "url": "https://git.kernel.org/stable/c/21ebb0aba580d347e12f01ce5f6e75044427b3d5"
        },
        {
          "url": "https://git.kernel.org/stable/c/3b6c14833165f689cc5928574ebafe52bbce5f1e"
        }
      ],
      "title": "wifi: ath11k: fix dfs radar event locking",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52798",
    "datePublished": "2024-05-21T15:31:11.628Z",
    "dateReserved": "2024-05-21T15:19:24.246Z",
    "dateUpdated": "2024-11-13T17:59:26.946Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52743

Vulnerability from cvelistv5

Published

2024-05-21 15:23

Modified

2024-11-04 14:51

Severity ?

Summary

ice: Do not use WQ_MEM_RECLAIM flag for workqueue

References

▼	URL	Tags
	https://git.kernel.org/stable/c/87a5e3fc8416106e290c448fc8a6dd50ab24c634
	https://git.kernel.org/stable/c/1ad4112c9fcf0bc08222b2b1614fba52ffd12255
	https://git.kernel.org/stable/c/ca834a017851c50464c25a85f3cb2daefff7bede
	https://git.kernel.org/stable/c/df59e05401450973c8c7e96fd74b49e24442dc1f
	https://git.kernel.org/stable/c/4d159f7884f78b1aacb99b4fc37d1e3cb1194e39

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52743",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T15:21:19.164066Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T15:21:30.697Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.549Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/87a5e3fc8416106e290c448fc8a6dd50ab24c634"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1ad4112c9fcf0bc08222b2b1614fba52ffd12255"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ca834a017851c50464c25a85f3cb2daefff7bede"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/df59e05401450973c8c7e96fd74b49e24442dc1f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4d159f7884f78b1aacb99b4fc37d1e3cb1194e39"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/ice/ice_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "87a5e3fc8416",
              "status": "affected",
              "version": "940b61af02f4",
              "versionType": "git"
            },
            {
              "lessThan": "1ad4112c9fcf",
              "status": "affected",
              "version": "940b61af02f4",
              "versionType": "git"
            },
            {
              "lessThan": "ca834a017851",
              "status": "affected",
              "version": "940b61af02f4",
              "versionType": "git"
            },
            {
              "lessThan": "df59e0540145",
              "status": "affected",
              "version": "940b61af02f4",
              "versionType": "git"
            },
            {
              "lessThan": "4d159f7884f7",
              "status": "affected",
              "version": "940b61af02f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/ice/ice_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.17"
            },
            {
              "lessThan": "4.17",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.232",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.168",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.94",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Do not use WQ_MEM_RECLAIM flag for workqueue\n\nWhen both ice and the irdma driver are loaded, a warning in\ncheck_flush_dependency is being triggered. This is due to ice driver\nworkqueue being allocated with the WQ_MEM_RECLAIM flag and the irdma one\nis not.\n\nAccording to kernel documentation, this flag should be set if the\nworkqueue will be involved in the kernel\u0027s memory reclamation flow.\nSince it is not, there is no need for the ice driver\u0027s WQ to have this\nflag set so remove it.\n\nExample trace:\n\n[  +0.000004] workqueue: WQ_MEM_RECLAIM ice:ice_service_task [ice] is flushing !WQ_MEM_RECLAIM infiniband:0x0\n[  +0.000139] WARNING: CPU: 0 PID: 728 at kernel/workqueue.c:2632 check_flush_dependency+0x178/0x1a0\n[  +0.000011] Modules linked in: bonding tls xt_CHECKSUM xt_MASQUERADE xt_conntrack ipt_REJECT nf_reject_ipv4 nft_compat nft_cha\nin_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables nfnetlink bridge stp llc rfkill vfat fat intel_rapl_msr intel\n_rapl_common isst_if_common skx_edac nfit libnvdimm x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct1\n0dif_pclmul crc32_pclmul ghash_clmulni_intel rapl intel_cstate rpcrdma sunrpc rdma_ucm ib_srpt ib_isert iscsi_target_mod target_\ncore_mod ib_iser libiscsi scsi_transport_iscsi rdma_cm ib_cm iw_cm iTCO_wdt iTCO_vendor_support ipmi_ssif irdma mei_me ib_uverbs\nib_core intel_uncore joydev pcspkr i2c_i801 acpi_ipmi mei lpc_ich i2c_smbus intel_pch_thermal ioatdma ipmi_si acpi_power_meter\nacpi_pad xfs libcrc32c sd_mod t10_pi crc64_rocksoft crc64 sg ahci ixgbe libahci ice i40e igb crc32c_intel mdio i2c_algo_bit liba\nta dca wmi dm_mirror dm_region_hash dm_log dm_mod ipmi_devintf ipmi_msghandler fuse\n[  +0.000161]  [last unloaded: bonding]\n[  +0.000006] CPU: 0 PID: 728 Comm: kworker/0:2 Tainted: G S                 6.2.0-rc2_next-queue-13jan-00458-gc20aabd57164 #1\n[  +0.000006] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0010.010620200716 01/06/2020\n[  +0.000003] Workqueue: ice ice_service_task [ice]\n[  +0.000127] RIP: 0010:check_flush_dependency+0x178/0x1a0\n[  +0.000005] Code: 89 8e 02 01 e8 49 3d 40 00 49 8b 55 18 48 8d 8d d0 00 00 00 48 8d b3 d0 00 00 00 4d 89 e0 48 c7 c7 e0 3b 08\n9f e8 bb d3 07 01 \u003c0f\u003e 0b e9 be fe ff ff 80 3d 24 89 8e 02 00 0f 85 6b ff ff ff e9 06\n[  +0.000004] RSP: 0018:ffff88810a39f990 EFLAGS: 00010282\n[  +0.000005] RAX: 0000000000000000 RBX: ffff888141bc2400 RCX: 0000000000000000\n[  +0.000004] RDX: 0000000000000001 RSI: dffffc0000000000 RDI: ffffffffa1213a80\n[  +0.000003] RBP: ffff888194bf3400 R08: ffffed117b306112 R09: ffffed117b306112\n[  +0.000003] R10: ffff888bd983088b R11: ffffed117b306111 R12: 0000000000000000\n[  +0.000003] R13: ffff888111f84d00 R14: ffff88810a3943ac R15: ffff888194bf3400\n[  +0.000004] FS:  0000000000000000(0000) GS:ffff888bd9800000(0000) knlGS:0000000000000000\n[  +0.000003] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  +0.000003] CR2: 000056035b208b60 CR3: 000000017795e005 CR4: 00000000007706f0\n[  +0.000003] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[  +0.000003] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[  +0.000002] PKRU: 55555554\n[  +0.000003] Call Trace:\n[  +0.000002]  \u003cTASK\u003e\n[  +0.000003]  __flush_workqueue+0x203/0x840\n[  +0.000006]  ? mutex_unlock+0x84/0xd0\n[  +0.000008]  ? __pfx_mutex_unlock+0x10/0x10\n[  +0.000004]  ? __pfx___flush_workqueue+0x10/0x10\n[  +0.000006]  ? mutex_lock+0xa3/0xf0\n[  +0.000005]  ib_cache_cleanup_one+0x39/0x190 [ib_core]\n[  +0.000174]  __ib_unregister_device+0x84/0xf0 [ib_core]\n[  +0.000094]  ib_unregister_device+0x25/0x30 [ib_core]\n[  +0.000093]  irdma_ib_unregister_device+0x97/0xc0 [irdma]\n[  +0.000064]  ? __pfx_irdma_ib_unregister_device+0x10/0x10 [irdma]\n[  +0.000059]  ? up_write+0x5c/0x90\n[  +0.000005]  irdma_remove+0x36/0x90 [irdma]\n[  +0.000062]  auxiliary_bus_remove+0x32/0x50\n[  +0.000007]  device_r\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:51.113Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/87a5e3fc8416106e290c448fc8a6dd50ab24c634"
        },
        {
          "url": "https://git.kernel.org/stable/c/1ad4112c9fcf0bc08222b2b1614fba52ffd12255"
        },
        {
          "url": "https://git.kernel.org/stable/c/ca834a017851c50464c25a85f3cb2daefff7bede"
        },
        {
          "url": "https://git.kernel.org/stable/c/df59e05401450973c8c7e96fd74b49e24442dc1f"
        },
        {
          "url": "https://git.kernel.org/stable/c/4d159f7884f78b1aacb99b4fc37d1e3cb1194e39"
        }
      ],
      "title": "ice: Do not use WQ_MEM_RECLAIM flag for workqueue",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52743",
    "datePublished": "2024-05-21T15:23:05.179Z",
    "dateReserved": "2024-05-21T15:19:24.233Z",
    "dateUpdated": "2024-11-04T14:51:51.113Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52806

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

ALSA: hda: Fix possible null-ptr-deref when assigning a stream

References

▼	URL	Tags
	https://git.kernel.org/stable/c/7de25112de8222fd20564769e6c99dc9f9738a0b
	https://git.kernel.org/stable/c/758c7733cb821041f5fd403b7b97c0b95d319323
	https://git.kernel.org/stable/c/2527775616f3638f4fd54649eba8c7b84d5e4250
	https://git.kernel.org/stable/c/25354bae4fc310c3928e8a42fda2d486f67745d7
	https://git.kernel.org/stable/c/631a96e9eb4228ff75fce7e72d133ca81194797e
	https://git.kernel.org/stable/c/43b91df291c8802268ab3cfd8fccfdf135800ed4
	https://git.kernel.org/stable/c/fe7c1a0c2b25c82807cb46fc3aadbf2664a682b0
	https://git.kernel.org/stable/c/4a320da7f7cbdab2098b103c47f45d5061f42edd
	https://git.kernel.org/stable/c/f93dc90c2e8ed664985e366aa6459ac83cdab236

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.085Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7de25112de8222fd20564769e6c99dc9f9738a0b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/758c7733cb821041f5fd403b7b97c0b95d319323"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2527775616f3638f4fd54649eba8c7b84d5e4250"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/25354bae4fc310c3928e8a42fda2d486f67745d7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/631a96e9eb4228ff75fce7e72d133ca81194797e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/43b91df291c8802268ab3cfd8fccfdf135800ed4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fe7c1a0c2b25c82807cb46fc3aadbf2664a682b0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4a320da7f7cbdab2098b103c47f45d5061f42edd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f93dc90c2e8ed664985e366aa6459ac83cdab236"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52806",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:47.089606Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:54.863Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "sound/hda/hdac_stream.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7de25112de82",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "758c7733cb82",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2527775616f3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "25354bae4fc3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "631a96e9eb42",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "43b91df291c8",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "fe7c1a0c2b25",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "4a320da7f7cb",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "f93dc90c2e8e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "sound/hda/hdac_stream.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.331",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: Fix possible null-ptr-deref when assigning a stream\n\nWhile AudioDSP drivers assign streams exclusively of HOST or LINK type,\nnothing blocks a user to attempt to assign a COUPLED stream. As\nsupplied substream instance may be a stub, what is the case when\ncode-loading, such scenario ends with null-ptr-deref."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:04.598Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7de25112de8222fd20564769e6c99dc9f9738a0b"
        },
        {
          "url": "https://git.kernel.org/stable/c/758c7733cb821041f5fd403b7b97c0b95d319323"
        },
        {
          "url": "https://git.kernel.org/stable/c/2527775616f3638f4fd54649eba8c7b84d5e4250"
        },
        {
          "url": "https://git.kernel.org/stable/c/25354bae4fc310c3928e8a42fda2d486f67745d7"
        },
        {
          "url": "https://git.kernel.org/stable/c/631a96e9eb4228ff75fce7e72d133ca81194797e"
        },
        {
          "url": "https://git.kernel.org/stable/c/43b91df291c8802268ab3cfd8fccfdf135800ed4"
        },
        {
          "url": "https://git.kernel.org/stable/c/fe7c1a0c2b25c82807cb46fc3aadbf2664a682b0"
        },
        {
          "url": "https://git.kernel.org/stable/c/4a320da7f7cbdab2098b103c47f45d5061f42edd"
        },
        {
          "url": "https://git.kernel.org/stable/c/f93dc90c2e8ed664985e366aa6459ac83cdab236"
        }
      ],
      "title": "ALSA: hda: Fix possible null-ptr-deref when assigning a stream",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52806",
    "datePublished": "2024-05-21T15:31:17.025Z",
    "dateReserved": "2024-05-21T15:19:24.247Z",
    "dateUpdated": "2024-11-04T14:53:04.598Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52809

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/930f0aaba4820d6362de4e6ed569eaf444f1ea4e
	https://git.kernel.org/stable/c/77072ec41d6ab3718c3fc639bc149b8037caedfa
	https://git.kernel.org/stable/c/b549acf999824d4f751ca57965700372f2f3ad00
	https://git.kernel.org/stable/c/bb83f79f90e92f46466adcfd4fd264a7ae0f0f01
	https://git.kernel.org/stable/c/56d78b5495ebecbb9395101f3be177cd0a52450b
	https://git.kernel.org/stable/c/442fd24d7b6b29e4a9cd9225afba4142d5f522ba
	https://git.kernel.org/stable/c/f6fe7261b92b21109678747f36df9fdab1e30c34
	https://git.kernel.org/stable/c/6b9ecf4e1032e645873933e5b43cbb84cac19106
	https://git.kernel.org/stable/c/4df105f0ce9f6f30cda4e99f577150d23f0c9c5f

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.696Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/930f0aaba4820d6362de4e6ed569eaf444f1ea4e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/77072ec41d6ab3718c3fc639bc149b8037caedfa"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b549acf999824d4f751ca57965700372f2f3ad00"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bb83f79f90e92f46466adcfd4fd264a7ae0f0f01"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/56d78b5495ebecbb9395101f3be177cd0a52450b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/442fd24d7b6b29e4a9cd9225afba4142d5f522ba"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f6fe7261b92b21109678747f36df9fdab1e30c34"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6b9ecf4e1032e645873933e5b43cbb84cac19106"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4df105f0ce9f6f30cda4e99f577150d23f0c9c5f"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52809",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:44.046464Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:54.752Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/libfc/fc_lport.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "930f0aaba482",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "77072ec41d6a",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "b549acf99982",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "bb83f79f90e9",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "56d78b5495eb",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "442fd24d7b6b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "f6fe7261b92b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6b9ecf4e1032",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "4df105f0ce9f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/libfc/fc_lport.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.331",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()\n\nfc_lport_ptp_setup() did not check the return value of fc_rport_create()\nwhich can return NULL and would cause a NULL pointer dereference. Address\nthis issue by checking return value of fc_rport_create() and log error\nmessage on fc_rport_create() failed."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:08.054Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/930f0aaba4820d6362de4e6ed569eaf444f1ea4e"
        },
        {
          "url": "https://git.kernel.org/stable/c/77072ec41d6ab3718c3fc639bc149b8037caedfa"
        },
        {
          "url": "https://git.kernel.org/stable/c/b549acf999824d4f751ca57965700372f2f3ad00"
        },
        {
          "url": "https://git.kernel.org/stable/c/bb83f79f90e92f46466adcfd4fd264a7ae0f0f01"
        },
        {
          "url": "https://git.kernel.org/stable/c/56d78b5495ebecbb9395101f3be177cd0a52450b"
        },
        {
          "url": "https://git.kernel.org/stable/c/442fd24d7b6b29e4a9cd9225afba4142d5f522ba"
        },
        {
          "url": "https://git.kernel.org/stable/c/f6fe7261b92b21109678747f36df9fdab1e30c34"
        },
        {
          "url": "https://git.kernel.org/stable/c/6b9ecf4e1032e645873933e5b43cbb84cac19106"
        },
        {
          "url": "https://git.kernel.org/stable/c/4df105f0ce9f6f30cda4e99f577150d23f0c9c5f"
        }
      ],
      "title": "scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52809",
    "datePublished": "2024-05-21T15:31:18.982Z",
    "dateReserved": "2024-05-21T15:19:24.248Z",
    "dateUpdated": "2024-11-04T14:53:08.054Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52739

Vulnerability from cvelistv5

Published

2024-05-21 15:23

Modified

2024-11-04 14:51

Severity ?

Summary

Fix page corruption caused by racy check in __free_pages

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0a626e27f984dfbe96bd8e4fd08f20a2ede3ea23
	https://git.kernel.org/stable/c/3af734f3eac6f70ef8e272a80da40544b9d0f2b5
	https://git.kernel.org/stable/c/3b4c045a98f53a8890a94bb5846a390c8e39e673
	https://git.kernel.org/stable/c/462a8e08e0e6287e5ce13187257edbf24213ed03

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.988Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0a626e27f984dfbe96bd8e4fd08f20a2ede3ea23"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3af734f3eac6f70ef8e272a80da40544b9d0f2b5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3b4c045a98f53a8890a94bb5846a390c8e39e673"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/462a8e08e0e6287e5ce13187257edbf24213ed03"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52739",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:31.888561Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:35.029Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "mm/page_alloc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0a626e27f984",
              "status": "affected",
              "version": "e320d3012d25",
              "versionType": "git"
            },
            {
              "lessThan": "3af734f3eac6",
              "status": "affected",
              "version": "e320d3012d25",
              "versionType": "git"
            },
            {
              "lessThan": "3b4c045a98f5",
              "status": "affected",
              "version": "e320d3012d25",
              "versionType": "git"
            },
            {
              "lessThan": "462a8e08e0e6",
              "status": "affected",
              "version": "e320d3012d25",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "mm/page_alloc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.10"
            },
            {
              "lessThan": "5.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.168",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.94",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nFix page corruption caused by racy check in __free_pages\n\nWhen we upgraded our kernel, we started seeing some page corruption like\nthe following consistently:\n\n  BUG: Bad page state in process ganesha.nfsd  pfn:1304ca\n  page:0000000022261c55 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x0 pfn:0x1304ca\n  flags: 0x17ffffc0000000()\n  raw: 0017ffffc0000000 ffff8a513ffd4c98 ffffeee24b35ec08 0000000000000000\n  raw: 0000000000000000 0000000000000001 00000000ffffff7f 0000000000000000\n  page dumped because: nonzero mapcount\n  CPU: 0 PID: 15567 Comm: ganesha.nfsd Kdump: loaded Tainted: P    B      O      5.10.158-1.nutanix.20221209.el7.x86_64 #1\n  Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 04/05/2016\n  Call Trace:\n   dump_stack+0x74/0x96\n   bad_page.cold+0x63/0x94\n   check_new_page_bad+0x6d/0x80\n   rmqueue+0x46e/0x970\n   get_page_from_freelist+0xcb/0x3f0\n   ? _cond_resched+0x19/0x40\n   __alloc_pages_nodemask+0x164/0x300\n   alloc_pages_current+0x87/0xf0\n   skb_page_frag_refill+0x84/0x110\n   ...\n\nSometimes, it would also show up as corruption in the free list pointer\nand cause crashes.\n\nAfter bisecting the issue, we found the issue started from commit\ne320d3012d25 (\"mm/page_alloc.c: fix freeing non-compound pages\"):\n\n\tif (put_page_testzero(page))\n\t\tfree_the_page(page, order);\n\telse if (!PageHead(page))\n\t\twhile (order-- \u003e 0)\n\t\t\tfree_the_page(page + (1 \u003c\u003c order), order);\n\nSo the problem is the check PageHead is racy because at this point we\nalready dropped our reference to the page.  So even if we came in with\ncompound page, the page can already be freed and PageHead can return\nfalse and we will end up freeing all the tail pages causing double free."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:46.353Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0a626e27f984dfbe96bd8e4fd08f20a2ede3ea23"
        },
        {
          "url": "https://git.kernel.org/stable/c/3af734f3eac6f70ef8e272a80da40544b9d0f2b5"
        },
        {
          "url": "https://git.kernel.org/stable/c/3b4c045a98f53a8890a94bb5846a390c8e39e673"
        },
        {
          "url": "https://git.kernel.org/stable/c/462a8e08e0e6287e5ce13187257edbf24213ed03"
        }
      ],
      "title": "Fix page corruption caused by racy check in __free_pages",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52739",
    "datePublished": "2024-05-21T15:23:02.545Z",
    "dateReserved": "2024-05-21T15:19:24.233Z",
    "dateUpdated": "2024-11-04T14:51:46.353Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47473

Vulnerability from cvelistv5

Published

2024-05-22 06:23

Modified

2024-11-04 12:06

Severity ?

Summary

scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/96f0aebf29be25254fa585af43924e34aa21fd9a
	https://git.kernel.org/stable/c/a7fbb56e6c941d9f59437b96412a348e66388d3e
	https://git.kernel.org/stable/c/7fb223d0ad801f633c78cbe42b1d1b55f5d163ad

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47473",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T15:51:49.368979Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:11.292Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.588Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/96f0aebf29be25254fa585af43924e34aa21fd9a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a7fbb56e6c941d9f59437b96412a348e66388d3e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7fb223d0ad801f633c78cbe42b1d1b55f5d163ad"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/qla2xxx/qla_bsg.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "96f0aebf29be",
              "status": "affected",
              "version": "8c0eb596baa5",
              "versionType": "git"
            },
            {
              "lessThan": "a7fbb56e6c94",
              "status": "affected",
              "version": "8c0eb596baa5",
              "versionType": "git"
            },
            {
              "lessThan": "7fb223d0ad80",
              "status": "affected",
              "version": "8c0eb596baa5",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/qla2xxx/qla_bsg.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.11"
            },
            {
              "lessThan": "3.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.76",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()\n\nCommit 8c0eb596baa5 (\"[SCSI] qla2xxx: Fix a memory leak in an error path of\nqla2x00_process_els()\"), intended to change:\n\n        bsg_job-\u003erequest-\u003emsgcode == FC_BSG_HST_ELS_NOLOGIN\n\n\n        bsg_job-\u003erequest-\u003emsgcode != FC_BSG_RPT_ELS\n\nbut changed it to:\n\n        bsg_job-\u003erequest-\u003emsgcode == FC_BSG_RPT_ELS\n\ninstead.\n\nChange the == to a != to avoid leaking the fcport structure or freeing\nunallocated memory."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:36.599Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/96f0aebf29be25254fa585af43924e34aa21fd9a"
        },
        {
          "url": "https://git.kernel.org/stable/c/a7fbb56e6c941d9f59437b96412a348e66388d3e"
        },
        {
          "url": "https://git.kernel.org/stable/c/7fb223d0ad801f633c78cbe42b1d1b55f5d163ad"
        }
      ],
      "title": "scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47473",
    "datePublished": "2024-05-22T06:23:30.204Z",
    "dateReserved": "2024-05-22T06:20:56.199Z",
    "dateUpdated": "2024-11-04T12:06:36.599Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47338

Vulnerability from cvelistv5

Published

2024-05-21 14:35

Modified

2024-11-04 12:03

Severity ?

Summary

fbmem: Do not delete the mode that is still in use

References

▼	URL	Tags
	https://git.kernel.org/stable/c/359311b85ebec7c07c3a08ae2f3def946cad33fa
	https://git.kernel.org/stable/c/087bff9acd2ec6db3f61aceb3224bde90fe0f7f8
	https://git.kernel.org/stable/c/f193509afc7ff37a46862610c93b896044d5b693
	https://git.kernel.org/stable/c/d6e76469157d8f240e5dec6f8411aa8d306b1126
	https://git.kernel.org/stable/c/0af778269a522c988ef0b4188556aba97fb420cc

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47338",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-12T15:00:51.209603Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-12T15:01:02.502Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:08.605Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/359311b85ebec7c07c3a08ae2f3def946cad33fa"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/087bff9acd2ec6db3f61aceb3224bde90fe0f7f8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f193509afc7ff37a46862610c93b896044d5b693"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d6e76469157d8f240e5dec6f8411aa8d306b1126"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0af778269a522c988ef0b4188556aba97fb420cc"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/video/fbdev/core/fbmem.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "359311b85ebe",
              "status": "affected",
              "version": "13ff178ccd6d",
              "versionType": "git"
            },
            {
              "lessThan": "087bff9acd2e",
              "status": "affected",
              "version": "13ff178ccd6d",
              "versionType": "git"
            },
            {
              "lessThan": "f193509afc7f",
              "status": "affected",
              "version": "13ff178ccd6d",
              "versionType": "git"
            },
            {
              "lessThan": "d6e76469157d",
              "status": "affected",
              "version": "13ff178ccd6d",
              "versionType": "git"
            },
            {
              "lessThan": "0af778269a52",
              "status": "affected",
              "version": "13ff178ccd6d",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/video/fbdev/core/fbmem.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.3"
            },
            {
              "lessThan": "5.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.134",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.52",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.19",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.13.*",
              "status": "unaffected",
              "version": "5.13.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbmem: Do not delete the mode that is still in use\n\nThe execution of fb_delete_videomode() is not based on the result of the\nprevious fbcon_mode_deleted(). As a result, the mode is directly deleted,\nregardless of whether it is still in use, which may cause UAF.\n\n==================================================================\nBUG: KASAN: use-after-free in fb_mode_is_equal+0x36e/0x5e0 \\\ndrivers/video/fbdev/core/modedb.c:924\nRead of size 4 at addr ffff88807e0ddb1c by task syz-executor.0/18962\n\nCPU: 2 PID: 18962 Comm: syz-executor.0 Not tainted 5.10.45-rc1+ #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ...\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x137/0x1be lib/dump_stack.c:118\n print_address_description+0x6c/0x640 mm/kasan/report.c:385\n __kasan_report mm/kasan/report.c:545 [inline]\n kasan_report+0x13d/0x1e0 mm/kasan/report.c:562\n fb_mode_is_equal+0x36e/0x5e0 drivers/video/fbdev/core/modedb.c:924\n fbcon_mode_deleted+0x16a/0x220 drivers/video/fbdev/core/fbcon.c:2746\n fb_set_var+0x1e1/0xdb0 drivers/video/fbdev/core/fbmem.c:975\n do_fb_ioctl+0x4d9/0x6e0 drivers/video/fbdev/core/fbmem.c:1108\n vfs_ioctl fs/ioctl.c:48 [inline]\n __do_sys_ioctl fs/ioctl.c:753 [inline]\n __se_sys_ioctl+0xfb/0x170 fs/ioctl.c:739\n do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nFreed by task 18960:\n kasan_save_stack mm/kasan/common.c:48 [inline]\n kasan_set_track+0x3d/0x70 mm/kasan/common.c:56\n kasan_set_free_info+0x17/0x30 mm/kasan/generic.c:355\n __kasan_slab_free+0x108/0x140 mm/kasan/common.c:422\n slab_free_hook mm/slub.c:1541 [inline]\n slab_free_freelist_hook+0xd6/0x1a0 mm/slub.c:1574\n slab_free mm/slub.c:3139 [inline]\n kfree+0xca/0x3d0 mm/slub.c:4121\n fb_delete_videomode+0x56a/0x820 drivers/video/fbdev/core/modedb.c:1104\n fb_set_var+0x1f3/0xdb0 drivers/video/fbdev/core/fbmem.c:978\n do_fb_ioctl+0x4d9/0x6e0 drivers/video/fbdev/core/fbmem.c:1108\n vfs_ioctl fs/ioctl.c:48 [inline]\n __do_sys_ioctl fs/ioctl.c:753 [inline]\n __se_sys_ioctl+0xfb/0x170 fs/ioctl.c:739\n do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x44/0xa9"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:03:58.258Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/359311b85ebec7c07c3a08ae2f3def946cad33fa"
        },
        {
          "url": "https://git.kernel.org/stable/c/087bff9acd2ec6db3f61aceb3224bde90fe0f7f8"
        },
        {
          "url": "https://git.kernel.org/stable/c/f193509afc7ff37a46862610c93b896044d5b693"
        },
        {
          "url": "https://git.kernel.org/stable/c/d6e76469157d8f240e5dec6f8411aa8d306b1126"
        },
        {
          "url": "https://git.kernel.org/stable/c/0af778269a522c988ef0b4188556aba97fb420cc"
        }
      ],
      "title": "fbmem: Do not delete the mode that is still in use",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47338",
    "datePublished": "2024-05-21T14:35:47.028Z",
    "dateReserved": "2024-05-21T14:28:16.978Z",
    "dateUpdated": "2024-11-04T12:03:58.258Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47375

Vulnerability from cvelistv5

Published

2024-05-21 15:03

Modified

2024-11-04 12:04

Severity ?

6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

blktrace: Fix uaf in blk_trace access after removing by sysfs

References

▼	URL	Tags
	https://git.kernel.org/stable/c/488da313edf3abea7f7733efe011c96b23740ab5
	https://git.kernel.org/stable/c/dacfd5e4d1142bfb3809aab3634a375f6f373269
	https://git.kernel.org/stable/c/d56171d9360c0170c5c5f8f7e2362a2e999eca40
	https://git.kernel.org/stable/c/677e362ba807f3aafe6f405c07e0b37244da5222
	https://git.kernel.org/stable/c/ebb8d26d93c3ec3c7576c52a8373a2309423c069
	https://git.kernel.org/stable/c/3815fe7371d2411ce164281cef40d9fc7b323dee
	https://git.kernel.org/stable/c/a5f8e86192612d0183047448d8bbe7918b3f1a26
	https://git.kernel.org/stable/c/5afedf670caf30a2b5a52da96eb7eac7dee6a9c9

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 6.2,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47375",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:37:23.607827Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-27T13:59:18.148Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:08.654Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/488da313edf3abea7f7733efe011c96b23740ab5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dacfd5e4d1142bfb3809aab3634a375f6f373269"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d56171d9360c0170c5c5f8f7e2362a2e999eca40"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/677e362ba807f3aafe6f405c07e0b37244da5222"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ebb8d26d93c3ec3c7576c52a8373a2309423c069"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3815fe7371d2411ce164281cef40d9fc7b323dee"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a5f8e86192612d0183047448d8bbe7918b3f1a26"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5afedf670caf30a2b5a52da96eb7eac7dee6a9c9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/trace/blktrace.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "488da313edf3",
              "status": "affected",
              "version": "c71a89615411",
              "versionType": "git"
            },
            {
              "lessThan": "dacfd5e4d114",
              "status": "affected",
              "version": "c71a89615411",
              "versionType": "git"
            },
            {
              "lessThan": "d56171d9360c",
              "status": "affected",
              "version": "c71a89615411",
              "versionType": "git"
            },
            {
              "lessThan": "677e362ba807",
              "status": "affected",
              "version": "c71a89615411",
              "versionType": "git"
            },
            {
              "lessThan": "ebb8d26d93c3",
              "status": "affected",
              "version": "c71a89615411",
              "versionType": "git"
            },
            {
              "lessThan": "3815fe7371d2",
              "status": "affected",
              "version": "c71a89615411",
              "versionType": "git"
            },
            {
              "lessThan": "a5f8e8619261",
              "status": "affected",
              "version": "c71a89615411",
              "versionType": "git"
            },
            {
              "lessThan": "5afedf670caf",
              "status": "affected",
              "version": "c71a89615411",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/trace/blktrace.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.30"
            },
            {
              "lessThan": "2.6.30",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.286",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.285",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.249",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.209",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.150",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.70",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblktrace: Fix uaf in blk_trace access after removing by sysfs\n\nThere is an use-after-free problem triggered by following process:\n\n      P1(sda)\t\t\t\tP2(sdb)\n\t\t\techo 0 \u003e /sys/block/sdb/trace/enable\n\t\t\t  blk_trace_remove_queue\n\t\t\t    synchronize_rcu\n\t\t\t    blk_trace_free\n\t\t\t      relay_close\nrcu_read_lock\n__blk_add_trace\n  trace_note_tsk\n  (Iterate running_trace_list)\n\t\t\t        relay_close_buf\n\t\t\t\t  relay_destroy_buf\n\t\t\t\t    kfree(buf)\n    trace_note(sdb\u0027s bt)\n      relay_reserve\n        buf-\u003eoffset \u003c- nullptr deference (use-after-free) !!!\nrcu_read_unlock\n\n[  502.714379] BUG: kernel NULL pointer dereference, address:\n0000000000000010\n[  502.715260] #PF: supervisor read access in kernel mode\n[  502.715903] #PF: error_code(0x0000) - not-present page\n[  502.716546] PGD 103984067 P4D 103984067 PUD 17592b067 PMD 0\n[  502.717252] Oops: 0000 [#1] SMP\n[  502.720308] RIP: 0010:trace_note.isra.0+0x86/0x360\n[  502.732872] Call Trace:\n[  502.733193]  __blk_add_trace.cold+0x137/0x1a3\n[  502.733734]  blk_add_trace_rq+0x7b/0xd0\n[  502.734207]  blk_add_trace_rq_issue+0x54/0xa0\n[  502.734755]  blk_mq_start_request+0xde/0x1b0\n[  502.735287]  scsi_queue_rq+0x528/0x1140\n...\n[  502.742704]  sg_new_write.isra.0+0x16e/0x3e0\n[  502.747501]  sg_ioctl+0x466/0x1100\n\nReproduce method:\n  ioctl(/dev/sda, BLKTRACESETUP, blk_user_trace_setup[buf_size=127])\n  ioctl(/dev/sda, BLKTRACESTART)\n  ioctl(/dev/sdb, BLKTRACESETUP, blk_user_trace_setup[buf_size=127])\n  ioctl(/dev/sdb, BLKTRACESTART)\n\n  echo 0 \u003e /sys/block/sdb/trace/enable \u0026\n  // Add delay(mdelay/msleep) before kernel enters blk_trace_free()\n\n  ioctl$SG_IO(/dev/sda, SG_IO, ...)\n  // Enters trace_note_tsk() after blk_trace_free() returned\n  // Use mdelay in rcu region rather than msleep(which may schedule out)\n\nRemove blk_trace from running_list before calling blk_trace_free() by\nsysfs if blk_trace is at Blktrace_running state."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:04:42.277Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/488da313edf3abea7f7733efe011c96b23740ab5"
        },
        {
          "url": "https://git.kernel.org/stable/c/dacfd5e4d1142bfb3809aab3634a375f6f373269"
        },
        {
          "url": "https://git.kernel.org/stable/c/d56171d9360c0170c5c5f8f7e2362a2e999eca40"
        },
        {
          "url": "https://git.kernel.org/stable/c/677e362ba807f3aafe6f405c07e0b37244da5222"
        },
        {
          "url": "https://git.kernel.org/stable/c/ebb8d26d93c3ec3c7576c52a8373a2309423c069"
        },
        {
          "url": "https://git.kernel.org/stable/c/3815fe7371d2411ce164281cef40d9fc7b323dee"
        },
        {
          "url": "https://git.kernel.org/stable/c/a5f8e86192612d0183047448d8bbe7918b3f1a26"
        },
        {
          "url": "https://git.kernel.org/stable/c/5afedf670caf30a2b5a52da96eb7eac7dee6a9c9"
        }
      ],
      "title": "blktrace: Fix uaf in blk_trace access after removing by sysfs",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47375",
    "datePublished": "2024-05-21T15:03:39.090Z",
    "dateReserved": "2024-05-21T14:58:30.811Z",
    "dateUpdated": "2024-11-04T12:04:42.277Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52807

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

net: hns3: fix out-of-bounds access may occur when coalesce info is read via debugfs

References

▼	URL	Tags
	https://git.kernel.org/stable/c/07f5b8c47152cadbd9102e053dcb60685820aa09
	https://git.kernel.org/stable/c/be1f703f39efa27b7371b9a4cd983317f1366792
	https://git.kernel.org/stable/c/f79d985c69060047426be68b7e4c1663d5d731b4
	https://git.kernel.org/stable/c/53aba458f23846112c0d44239580ff59bc5c36c3

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52807",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:36:46.627147Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:37:02.706Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.914Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/07f5b8c47152cadbd9102e053dcb60685820aa09"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/be1f703f39efa27b7371b9a4cd983317f1366792"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f79d985c69060047426be68b7e4c1663d5d731b4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/53aba458f23846112c0d44239580ff59bc5c36c3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/hisilicon/hns3/hns3_debugfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "07f5b8c47152",
              "status": "affected",
              "version": "c99fead7cb07",
              "versionType": "git"
            },
            {
              "lessThan": "be1f703f39ef",
              "status": "affected",
              "version": "c99fead7cb07",
              "versionType": "git"
            },
            {
              "lessThan": "f79d985c6906",
              "status": "affected",
              "version": "c99fead7cb07",
              "versionType": "git"
            },
            {
              "lessThan": "53aba458f238",
              "status": "affected",
              "version": "c99fead7cb07",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/hisilicon/hns3/hns3_debugfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.16"
            },
            {
              "lessThan": "5.16",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix out-of-bounds access may occur when coalesce info is read via debugfs\n\nThe hns3 driver define an array of string to show the coalesce\ninfo, but if the kernel adds a new mode or a new state,\nout-of-bounds access may occur when coalesce info is read via\ndebugfs, this patch fix the problem."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:05.729Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/07f5b8c47152cadbd9102e053dcb60685820aa09"
        },
        {
          "url": "https://git.kernel.org/stable/c/be1f703f39efa27b7371b9a4cd983317f1366792"
        },
        {
          "url": "https://git.kernel.org/stable/c/f79d985c69060047426be68b7e4c1663d5d731b4"
        },
        {
          "url": "https://git.kernel.org/stable/c/53aba458f23846112c0d44239580ff59bc5c36c3"
        }
      ],
      "title": "net: hns3: fix out-of-bounds access may occur when coalesce info is read via debugfs",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52807",
    "datePublished": "2024-05-21T15:31:17.686Z",
    "dateReserved": "2024-05-21T15:19:24.248Z",
    "dateUpdated": "2024-11-04T14:53:05.729Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47479

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:06

Severity ?

Summary

staging: rtl8712: fix use-after-free in rtl8712_dl_fw

References

▼	URL	Tags
	https://git.kernel.org/stable/c/c430094541a80575259a94ff879063ef01473506
	https://git.kernel.org/stable/c/befd23bd3b17f1a3f9c943a8580b47444c7c63ed
	https://git.kernel.org/stable/c/a65c9afe9f2f55b7a7fb4a25ab654cd4139683a4
	https://git.kernel.org/stable/c/c052cc1a069c3e575619cf64ec427eb41176ca70

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47479",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-24T19:24:15.320557Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:37.514Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.455Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c430094541a80575259a94ff879063ef01473506"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/befd23bd3b17f1a3f9c943a8580b47444c7c63ed"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a65c9afe9f2f55b7a7fb4a25ab654cd4139683a4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c052cc1a069c3e575619cf64ec427eb41176ca70"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/staging/rtl8712/usb_intf.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c430094541a8",
              "status": "affected",
              "version": "8c213fa59199",
              "versionType": "git"
            },
            {
              "lessThan": "befd23bd3b17",
              "status": "affected",
              "version": "8c213fa59199",
              "versionType": "git"
            },
            {
              "lessThan": "a65c9afe9f2f",
              "status": "affected",
              "version": "8c213fa59199",
              "versionType": "git"
            },
            {
              "lessThan": "c052cc1a069c",
              "status": "affected",
              "version": "8c213fa59199",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/staging/rtl8712/usb_intf.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.3"
            },
            {
              "lessThan": "3.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.79",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8712: fix use-after-free in rtl8712_dl_fw\n\nSyzbot reported use-after-free in rtl8712_dl_fw(). The problem was in\nrace condition between r871xu_dev_remove() -\u003endo_open() callback.\n\nIt\u0027s easy to see from crash log, that driver accesses released firmware\nin -\u003endo_open() callback. It may happen, since driver was releasing\nfirmware _before_ unregistering netdev. Fix it by moving\nunregister_netdev() before cleaning up resources.\n\nCall Trace:\n...\n rtl871x_open_fw drivers/staging/rtl8712/hal_init.c:83 [inline]\n rtl8712_dl_fw+0xd95/0xe10 drivers/staging/rtl8712/hal_init.c:170\n rtl8712_hal_init drivers/staging/rtl8712/hal_init.c:330 [inline]\n rtl871x_hal_init+0xae/0x180 drivers/staging/rtl8712/hal_init.c:394\n netdev_open+0xe6/0x6c0 drivers/staging/rtl8712/os_intfs.c:380\n __dev_open+0x2bc/0x4d0 net/core/dev.c:1484\n\nFreed by task 1306:\n...\n release_firmware+0x1b/0x30 drivers/base/firmware_loader/main.c:1053\n r871xu_dev_remove+0xcc/0x2c0 drivers/staging/rtl8712/usb_intf.c:599\n usb_unbind_interface+0x1d8/0x8d0 drivers/usb/core/driver.c:458"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:43.715Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c430094541a80575259a94ff879063ef01473506"
        },
        {
          "url": "https://git.kernel.org/stable/c/befd23bd3b17f1a3f9c943a8580b47444c7c63ed"
        },
        {
          "url": "https://git.kernel.org/stable/c/a65c9afe9f2f55b7a7fb4a25ab654cd4139683a4"
        },
        {
          "url": "https://git.kernel.org/stable/c/c052cc1a069c3e575619cf64ec427eb41176ca70"
        }
      ],
      "title": "staging: rtl8712: fix use-after-free in rtl8712_dl_fw",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47479",
    "datePublished": "2024-05-22T08:19:32.174Z",
    "dateReserved": "2024-05-22T06:20:56.200Z",
    "dateUpdated": "2024-11-04T12:06:43.715Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52867

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:54

Severity ?

Summary

drm/radeon: possible buffer overflow

References

▼	URL	Tags
	https://git.kernel.org/stable/c/112d4b02d94bf9fa4f1d3376587878400dd74783
	https://git.kernel.org/stable/c/caaa74541459c4c9e2c10046cf66ad2890483d0f
	https://git.kernel.org/stable/c/ddc42881f170f1f518496f5a70447501335fc783
	https://git.kernel.org/stable/c/7b063c93bece827fde237fae1c101bceeee4e896
	https://git.kernel.org/stable/c/347f025a02b3a5d715a0b471fc3b1439c338ad94
	https://git.kernel.org/stable/c/341e79f8aec6af6b0061b8171d77b085835c6a58
	https://git.kernel.org/stable/c/d9b4fa249deaae1145d6fc2b64dae718e5c7a855
	https://git.kernel.org/stable/c/19534a7a225f1bf2da70a9a90d41d0215f8f6b45
	https://git.kernel.org/stable/c/dd05484f99d16715a88eedfca363828ef9a4c2d4

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52867",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T17:50:12.334865Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:41.676Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.225Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/112d4b02d94bf9fa4f1d3376587878400dd74783"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/caaa74541459c4c9e2c10046cf66ad2890483d0f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ddc42881f170f1f518496f5a70447501335fc783"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7b063c93bece827fde237fae1c101bceeee4e896"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/347f025a02b3a5d715a0b471fc3b1439c338ad94"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/341e79f8aec6af6b0061b8171d77b085835c6a58"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d9b4fa249deaae1145d6fc2b64dae718e5c7a855"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/19534a7a225f1bf2da70a9a90d41d0215f8f6b45"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dd05484f99d16715a88eedfca363828ef9a4c2d4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/radeon/evergreen.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "112d4b02d94b",
              "status": "affected",
              "version": "5cc4e5fc293b",
              "versionType": "git"
            },
            {
              "lessThan": "caaa74541459",
              "status": "affected",
              "version": "5cc4e5fc293b",
              "versionType": "git"
            },
            {
              "lessThan": "ddc42881f170",
              "status": "affected",
              "version": "5cc4e5fc293b",
              "versionType": "git"
            },
            {
              "lessThan": "7b063c93bece",
              "status": "affected",
              "version": "5cc4e5fc293b",
              "versionType": "git"
            },
            {
              "lessThan": "347f025a02b3",
              "status": "affected",
              "version": "5cc4e5fc293b",
              "versionType": "git"
            },
            {
              "lessThan": "341e79f8aec6",
              "status": "affected",
              "version": "5cc4e5fc293b",
              "versionType": "git"
            },
            {
              "lessThan": "d9b4fa249dea",
              "status": "affected",
              "version": "5cc4e5fc293b",
              "versionType": "git"
            },
            {
              "lessThan": "19534a7a225f",
              "status": "affected",
              "version": "5cc4e5fc293b",
              "versionType": "git"
            },
            {
              "lessThan": "dd05484f99d1",
              "status": "affected",
              "version": "5cc4e5fc293b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/radeon/evergreen.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.13"
            },
            {
              "lessThan": "4.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.330",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.299",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.261",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: possible buffer overflow\n\nBuffer \u0027afmt_status\u0027 of size 6 could overflow, since index \u0027afmt_idx\u0027 is\nchecked after access."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:11.943Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/112d4b02d94bf9fa4f1d3376587878400dd74783"
        },
        {
          "url": "https://git.kernel.org/stable/c/caaa74541459c4c9e2c10046cf66ad2890483d0f"
        },
        {
          "url": "https://git.kernel.org/stable/c/ddc42881f170f1f518496f5a70447501335fc783"
        },
        {
          "url": "https://git.kernel.org/stable/c/7b063c93bece827fde237fae1c101bceeee4e896"
        },
        {
          "url": "https://git.kernel.org/stable/c/347f025a02b3a5d715a0b471fc3b1439c338ad94"
        },
        {
          "url": "https://git.kernel.org/stable/c/341e79f8aec6af6b0061b8171d77b085835c6a58"
        },
        {
          "url": "https://git.kernel.org/stable/c/d9b4fa249deaae1145d6fc2b64dae718e5c7a855"
        },
        {
          "url": "https://git.kernel.org/stable/c/19534a7a225f1bf2da70a9a90d41d0215f8f6b45"
        },
        {
          "url": "https://git.kernel.org/stable/c/dd05484f99d16715a88eedfca363828ef9a4c2d4"
        }
      ],
      "title": "drm/radeon: possible buffer overflow",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52867",
    "datePublished": "2024-05-21T15:31:57.866Z",
    "dateReserved": "2024-05-21T15:19:24.262Z",
    "dateUpdated": "2024-11-04T14:54:11.943Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52783

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:52

Severity ?

Summary

net: wangxun: fix kernel panic due to null pointer

References

▼	URL	Tags
	https://git.kernel.org/stable/c/61a55071653974dab172d4c5d699bb365cfd13c9
	https://git.kernel.org/stable/c/8ba2c459668cfe2aaacc5ebcd35b4b9ef8643013

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52783",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T17:46:59.012551Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:56.974Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.842Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/61a55071653974dab172d4c5d699bb365cfd13c9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8ba2c459668cfe2aaacc5ebcd35b4b9ef8643013"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/wangxun/libwx/wx_hw.c",
            "drivers/net/ethernet/wangxun/ngbe/ngbe_main.c",
            "drivers/net/ethernet/wangxun/txgbe/txgbe_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "61a550716539",
              "status": "affected",
              "version": "79625f45ca73",
              "versionType": "git"
            },
            {
              "lessThan": "8ba2c459668c",
              "status": "affected",
              "version": "79625f45ca73",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/wangxun/libwx/wx_hw.c",
            "drivers/net/ethernet/wangxun/ngbe/ngbe_main.c",
            "drivers/net/ethernet/wangxun/txgbe/txgbe_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "lessThan": "6.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: wangxun: fix kernel panic due to null pointer\n\nWhen the device uses a custom subsystem vendor ID, the function\nwx_sw_init() returns before the memory of \u0027wx-\u003emac_table\u0027 is allocated.\nThe null pointer will causes the kernel panic."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:39.107Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/61a55071653974dab172d4c5d699bb365cfd13c9"
        },
        {
          "url": "https://git.kernel.org/stable/c/8ba2c459668cfe2aaacc5ebcd35b4b9ef8643013"
        }
      ],
      "title": "net: wangxun: fix kernel panic due to null pointer",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52783",
    "datePublished": "2024-05-21T15:31:01.598Z",
    "dateReserved": "2024-05-21T15:19:24.240Z",
    "dateUpdated": "2024-11-04T14:52:39.107Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47413

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

usb: chipidea: ci_hdrc_imx: Also search for 'phys' phandle

References

▼	URL	Tags
	https://git.kernel.org/stable/c/b3265b88e83b16c7be762fa5fb7e0632bce0002c
	https://git.kernel.org/stable/c/66dd03b10e1c0b2fae006c6e34c18ea8ee033e7b
	https://git.kernel.org/stable/c/8253a34bfae3278baca52fc1209b7c29270486ca

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47413",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T17:27:34.761405Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T17:27:45.884Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.295Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b3265b88e83b16c7be762fa5fb7e0632bce0002c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/66dd03b10e1c0b2fae006c6e34c18ea8ee033e7b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8253a34bfae3278baca52fc1209b7c29270486ca"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/chipidea/ci_hdrc_imx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b3265b88e83b",
              "status": "affected",
              "version": "746f316b753a",
              "versionType": "git"
            },
            {
              "lessThan": "66dd03b10e1c",
              "status": "affected",
              "version": "746f316b753a",
              "versionType": "git"
            },
            {
              "lessThan": "8253a34bfae3",
              "status": "affected",
              "version": "746f316b753a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/chipidea/ci_hdrc_imx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            },
            {
              "lessThan": "5.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.73",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: chipidea: ci_hdrc_imx: Also search for \u0027phys\u0027 phandle\n\nWhen passing \u0027phys\u0027 in the devicetree to describe the USB PHY phandle\n(which is the recommended way according to\nDocumentation/devicetree/bindings/usb/ci-hdrc-usb2.txt) the\nfollowing NULL pointer dereference is observed on i.MX7 and i.MX8MM:\n\n[    1.489344] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000098\n[    1.498170] Mem abort info:\n[    1.500966]   ESR = 0x96000044\n[    1.504030]   EC = 0x25: DABT (current EL), IL = 32 bits\n[    1.509356]   SET = 0, FnV = 0\n[    1.512416]   EA = 0, S1PTW = 0\n[    1.515569]   FSC = 0x04: level 0 translation fault\n[    1.520458] Data abort info:\n[    1.523349]   ISV = 0, ISS = 0x00000044\n[    1.527196]   CM = 0, WnR = 1\n[    1.530176] [0000000000000098] user address but active_mm is swapper\n[    1.536544] Internal error: Oops: 96000044 [#1] PREEMPT SMP\n[    1.542125] Modules linked in:\n[    1.545190] CPU: 3 PID: 7 Comm: kworker/u8:0 Not tainted 5.14.0-dirty #3\n[    1.551901] Hardware name: Kontron i.MX8MM N801X S (DT)\n[    1.557133] Workqueue: events_unbound deferred_probe_work_func\n[    1.562984] pstate: 80000005 (Nzcv daif -PAN -UAO -TCO BTYPE=--)\n[    1.568998] pc : imx7d_charger_detection+0x3f0/0x510\n[    1.573973] lr : imx7d_charger_detection+0x22c/0x510\n\nThis happens because the charger functions check for the phy presence\ninside the imx_usbmisc_data structure (data-\u003eusb_phy), but the chipidea\ncore populates the usb_phy passed via \u0027phys\u0027 inside \u0027struct ci_hdrc\u0027\n(ci-\u003eusb_phy) instead.\n\nThis causes the NULL pointer dereference inside imx7d_charger_detection().\n\nFix it by also searching for \u0027phys\u0027 in case \u0027fsl,usbphy\u0027 is not found.\n\nTested on a imx7s-warp board."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:25.978Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b3265b88e83b16c7be762fa5fb7e0632bce0002c"
        },
        {
          "url": "https://git.kernel.org/stable/c/66dd03b10e1c0b2fae006c6e34c18ea8ee033e7b"
        },
        {
          "url": "https://git.kernel.org/stable/c/8253a34bfae3278baca52fc1209b7c29270486ca"
        }
      ],
      "title": "usb: chipidea: ci_hdrc_imx: Also search for \u0027phys\u0027 phandle",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47413",
    "datePublished": "2024-05-21T15:04:04.060Z",
    "dateReserved": "2024-05-21T14:58:30.818Z",
    "dateUpdated": "2024-11-04T12:05:25.978Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47495

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:07

Severity ?

Summary

usbnet: sanity check for maxpacket

References

▼	URL	Tags
	https://git.kernel.org/stable/c/b9eba0a4a527e04d712f0e0401e5391ef124b33e
	https://git.kernel.org/stable/c/524f333e98138d909a0a0c574a9ff6737dce2767
	https://git.kernel.org/stable/c/74b3b27cf9fecce00cd8918b7882fd81191d0aa4
	https://git.kernel.org/stable/c/002d82227c0abe29118cf80f7e2f396b22d448ed
	https://git.kernel.org/stable/c/492140e45d2bf27c1014243f8616a9b612144e20
	https://git.kernel.org/stable/c/693ecbe8f799405f8775719deedb1f76265d375a
	https://git.kernel.org/stable/c/7e8b6a4f18edee070213cb6a77118e8a412253c5
	https://git.kernel.org/stable/c/397430b50a363d8b7bdda00522123f82df6adc5e

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47495",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T15:49:07.936135Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:15:06.481Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.809Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b9eba0a4a527e04d712f0e0401e5391ef124b33e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/524f333e98138d909a0a0c574a9ff6737dce2767"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/74b3b27cf9fecce00cd8918b7882fd81191d0aa4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/002d82227c0abe29118cf80f7e2f396b22d448ed"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/492140e45d2bf27c1014243f8616a9b612144e20"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/693ecbe8f799405f8775719deedb1f76265d375a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7e8b6a4f18edee070213cb6a77118e8a412253c5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/397430b50a363d8b7bdda00522123f82df6adc5e"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/usb/usbnet.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b9eba0a4a527",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "524f333e9813",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "74b3b27cf9fe",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "002d82227c0a",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "492140e45d2b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "693ecbe8f799",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "7e8b6a4f18ed",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "397430b50a36",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/usb/usbnet.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.291",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.289",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.254",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.215",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.157",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.77",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: sanity check for maxpacket\n\nmaxpacket of 0 makes no sense and oopses as we need to divide\nby it. Give up.\n\nV2: fixed typo in log and stylistic issues"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:07:01.504Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b9eba0a4a527e04d712f0e0401e5391ef124b33e"
        },
        {
          "url": "https://git.kernel.org/stable/c/524f333e98138d909a0a0c574a9ff6737dce2767"
        },
        {
          "url": "https://git.kernel.org/stable/c/74b3b27cf9fecce00cd8918b7882fd81191d0aa4"
        },
        {
          "url": "https://git.kernel.org/stable/c/002d82227c0abe29118cf80f7e2f396b22d448ed"
        },
        {
          "url": "https://git.kernel.org/stable/c/492140e45d2bf27c1014243f8616a9b612144e20"
        },
        {
          "url": "https://git.kernel.org/stable/c/693ecbe8f799405f8775719deedb1f76265d375a"
        },
        {
          "url": "https://git.kernel.org/stable/c/7e8b6a4f18edee070213cb6a77118e8a412253c5"
        },
        {
          "url": "https://git.kernel.org/stable/c/397430b50a363d8b7bdda00522123f82df6adc5e"
        }
      ],
      "title": "usbnet: sanity check for maxpacket",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47495",
    "datePublished": "2024-05-22T08:19:42.732Z",
    "dateReserved": "2024-05-22T06:20:56.202Z",
    "dateUpdated": "2024-11-04T12:07:01.504Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52839

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

drivers: perf: Do not broadcast to other cpus when starting a counter

References

▼	URL	Tags
	https://git.kernel.org/stable/c/85be1a73fd298ed3fd060dfce97caef5f9928c57
	https://git.kernel.org/stable/c/61e3d993c8bd3e80f8f1363ed5e04f88ab531b72

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.924Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/85be1a73fd298ed3fd060dfce97caef5f9928c57"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/61e3d993c8bd3e80f8f1363ed5e04f88ab531b72"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52839",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:34.430107Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:54.398Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/perf/riscv_pmu_sbi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "85be1a73fd29",
              "status": "affected",
              "version": "3fec323339a4",
              "versionType": "git"
            },
            {
              "lessThan": "61e3d993c8bd",
              "status": "affected",
              "version": "3fec323339a4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/perf/riscv_pmu_sbi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.6"
            },
            {
              "lessThan": "6.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: perf: Do not broadcast to other cpus when starting a counter\n\nThis command:\n\n$ perf record -e cycles:k -e instructions:k -c 10000 -m 64M dd if=/dev/zero of=/dev/null count=1000\n\ngives rise to this kernel warning:\n\n[  444.364395] WARNING: CPU: 0 PID: 104 at kernel/smp.c:775 smp_call_function_many_cond+0x42c/0x436\n[  444.364515] Modules linked in:\n[  444.364657] CPU: 0 PID: 104 Comm: perf-exec Not tainted 6.6.0-rc6-00051-g391df82e8ec3-dirty #73\n[  444.364771] Hardware name: riscv-virtio,qemu (DT)\n[  444.364868] epc : smp_call_function_many_cond+0x42c/0x436\n[  444.364917]  ra : on_each_cpu_cond_mask+0x20/0x32\n[  444.364948] epc : ffffffff8009f9e0 ra : ffffffff8009fa5a sp : ff20000000003800\n[  444.364966]  gp : ffffffff81500aa0 tp : ff60000002b83000 t0 : ff200000000038c0\n[  444.364982]  t1 : ffffffff815021f0 t2 : 000000000000001f s0 : ff200000000038b0\n[  444.364998]  s1 : ff60000002c54d98 a0 : ff60000002a73940 a1 : 0000000000000000\n[  444.365013]  a2 : 0000000000000000 a3 : 0000000000000003 a4 : 0000000000000100\n[  444.365029]  a5 : 0000000000010100 a6 : 0000000000f00000 a7 : 0000000000000000\n[  444.365044]  s2 : 0000000000000000 s3 : ffffffffffffffff s4 : ff60000002c54d98\n[  444.365060]  s5 : ffffffff81539610 s6 : ffffffff80c20c48 s7 : 0000000000000000\n[  444.365075]  s8 : 0000000000000000 s9 : 0000000000000001 s10: 0000000000000001\n[  444.365090]  s11: ffffffff80099394 t3 : 0000000000000003 t4 : 00000000eac0c6e6\n[  444.365104]  t5 : 0000000400000000 t6 : ff60000002e010d0\n[  444.365120] status: 0000000200000100 badaddr: 0000000000000000 cause: 0000000000000003\n[  444.365226] [\u003cffffffff8009f9e0\u003e] smp_call_function_many_cond+0x42c/0x436\n[  444.365295] [\u003cffffffff8009fa5a\u003e] on_each_cpu_cond_mask+0x20/0x32\n[  444.365311] [\u003cffffffff806e90dc\u003e] pmu_sbi_ctr_start+0x7a/0xaa\n[  444.365327] [\u003cffffffff806e880c\u003e] riscv_pmu_start+0x48/0x66\n[  444.365339] [\u003cffffffff8012111a\u003e] perf_adjust_freq_unthr_context+0x196/0x1ac\n[  444.365356] [\u003cffffffff801237aa\u003e] perf_event_task_tick+0x78/0x8c\n[  444.365368] [\u003cffffffff8003faf4\u003e] scheduler_tick+0xe6/0x25e\n[  444.365383] [\u003cffffffff8008a042\u003e] update_process_times+0x80/0x96\n[  444.365398] [\u003cffffffff800991ec\u003e] tick_sched_handle+0x26/0x52\n[  444.365410] [\u003cffffffff800993e4\u003e] tick_sched_timer+0x50/0x98\n[  444.365422] [\u003cffffffff8008a6aa\u003e] __hrtimer_run_queues+0x126/0x18a\n[  444.365433] [\u003cffffffff8008b350\u003e] hrtimer_interrupt+0xce/0x1da\n[  444.365444] [\u003cffffffff806cdc60\u003e] riscv_timer_interrupt+0x30/0x3a\n[  444.365457] [\u003cffffffff8006afa6\u003e] handle_percpu_devid_irq+0x80/0x114\n[  444.365470] [\u003cffffffff80065b82\u003e] generic_handle_domain_irq+0x1c/0x2a\n[  444.365483] [\u003cffffffff8045faec\u003e] riscv_intc_irq+0x2e/0x46\n[  444.365497] [\u003cffffffff808a9c62\u003e] handle_riscv_irq+0x4a/0x74\n[  444.365521] [\u003cffffffff808aa760\u003e] do_irq+0x7c/0x7e\n[  444.365796] ---[ end trace 0000000000000000 ]---\n\nThat\u0027s because the fix in commit 3fec323339a4 (\"drivers: perf: Fix panic\nin riscv SBI mmap support\") was wrong since there is no need to broadcast\nto other cpus when starting a counter, that\u0027s only needed in mmap when\nthe counters could have already been started on other cpus, so simply\nremove this broadcast."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:37.437Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/85be1a73fd298ed3fd060dfce97caef5f9928c57"
        },
        {
          "url": "https://git.kernel.org/stable/c/61e3d993c8bd3e80f8f1363ed5e04f88ab531b72"
        }
      ],
      "title": "drivers: perf: Do not broadcast to other cpus when starting a counter",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52839",
    "datePublished": "2024-05-21T15:31:39.196Z",
    "dateReserved": "2024-05-21T15:19:24.253Z",
    "dateUpdated": "2024-11-04T14:53:37.437Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47442

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:05

Severity ?

Summary

NFC: digital: fix possible memory leak in digital_in_send_sdd_req()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/74569c78aa84f8c958f1334b465bc530906ec99a
	https://git.kernel.org/stable/c/88c890b0b9a1fb9fcd01c61ada515e8b636c34f9
	https://git.kernel.org/stable/c/fcce6e5255474ca33c27dda0cdf9bf5087278873
	https://git.kernel.org/stable/c/071bdef36391958c89af5fa2172f691b31baa212
	https://git.kernel.org/stable/c/2bde4aca56db9fe25405d39ddb062531493a65db
	https://git.kernel.org/stable/c/50cb95487c265187289810addec5093d4fed8329
	https://git.kernel.org/stable/c/6432d7f1d1c3aa74cfe8f5e3afdf81b786c32e86
	https://git.kernel.org/stable/c/291c932fc3692e4d211a445ba8aa35663831bac7

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47442",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:47:55.982704Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:27.486Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.323Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/74569c78aa84f8c958f1334b465bc530906ec99a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/88c890b0b9a1fb9fcd01c61ada515e8b636c34f9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fcce6e5255474ca33c27dda0cdf9bf5087278873"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/071bdef36391958c89af5fa2172f691b31baa212"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2bde4aca56db9fe25405d39ddb062531493a65db"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/50cb95487c265187289810addec5093d4fed8329"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6432d7f1d1c3aa74cfe8f5e3afdf81b786c32e86"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/291c932fc3692e4d211a445ba8aa35663831bac7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/nfc/digital_technology.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "74569c78aa84",
              "status": "affected",
              "version": "2c66daecc409",
              "versionType": "git"
            },
            {
              "lessThan": "88c890b0b9a1",
              "status": "affected",
              "version": "2c66daecc409",
              "versionType": "git"
            },
            {
              "lessThan": "fcce6e525547",
              "status": "affected",
              "version": "2c66daecc409",
              "versionType": "git"
            },
            {
              "lessThan": "071bdef36391",
              "status": "affected",
              "version": "2c66daecc409",
              "versionType": "git"
            },
            {
              "lessThan": "2bde4aca56db",
              "status": "affected",
              "version": "2c66daecc409",
              "versionType": "git"
            },
            {
              "lessThan": "50cb95487c26",
              "status": "affected",
              "version": "2c66daecc409",
              "versionType": "git"
            },
            {
              "lessThan": "6432d7f1d1c3",
              "status": "affected",
              "version": "2c66daecc409",
              "versionType": "git"
            },
            {
              "lessThan": "291c932fc369",
              "status": "affected",
              "version": "2c66daecc409",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/nfc/digital_technology.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.13"
            },
            {
              "lessThan": "3.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.288",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.252",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.213",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.155",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.75",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: digital: fix possible memory leak in digital_in_send_sdd_req()\n\n\u0027skb\u0027 is allocated in digital_in_send_sdd_req(), but not free when\ndigital_in_send_cmd() failed, which will cause memory leak. Fix it\nby freeing \u0027skb\u0027 if digital_in_send_cmd() return failed."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:58.761Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/74569c78aa84f8c958f1334b465bc530906ec99a"
        },
        {
          "url": "https://git.kernel.org/stable/c/88c890b0b9a1fb9fcd01c61ada515e8b636c34f9"
        },
        {
          "url": "https://git.kernel.org/stable/c/fcce6e5255474ca33c27dda0cdf9bf5087278873"
        },
        {
          "url": "https://git.kernel.org/stable/c/071bdef36391958c89af5fa2172f691b31baa212"
        },
        {
          "url": "https://git.kernel.org/stable/c/2bde4aca56db9fe25405d39ddb062531493a65db"
        },
        {
          "url": "https://git.kernel.org/stable/c/50cb95487c265187289810addec5093d4fed8329"
        },
        {
          "url": "https://git.kernel.org/stable/c/6432d7f1d1c3aa74cfe8f5e3afdf81b786c32e86"
        },
        {
          "url": "https://git.kernel.org/stable/c/291c932fc3692e4d211a445ba8aa35663831bac7"
        }
      ],
      "title": "NFC: digital: fix possible memory leak in digital_in_send_sdd_req()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47442",
    "datePublished": "2024-05-22T06:19:36.228Z",
    "dateReserved": "2024-05-21T14:58:30.831Z",
    "dateUpdated": "2024-11-04T12:05:58.761Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52769

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

wifi: ath12k: fix htt mlo-offset event locking

References

▼	URL	Tags
	https://git.kernel.org/stable/c/d908ca431e20b0e4bfc5d911d1744910ed779bdb
	https://git.kernel.org/stable/c/afd3425bd69610f318403084fe491e24a1357fb9
	https://git.kernel.org/stable/c/6afc57ea315e0f660b1f870a681737bb7b71faef

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.063Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d908ca431e20b0e4bfc5d911d1744910ed779bdb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/afd3425bd69610f318403084fe491e24a1357fb9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6afc57ea315e0f660b1f870a681737bb7b71faef"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52769",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:02.913580Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:55.534Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath12k/dp_rx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d908ca431e20",
              "status": "affected",
              "version": "d889913205cf",
              "versionType": "git"
            },
            {
              "lessThan": "afd3425bd696",
              "status": "affected",
              "version": "d889913205cf",
              "versionType": "git"
            },
            {
              "lessThan": "6afc57ea315e",
              "status": "affected",
              "version": "d889913205cf",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath12k/dp_rx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "lessThan": "6.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix htt mlo-offset event locking\n\nThe ath12k active pdevs are protected by RCU but the htt mlo-offset\nevent handling code calling ath12k_mac_get_ar_by_pdev_id() was not\nmarked as a read-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:20.716Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d908ca431e20b0e4bfc5d911d1744910ed779bdb"
        },
        {
          "url": "https://git.kernel.org/stable/c/afd3425bd69610f318403084fe491e24a1357fb9"
        },
        {
          "url": "https://git.kernel.org/stable/c/6afc57ea315e0f660b1f870a681737bb7b71faef"
        }
      ],
      "title": "wifi: ath12k: fix htt mlo-offset event locking",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52769",
    "datePublished": "2024-05-21T15:30:52.308Z",
    "dateReserved": "2024-05-21T15:19:24.238Z",
    "dateUpdated": "2024-11-04T14:52:20.716Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52838

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

fbdev: imsttfb: fix a resource leak in probe

References

▼	URL	Tags
	https://git.kernel.org/stable/c/382e1931e0c9cd58a5a8519cdc6cd9dc4d82b485
	https://git.kernel.org/stable/c/6c66d737b2726ac7784269ddf32a31634f8f269d
	https://git.kernel.org/stable/c/a4dfebec32ec6d420a5506dd56a7834c91be28e4
	https://git.kernel.org/stable/c/8e4b510fe91782522b7ca0ca881b663b5d35e513
	https://git.kernel.org/stable/c/7bc7b82fb2191b0d50a80ee4e27030918767dd1d
	https://git.kernel.org/stable/c/18d26f9baca7d0d309303e3074a2252b8310884a
	https://git.kernel.org/stable/c/b346a531159d08c564a312a9eaeea691704f3c00
	https://git.kernel.org/stable/c/aba6ab57a910ad4b940c2024d15f2cdbf5b7f76b

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52838",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T18:03:42.645076Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T18:04:34.494Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.061Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/382e1931e0c9cd58a5a8519cdc6cd9dc4d82b485"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6c66d737b2726ac7784269ddf32a31634f8f269d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a4dfebec32ec6d420a5506dd56a7834c91be28e4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8e4b510fe91782522b7ca0ca881b663b5d35e513"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7bc7b82fb2191b0d50a80ee4e27030918767dd1d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/18d26f9baca7d0d309303e3074a2252b8310884a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b346a531159d08c564a312a9eaeea691704f3c00"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/aba6ab57a910ad4b940c2024d15f2cdbf5b7f76b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/video/fbdev/imsttfb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "382e1931e0c9",
              "status": "affected",
              "version": "7f683f286a21",
              "versionType": "git"
            },
            {
              "lessThan": "6c66d737b272",
              "status": "affected",
              "version": "815c95d82b79",
              "versionType": "git"
            },
            {
              "lessThan": "a4dfebec32ec",
              "status": "affected",
              "version": "2bf70b88cc35",
              "versionType": "git"
            },
            {
              "lessThan": "8e4b510fe917",
              "status": "affected",
              "version": "ad3de274e065",
              "versionType": "git"
            },
            {
              "lessThan": "7bc7b82fb219",
              "status": "affected",
              "version": "c6c0a9f61958",
              "versionType": "git"
            },
            {
              "lessThan": "18d26f9baca7",
              "status": "affected",
              "version": "c75f5a550610",
              "versionType": "git"
            },
            {
              "lessThan": "b346a531159d",
              "status": "affected",
              "version": "c75f5a550610",
              "versionType": "git"
            },
            {
              "lessThan": "aba6ab57a910",
              "status": "affected",
              "version": "c75f5a550610",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/video/fbdev/imsttfb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "lessThan": "6.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.299",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.261",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: imsttfb: fix a resource leak in probe\n\nI\u0027ve re-written the error handling but the bug is that if init_imstt()\nfails we need to call iounmap(par-\u003ecmap_regs)."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:36.329Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/382e1931e0c9cd58a5a8519cdc6cd9dc4d82b485"
        },
        {
          "url": "https://git.kernel.org/stable/c/6c66d737b2726ac7784269ddf32a31634f8f269d"
        },
        {
          "url": "https://git.kernel.org/stable/c/a4dfebec32ec6d420a5506dd56a7834c91be28e4"
        },
        {
          "url": "https://git.kernel.org/stable/c/8e4b510fe91782522b7ca0ca881b663b5d35e513"
        },
        {
          "url": "https://git.kernel.org/stable/c/7bc7b82fb2191b0d50a80ee4e27030918767dd1d"
        },
        {
          "url": "https://git.kernel.org/stable/c/18d26f9baca7d0d309303e3074a2252b8310884a"
        },
        {
          "url": "https://git.kernel.org/stable/c/b346a531159d08c564a312a9eaeea691704f3c00"
        },
        {
          "url": "https://git.kernel.org/stable/c/aba6ab57a910ad4b940c2024d15f2cdbf5b7f76b"
        }
      ],
      "title": "fbdev: imsttfb: fix a resource leak in probe",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52838",
    "datePublished": "2024-05-21T15:31:38.539Z",
    "dateReserved": "2024-05-21T15:19:24.253Z",
    "dateUpdated": "2024-11-04T14:53:36.329Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52700

Vulnerability from cvelistv5

Published

2024-05-21 15:22

Modified

2024-11-06 14:28

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

tipc: fix kernel warning when sending SYN message

References

▼	URL	Tags
	https://git.kernel.org/stable/c/54b6082aec178f16ad6d193b4ecdc9c4823d9a32
	https://git.kernel.org/stable/c/11a4d6f67cf55883dc78e31c247d1903ed7feccc

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52700",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-18T14:38:23.667896Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T14:28:36.244Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.606Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/54b6082aec178f16ad6d193b4ecdc9c4823d9a32"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/11a4d6f67cf55883dc78e31c247d1903ed7feccc"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/tipc/socket.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "54b6082aec17",
              "status": "affected",
              "version": "f25dcc7687d4",
              "versionType": "git"
            },
            {
              "lessThan": "11a4d6f67cf5",
              "status": "affected",
              "version": "f25dcc7687d4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/tipc/socket.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.0"
            },
            {
              "lessThan": "4.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix kernel warning when sending SYN message\n\nWhen sending a SYN message, this kernel stack trace is observed:\n\n...\n[   13.396352] RIP: 0010:_copy_from_iter+0xb4/0x550\n...\n[   13.398494] Call Trace:\n[   13.398630]  \u003cTASK\u003e\n[   13.398630]  ? __alloc_skb+0xed/0x1a0\n[   13.398630]  tipc_msg_build+0x12c/0x670 [tipc]\n[   13.398630]  ? shmem_add_to_page_cache.isra.71+0x151/0x290\n[   13.398630]  __tipc_sendmsg+0x2d1/0x710 [tipc]\n[   13.398630]  ? tipc_connect+0x1d9/0x230 [tipc]\n[   13.398630]  ? __local_bh_enable_ip+0x37/0x80\n[   13.398630]  tipc_connect+0x1d9/0x230 [tipc]\n[   13.398630]  ? __sys_connect+0x9f/0xd0\n[   13.398630]  __sys_connect+0x9f/0xd0\n[   13.398630]  ? preempt_count_add+0x4d/0xa0\n[   13.398630]  ? fpregs_assert_state_consistent+0x22/0x50\n[   13.398630]  __x64_sys_connect+0x16/0x20\n[   13.398630]  do_syscall_64+0x42/0x90\n[   13.398630]  entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nIt is because commit a41dad905e5a (\"iov_iter: saner checks for attempt\nto copy to/from iterator\") has introduced sanity check for copying\nfrom/to iov iterator. Lacking of copy direction from the iterator\nviewpoint would lead to kernel stack trace like above.\n\nThis commit fixes this issue by initializing the iov iterator with\nthe correct copy direction when sending SYN or ACK without data."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:23.410Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/54b6082aec178f16ad6d193b4ecdc9c4823d9a32"
        },
        {
          "url": "https://git.kernel.org/stable/c/11a4d6f67cf55883dc78e31c247d1903ed7feccc"
        }
      ],
      "title": "tipc: fix kernel warning when sending SYN message",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52700",
    "datePublished": "2024-05-21T15:22:50.702Z",
    "dateReserved": "2024-03-07T14:49:46.891Z",
    "dateUpdated": "2024-11-06T14:28:36.244Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47409

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

usb: dwc2: check return value after calling platform_get_resource()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/4b7f4a0eb92bf37bea4cd838c7f83ea42823ca8b
	https://git.kernel.org/stable/c/a7182993dd8e09f96839ddc3ac54f9b37370d282
	https://git.kernel.org/stable/c/8b9c1c33e51d0959f2aec573dfbac0ffd3f5c0b7
	https://git.kernel.org/stable/c/2754fa3b73df7d0ae042f3ed6cfd9df9042f6262
	https://git.kernel.org/stable/c/337f00a0bc62d7cb7d10ec0b872c79009a1641df
	https://git.kernel.org/stable/c/856e6e8e0f9300befa87dde09edb578555c99a82

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.169Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4b7f4a0eb92bf37bea4cd838c7f83ea42823ca8b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a7182993dd8e09f96839ddc3ac54f9b37370d282"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8b9c1c33e51d0959f2aec573dfbac0ffd3f5c0b7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2754fa3b73df7d0ae042f3ed6cfd9df9042f6262"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/337f00a0bc62d7cb7d10ec0b872c79009a1641df"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/856e6e8e0f9300befa87dde09edb578555c99a82"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47409",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:57.427219Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:39.628Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/dwc2/hcd.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4b7f4a0eb92b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a7182993dd8e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8b9c1c33e51d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2754fa3b73df",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "337f00a0bc62",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "856e6e8e0f93",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/dwc2/hcd.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.250",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.210",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.152",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.72",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: check return value after calling platform_get_resource()\n\nIt will cause null-ptr-deref if platform_get_resource() returns NULL,\nwe need check the return value."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:22.412Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4b7f4a0eb92bf37bea4cd838c7f83ea42823ca8b"
        },
        {
          "url": "https://git.kernel.org/stable/c/a7182993dd8e09f96839ddc3ac54f9b37370d282"
        },
        {
          "url": "https://git.kernel.org/stable/c/8b9c1c33e51d0959f2aec573dfbac0ffd3f5c0b7"
        },
        {
          "url": "https://git.kernel.org/stable/c/2754fa3b73df7d0ae042f3ed6cfd9df9042f6262"
        },
        {
          "url": "https://git.kernel.org/stable/c/337f00a0bc62d7cb7d10ec0b872c79009a1641df"
        },
        {
          "url": "https://git.kernel.org/stable/c/856e6e8e0f9300befa87dde09edb578555c99a82"
        }
      ],
      "title": "usb: dwc2: check return value after calling platform_get_resource()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47409",
    "datePublished": "2024-05-21T15:04:01.300Z",
    "dateReserved": "2024-05-21T14:58:30.817Z",
    "dateUpdated": "2024-11-04T12:05:22.412Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47431

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

drm/amdgpu: fix gart.bo pin_count leak

References

▼	URL	Tags
	https://git.kernel.org/stable/c/83d857d6b0967b6709cd38750c3ce2ed8ced1a95
	https://git.kernel.org/stable/c/621ddffb70db824eabd63d18ac635180fe9500f9
	https://git.kernel.org/stable/c/18d1c5ea3798ba42cfa0f8b2264d873463facb03
	https://git.kernel.org/stable/c/66805763a97f8f7bdf742fc0851d85c02ed9411f

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47431",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:37:14.662615Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:37:56.536Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.335Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/83d857d6b0967b6709cd38750c3ce2ed8ced1a95"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/621ddffb70db824eabd63d18ac635180fe9500f9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/18d1c5ea3798ba42cfa0f8b2264d873463facb03"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/66805763a97f8f7bdf742fc0851d85c02ed9411f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c",
            "drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "83d857d6b096",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "621ddffb70db",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "18d1c5ea3798",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "66805763a97f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c",
            "drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.154",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.74",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix gart.bo pin_count leak\n\ngmc_v{9,10}_0_gart_disable() isn\u0027t called matched with\ncorrespoding gart_enbale function in SRIOV case. This will\nlead to gart.bo pin_count leak on driver unload."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:46.964Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/83d857d6b0967b6709cd38750c3ce2ed8ced1a95"
        },
        {
          "url": "https://git.kernel.org/stable/c/621ddffb70db824eabd63d18ac635180fe9500f9"
        },
        {
          "url": "https://git.kernel.org/stable/c/18d1c5ea3798ba42cfa0f8b2264d873463facb03"
        },
        {
          "url": "https://git.kernel.org/stable/c/66805763a97f8f7bdf742fc0851d85c02ed9411f"
        }
      ],
      "title": "drm/amdgpu: fix gart.bo pin_count leak",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47431",
    "datePublished": "2024-05-21T15:04:16.014Z",
    "dateReserved": "2024-05-21T14:58:30.829Z",
    "dateUpdated": "2024-11-04T12:05:46.964Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47435

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:05

Severity ?

Summary

dm: fix mempool NULL pointer race when completing IO

References

▼	URL	Tags
	https://git.kernel.org/stable/c/9fb7cd5c7fef0f1c982e3cd27745a0dec260eaed
	https://git.kernel.org/stable/c/d35aef9c60d310eff3eaddacce301efe877e2b7c
	https://git.kernel.org/stable/c/9e07272cca2ed76f7f6073f4444b1143828c8d87
	https://git.kernel.org/stable/c/ad1393b92e5059218d055bfec8f4946d85ad04c4
	https://git.kernel.org/stable/c/d29c78d3f9c5d2604548c1065bf1ec212728ea61
	https://git.kernel.org/stable/c/6e506f07c5b561d673dd0b0d8f7f420cc48024fb
	https://git.kernel.org/stable/c/d208b89401e073de986dc891037c5a668f5d5d95

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47435",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:48:43.435062Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:25.705Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.225Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9fb7cd5c7fef0f1c982e3cd27745a0dec260eaed"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d35aef9c60d310eff3eaddacce301efe877e2b7c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9e07272cca2ed76f7f6073f4444b1143828c8d87"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ad1393b92e5059218d055bfec8f4946d85ad04c4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d29c78d3f9c5d2604548c1065bf1ec212728ea61"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6e506f07c5b561d673dd0b0d8f7f420cc48024fb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d208b89401e073de986dc891037c5a668f5d5d95"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/md/dm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9fb7cd5c7fef",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d35aef9c60d3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "9e07272cca2e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "ad1393b92e50",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d29c78d3f9c5",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6e506f07c5b5",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d208b89401e0",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/md/dm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.313",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.278",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.242",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.113",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm: fix mempool NULL pointer race when completing IO\n\ndm_io_dec_pending() calls end_io_acct() first and will then dec md\nin-flight pending count. But if a task is swapping DM table at same\ntime this can result in a crash due to mempool-\u003eelements being NULL:\n\ntask1                             task2\ndo_resume\n -\u003edo_suspend\n  -\u003edm_wait_for_completion\n                                  bio_endio\n\t\t\t\t   -\u003eclone_endio\n\t\t\t\t    -\u003edm_io_dec_pending\n\t\t\t\t     -\u003eend_io_acct\n\t\t\t\t      -\u003ewakeup task1\n -\u003edm_swap_table\n  -\u003e__bind\n   -\u003e__bind_mempools\n    -\u003ebioset_exit\n     -\u003emempool_exit\n                                     -\u003efree_io\n\n[ 67.330330] Unable to handle kernel NULL pointer dereference at\nvirtual address 0000000000000000\n......\n[ 67.330494] pstate: 80400085 (Nzcv daIf +PAN -UAO)\n[ 67.330510] pc : mempool_free+0x70/0xa0\n[ 67.330515] lr : mempool_free+0x4c/0xa0\n[ 67.330520] sp : ffffff8008013b20\n[ 67.330524] x29: ffffff8008013b20 x28: 0000000000000004\n[ 67.330530] x27: ffffffa8c2ff40a0 x26: 00000000ffff1cc8\n[ 67.330535] x25: 0000000000000000 x24: ffffffdada34c800\n[ 67.330541] x23: 0000000000000000 x22: ffffffdada34c800\n[ 67.330547] x21: 00000000ffff1cc8 x20: ffffffd9a1304d80\n[ 67.330552] x19: ffffffdada34c970 x18: 000000b312625d9c\n[ 67.330558] x17: 00000000002dcfbf x16: 00000000000006dd\n[ 67.330563] x15: 000000000093b41e x14: 0000000000000010\n[ 67.330569] x13: 0000000000007f7a x12: 0000000034155555\n[ 67.330574] x11: 0000000000000001 x10: 0000000000000001\n[ 67.330579] x9 : 0000000000000000 x8 : 0000000000000000\n[ 67.330585] x7 : 0000000000000000 x6 : ffffff80148b5c1a\n[ 67.330590] x5 : ffffff8008013ae0 x4 : 0000000000000001\n[ 67.330596] x3 : ffffff80080139c8 x2 : ffffff801083bab8\n[ 67.330601] x1 : 0000000000000000 x0 : ffffffdada34c970\n[ 67.330609] Call trace:\n[ 67.330616] mempool_free+0x70/0xa0\n[ 67.330627] bio_put+0xf8/0x110\n[ 67.330638] dec_pending+0x13c/0x230\n[ 67.330644] clone_endio+0x90/0x180\n[ 67.330649] bio_endio+0x198/0x1b8\n[ 67.330655] dec_pending+0x190/0x230\n[ 67.330660] clone_endio+0x90/0x180\n[ 67.330665] bio_endio+0x198/0x1b8\n[ 67.330673] blk_update_request+0x214/0x428\n[ 67.330683] scsi_end_request+0x2c/0x300\n[ 67.330688] scsi_io_completion+0xa0/0x710\n[ 67.330695] scsi_finish_command+0xd8/0x110\n[ 67.330700] scsi_softirq_done+0x114/0x148\n[ 67.330708] blk_done_softirq+0x74/0xd0\n[ 67.330716] __do_softirq+0x18c/0x374\n[ 67.330724] irq_exit+0xb4/0xb8\n[ 67.330732] __handle_domain_irq+0x84/0xc0\n[ 67.330737] gic_handle_irq+0x148/0x1b0\n[ 67.330744] el1_irq+0xe8/0x190\n[ 67.330753] lpm_cpuidle_enter+0x4f8/0x538\n[ 67.330759] cpuidle_enter_state+0x1fc/0x398\n[ 67.330764] cpuidle_enter+0x18/0x20\n[ 67.330772] do_idle+0x1b4/0x290\n[ 67.330778] cpu_startup_entry+0x20/0x28\n[ 67.330786] secondary_start_kernel+0x160/0x170\n\nFix this by:\n1) Establishing pointers to \u0027struct dm_io\u0027 members in\ndm_io_dec_pending() so that they may be passed into end_io_acct()\n_after_ free_io() is called.\n2) Moving end_io_acct() after free_io()."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:51.756Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9fb7cd5c7fef0f1c982e3cd27745a0dec260eaed"
        },
        {
          "url": "https://git.kernel.org/stable/c/d35aef9c60d310eff3eaddacce301efe877e2b7c"
        },
        {
          "url": "https://git.kernel.org/stable/c/9e07272cca2ed76f7f6073f4444b1143828c8d87"
        },
        {
          "url": "https://git.kernel.org/stable/c/ad1393b92e5059218d055bfec8f4946d85ad04c4"
        },
        {
          "url": "https://git.kernel.org/stable/c/d29c78d3f9c5d2604548c1065bf1ec212728ea61"
        },
        {
          "url": "https://git.kernel.org/stable/c/6e506f07c5b561d673dd0b0d8f7f420cc48024fb"
        },
        {
          "url": "https://git.kernel.org/stable/c/d208b89401e073de986dc891037c5a668f5d5d95"
        }
      ],
      "title": "dm: fix mempool NULL pointer race when completing IO",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47435",
    "datePublished": "2024-05-22T06:19:31.562Z",
    "dateReserved": "2024-05-21T14:58:30.830Z",
    "dateUpdated": "2024-11-04T12:05:51.756Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47450

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:06

Severity ?

Summary

KVM: arm64: Fix host stage-2 PGD refcount

References

▼	URL	Tags
	https://git.kernel.org/stable/c/b372264c66ef78f2cab44e877fbd765ad6d24c39
	https://git.kernel.org/stable/c/1d58a17ef54599506d44c45ac95be27273a4d2b1

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47450",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:46:22.813390Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:28.577Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.495Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b372264c66ef78f2cab44e877fbd765ad6d24c39"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1d58a17ef54599506d44c45ac95be27273a4d2b1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/arm64/kvm/hyp/include/nvhe/gfp.h",
            "arch/arm64/kvm/hyp/nvhe/mem_protect.c",
            "arch/arm64/kvm/hyp/nvhe/page_alloc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b372264c66ef",
              "status": "affected",
              "version": "1025c8c0c6ac",
              "versionType": "git"
            },
            {
              "lessThan": "1d58a17ef545",
              "status": "affected",
              "version": "1025c8c0c6ac",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/arm64/kvm/hyp/include/nvhe/gfp.h",
            "arch/arm64/kvm/hyp/nvhe/mem_protect.c",
            "arch/arm64/kvm/hyp/nvhe/page_alloc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.13"
            },
            {
              "lessThan": "5.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Fix host stage-2 PGD refcount\n\nThe KVM page-table library refcounts the pages of concatenated stage-2\nPGDs individually. However, when running KVM in protected mode, the\nhost\u0027s stage-2 PGD is currently managed by EL2 as a single high-order\ncompound page, which can cause the refcount of the tail pages to reach 0\nwhen they shouldn\u0027t, hence corrupting the page-table.\n\nFix this by introducing a new hyp_split_page() helper in the EL2 page\nallocator (matching the kernel\u0027s split_page() function), and make use of\nit from host_s2_zalloc_pages_exact()."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:08.607Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b372264c66ef78f2cab44e877fbd765ad6d24c39"
        },
        {
          "url": "https://git.kernel.org/stable/c/1d58a17ef54599506d44c45ac95be27273a4d2b1"
        }
      ],
      "title": "KVM: arm64: Fix host stage-2 PGD refcount",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47450",
    "datePublished": "2024-05-22T06:19:41.443Z",
    "dateReserved": "2024-05-21T14:58:30.832Z",
    "dateUpdated": "2024-11-04T12:06:08.607Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52875

Vulnerability from cvelistv5

Published

2024-05-21 15:32

Modified

2024-11-04 14:54

Severity ?

Summary

clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data

References

▼	URL	Tags
	https://git.kernel.org/stable/c/6fccee2af400edaed9cf349d506c5971d4762739
	https://git.kernel.org/stable/c/1953e62366da5460dc712e045f94fb0d8918999d
	https://git.kernel.org/stable/c/d1461f0c9ca0827c03730fe9652ebbf6316a2a95
	https://git.kernel.org/stable/c/001e5def774fa1a8f2b29567c0b0cd3e3a859a96
	https://git.kernel.org/stable/c/d1175cf4bd2b4c5f7c43f677ea1ce9ad2c18d055
	https://git.kernel.org/stable/c/2a18dd653284550900b02107c3c7b3ac5e0eb802
	https://git.kernel.org/stable/c/e61934720af4a58ffd43a63ffdd6f3a0bd7d7b47
	https://git.kernel.org/stable/c/1bf9c204aef4cc55ce46a7ff2d4dc7e5f86551a7
	https://git.kernel.org/stable/c/0d6e24b422a2166a9297a8286ff2e6ab9a5e8cd3

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.057Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6fccee2af400edaed9cf349d506c5971d4762739"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1953e62366da5460dc712e045f94fb0d8918999d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d1461f0c9ca0827c03730fe9652ebbf6316a2a95"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/001e5def774fa1a8f2b29567c0b0cd3e3a859a96"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d1175cf4bd2b4c5f7c43f677ea1ce9ad2c18d055"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2a18dd653284550900b02107c3c7b3ac5e0eb802"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e61934720af4a58ffd43a63ffdd6f3a0bd7d7b47"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1bf9c204aef4cc55ce46a7ff2d4dc7e5f86551a7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0d6e24b422a2166a9297a8286ff2e6ab9a5e8cd3"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52875",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:21.387443Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:53.925Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/clk/mediatek/clk-mt2701.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6fccee2af400",
              "status": "affected",
              "version": "e9862118272a",
              "versionType": "git"
            },
            {
              "lessThan": "1953e62366da",
              "status": "affected",
              "version": "e9862118272a",
              "versionType": "git"
            },
            {
              "lessThan": "d1461f0c9ca0",
              "status": "affected",
              "version": "e9862118272a",
              "versionType": "git"
            },
            {
              "lessThan": "001e5def774f",
              "status": "affected",
              "version": "e9862118272a",
              "versionType": "git"
            },
            {
              "lessThan": "d1175cf4bd2b",
              "status": "affected",
              "version": "e9862118272a",
              "versionType": "git"
            },
            {
              "lessThan": "2a18dd653284",
              "status": "affected",
              "version": "e9862118272a",
              "versionType": "git"
            },
            {
              "lessThan": "e61934720af4",
              "status": "affected",
              "version": "e9862118272a",
              "versionType": "git"
            },
            {
              "lessThan": "1bf9c204aef4",
              "status": "affected",
              "version": "e9862118272a",
              "versionType": "git"
            },
            {
              "lessThan": "0d6e24b422a2",
              "status": "affected",
              "version": "e9862118272a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/clk/mediatek/clk-mt2701.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.10"
            },
            {
              "lessThan": "4.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.330",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.299",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.261",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:22.187Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6fccee2af400edaed9cf349d506c5971d4762739"
        },
        {
          "url": "https://git.kernel.org/stable/c/1953e62366da5460dc712e045f94fb0d8918999d"
        },
        {
          "url": "https://git.kernel.org/stable/c/d1461f0c9ca0827c03730fe9652ebbf6316a2a95"
        },
        {
          "url": "https://git.kernel.org/stable/c/001e5def774fa1a8f2b29567c0b0cd3e3a859a96"
        },
        {
          "url": "https://git.kernel.org/stable/c/d1175cf4bd2b4c5f7c43f677ea1ce9ad2c18d055"
        },
        {
          "url": "https://git.kernel.org/stable/c/2a18dd653284550900b02107c3c7b3ac5e0eb802"
        },
        {
          "url": "https://git.kernel.org/stable/c/e61934720af4a58ffd43a63ffdd6f3a0bd7d7b47"
        },
        {
          "url": "https://git.kernel.org/stable/c/1bf9c204aef4cc55ce46a7ff2d4dc7e5f86551a7"
        },
        {
          "url": "https://git.kernel.org/stable/c/0d6e24b422a2166a9297a8286ff2e6ab9a5e8cd3"
        }
      ],
      "title": "clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52875",
    "datePublished": "2024-05-21T15:32:08.604Z",
    "dateReserved": "2024-05-21T15:19:24.264Z",
    "dateUpdated": "2024-11-04T14:54:22.187Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52756

Vulnerability from cvelistv5

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2024-06-08T11:37:10.679Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52756",
    "datePublished": "2024-05-21T15:30:43.574Z",
    "dateRejected": "2024-06-08T11:37:10.679Z",
    "dateReserved": "2024-05-21T15:19:24.235Z",
    "dateUpdated": "2024-06-08T11:37:10.679Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52778

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

mptcp: deal with large GSO size

References

▼	URL	Tags
	https://git.kernel.org/stable/c/70ff9b65a72885b3a2dfde6709da1f19b85fa696
	https://git.kernel.org/stable/c/342b528c0e849bed9def76dadaa470d3af678e94
	https://git.kernel.org/stable/c/57ced2eb77343a91d28f4a73675b05fe7b555def
	https://git.kernel.org/stable/c/9fce92f050f448a0d1ddd9083ef967d9930f1e52

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52778",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T18:34:28.820303Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:35.332Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.925Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/70ff9b65a72885b3a2dfde6709da1f19b85fa696"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/342b528c0e849bed9def76dadaa470d3af678e94"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/57ced2eb77343a91d28f4a73675b05fe7b555def"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9fce92f050f448a0d1ddd9083ef967d9930f1e52"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/mptcp/protocol.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "70ff9b65a728",
              "status": "affected",
              "version": "7c4e983c4f3c",
              "versionType": "git"
            },
            {
              "lessThan": "342b528c0e84",
              "status": "affected",
              "version": "7c4e983c4f3c",
              "versionType": "git"
            },
            {
              "lessThan": "57ced2eb7734",
              "status": "affected",
              "version": "7c4e983c4f3c",
              "versionType": "git"
            },
            {
              "lessThan": "9fce92f050f4",
              "status": "affected",
              "version": "7c4e983c4f3c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/mptcp/protocol.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.19"
            },
            {
              "lessThan": "5.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: deal with large GSO size\n\nAfter the blamed commit below, the TCP sockets (and the MPTCP subflows)\ncan build egress packets larger than 64K. That exceeds the maximum DSS\ndata size, the length being misrepresent on the wire and the stream being\ncorrupted, as later observed on the receiver:\n\n  WARNING: CPU: 0 PID: 9696 at net/mptcp/protocol.c:705 __mptcp_move_skbs_from_subflow+0x2604/0x26e0\n  CPU: 0 PID: 9696 Comm: syz-executor.7 Not tainted 6.6.0-rc5-gcd8bdf563d46 #45\n  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014\n  netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4\u0027.\n  RIP: 0010:__mptcp_move_skbs_from_subflow+0x2604/0x26e0 net/mptcp/protocol.c:705\n  RSP: 0018:ffffc90000006e80 EFLAGS: 00010246\n  RAX: ffffffff83e9f674 RBX: ffff88802f45d870 RCX: ffff888102ad0000\n  netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4\u0027.\n  RDX: 0000000080000303 RSI: 0000000000013908 RDI: 0000000000003908\n  RBP: ffffc90000007110 R08: ffffffff83e9e078 R09: 1ffff1100e548c8a\n  R10: dffffc0000000000 R11: ffffed100e548c8b R12: 0000000000013908\n  R13: dffffc0000000000 R14: 0000000000003908 R15: 000000000031cf29\n  FS:  00007f239c47e700(0000) GS:ffff88811b200000(0000) knlGS:0000000000000000\n  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n  CR2: 00007f239c45cd78 CR3: 000000006a66c006 CR4: 0000000000770ef0\n  DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n  DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600\n  PKRU: 55555554\n  Call Trace:\n   \u003cIRQ\u003e\n   mptcp_data_ready+0x263/0xac0 net/mptcp/protocol.c:819\n   subflow_data_ready+0x268/0x6d0 net/mptcp/subflow.c:1409\n   tcp_data_queue+0x21a1/0x7a60 net/ipv4/tcp_input.c:5151\n   tcp_rcv_established+0x950/0x1d90 net/ipv4/tcp_input.c:6098\n   tcp_v6_do_rcv+0x554/0x12f0 net/ipv6/tcp_ipv6.c:1483\n   tcp_v6_rcv+0x2e26/0x3810 net/ipv6/tcp_ipv6.c:1749\n   ip6_protocol_deliver_rcu+0xd6b/0x1ae0 net/ipv6/ip6_input.c:438\n   ip6_input+0x1c5/0x470 net/ipv6/ip6_input.c:483\n   ipv6_rcv+0xef/0x2c0 include/linux/netfilter.h:304\n   __netif_receive_skb+0x1ea/0x6a0 net/core/dev.c:5532\n   process_backlog+0x353/0x660 net/core/dev.c:5974\n   __napi_poll+0xc6/0x5a0 net/core/dev.c:6536\n   net_rx_action+0x6a0/0xfd0 net/core/dev.c:6603\n   __do_softirq+0x184/0x524 kernel/softirq.c:553\n   do_softirq+0xdd/0x130 kernel/softirq.c:454\n\nAddress the issue explicitly bounding the maximum GSO size to what MPTCP\nactually allows."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:32.367Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/70ff9b65a72885b3a2dfde6709da1f19b85fa696"
        },
        {
          "url": "https://git.kernel.org/stable/c/342b528c0e849bed9def76dadaa470d3af678e94"
        },
        {
          "url": "https://git.kernel.org/stable/c/57ced2eb77343a91d28f4a73675b05fe7b555def"
        },
        {
          "url": "https://git.kernel.org/stable/c/9fce92f050f448a0d1ddd9083ef967d9930f1e52"
        }
      ],
      "title": "mptcp: deal with large GSO size",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52778",
    "datePublished": "2024-05-21T15:30:58.244Z",
    "dateReserved": "2024-05-21T15:19:24.240Z",
    "dateUpdated": "2024-11-04T14:52:32.367Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47415

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

iwlwifi: mvm: Fix possible NULL dereference

References

▼	URL	Tags
	https://git.kernel.org/stable/c/432d8185e9ffce97e3866ca71c39b0807a456920
	https://git.kernel.org/stable/c/24d5f16e407b75bc59d5419b957a9cab423b2681

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47415",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-28T18:23:54.594735Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:27.933Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.475Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/432d8185e9ffce97e3866ca71c39b0807a456920"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/24d5f16e407b75bc59d5419b957a9cab423b2681"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/intel/iwlwifi/mvm/time-event.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "432d8185e9ff",
              "status": "affected",
              "version": "7b3954a1d69a",
              "versionType": "git"
            },
            {
              "lessThan": "24d5f16e407b",
              "status": "affected",
              "version": "7b3954a1d69a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/intel/iwlwifi/mvm/time-event.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "lessThan": "5.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: mvm: Fix possible NULL dereference\n\nIn __iwl_mvm_remove_time_event() check that \u0027te_data-\u003evif\u0027 is NULL\nbefore dereferencing it."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:28.276Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/432d8185e9ffce97e3866ca71c39b0807a456920"
        },
        {
          "url": "https://git.kernel.org/stable/c/24d5f16e407b75bc59d5419b957a9cab423b2681"
        }
      ],
      "title": "iwlwifi: mvm: Fix possible NULL dereference",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47415",
    "datePublished": "2024-05-21T15:04:05.381Z",
    "dateReserved": "2024-05-21T14:58:30.818Z",
    "dateUpdated": "2024-11-04T12:05:28.276Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47443

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-06 16:16

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/429054ec51e648d241a7e0b465cf44f6633334c5
	https://git.kernel.org/stable/c/a67d47e32c91e2b10402cb8c081774cbf08edb2e
	https://git.kernel.org/stable/c/b7b023e6ff567e991c31cd425b0e1d16779c938b
	https://git.kernel.org/stable/c/9881b0c860649f27ef2565deef011e516390f416
	https://git.kernel.org/stable/c/7ab488d7228a9dceb2456867f1f0919decf6efed
	https://git.kernel.org/stable/c/3f2960b39f22e26cf8addae93c3f5884d1c183c9
	https://git.kernel.org/stable/c/564249219e5b5673a8416b5181875d828c3f1e8c
	https://git.kernel.org/stable/c/58e7dcc9ca29c14e44267a4d0ea61e3229124907

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47443",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T18:42:00.760765Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:16:01.807Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.240Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/429054ec51e648d241a7e0b465cf44f6633334c5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a67d47e32c91e2b10402cb8c081774cbf08edb2e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b7b023e6ff567e991c31cd425b0e1d16779c938b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9881b0c860649f27ef2565deef011e516390f416"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7ab488d7228a9dceb2456867f1f0919decf6efed"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3f2960b39f22e26cf8addae93c3f5884d1c183c9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/564249219e5b5673a8416b5181875d828c3f1e8c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/58e7dcc9ca29c14e44267a4d0ea61e3229124907"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/nfc/digital_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "429054ec51e6",
              "status": "affected",
              "version": "1c7a4c24fbfd",
              "versionType": "git"
            },
            {
              "lessThan": "a67d47e32c91",
              "status": "affected",
              "version": "1c7a4c24fbfd",
              "versionType": "git"
            },
            {
              "lessThan": "b7b023e6ff56",
              "status": "affected",
              "version": "1c7a4c24fbfd",
              "versionType": "git"
            },
            {
              "lessThan": "9881b0c86064",
              "status": "affected",
              "version": "1c7a4c24fbfd",
              "versionType": "git"
            },
            {
              "lessThan": "7ab488d7228a",
              "status": "affected",
              "version": "1c7a4c24fbfd",
              "versionType": "git"
            },
            {
              "lessThan": "3f2960b39f22",
              "status": "affected",
              "version": "1c7a4c24fbfd",
              "versionType": "git"
            },
            {
              "lessThan": "564249219e5b",
              "status": "affected",
              "version": "1c7a4c24fbfd",
              "versionType": "git"
            },
            {
              "lessThan": "58e7dcc9ca29",
              "status": "affected",
              "version": "1c7a4c24fbfd",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/nfc/digital_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.13"
            },
            {
              "lessThan": "3.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.288",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.252",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.213",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.155",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.75",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: digital: fix possible memory leak in digital_tg_listen_mdaa()\n\n\u0027params\u0027 is allocated in digital_tg_listen_mdaa(), but not free when\ndigital_send_cmd() failed, which will cause memory leak. Fix it by\nfreeing \u0027params\u0027 if digital_send_cmd() return failed."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:59.989Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/429054ec51e648d241a7e0b465cf44f6633334c5"
        },
        {
          "url": "https://git.kernel.org/stable/c/a67d47e32c91e2b10402cb8c081774cbf08edb2e"
        },
        {
          "url": "https://git.kernel.org/stable/c/b7b023e6ff567e991c31cd425b0e1d16779c938b"
        },
        {
          "url": "https://git.kernel.org/stable/c/9881b0c860649f27ef2565deef011e516390f416"
        },
        {
          "url": "https://git.kernel.org/stable/c/7ab488d7228a9dceb2456867f1f0919decf6efed"
        },
        {
          "url": "https://git.kernel.org/stable/c/3f2960b39f22e26cf8addae93c3f5884d1c183c9"
        },
        {
          "url": "https://git.kernel.org/stable/c/564249219e5b5673a8416b5181875d828c3f1e8c"
        },
        {
          "url": "https://git.kernel.org/stable/c/58e7dcc9ca29c14e44267a4d0ea61e3229124907"
        }
      ],
      "title": "NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47443",
    "datePublished": "2024-05-22T06:19:36.889Z",
    "dateReserved": "2024-05-21T14:58:30.832Z",
    "dateUpdated": "2024-11-06T16:16:01.807Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52816

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

drm/amdkfd: Fix shift out-of-bounds issue

References

▼	URL	Tags
	https://git.kernel.org/stable/c/3f7a400d5e80f99581e3e8a9843e1f6118bf454f
	https://git.kernel.org/stable/c/2806f880379232e789957c2078d612669eb7a69c
	https://git.kernel.org/stable/c/d33a35b13cbfec3238043f196fa87a6384f9d087
	https://git.kernel.org/stable/c/56649c43d40ce0147465a2d5756d300e87f9ee1c
	https://git.kernel.org/stable/c/282c1d793076c2edac6c3db51b7e8ed2b41d60a5

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52816",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T16:24:14.199378Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:04.920Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.052Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3f7a400d5e80f99581e3e8a9843e1f6118bf454f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2806f880379232e789957c2078d612669eb7a69c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d33a35b13cbfec3238043f196fa87a6384f9d087"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/56649c43d40ce0147465a2d5756d300e87f9ee1c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/282c1d793076c2edac6c3db51b7e8ed2b41d60a5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdkfd/kfd_svm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "3f7a400d5e80",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2806f8803792",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d33a35b13cbf",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "56649c43d40c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "282c1d793076",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdkfd/kfd_svm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix shift out-of-bounds issue\n\n[  567.613292] shift exponent 255 is too large for 64-bit type \u0027long unsigned int\u0027\n[  567.614498] CPU: 5 PID: 238 Comm: kworker/5:1 Tainted: G           OE      6.2.0-34-generic #34~22.04.1-Ubuntu\n[  567.614502] Hardware name: AMD Splinter/Splinter-RPL, BIOS WS43927N_871 09/25/2023\n[  567.614504] Workqueue: events send_exception_work_handler [amdgpu]\n[  567.614748] Call Trace:\n[  567.614750]  \u003cTASK\u003e\n[  567.614753]  dump_stack_lvl+0x48/0x70\n[  567.614761]  dump_stack+0x10/0x20\n[  567.614763]  __ubsan_handle_shift_out_of_bounds+0x156/0x310\n[  567.614769]  ? srso_alias_return_thunk+0x5/0x7f\n[  567.614773]  ? update_sd_lb_stats.constprop.0+0xf2/0x3c0\n[  567.614780]  svm_range_split_by_granularity.cold+0x2b/0x34 [amdgpu]\n[  567.615047]  ? srso_alias_return_thunk+0x5/0x7f\n[  567.615052]  svm_migrate_to_ram+0x185/0x4d0 [amdgpu]\n[  567.615286]  do_swap_page+0x7b6/0xa30\n[  567.615291]  ? srso_alias_return_thunk+0x5/0x7f\n[  567.615294]  ? __free_pages+0x119/0x130\n[  567.615299]  handle_pte_fault+0x227/0x280\n[  567.615303]  __handle_mm_fault+0x3c0/0x720\n[  567.615311]  handle_mm_fault+0x119/0x330\n[  567.615314]  ? lock_mm_and_find_vma+0x44/0x250\n[  567.615318]  do_user_addr_fault+0x1a9/0x640\n[  567.615323]  exc_page_fault+0x81/0x1b0\n[  567.615328]  asm_exc_page_fault+0x27/0x30\n[  567.615332] RIP: 0010:__get_user_8+0x1c/0x30"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:16.409Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/3f7a400d5e80f99581e3e8a9843e1f6118bf454f"
        },
        {
          "url": "https://git.kernel.org/stable/c/2806f880379232e789957c2078d612669eb7a69c"
        },
        {
          "url": "https://git.kernel.org/stable/c/d33a35b13cbfec3238043f196fa87a6384f9d087"
        },
        {
          "url": "https://git.kernel.org/stable/c/56649c43d40ce0147465a2d5756d300e87f9ee1c"
        },
        {
          "url": "https://git.kernel.org/stable/c/282c1d793076c2edac6c3db51b7e8ed2b41d60a5"
        }
      ],
      "title": "drm/amdkfd: Fix shift out-of-bounds issue",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52816",
    "datePublished": "2024-05-21T15:31:23.567Z",
    "dateReserved": "2024-05-21T15:19:24.248Z",
    "dateUpdated": "2024-11-04T14:53:16.409Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47414

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

riscv: Flush current cpu icache before other cpus

References

▼	URL	Tags
	https://git.kernel.org/stable/c/427faa29e06f0709476ea1bd59758f997ec8b64e
	https://git.kernel.org/stable/c/f1c7aa87c423e765e3862349c2f095fdfccdd9b3
	https://git.kernel.org/stable/c/bb8958d5dc79acbd071397abb57b8756375fe1ce

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47414",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T17:52:58.625321Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:41.022Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.118Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/427faa29e06f0709476ea1bd59758f997ec8b64e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f1c7aa87c423e765e3862349c2f095fdfccdd9b3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bb8958d5dc79acbd071397abb57b8756375fe1ce"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/riscv/mm/cacheflush.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "427faa29e06f",
              "status": "affected",
              "version": "fab957c11efe",
              "versionType": "git"
            },
            {
              "lessThan": "f1c7aa87c423",
              "status": "affected",
              "version": "fab957c11efe",
              "versionType": "git"
            },
            {
              "lessThan": "bb8958d5dc79",
              "status": "affected",
              "version": "fab957c11efe",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/riscv/mm/cacheflush.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.15"
            },
            {
              "lessThan": "4.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.73",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: Flush current cpu icache before other cpus\n\nOn SiFive Unmatched, I recently fell onto the following BUG when booting:\n\n[    0.000000] ftrace: allocating 36610 entries in 144 pages\n[    0.000000] Oops - illegal instruction [#1]\n[    0.000000] Modules linked in:\n[    0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 5.13.1+ #5\n[    0.000000] Hardware name: SiFive HiFive Unmatched A00 (DT)\n[    0.000000] epc : riscv_cpuid_to_hartid_mask+0x6/0xae\n[    0.000000]  ra : __sbi_rfence_v02+0xc8/0x10a\n[    0.000000] epc : ffffffff80007240 ra : ffffffff80009964 sp : ffffffff81803e10\n[    0.000000]  gp : ffffffff81a1ea70 tp : ffffffff8180f500 t0 : ffffffe07fe30000\n[    0.000000]  t1 : 0000000000000004 t2 : 0000000000000000 s0 : ffffffff81803e60\n[    0.000000]  s1 : 0000000000000000 a0 : ffffffff81a22238 a1 : ffffffff81803e10\n[    0.000000]  a2 : 0000000000000000 a3 : 0000000000000000 a4 : 0000000000000000\n[    0.000000]  a5 : 0000000000000000 a6 : ffffffff8000989c a7 : 0000000052464e43\n[    0.000000]  s2 : ffffffff81a220c8 s3 : 0000000000000000 s4 : 0000000000000000\n[    0.000000]  s5 : 0000000000000000 s6 : 0000000200000100 s7 : 0000000000000001\n[    0.000000]  s8 : ffffffe07fe04040 s9 : ffffffff81a22c80 s10: 0000000000001000\n[    0.000000]  s11: 0000000000000004 t3 : 0000000000000001 t4 : 0000000000000008\n[    0.000000]  t5 : ffffffcf04000808 t6 : ffffffe3ffddf188\n[    0.000000] status: 0000000200000100 badaddr: 0000000000000000 cause: 0000000000000002\n[    0.000000] [\u003cffffffff80007240\u003e] riscv_cpuid_to_hartid_mask+0x6/0xae\n[    0.000000] [\u003cffffffff80009474\u003e] sbi_remote_fence_i+0x1e/0x26\n[    0.000000] [\u003cffffffff8000b8f4\u003e] flush_icache_all+0x12/0x1a\n[    0.000000] [\u003cffffffff8000666c\u003e] patch_text_nosync+0x26/0x32\n[    0.000000] [\u003cffffffff8000884e\u003e] ftrace_init_nop+0x52/0x8c\n[    0.000000] [\u003cffffffff800f051e\u003e] ftrace_process_locs.isra.0+0x29c/0x360\n[    0.000000] [\u003cffffffff80a0e3c6\u003e] ftrace_init+0x80/0x130\n[    0.000000] [\u003cffffffff80a00f8c\u003e] start_kernel+0x5c4/0x8f6\n[    0.000000] ---[ end trace f67eb9af4d8d492b ]---\n[    0.000000] Kernel panic - not syncing: Attempted to kill the idle task!\n[    0.000000] ---[ end Kernel panic - not syncing: Attempted to kill the idle task! ]---\n\nWhile ftrace is looping over a list of addresses to patch, it always failed\nwhen patching the same function: riscv_cpuid_to_hartid_mask. Looking at the\nbacktrace, the illegal instruction is encountered in this same function.\nHowever, patch_text_nosync, after patching the instructions, calls\nflush_icache_range. But looking at what happens in this function:\n\nflush_icache_range -\u003e flush_icache_all\n                   -\u003e sbi_remote_fence_i\n                   -\u003e __sbi_rfence_v02\n                   -\u003e riscv_cpuid_to_hartid_mask\n\nThe icache and dcache of the current cpu are never synchronized between the\npatching of riscv_cpuid_to_hartid_mask and calling this same function.\n\nSo fix this by flushing the current cpu\u0027s icache before asking for the other\ncpus to do the same."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:27.129Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/427faa29e06f0709476ea1bd59758f997ec8b64e"
        },
        {
          "url": "https://git.kernel.org/stable/c/f1c7aa87c423e765e3862349c2f095fdfccdd9b3"
        },
        {
          "url": "https://git.kernel.org/stable/c/bb8958d5dc79acbd071397abb57b8756375fe1ce"
        }
      ],
      "title": "riscv: Flush current cpu icache before other cpus",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47414",
    "datePublished": "2024-05-21T15:04:04.715Z",
    "dateReserved": "2024-05-21T14:58:30.818Z",
    "dateUpdated": "2024-11-04T12:05:27.129Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52818

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7

References

▼	URL	Tags
	https://git.kernel.org/stable/c/e52e324a21341c97350d5f11de14721c1c609498
	https://git.kernel.org/stable/c/cfd8cd907fd94538561479a43aea455f5cf16928
	https://git.kernel.org/stable/c/c847379a5d00078ad6fcb1c24230e72c5609342f
	https://git.kernel.org/stable/c/8af28ae3acb736ada4ce3457662fa446cc913bb4
	https://git.kernel.org/stable/c/acdb6830de02cf2873aeaccdf2d9bca4aee50e47
	https://git.kernel.org/stable/c/fc9ac0e8e0bcb3740c6eaad3a1a50c20016d422b
	https://git.kernel.org/stable/c/6dffdddfca818c02a42b6caa1d9845995f0a1f94
	https://git.kernel.org/stable/c/92a775e7c9707aed28782bafe636bf87675f5a97
	https://git.kernel.org/stable/c/760efbca74a405dc439a013a5efaa9fadc95a8c3

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.956Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e52e324a21341c97350d5f11de14721c1c609498"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cfd8cd907fd94538561479a43aea455f5cf16928"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c847379a5d00078ad6fcb1c24230e72c5609342f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8af28ae3acb736ada4ce3457662fa446cc913bb4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/acdb6830de02cf2873aeaccdf2d9bca4aee50e47"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fc9ac0e8e0bcb3740c6eaad3a1a50c20016d422b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6dffdddfca818c02a42b6caa1d9845995f0a1f94"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/92a775e7c9707aed28782bafe636bf87675f5a97"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/760efbca74a405dc439a013a5efaa9fadc95a8c3"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52818",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:40.825191Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:28.159Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/include/pptable.h",
            "drivers/gpu/drm/amd/pm/powerplay/hwmgr/pptable_v1_0.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e52e324a2134",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "cfd8cd907fd9",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c847379a5d00",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8af28ae3acb7",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "acdb6830de02",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "fc9ac0e8e0bc",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6dffdddfca81",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "92a775e7c970",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "760efbca74a4",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/include/pptable.h",
            "drivers/gpu/drm/amd/pm/powerplay/hwmgr/pptable_v1_0.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.331",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: Fix UBSAN array-index-out-of-bounds for SMU7\n\nFor pptable structs that use flexible array sizes, use flexible arrays."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:18.745Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e52e324a21341c97350d5f11de14721c1c609498"
        },
        {
          "url": "https://git.kernel.org/stable/c/cfd8cd907fd94538561479a43aea455f5cf16928"
        },
        {
          "url": "https://git.kernel.org/stable/c/c847379a5d00078ad6fcb1c24230e72c5609342f"
        },
        {
          "url": "https://git.kernel.org/stable/c/8af28ae3acb736ada4ce3457662fa446cc913bb4"
        },
        {
          "url": "https://git.kernel.org/stable/c/acdb6830de02cf2873aeaccdf2d9bca4aee50e47"
        },
        {
          "url": "https://git.kernel.org/stable/c/fc9ac0e8e0bcb3740c6eaad3a1a50c20016d422b"
        },
        {
          "url": "https://git.kernel.org/stable/c/6dffdddfca818c02a42b6caa1d9845995f0a1f94"
        },
        {
          "url": "https://git.kernel.org/stable/c/92a775e7c9707aed28782bafe636bf87675f5a97"
        },
        {
          "url": "https://git.kernel.org/stable/c/760efbca74a405dc439a013a5efaa9fadc95a8c3"
        }
      ],
      "title": "drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52818",
    "datePublished": "2024-05-21T15:31:24.915Z",
    "dateReserved": "2024-05-21T15:19:24.249Z",
    "dateUpdated": "2024-11-04T14:53:18.745Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52868

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:54

Severity ?

Summary

thermal: core: prevent potential string overflow

References

▼	URL	Tags
	https://git.kernel.org/stable/c/b55f0a9f865be75ca1019aad331f3225f7b50ce8
	https://git.kernel.org/stable/c/6ad1bf47fbe5750c4d5d8e41337665e193e2c521
	https://git.kernel.org/stable/c/3091ab943dfc7b2578599b0fe203350286fab5bb
	https://git.kernel.org/stable/c/3f795fb35c2d8a637efe76b4518216c9319b998c
	https://git.kernel.org/stable/c/3a8f4e58e1ee707b4f46a1000b40b86ea3dd509c
	https://git.kernel.org/stable/c/77ff34a56b695e228e6daf30ee30be747973d6e8
	https://git.kernel.org/stable/c/0f6b3be28c4d62ef6498133959c72266629bea97
	https://git.kernel.org/stable/c/edbd6bbe40ac524a8f2273ffacc53edf14f3c686
	https://git.kernel.org/stable/c/c99626092efca3061b387043d4a7399bf75fbdd5

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52868",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-24T19:32:21.368633Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:15.357Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.044Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b55f0a9f865be75ca1019aad331f3225f7b50ce8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6ad1bf47fbe5750c4d5d8e41337665e193e2c521"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3091ab943dfc7b2578599b0fe203350286fab5bb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3f795fb35c2d8a637efe76b4518216c9319b998c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3a8f4e58e1ee707b4f46a1000b40b86ea3dd509c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/77ff34a56b695e228e6daf30ee30be747973d6e8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0f6b3be28c4d62ef6498133959c72266629bea97"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/edbd6bbe40ac524a8f2273ffacc53edf14f3c686"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c99626092efca3061b387043d4a7399bf75fbdd5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/thermal/thermal_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b55f0a9f865b",
              "status": "affected",
              "version": "203d3d4aa482",
              "versionType": "git"
            },
            {
              "lessThan": "6ad1bf47fbe5",
              "status": "affected",
              "version": "203d3d4aa482",
              "versionType": "git"
            },
            {
              "lessThan": "3091ab943dfc",
              "status": "affected",
              "version": "203d3d4aa482",
              "versionType": "git"
            },
            {
              "lessThan": "3f795fb35c2d",
              "status": "affected",
              "version": "203d3d4aa482",
              "versionType": "git"
            },
            {
              "lessThan": "3a8f4e58e1ee",
              "status": "affected",
              "version": "203d3d4aa482",
              "versionType": "git"
            },
            {
              "lessThan": "77ff34a56b69",
              "status": "affected",
              "version": "203d3d4aa482",
              "versionType": "git"
            },
            {
              "lessThan": "0f6b3be28c4d",
              "status": "affected",
              "version": "203d3d4aa482",
              "versionType": "git"
            },
            {
              "lessThan": "edbd6bbe40ac",
              "status": "affected",
              "version": "203d3d4aa482",
              "versionType": "git"
            },
            {
              "lessThan": "c99626092efc",
              "status": "affected",
              "version": "203d3d4aa482",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/thermal/thermal_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.25"
            },
            {
              "lessThan": "2.6.25",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.330",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.299",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.261",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: core: prevent potential string overflow\n\nThe dev-\u003eid value comes from ida_alloc() so it\u0027s a number between zero\nand INT_MAX.  If it\u0027s too high then these sprintf()s will overflow."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:13.301Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b55f0a9f865be75ca1019aad331f3225f7b50ce8"
        },
        {
          "url": "https://git.kernel.org/stable/c/6ad1bf47fbe5750c4d5d8e41337665e193e2c521"
        },
        {
          "url": "https://git.kernel.org/stable/c/3091ab943dfc7b2578599b0fe203350286fab5bb"
        },
        {
          "url": "https://git.kernel.org/stable/c/3f795fb35c2d8a637efe76b4518216c9319b998c"
        },
        {
          "url": "https://git.kernel.org/stable/c/3a8f4e58e1ee707b4f46a1000b40b86ea3dd509c"
        },
        {
          "url": "https://git.kernel.org/stable/c/77ff34a56b695e228e6daf30ee30be747973d6e8"
        },
        {
          "url": "https://git.kernel.org/stable/c/0f6b3be28c4d62ef6498133959c72266629bea97"
        },
        {
          "url": "https://git.kernel.org/stable/c/edbd6bbe40ac524a8f2273ffacc53edf14f3c686"
        },
        {
          "url": "https://git.kernel.org/stable/c/c99626092efca3061b387043d4a7399bf75fbdd5"
        }
      ],
      "title": "thermal: core: prevent potential string overflow",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52868",
    "datePublished": "2024-05-21T15:31:58.530Z",
    "dateReserved": "2024-05-21T15:19:24.263Z",
    "dateUpdated": "2024-11-04T14:54:13.301Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47462

Vulnerability from cvelistv5

Published

2024-05-22 06:23

Modified

2024-11-04 12:06

Severity ?

Summary

mm/mempolicy: do not allow illegal MPOL_F_NUMA_BALANCING | MPOL_LOCAL in mbind()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/9ee4e9ae98f1f262d6fae0d266cfdf3ba2c321d9
	https://git.kernel.org/stable/c/6d2aec9e123bb9c49cb5c7fc654f25f81e688e8c

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47462",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T19:48:07.390031Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:24.847Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.432Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9ee4e9ae98f1f262d6fae0d266cfdf3ba2c321d9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6d2aec9e123bb9c49cb5c7fc654f25f81e688e8c"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "mm/mempolicy.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9ee4e9ae98f1",
              "status": "affected",
              "version": "bda420b98505",
              "versionType": "git"
            },
            {
              "lessThan": "6d2aec9e123b",
              "status": "affected",
              "version": "bda420b98505",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "mm/mempolicy.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.12"
            },
            {
              "lessThan": "5.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/mempolicy: do not allow illegal MPOL_F_NUMA_BALANCING | MPOL_LOCAL in mbind()\n\nsyzbot reported access to unitialized memory in mbind() [1]\n\nIssue came with commit bda420b98505 (\"numa balancing: migrate on fault\namong multiple bound nodes\")\n\nThis commit added a new bit in MPOL_MODE_FLAGS, but only checked valid\ncombination (MPOL_F_NUMA_BALANCING can only be used with MPOL_BIND) in\ndo_set_mempolicy()\n\nThis patch moves the check in sanitize_mpol_flags() so that it is also\nused by mbind()\n\n  [1]\n  BUG: KMSAN: uninit-value in __mpol_equal+0x567/0x590 mm/mempolicy.c:2260\n   __mpol_equal+0x567/0x590 mm/mempolicy.c:2260\n   mpol_equal include/linux/mempolicy.h:105 [inline]\n   vma_merge+0x4a1/0x1e60 mm/mmap.c:1190\n   mbind_range+0xcc8/0x1e80 mm/mempolicy.c:811\n   do_mbind+0xf42/0x15f0 mm/mempolicy.c:1333\n   kernel_mbind mm/mempolicy.c:1483 [inline]\n   __do_sys_mbind mm/mempolicy.c:1490 [inline]\n   __se_sys_mbind+0x437/0xb80 mm/mempolicy.c:1486\n   __x64_sys_mbind+0x19d/0x200 mm/mempolicy.c:1486\n   do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n   do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n   entry_SYSCALL_64_after_hwframe+0x44/0xae\n\n  Uninit was created at:\n   slab_alloc_node mm/slub.c:3221 [inline]\n   slab_alloc mm/slub.c:3230 [inline]\n   kmem_cache_alloc+0x751/0xff0 mm/slub.c:3235\n   mpol_new mm/mempolicy.c:293 [inline]\n   do_mbind+0x912/0x15f0 mm/mempolicy.c:1289\n   kernel_mbind mm/mempolicy.c:1483 [inline]\n   __do_sys_mbind mm/mempolicy.c:1490 [inline]\n   __se_sys_mbind+0x437/0xb80 mm/mempolicy.c:1486\n   __x64_sys_mbind+0x19d/0x200 mm/mempolicy.c:1486\n   do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n   do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n   entry_SYSCALL_64_after_hwframe+0x44/0xae\n  =====================================================\n  Kernel panic - not syncing: panic_on_kmsan set ...\n  CPU: 0 PID: 15049 Comm: syz-executor.0 Tainted: G    B             5.15.0-rc2-syzkaller #0\n  Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\n  Call Trace:\n   __dump_stack lib/dump_stack.c:88 [inline]\n   dump_stack_lvl+0x1ff/0x28e lib/dump_stack.c:106\n   dump_stack+0x25/0x28 lib/dump_stack.c:113\n   panic+0x44f/0xdeb kernel/panic.c:232\n   kmsan_report+0x2ee/0x300 mm/kmsan/report.c:186\n   __msan_warning+0xd7/0x150 mm/kmsan/instrumentation.c:208\n   __mpol_equal+0x567/0x590 mm/mempolicy.c:2260\n   mpol_equal include/linux/mempolicy.h:105 [inline]\n   vma_merge+0x4a1/0x1e60 mm/mmap.c:1190\n   mbind_range+0xcc8/0x1e80 mm/mempolicy.c:811\n   do_mbind+0xf42/0x15f0 mm/mempolicy.c:1333\n   kernel_mbind mm/mempolicy.c:1483 [inline]\n   __do_sys_mbind mm/mempolicy.c:1490 [inline]\n   __se_sys_mbind+0x437/0xb80 mm/mempolicy.c:1486\n   __x64_sys_mbind+0x19d/0x200 mm/mempolicy.c:1486\n   do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n   do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n   entry_SYSCALL_64_after_hwframe+0x44/0xae"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:24.798Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9ee4e9ae98f1f262d6fae0d266cfdf3ba2c321d9"
        },
        {
          "url": "https://git.kernel.org/stable/c/6d2aec9e123bb9c49cb5c7fc654f25f81e688e8c"
        }
      ],
      "title": "mm/mempolicy: do not allow illegal MPOL_F_NUMA_BALANCING | MPOL_LOCAL in mbind()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47462",
    "datePublished": "2024-05-22T06:23:23.034Z",
    "dateReserved": "2024-05-22T06:20:56.198Z",
    "dateUpdated": "2024-11-04T12:06:24.798Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47422

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

drm/nouveau/kms/nv50-: fix file release memory leak

References

▼	URL	Tags
	https://git.kernel.org/stable/c/65fff0a8efcdca8d84ffe3e23057c3b32403482d
	https://git.kernel.org/stable/c/0b4e9fc14973a94ac0520f19b3633493ae13c912
	https://git.kernel.org/stable/c/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47422",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T18:20:21.213988Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:50.386Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.509Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/65fff0a8efcdca8d84ffe3e23057c3b32403482d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0b4e9fc14973a94ac0520f19b3633493ae13c912"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/nouveau/dispnv50/crc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "65fff0a8efcd",
              "status": "affected",
              "version": "12885ecbfe62",
              "versionType": "git"
            },
            {
              "lessThan": "0b4e9fc14973",
              "status": "affected",
              "version": "12885ecbfe62",
              "versionType": "git"
            },
            {
              "lessThan": "0b3d4945cc7e",
              "status": "affected",
              "version": "12885ecbfe62",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/nouveau/dispnv50/crc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.9"
            },
            {
              "lessThan": "5.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.73",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau/kms/nv50-: fix file release memory leak\n\nWhen using single_open() for opening, single_release() should be\ncalled, otherwise the \u0027op\u0027 allocated in single_open() will be leaked."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:36.485Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/65fff0a8efcdca8d84ffe3e23057c3b32403482d"
        },
        {
          "url": "https://git.kernel.org/stable/c/0b4e9fc14973a94ac0520f19b3633493ae13c912"
        },
        {
          "url": "https://git.kernel.org/stable/c/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5"
        }
      ],
      "title": "drm/nouveau/kms/nv50-: fix file release memory leak",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47422",
    "datePublished": "2024-05-21T15:04:09.947Z",
    "dateReserved": "2024-05-21T14:58:30.820Z",
    "dateUpdated": "2024-11-04T12:05:36.485Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52846

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

hsr: Prevent use after free in prp_create_tagged_frame()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/ddf4e04e946aaa6c458b8b6829617cc44af2bffd
	https://git.kernel.org/stable/c/a1a485e45d24b1cd8fe834fd6f1b06e2903827da
	https://git.kernel.org/stable/c/6086258bd5ea7b5c706ff62da42b8e271b2401db
	https://git.kernel.org/stable/c/1787b9f0729d318d67cf7c5a95f0c3dba9a7cc18
	https://git.kernel.org/stable/c/d103fb6726904e353b4773188ee3d3acb4078363
	https://git.kernel.org/stable/c/876f8ab52363f649bcc74072157dfd7adfbabc0d

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52846",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:22:52.516858Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:53.490Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.079Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ddf4e04e946aaa6c458b8b6829617cc44af2bffd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a1a485e45d24b1cd8fe834fd6f1b06e2903827da"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6086258bd5ea7b5c706ff62da42b8e271b2401db"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1787b9f0729d318d67cf7c5a95f0c3dba9a7cc18"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d103fb6726904e353b4773188ee3d3acb4078363"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/876f8ab52363f649bcc74072157dfd7adfbabc0d"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/hsr/hsr_forward.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ddf4e04e946a",
              "status": "affected",
              "version": "451d8123f897",
              "versionType": "git"
            },
            {
              "lessThan": "a1a485e45d24",
              "status": "affected",
              "version": "451d8123f897",
              "versionType": "git"
            },
            {
              "lessThan": "6086258bd5ea",
              "status": "affected",
              "version": "451d8123f897",
              "versionType": "git"
            },
            {
              "lessThan": "1787b9f0729d",
              "status": "affected",
              "version": "451d8123f897",
              "versionType": "git"
            },
            {
              "lessThan": "d103fb672690",
              "status": "affected",
              "version": "451d8123f897",
              "versionType": "git"
            },
            {
              "lessThan": "876f8ab52363",
              "status": "affected",
              "version": "451d8123f897",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/hsr/hsr_forward.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.9"
            },
            {
              "lessThan": "5.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhsr: Prevent use after free in prp_create_tagged_frame()\n\nThe prp_fill_rct() function can fail.  In that situation, it frees the\nskb and returns NULL.  Meanwhile on the success path, it returns the\noriginal skb.  So it\u0027s straight forward to fix bug by using the returned\nvalue."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:45.888Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ddf4e04e946aaa6c458b8b6829617cc44af2bffd"
        },
        {
          "url": "https://git.kernel.org/stable/c/a1a485e45d24b1cd8fe834fd6f1b06e2903827da"
        },
        {
          "url": "https://git.kernel.org/stable/c/6086258bd5ea7b5c706ff62da42b8e271b2401db"
        },
        {
          "url": "https://git.kernel.org/stable/c/1787b9f0729d318d67cf7c5a95f0c3dba9a7cc18"
        },
        {
          "url": "https://git.kernel.org/stable/c/d103fb6726904e353b4773188ee3d3acb4078363"
        },
        {
          "url": "https://git.kernel.org/stable/c/876f8ab52363f649bcc74072157dfd7adfbabc0d"
        }
      ],
      "title": "hsr: Prevent use after free in prp_create_tagged_frame()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52846",
    "datePublished": "2024-05-21T15:31:43.863Z",
    "dateReserved": "2024-05-21T15:19:24.254Z",
    "dateUpdated": "2024-11-04T14:53:45.888Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47426

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

bpf, s390: Fix potential memory leak about jit_data

References

▼	URL	Tags
	https://git.kernel.org/stable/c/a326f9c01cfbee4450ae49ce618ae6cbc0f76842
	https://git.kernel.org/stable/c/29fdb11ca88d3c490a3d56f0dc77eb9444d086be
	https://git.kernel.org/stable/c/d590a410e472417a22336c7c37685bfb38e801f2
	https://git.kernel.org/stable/c/686cb8b9f6b46787f035afe8fbd132a74e6b1bdd

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47426",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-24T19:34:45.731747Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:43.032Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.913Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a326f9c01cfbee4450ae49ce618ae6cbc0f76842"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/29fdb11ca88d3c490a3d56f0dc77eb9444d086be"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d590a410e472417a22336c7c37685bfb38e801f2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/686cb8b9f6b46787f035afe8fbd132a74e6b1bdd"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/s390/net/bpf_jit_comp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a326f9c01cfb",
              "status": "affected",
              "version": "1c8f9b91c456",
              "versionType": "git"
            },
            {
              "lessThan": "29fdb11ca88d",
              "status": "affected",
              "version": "1c8f9b91c456",
              "versionType": "git"
            },
            {
              "lessThan": "d590a410e472",
              "status": "affected",
              "version": "1c8f9b91c456",
              "versionType": "git"
            },
            {
              "lessThan": "686cb8b9f6b4",
              "status": "affected",
              "version": "1c8f9b91c456",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/s390/net/bpf_jit_comp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.4"
            },
            {
              "lessThan": "5.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.153",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.73",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, s390: Fix potential memory leak about jit_data\n\nMake sure to free jit_data through kfree() in the error path."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:41.213Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a326f9c01cfbee4450ae49ce618ae6cbc0f76842"
        },
        {
          "url": "https://git.kernel.org/stable/c/29fdb11ca88d3c490a3d56f0dc77eb9444d086be"
        },
        {
          "url": "https://git.kernel.org/stable/c/d590a410e472417a22336c7c37685bfb38e801f2"
        },
        {
          "url": "https://git.kernel.org/stable/c/686cb8b9f6b46787f035afe8fbd132a74e6b1bdd"
        }
      ],
      "title": "bpf, s390: Fix potential memory leak about jit_data",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47426",
    "datePublished": "2024-05-21T15:04:12.581Z",
    "dateReserved": "2024-05-21T14:58:30.827Z",
    "dateUpdated": "2024-11-04T12:05:41.213Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52813

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

crypto: pcrypt - Fix hungtask for PADATA_RESET

References

▼	URL	Tags
	https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818
	https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0
	https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7
	https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d
	https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316
	https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e
	https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf
	https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28
	https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52813",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T17:18:51.048604Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:13.216Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.058Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "crypto/pcrypt.c",
            "kernel/padata.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "fb2d3a50a8f2",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "039fec48e062",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c9c133469730",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e97bf4ada7dd",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "546c1796ad1e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c55fc098fd9d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e134f3aba98e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "372636debe85",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8f4f68e788c3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "crypto/pcrypt.c",
            "kernel/padata.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.331",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: pcrypt - Fix hungtask for PADATA_RESET\n\nWe found a hungtask bug in test_aead_vec_cfg as follows:\n\nINFO: task cryptomgr_test:391009 blocked for more than 120 seconds.\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\nCall trace:\n __switch_to+0x98/0xe0\n __schedule+0x6c4/0xf40\n schedule+0xd8/0x1b4\n schedule_timeout+0x474/0x560\n wait_for_common+0x368/0x4e0\n wait_for_completion+0x20/0x30\n wait_for_completion+0x20/0x30\n test_aead_vec_cfg+0xab4/0xd50\n test_aead+0x144/0x1f0\n alg_test_aead+0xd8/0x1e0\n alg_test+0x634/0x890\n cryptomgr_test+0x40/0x70\n kthread+0x1e0/0x220\n ret_from_fork+0x10/0x18\n Kernel panic - not syncing: hung_task: blocked tasks\n\nFor padata_do_parallel, when the return err is 0 or -EBUSY, it will call\nwait_for_completion(\u0026wait-\u003ecompletion) in test_aead_vec_cfg. In normal\ncase, aead_request_complete() will be called in pcrypt_aead_serial and the\nreturn err is 0 for padata_do_parallel. But, when pinst-\u003eflags is\nPADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it\nwon\u0027t call aead_request_complete(). Therefore, test_aead_vec_cfg will\nhung at wait_for_completion(\u0026wait-\u003ecompletion), which will cause\nhungtask.\n\nThe problem comes as following:\n(padata_do_parallel)                 |\n    rcu_read_lock_bh();              |\n    err = -EINVAL;                   |   (padata_replace)\n                                     |     pinst-\u003eflags |= PADATA_RESET;\n    err = -EBUSY                     |\n    if (pinst-\u003eflags \u0026 PADATA_RESET) |\n        rcu_read_unlock_bh()         |\n        return err\n\nIn order to resolve the problem, we replace the return err -EBUSY with\n-EAGAIN, which means parallel_data is changing, and the caller should call\nit again.\n\nv3:\nremove retry and just change the return err.\nv2:\nintroduce padata_try_do_parallel() in pcrypt_aead_encrypt and\npcrypt_aead_decrypt to solve the hungtask."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:12.866Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818"
        },
        {
          "url": "https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0"
        },
        {
          "url": "https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7"
        },
        {
          "url": "https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d"
        },
        {
          "url": "https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316"
        },
        {
          "url": "https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e"
        },
        {
          "url": "https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf"
        },
        {
          "url": "https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28"
        },
        {
          "url": "https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523"
        }
      ],
      "title": "crypto: pcrypt - Fix hungtask for PADATA_RESET",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52813",
    "datePublished": "2024-05-21T15:31:21.604Z",
    "dateReserved": "2024-05-21T15:19:24.248Z",
    "dateUpdated": "2024-11-04T14:53:12.866Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52829

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

wifi: ath12k: fix possible out-of-bound write in ath12k_wmi_ext_hal_reg_caps()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/dfe13eaab043130f90dd3d57c7d88577c04adc97
	https://git.kernel.org/stable/c/4dd0547e8b45faf6f95373be5436b66cde326c0e
	https://git.kernel.org/stable/c/b302dce3d9edea5b93d1902a541684a967f3c63c

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52829",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:36:39.580141Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:36:50.733Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.065Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dfe13eaab043130f90dd3d57c7d88577c04adc97"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4dd0547e8b45faf6f95373be5436b66cde326c0e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b302dce3d9edea5b93d1902a541684a967f3c63c"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath12k/wmi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "dfe13eaab043",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "4dd0547e8b45",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "b302dce3d9ed",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath12k/wmi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix possible out-of-bound write in ath12k_wmi_ext_hal_reg_caps()\n\nreg_cap.phy_id is extracted from WMI event and could be an unexpected value\nin case some errors happen. As a result out-of-bound write may occur to\nsoc-\u003ehal_reg_cap. Fix it by validating reg_cap.phy_id before using it.\n\nThis is found during code review.\n\nCompile tested only."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:26.856Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/dfe13eaab043130f90dd3d57c7d88577c04adc97"
        },
        {
          "url": "https://git.kernel.org/stable/c/4dd0547e8b45faf6f95373be5436b66cde326c0e"
        },
        {
          "url": "https://git.kernel.org/stable/c/b302dce3d9edea5b93d1902a541684a967f3c63c"
        }
      ],
      "title": "wifi: ath12k: fix possible out-of-bound write in ath12k_wmi_ext_hal_reg_caps()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52829",
    "datePublished": "2024-05-21T15:31:32.164Z",
    "dateReserved": "2024-05-21T15:19:24.251Z",
    "dateUpdated": "2024-11-04T14:53:26.856Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47446

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:06

Severity ?

Summary

drm/msm/a4xx: fix error handling in a4xx_gpu_init()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/3962d626eb3e3b23ebb2e2a61537fa764acbfe11
	https://git.kernel.org/stable/c/980d74e7d03ccf2eaa11d133416946bd880c7c08

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47446",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-10T18:56:14.035808Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-10T18:56:22.575Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.012Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3962d626eb3e3b23ebb2e2a61537fa764acbfe11"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/980d74e7d03ccf2eaa11d133416946bd880c7c08"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/msm/adreno/a4xx_gpu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "3962d626eb3e",
              "status": "affected",
              "version": "5785dd7a8ef0",
              "versionType": "git"
            },
            {
              "lessThan": "980d74e7d03c",
              "status": "affected",
              "version": "5785dd7a8ef0",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/msm/adreno/a4xx_gpu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.11"
            },
            {
              "lessThan": "5.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/a4xx: fix error handling in a4xx_gpu_init()\n\nThis code returns 1 on error instead of a negative error.  It leads to\nan Oops in the caller.  A second problem is that the check for\n\"if (ret != -ENODATA)\" cannot be true because \"ret\" is set to 1."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:03.980Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/3962d626eb3e3b23ebb2e2a61537fa764acbfe11"
        },
        {
          "url": "https://git.kernel.org/stable/c/980d74e7d03ccf2eaa11d133416946bd880c7c08"
        }
      ],
      "title": "drm/msm/a4xx: fix error handling in a4xx_gpu_init()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47446",
    "datePublished": "2024-05-22T06:19:38.839Z",
    "dateReserved": "2024-05-21T14:58:30.832Z",
    "dateUpdated": "2024-11-04T12:06:03.980Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52763

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data.

References

▼	URL	Tags
	https://git.kernel.org/stable/c/39c71357e68e2f03766f9321b9f4882e49ff1442
	https://git.kernel.org/stable/c/e64d23dc65810be4e3395d72df0c398f60c991f9
	https://git.kernel.org/stable/c/3cb79a365e7cce8f121bba91312e2ddd206b9781
	https://git.kernel.org/stable/c/eed74230435c61eeb58abaa275b1820e6a4b7f02
	https://git.kernel.org/stable/c/b53e9758a31c683fc8615df930262192ed5f034b

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52763",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T19:40:16.388139Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:49.181Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.004Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/39c71357e68e2f03766f9321b9f4882e49ff1442"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e64d23dc65810be4e3395d72df0c398f60c991f9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3cb79a365e7cce8f121bba91312e2ddd206b9781"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eed74230435c61eeb58abaa275b1820e6a4b7f02"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b53e9758a31c683fc8615df930262192ed5f034b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/i3c/master/mipi-i3c-hci/dat_v1.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "39c71357e68e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e64d23dc6581",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "3cb79a365e7c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "eed74230435c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "b53e9758a31c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/i3c/master/mipi-i3c-hci/dat_v1.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data.\n\nThe `i3c_master_bus_init` function may attach the I2C devices before the\nI3C bus initialization. In this flow, the DAT `alloc_entry`` will be used\nbefore the DAT `init`. Additionally, if the `i3c_master_bus_init` fails,\nthe DAT `cleanup` will execute before the device is detached, which will\nexecue DAT `free_entry` function. The above scenario can cause the driver\nto use DAT_data when it is NULL."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:13.211Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/39c71357e68e2f03766f9321b9f4882e49ff1442"
        },
        {
          "url": "https://git.kernel.org/stable/c/e64d23dc65810be4e3395d72df0c398f60c991f9"
        },
        {
          "url": "https://git.kernel.org/stable/c/3cb79a365e7cce8f121bba91312e2ddd206b9781"
        },
        {
          "url": "https://git.kernel.org/stable/c/eed74230435c61eeb58abaa275b1820e6a4b7f02"
        },
        {
          "url": "https://git.kernel.org/stable/c/b53e9758a31c683fc8615df930262192ed5f034b"
        }
      ],
      "title": "i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data.",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52763",
    "datePublished": "2024-05-21T15:30:48.369Z",
    "dateReserved": "2024-05-21T15:19:24.238Z",
    "dateUpdated": "2024-11-04T14:52:13.211Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52772

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

af_unix: fix use-after-free in unix_stream_read_actor()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/75bcfc188abf4fae9c1d5f5dc0a03540be602eef
	https://git.kernel.org/stable/c/d179189eec426fe4801e4b91efa1889faed12700
	https://git.kernel.org/stable/c/eae0b295ce16d8c8b4114c3037993191b4bb92f0
	https://git.kernel.org/stable/c/069a3ec329ff43e7869a3d94c62cd03203016bce
	https://git.kernel.org/stable/c/4b7b492615cf3017190f55444f7016812b66611d

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.836Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/75bcfc188abf4fae9c1d5f5dc0a03540be602eef"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d179189eec426fe4801e4b91efa1889faed12700"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eae0b295ce16d8c8b4114c3037993191b4bb92f0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/069a3ec329ff43e7869a3d94c62cd03203016bce"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4b7b492615cf3017190f55444f7016812b66611d"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52772",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:59.720971Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:30.543Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/unix/af_unix.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "75bcfc188abf",
              "status": "affected",
              "version": "876c14ad014d",
              "versionType": "git"
            },
            {
              "lessThan": "d179189eec42",
              "status": "affected",
              "version": "876c14ad014d",
              "versionType": "git"
            },
            {
              "lessThan": "eae0b295ce16",
              "status": "affected",
              "version": "876c14ad014d",
              "versionType": "git"
            },
            {
              "lessThan": "069a3ec329ff",
              "status": "affected",
              "version": "876c14ad014d",
              "versionType": "git"
            },
            {
              "lessThan": "4b7b492615cf",
              "status": "affected",
              "version": "876c14ad014d",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/unix/af_unix.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.15"
            },
            {
              "lessThan": "5.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: fix use-after-free in unix_stream_read_actor()\n\nsyzbot reported the following crash [1]\n\nAfter releasing unix socket lock, u-\u003eoob_skb can be changed\nby another thread. We must temporarily increase skb refcount\nto make sure this other thread will not free the skb under us.\n\n[1]\n\nBUG: KASAN: slab-use-after-free in unix_stream_read_actor+0xa7/0xc0 net/unix/af_unix.c:2866\nRead of size 4 at addr ffff88801f3b9cc4 by task syz-executor107/5297\n\nCPU: 1 PID: 5297 Comm: syz-executor107 Not tainted 6.6.0-syzkaller-15910-gb8e3a87a627b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023\nCall Trace:\n\u003cTASK\u003e\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106\nprint_address_description mm/kasan/report.c:364 [inline]\nprint_report+0xc4/0x620 mm/kasan/report.c:475\nkasan_report+0xda/0x110 mm/kasan/report.c:588\nunix_stream_read_actor+0xa7/0xc0 net/unix/af_unix.c:2866\nunix_stream_recv_urg net/unix/af_unix.c:2587 [inline]\nunix_stream_read_generic+0x19a5/0x2480 net/unix/af_unix.c:2666\nunix_stream_recvmsg+0x189/0x1b0 net/unix/af_unix.c:2903\nsock_recvmsg_nosec net/socket.c:1044 [inline]\nsock_recvmsg+0xe2/0x170 net/socket.c:1066\n____sys_recvmsg+0x21f/0x5c0 net/socket.c:2803\n___sys_recvmsg+0x115/0x1a0 net/socket.c:2845\n__sys_recvmsg+0x114/0x1e0 net/socket.c:2875\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x3f/0x110 arch/x86/entry/common.c:82\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\nRIP: 0033:0x7fc67492c559\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fc6748ab228 EFLAGS: 00000246 ORIG_RAX: 000000000000002f\nRAX: ffffffffffffffda RBX: 000000000000001c RCX: 00007fc67492c559\nRDX: 0000000040010083 RSI: 0000000020000140 RDI: 0000000000000004\nRBP: 00007fc6749b6348 R08: 00007fc6748ab6c0 R09: 00007fc6748ab6c0\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6749b6340\nR13: 00007fc6749b634c R14: 00007ffe9fac52a0 R15: 00007ffe9fac5388\n\u003c/TASK\u003e\n\nAllocated by task 5295:\nkasan_save_stack+0x33/0x50 mm/kasan/common.c:45\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\n__kasan_slab_alloc+0x81/0x90 mm/kasan/common.c:328\nkasan_slab_alloc include/linux/kasan.h:188 [inline]\nslab_post_alloc_hook mm/slab.h:763 [inline]\nslab_alloc_node mm/slub.c:3478 [inline]\nkmem_cache_alloc_node+0x180/0x3c0 mm/slub.c:3523\n__alloc_skb+0x287/0x330 net/core/skbuff.c:641\nalloc_skb include/linux/skbuff.h:1286 [inline]\nalloc_skb_with_frags+0xe4/0x710 net/core/skbuff.c:6331\nsock_alloc_send_pskb+0x7e4/0x970 net/core/sock.c:2780\nsock_alloc_send_skb include/net/sock.h:1884 [inline]\nqueue_oob net/unix/af_unix.c:2147 [inline]\nunix_stream_sendmsg+0xb5f/0x10a0 net/unix/af_unix.c:2301\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg+0xd5/0x180 net/socket.c:745\n____sys_sendmsg+0x6ac/0x940 net/socket.c:2584\n___sys_sendmsg+0x135/0x1d0 net/socket.c:2638\n__sys_sendmsg+0x117/0x1e0 net/socket.c:2667\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x3f/0x110 arch/x86/entry/common.c:82\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nFreed by task 5295:\nkasan_save_stack+0x33/0x50 mm/kasan/common.c:45\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\nkasan_save_free_info+0x2b/0x40 mm/kasan/generic.c:522\n____kasan_slab_free mm/kasan/common.c:236 [inline]\n____kasan_slab_free+0x15b/0x1b0 mm/kasan/common.c:200\nkasan_slab_free include/linux/kasan.h:164 [inline]\nslab_free_hook mm/slub.c:1800 [inline]\nslab_free_freelist_hook+0x114/0x1e0 mm/slub.c:1826\nslab_free mm/slub.c:3809 [inline]\nkmem_cache_free+0xf8/0x340 mm/slub.c:3831\nkfree_skbmem+0xef/0x1b0 net/core/skbuff.c:1015\n__kfree_skb net/core/skbuff.c:1073 [inline]\nconsume_skb net/core/skbuff.c:1288 [inline]\nconsume_skb+0xdf/0x170 net/core/skbuff.c:1282\nqueue_oob net/unix/af_unix.c:2178 [inline]\nu\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:24.307Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/75bcfc188abf4fae9c1d5f5dc0a03540be602eef"
        },
        {
          "url": "https://git.kernel.org/stable/c/d179189eec426fe4801e4b91efa1889faed12700"
        },
        {
          "url": "https://git.kernel.org/stable/c/eae0b295ce16d8c8b4114c3037993191b4bb92f0"
        },
        {
          "url": "https://git.kernel.org/stable/c/069a3ec329ff43e7869a3d94c62cd03203016bce"
        },
        {
          "url": "https://git.kernel.org/stable/c/4b7b492615cf3017190f55444f7016812b66611d"
        }
      ],
      "title": "af_unix: fix use-after-free in unix_stream_read_actor()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52772",
    "datePublished": "2024-05-21T15:30:54.292Z",
    "dateReserved": "2024-05-21T15:19:24.239Z",
    "dateUpdated": "2024-11-04T14:52:24.307Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-48706

Vulnerability from cvelistv5

Published

2024-05-21 15:22

Modified

2024-11-04 12:14

Severity ?

Summary

vdpa: ifcvf: Do proper cleanup if IFCVF init fails

References

▼	URL	Tags
	https://git.kernel.org/stable/c/5d2cc32c1c10bd889125d2adc16a6bc3338dcd3e
	https://git.kernel.org/stable/c/6b04456e248761cf68f562f2fd7c04e591fcac94

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-48706",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:37:11.513272Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:37:51.673Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:17:55.751Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5d2cc32c1c10bd889125d2adc16a6bc3338dcd3e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6b04456e248761cf68f562f2fd7c04e591fcac94"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/vdpa/ifcvf/ifcvf_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5d2cc32c1c10",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6b04456e2487",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/vdpa/ifcvf/ifcvf_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvdpa: ifcvf: Do proper cleanup if IFCVF init fails\n\nifcvf_mgmt_dev leaks memory if it is not freed before\nreturning. Call is made to correct return statement\nso memory does not leak. ifcvf_init_hw does not take\ncare of this so it is needed to do it here."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:14:56.030Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/5d2cc32c1c10bd889125d2adc16a6bc3338dcd3e"
        },
        {
          "url": "https://git.kernel.org/stable/c/6b04456e248761cf68f562f2fd7c04e591fcac94"
        }
      ],
      "title": "vdpa: ifcvf: Do proper cleanup if IFCVF init fails",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-48706",
    "datePublished": "2024-05-21T15:22:48.087Z",
    "dateReserved": "2024-05-03T14:55:07.146Z",
    "dateUpdated": "2024-11-04T12:14:56.030Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52731

Vulnerability from cvelistv5

Published

2024-05-21 15:22

Modified

2024-11-04 14:51

Severity ?

Summary

fbdev: Fix invalid page access after closing deferred I/O devices

References

▼	URL	Tags
	https://git.kernel.org/stable/c/87b9802ca824fcee7915e717e9a60471af62e8e9
	https://git.kernel.org/stable/c/f1d91f0e9d5a240a809698d7d9c5a538e7dcc149
	https://git.kernel.org/stable/c/3efc61d95259956db25347e2a9562c3e54546e20

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.499Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/87b9802ca824fcee7915e717e9a60471af62e8e9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f1d91f0e9d5a240a809698d7d9c5a538e7dcc149"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3efc61d95259956db25347e2a9562c3e54546e20"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52731",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:38.155499Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:36.311Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/video/fbdev/core/fb_defio.c",
            "drivers/video/fbdev/core/fbmem.c",
            "include/linux/fb.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "87b9802ca824",
              "status": "affected",
              "version": "186b89659c4c",
              "versionType": "git"
            },
            {
              "lessThan": "f1d91f0e9d5a",
              "status": "affected",
              "version": "56c134f7f1b5",
              "versionType": "git"
            },
            {
              "lessThan": "3efc61d95259",
              "status": "affected",
              "version": "56c134f7f1b5",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/video/fbdev/core/fb_defio.c",
            "drivers/video/fbdev/core/fbmem.c",
            "include/linux/fb.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.19"
            },
            {
              "lessThan": "5.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: Fix invalid page access after closing deferred I/O devices\n\nWhen a fbdev with deferred I/O is once opened and closed, the dirty\npages still remain queued in the pageref list, and eventually later\nthose may be processed in the delayed work.  This may lead to a\ncorruption of pages, hitting an Oops.\n\nThis patch makes sure to cancel the delayed work and clean up the\npageref list at closing the device for addressing the bug.  A part of\nthe cleanup code is factored out as a new helper function that is\ncalled from the common fb_release()."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:37.911Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/87b9802ca824fcee7915e717e9a60471af62e8e9"
        },
        {
          "url": "https://git.kernel.org/stable/c/f1d91f0e9d5a240a809698d7d9c5a538e7dcc149"
        },
        {
          "url": "https://git.kernel.org/stable/c/3efc61d95259956db25347e2a9562c3e54546e20"
        }
      ],
      "title": "fbdev: Fix invalid page access after closing deferred I/O devices",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52731",
    "datePublished": "2024-05-21T15:22:57.282Z",
    "dateReserved": "2024-05-21T15:19:24.232Z",
    "dateUpdated": "2024-11-04T14:51:37.911Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52748

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:51

Severity ?

Summary

f2fs: avoid format-overflow warning

References

▼	URL	Tags
	https://git.kernel.org/stable/c/c041f5ddef00c731c541e00bc8ae97b8c84c682f
	https://git.kernel.org/stable/c/e4088d7d8f1123006d46a42edf51b8c960a58ef9
	https://git.kernel.org/stable/c/526dd7540a09ecf87b5f54f3ab4e0a2528f25a79
	https://git.kernel.org/stable/c/6fca08fd3085253b48fcb1bd243a0a5e18821a00
	https://git.kernel.org/stable/c/3eebe636cac53886bd5d1cdd55e082ec9e84983f
	https://git.kernel.org/stable/c/e0d4e8acb3789c5a8651061fbab62ca24a45c063

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.561Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c041f5ddef00c731c541e00bc8ae97b8c84c682f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e4088d7d8f1123006d46a42edf51b8c960a58ef9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/526dd7540a09ecf87b5f54f3ab4e0a2528f25a79"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6fca08fd3085253b48fcb1bd243a0a5e18821a00"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3eebe636cac53886bd5d1cdd55e082ec9e84983f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e0d4e8acb3789c5a8651061fbab62ca24a45c063"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52748",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:22.209174Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:33.570Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/f2fs/compress.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c041f5ddef00",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e4088d7d8f11",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "526dd7540a09",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6fca08fd3085",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "3eebe636cac5",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e0d4e8acb378",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/f2fs/compress.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: avoid format-overflow warning\n\nWith gcc and W=1 option, there\u0027s a warning like this:\n\nfs/f2fs/compress.c: In function \u2018f2fs_init_page_array_cache\u2019:\nfs/f2fs/compress.c:1984:47: error: \u2018%u\u2019 directive writing between\n1 and 7 bytes into a region of size between 5 and 8\n[-Werror=format-overflow=]\n 1984 |  sprintf(slab_name, \"f2fs_page_array_entry-%u:%u\", MAJOR(dev),\n\t\tMINOR(dev));\n      |                                               ^~\n\nString \"f2fs_page_array_entry-%u:%u\" can up to 35. The first \"%u\" can up\nto 4 and the second \"%u\" can up to 7, so total size is \"24 + 4 + 7 = 35\".\nslab_name\u0027s size should be 35 rather than 32."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:56.919Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c041f5ddef00c731c541e00bc8ae97b8c84c682f"
        },
        {
          "url": "https://git.kernel.org/stable/c/e4088d7d8f1123006d46a42edf51b8c960a58ef9"
        },
        {
          "url": "https://git.kernel.org/stable/c/526dd7540a09ecf87b5f54f3ab4e0a2528f25a79"
        },
        {
          "url": "https://git.kernel.org/stable/c/6fca08fd3085253b48fcb1bd243a0a5e18821a00"
        },
        {
          "url": "https://git.kernel.org/stable/c/3eebe636cac53886bd5d1cdd55e082ec9e84983f"
        },
        {
          "url": "https://git.kernel.org/stable/c/e0d4e8acb3789c5a8651061fbab62ca24a45c063"
        }
      ],
      "title": "f2fs: avoid format-overflow warning",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52748",
    "datePublished": "2024-05-21T15:30:38.229Z",
    "dateReserved": "2024-05-21T15:19:24.234Z",
    "dateUpdated": "2024-11-04T14:51:56.919Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52749

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:51

Severity ?

Summary

spi: Fix null dereference on suspend

References

▼	URL	Tags
	https://git.kernel.org/stable/c/4ec4508db97502a12daee88c74782e8d35ced068
	https://git.kernel.org/stable/c/96474ea47dc67b0704392d59192b233c8197db0e
	https://git.kernel.org/stable/c/bef4a48f4ef798c4feddf045d49e53c8a97d5e37

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52749",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:36:59.089454Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:37:26.791Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.612Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4ec4508db97502a12daee88c74782e8d35ced068"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/96474ea47dc67b0704392d59192b233c8197db0e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bef4a48f4ef798c4feddf045d49e53c8a97d5e37"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/spi/spi.c",
            "include/linux/spi/spi.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4ec4508db975",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "96474ea47dc6",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "bef4a48f4ef7",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/spi/spi.c",
            "include/linux/spi/spi.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.66",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: Fix null dereference on suspend\n\nA race condition exists where a synchronous (noqueue) transfer can be\nactive during a system suspend. This can cause a null pointer\ndereference exception to occur when the system resumes.\n\nExample order of events leading to the exception:\n1. spi_sync() calls __spi_transfer_message_noqueue() which sets\n   ctlr-\u003ecur_msg\n2. Spi transfer begins via spi_transfer_one_message()\n3. System is suspended interrupting the transfer context\n4. System is resumed\n6. spi_controller_resume() calls spi_start_queue() which resets cur_msg\n   to NULL\n7. Spi transfer context resumes and spi_finalize_current_message() is\n   called which dereferences cur_msg (which is now NULL)\n\nWait for synchronous transfers to complete before suspending by\nacquiring the bus mutex and setting/checking a suspend flag."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:58.145Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4ec4508db97502a12daee88c74782e8d35ced068"
        },
        {
          "url": "https://git.kernel.org/stable/c/96474ea47dc67b0704392d59192b233c8197db0e"
        },
        {
          "url": "https://git.kernel.org/stable/c/bef4a48f4ef798c4feddf045d49e53c8a97d5e37"
        }
      ],
      "title": "spi: Fix null dereference on suspend",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52749",
    "datePublished": "2024-05-21T15:30:38.904Z",
    "dateReserved": "2024-05-21T15:19:24.234Z",
    "dateUpdated": "2024-11-04T14:51:58.145Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52736

Vulnerability from cvelistv5

Published

2024-05-21 15:23

Modified

2024-11-04 14:51

Severity ?

Summary

ALSA: hda: Do not unset preset when cleaning up codec

References

▼	URL	Tags
	https://git.kernel.org/stable/c/7fc4e7191eae9d9325511e03deadfdb2224914f8
	https://git.kernel.org/stable/c/e909f5f2aa55a8f9aa6919cce08015cb0e8d4668
	https://git.kernel.org/stable/c/427ca2530da8dc61a42620d7113b05e187b6c2c0
	https://git.kernel.org/stable/c/87978e6ad45a16835cc58234451111091be3c59a

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52736",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:37:05.495763Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:37:38.920Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.525Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7fc4e7191eae9d9325511e03deadfdb2224914f8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e909f5f2aa55a8f9aa6919cce08015cb0e8d4668"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/427ca2530da8dc61a42620d7113b05e187b6c2c0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/87978e6ad45a16835cc58234451111091be3c59a"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "sound/pci/hda/hda_bind.c",
            "sound/pci/hda/hda_codec.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7fc4e7191eae",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e909f5f2aa55",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "427ca2530da8",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "87978e6ad45a",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "sound/pci/hda/hda_bind.c",
            "sound/pci/hda/hda_codec.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.169",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.95",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: Do not unset preset when cleaning up codec\n\nSeveral functions that take part in codec\u0027s initialization and removal\nare re-used by ASoC codec drivers implementations. Drivers mimic the\nbehavior of hda_codec_driver_probe/remove() found in\nsound/pci/hda/hda_bind.c with their component-\u003eprobe/remove() instead.\n\nOne of the reasons for that is the expectation of\nsnd_hda_codec_device_new() to receive a valid pointer to an instance of\nstruct snd_card. This expectation can be met only once sound card\ncomponents probing commences.\n\nAs ASoC sound card may be unbound without codec device being actually\nremoved from the system, unsetting -\u003epreset in\nsnd_hda_codec_cleanup_for_unbind() interferes with module unload -\u003e load\nscenario causing null-ptr-deref. Preset is assigned only once, during\ndevice/driver matching whereas ASoC codec driver\u0027s module reloading may\noccur several times throughout the lifetime of an audio stack."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:42.616Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7fc4e7191eae9d9325511e03deadfdb2224914f8"
        },
        {
          "url": "https://git.kernel.org/stable/c/e909f5f2aa55a8f9aa6919cce08015cb0e8d4668"
        },
        {
          "url": "https://git.kernel.org/stable/c/427ca2530da8dc61a42620d7113b05e187b6c2c0"
        },
        {
          "url": "https://git.kernel.org/stable/c/87978e6ad45a16835cc58234451111091be3c59a"
        }
      ],
      "title": "ALSA: hda: Do not unset preset when cleaning up codec",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52736",
    "datePublished": "2024-05-21T15:23:00.572Z",
    "dateReserved": "2024-05-21T15:19:24.232Z",
    "dateUpdated": "2024-11-04T14:51:42.616Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52791

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:52

Severity ?

Summary

i2c: core: Run atomic i2c xfer when !preemptible

References

▼	URL	Tags
	https://git.kernel.org/stable/c/25eb381a736e7ae39a4245ef5c96484eb1073809
	https://git.kernel.org/stable/c/25284c46b657f48c0f3880a2e0706c70d81182c0
	https://git.kernel.org/stable/c/f6237afabc349c1c7909db00e15d2816519e0d2b
	https://git.kernel.org/stable/c/185f3617adc8fe45e40489b458f03911f0dec46c
	https://git.kernel.org/stable/c/8c3fa52a46ff4d208cefb1a462ec94e0043a91e1
	https://git.kernel.org/stable/c/3473cf43b9068b9dfef2f545f833f33c6a544b91
	https://git.kernel.org/stable/c/aa49c90894d06e18a1ee7c095edbd2f37c232d02

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52791",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:36:52.732311Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:37:13.581Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.653Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/25eb381a736e7ae39a4245ef5c96484eb1073809"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/25284c46b657f48c0f3880a2e0706c70d81182c0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f6237afabc349c1c7909db00e15d2816519e0d2b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/185f3617adc8fe45e40489b458f03911f0dec46c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8c3fa52a46ff4d208cefb1a462ec94e0043a91e1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3473cf43b9068b9dfef2f545f833f33c6a544b91"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/aa49c90894d06e18a1ee7c095edbd2f37c232d02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/i2c/i2c-core.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "25eb381a736e",
              "status": "affected",
              "version": "bae1d3a05a8b",
              "versionType": "git"
            },
            {
              "lessThan": "25284c46b657",
              "status": "affected",
              "version": "bae1d3a05a8b",
              "versionType": "git"
            },
            {
              "lessThan": "f6237afabc34",
              "status": "affected",
              "version": "bae1d3a05a8b",
              "versionType": "git"
            },
            {
              "lessThan": "185f3617adc8",
              "status": "affected",
              "version": "bae1d3a05a8b",
              "versionType": "git"
            },
            {
              "lessThan": "8c3fa52a46ff",
              "status": "affected",
              "version": "bae1d3a05a8b",
              "versionType": "git"
            },
            {
              "lessThan": "3473cf43b906",
              "status": "affected",
              "version": "bae1d3a05a8b",
              "versionType": "git"
            },
            {
              "lessThan": "aa49c90894d0",
              "status": "affected",
              "version": "bae1d3a05a8b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/i2c/i2c-core.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.2"
            },
            {
              "lessThan": "5.2",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: core: Run atomic i2c xfer when !preemptible\n\nSince bae1d3a05a8b, i2c transfers are non-atomic if preemption is\ndisabled. However, non-atomic i2c transfers require preemption (e.g. in\nwait_for_completion() while waiting for the DMA).\n\npanic() calls preempt_disable_notrace() before calling\nemergency_restart(). Therefore, if an i2c device is used for the\nrestart, the xfer should be atomic. This avoids warnings like:\n\n[   12.667612] WARNING: CPU: 1 PID: 1 at kernel/rcu/tree_plugin.h:318 rcu_note_context_switch+0x33c/0x6b0\n[   12.676926] Voluntary context switch within RCU read-side critical section!\n...\n[   12.742376]  schedule_timeout from wait_for_completion_timeout+0x90/0x114\n[   12.749179]  wait_for_completion_timeout from tegra_i2c_wait_completion+0x40/0x70\n...\n[   12.994527]  atomic_notifier_call_chain from machine_restart+0x34/0x58\n[   13.001050]  machine_restart from panic+0x2a8/0x32c\n\nUse !preemptible() instead, which is basically the same check as\npre-v5.2."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:48.989Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/25eb381a736e7ae39a4245ef5c96484eb1073809"
        },
        {
          "url": "https://git.kernel.org/stable/c/25284c46b657f48c0f3880a2e0706c70d81182c0"
        },
        {
          "url": "https://git.kernel.org/stable/c/f6237afabc349c1c7909db00e15d2816519e0d2b"
        },
        {
          "url": "https://git.kernel.org/stable/c/185f3617adc8fe45e40489b458f03911f0dec46c"
        },
        {
          "url": "https://git.kernel.org/stable/c/8c3fa52a46ff4d208cefb1a462ec94e0043a91e1"
        },
        {
          "url": "https://git.kernel.org/stable/c/3473cf43b9068b9dfef2f545f833f33c6a544b91"
        },
        {
          "url": "https://git.kernel.org/stable/c/aa49c90894d06e18a1ee7c095edbd2f37c232d02"
        }
      ],
      "title": "i2c: core: Run atomic i2c xfer when !preemptible",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52791",
    "datePublished": "2024-05-21T15:31:06.997Z",
    "dateReserved": "2024-05-21T15:19:24.241Z",
    "dateUpdated": "2024-11-04T14:52:48.989Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47487

Vulnerability from cvelistv5

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2024-05-28T18:59:27.726Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47487",
    "datePublished": "2024-05-22T08:19:37.473Z",
    "dateRejected": "2024-05-28T18:59:27.726Z",
    "dateReserved": "2024-05-22T06:20:56.201Z",
    "dateUpdated": "2024-05-28T18:59:27.726Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47410

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

drm/amdkfd: fix svm_migrate_fini warning

References

▼	URL	Tags
	https://git.kernel.org/stable/c/ac7d732b24f4061f8a732ada49b054ab38c63e15
	https://git.kernel.org/stable/c/197ae17722e989942b36e33e044787877f158574

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47410",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T17:35:53.003122Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T17:37:32.982Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.102Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ac7d732b24f4061f8a732ada49b054ab38c63e15"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/197ae17722e989942b36e33e044787877f158574"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdkfd/kfd_device.c",
            "drivers/gpu/drm/amd/amdkfd/kfd_migrate.c",
            "drivers/gpu/drm/amd/amdkfd/kfd_migrate.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ac7d732b24f4",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "197ae17722e9",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdkfd/kfd_device.c",
            "drivers/gpu/drm/amd/amdkfd/kfd_migrate.c",
            "drivers/gpu/drm/amd/amdkfd/kfd_migrate.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: fix svm_migrate_fini warning\n\nDevice manager releases device-specific resources when a driver\ndisconnects from a device, devm_memunmap_pages and\ndevm_release_mem_region calls in svm_migrate_fini are redundant.\n\nIt causes below warning trace after patch \"drm/amdgpu: Split\namdgpu_device_fini into early and late\", so remove function\nsvm_migrate_fini.\n\nBUG: https://gitlab.freedesktop.org/drm/amd/-/issues/1718\n\nWARNING: CPU: 1 PID: 3646 at drivers/base/devres.c:795\ndevm_release_action+0x51/0x60\nCall Trace:\n    ? memunmap_pages+0x360/0x360\n    svm_migrate_fini+0x2d/0x60 [amdgpu]\n    kgd2kfd_device_exit+0x23/0xa0 [amdgpu]\n    amdgpu_amdkfd_device_fini_sw+0x1d/0x30 [amdgpu]\n    amdgpu_device_fini_sw+0x45/0x290 [amdgpu]\n    amdgpu_driver_release_kms+0x12/0x30 [amdgpu]\n    drm_dev_release+0x20/0x40 [drm]\n    release_nodes+0x196/0x1e0\n    device_release_driver_internal+0x104/0x1d0\n    driver_detach+0x47/0x90\n    bus_remove_driver+0x7a/0xd0\n    pci_unregister_driver+0x3d/0x90\n    amdgpu_exit+0x11/0x20 [amdgpu]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:23.638Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ac7d732b24f4061f8a732ada49b054ab38c63e15"
        },
        {
          "url": "https://git.kernel.org/stable/c/197ae17722e989942b36e33e044787877f158574"
        }
      ],
      "title": "drm/amdkfd: fix svm_migrate_fini warning",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47410",
    "datePublished": "2024-05-21T15:04:01.984Z",
    "dateReserved": "2024-05-21T14:58:30.817Z",
    "dateUpdated": "2024-11-04T12:05:23.638Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52754

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

media: imon: fix access to invalid resource for the second interface

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0f5068519f89d928d6c51100e4b274479123829f
	https://git.kernel.org/stable/c/5e0b788fb96be36d1baf1a5c88d09c7c82a0452a
	https://git.kernel.org/stable/c/b083aaf5db2eeca9e362723258e5d8698f7dd84e
	https://git.kernel.org/stable/c/10ec5a97f8f5a772a1a42b4eb27196b447cd3aa9
	https://git.kernel.org/stable/c/2a493a34bd6e496c55fabedd82b957193ace178f
	https://git.kernel.org/stable/c/a1766a4fd83befa0b34d932d532e7ebb7fab1fa7

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52754",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T18:42:53.248204Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:36.610Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.519Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0f5068519f89d928d6c51100e4b274479123829f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5e0b788fb96be36d1baf1a5c88d09c7c82a0452a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b083aaf5db2eeca9e362723258e5d8698f7dd84e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/10ec5a97f8f5a772a1a42b4eb27196b447cd3aa9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2a493a34bd6e496c55fabedd82b957193ace178f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a1766a4fd83befa0b34d932d532e7ebb7fab1fa7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/rc/imon.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0f5068519f89",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "5e0b788fb96b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "b083aaf5db2e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "10ec5a97f8f5",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2a493a34bd6e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a1766a4fd83b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/rc/imon.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imon: fix access to invalid resource for the second interface\n\nimon driver probes two USB interfaces, and at the probe of the second\ninterface, the driver assumes blindly that the first interface got\nbound with the same imon driver.  It\u0027s usually true, but it\u0027s still\npossible that the first interface is bound with another driver via a\nmalformed descriptor.  Then it may lead to a memory corruption, as\nspotted by syzkaller; imon driver accesses the data from drvdata as\nstruct imon_context object although it\u0027s a completely different one\nthat was assigned by another driver.\n\nThis patch adds a sanity check -- whether the first interface is\nreally bound with the imon driver or not -- for avoiding the problem\nabove at the probe time."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:04.628Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0f5068519f89d928d6c51100e4b274479123829f"
        },
        {
          "url": "https://git.kernel.org/stable/c/5e0b788fb96be36d1baf1a5c88d09c7c82a0452a"
        },
        {
          "url": "https://git.kernel.org/stable/c/b083aaf5db2eeca9e362723258e5d8698f7dd84e"
        },
        {
          "url": "https://git.kernel.org/stable/c/10ec5a97f8f5a772a1a42b4eb27196b447cd3aa9"
        },
        {
          "url": "https://git.kernel.org/stable/c/2a493a34bd6e496c55fabedd82b957193ace178f"
        },
        {
          "url": "https://git.kernel.org/stable/c/a1766a4fd83befa0b34d932d532e7ebb7fab1fa7"
        }
      ],
      "title": "media: imon: fix access to invalid resource for the second interface",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52754",
    "datePublished": "2024-05-21T15:30:42.198Z",
    "dateReserved": "2024-05-21T15:19:24.235Z",
    "dateUpdated": "2024-11-04T14:52:04.628Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52780

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

net: mvneta: fix calls to page_pool_get_stats

References

▼	URL	Tags
	https://git.kernel.org/stable/c/00768b3e90e648227eaa959d9d279f5e32823df1
	https://git.kernel.org/stable/c/230dc06e2495487d88b3410da055bb618febb19b
	https://git.kernel.org/stable/c/2b0e99072654edd601d05c0061a20337af5008ba
	https://git.kernel.org/stable/c/ca8add922f9c7f6e2e3c71039da8e0dcc64b87ed

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52780",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:36:55.897084Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:37:20.654Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.011Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/00768b3e90e648227eaa959d9d279f5e32823df1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/230dc06e2495487d88b3410da055bb618febb19b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2b0e99072654edd601d05c0061a20337af5008ba"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ca8add922f9c7f6e2e3c71039da8e0dcc64b87ed"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/marvell/mvneta.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "00768b3e90e6",
              "status": "affected",
              "version": "b3fc79225f05",
              "versionType": "git"
            },
            {
              "lessThan": "230dc06e2495",
              "status": "affected",
              "version": "b3fc79225f05",
              "versionType": "git"
            },
            {
              "lessThan": "2b0e99072654",
              "status": "affected",
              "version": "b3fc79225f05",
              "versionType": "git"
            },
            {
              "lessThan": "ca8add922f9c",
              "status": "affected",
              "version": "b3fc79225f05",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/marvell/mvneta.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.19"
            },
            {
              "lessThan": "5.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mvneta: fix calls to page_pool_get_stats\n\nCalling page_pool_get_stats in the mvneta driver without checks\nleads to kernel crashes.\nFirst the page pool is only available if the bm is not used.\nThe page pool is also not allocated when the port is stopped.\nIt can also be not allocated in case of errors.\n\nThe current implementation leads to the following crash calling\nethstats on a port that is down or when calling it at the wrong moment:\n\nble to handle kernel NULL pointer dereference at virtual address 00000070\n[00000070] *pgd=00000000\nInternal error: Oops: 5 [#1] SMP ARM\nHardware name: Marvell Armada 380/385 (Device Tree)\nPC is at page_pool_get_stats+0x18/0x1cc\nLR is at mvneta_ethtool_get_stats+0xa0/0xe0 [mvneta]\npc : [\u003cc0b413cc\u003e]    lr : [\u003cbf0a98d8\u003e]    psr: a0000013\nsp : f1439d48  ip : f1439dc0  fp : 0000001d\nr10: 00000100  r9 : c4816b80  r8 : f0d75150\nr7 : bf0b400c  r6 : c238f000  r5 : 00000000  r4 : f1439d68\nr3 : c2091040  r2 : ffffffd8  r1 : f1439d68  r0 : 00000000\nFlags: NzCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment none\nControl: 10c5387d  Table: 066b004a  DAC: 00000051\nRegister r0 information: NULL pointer\nRegister r1 information: 2-page vmalloc region starting at 0xf1438000 allocated at kernel_clone+0x9c/0x390\nRegister r2 information: non-paged memory\nRegister r3 information: slab kmalloc-2k start c2091000 pointer offset 64 size 2048\nRegister r4 information: 2-page vmalloc region starting at 0xf1438000 allocated at kernel_clone+0x9c/0x390\nRegister r5 information: NULL pointer\nRegister r6 information: slab kmalloc-cg-4k start c238f000 pointer offset 0 size 4096\nRegister r7 information: 15-page vmalloc region starting at 0xbf0a8000 allocated at load_module+0xa30/0x219c\nRegister r8 information: 1-page vmalloc region starting at 0xf0d75000 allocated at ethtool_get_stats+0x138/0x208\nRegister r9 information: slab task_struct start c4816b80 pointer offset 0\nRegister r10 information: non-paged memory\nRegister r11 information: non-paged memory\nRegister r12 information: 2-page vmalloc region starting at 0xf1438000 allocated at kernel_clone+0x9c/0x390\nProcess snmpd (pid: 733, stack limit = 0x38de3a88)\nStack: (0xf1439d48 to 0xf143a000)\n9d40:                   000000c0 00000001 c238f000 bf0b400c f0d75150 c4816b80\n9d60: 00000100 bf0a98d8 00000000 00000000 00000000 00000000 00000000 00000000\n9d80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n9da0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n9dc0: 00000dc0 5335509c 00000035 c238f000 bf0b2214 01067f50 f0d75000 c0b9b9c8\n9de0: 0000001d 00000035 c2212094 5335509c c4816b80 c238f000 c5ad6e00 01067f50\n9e00: c1b0be80 c4816b80 00014813 c0b9d7f0 00000000 00000000 0000001d 0000001d\n9e20: 00000000 00001200 00000000 00000000 c216ed90 c73943b8 00000000 00000000\n9e40: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n9e60: 00000000 c0ad9034 00000000 00000000 00000000 00000000 00000000 00000000\n9e80: 00000000 00000000 00000000 5335509c c1b0be80 f1439ee4 00008946 c1b0be80\n9ea0: 01067f50 f1439ee3 00000000 00000046 b6d77ae0 c0b383f0 00008946 becc83e8\n9ec0: c1b0be80 00000051 0000000b c68ca480 c7172d00 c0ad8ff0 f1439ee3 cf600e40\n9ee0: 01600e40 32687465 00000000 00000000 00000000 01067f50 00000000 00000000\n9f00: 00000000 5335509c 00008946 00008946 00000000 c68ca480 becc83e8 c05e2de0\n9f20: f1439fb0 c03002f0 00000006 5ac3c35a c4816b80 00000006 b6d77ae0 c030caf0\n9f40: c4817350 00000014 f1439e1c 0000000c 00000000 00000051 01000000 00000014\n9f60: 00003fec f1439edc 00000001 c0372abc b6d77ae0 c0372abc cf600e40 5335509c\n9f80: c21e6800 01015c9c 0000000b 00008946 00000036 c03002f0 c4816b80 00000036\n9fa0: b6d77ae0 c03000c0 01015c9c 0000000b 0000000b 00008946 becc83e8 00000000\n9fc0: 01015c9c 0000000b 00008946 00000036 00000035 010678a0 b6d797ec b6d77ae0\n9fe0: b6dbf738 becc838c b6d186d7 b6baa858 40000030 0000000b 00000000 00000000\n page_pool_get_s\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:35.316Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/00768b3e90e648227eaa959d9d279f5e32823df1"
        },
        {
          "url": "https://git.kernel.org/stable/c/230dc06e2495487d88b3410da055bb618febb19b"
        },
        {
          "url": "https://git.kernel.org/stable/c/2b0e99072654edd601d05c0061a20337af5008ba"
        },
        {
          "url": "https://git.kernel.org/stable/c/ca8add922f9c7f6e2e3c71039da8e0dcc64b87ed"
        }
      ],
      "title": "net: mvneta: fix calls to page_pool_get_stats",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52780",
    "datePublished": "2024-05-21T15:30:59.557Z",
    "dateReserved": "2024-05-21T15:19:24.240Z",
    "dateUpdated": "2024-11-04T14:52:35.316Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52797

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:52

Severity ?

Summary

drivers: perf: Check find_first_bit() return value

References

▼	URL	Tags
	https://git.kernel.org/stable/c/2c86b24095fcf72cf51bc72d12e4350163b4e11d
	https://git.kernel.org/stable/c/45a0de41ec383c8b7c6d442734ba3852dd2fc4a7
	https://git.kernel.org/stable/c/c6e316ac05532febb0c966fa9b55f5258ed037be

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52797",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T17:26:12.766927Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:34.907Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.045Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2c86b24095fcf72cf51bc72d12e4350163b4e11d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/45a0de41ec383c8b7c6d442734ba3852dd2fc4a7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c6e316ac05532febb0c966fa9b55f5258ed037be"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/perf/riscv_pmu_sbi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2c86b24095fc",
              "status": "affected",
              "version": "4905ec2fb7e6",
              "versionType": "git"
            },
            {
              "lessThan": "45a0de41ec38",
              "status": "affected",
              "version": "4905ec2fb7e6",
              "versionType": "git"
            },
            {
              "lessThan": "c6e316ac0553",
              "status": "affected",
              "version": "4905ec2fb7e6",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/perf/riscv_pmu_sbi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.18"
            },
            {
              "lessThan": "5.18",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: perf: Check find_first_bit() return value\n\nWe must check the return value of find_first_bit() before using the\nreturn value as an index array since it happens to overflow the array\nand then panic:\n\n[  107.318430] Kernel BUG [#1]\n[  107.319434] CPU: 3 PID: 1238 Comm: kill Tainted: G            E      6.6.0-rc6ubuntu-defconfig #2\n[  107.319465] Hardware name: riscv-virtio,qemu (DT)\n[  107.319551] epc : pmu_sbi_ovf_handler+0x3a4/0x3ae\n[  107.319840]  ra : pmu_sbi_ovf_handler+0x52/0x3ae\n[  107.319868] epc : ffffffff80a0a77c ra : ffffffff80a0a42a sp : ffffaf83fecda350\n[  107.319884]  gp : ffffffff823961a8 tp : ffffaf8083db1dc0 t0 : ffffaf83fecda480\n[  107.319899]  t1 : ffffffff80cafe62 t2 : 000000000000ff00 s0 : ffffaf83fecda520\n[  107.319921]  s1 : ffffaf83fecda380 a0 : 00000018fca29df0 a1 : ffffffffffffffff\n[  107.319936]  a2 : 0000000001073734 a3 : 0000000000000004 a4 : 0000000000000000\n[  107.319951]  a5 : 0000000000000040 a6 : 000000001d1c8774 a7 : 0000000000504d55\n[  107.319965]  s2 : ffffffff82451f10 s3 : ffffffff82724e70 s4 : 000000000000003f\n[  107.319980]  s5 : 0000000000000011 s6 : ffffaf8083db27c0 s7 : 0000000000000000\n[  107.319995]  s8 : 0000000000000001 s9 : 00007fffb45d6558 s10: 00007fffb45d81a0\n[  107.320009]  s11: ffffaf7ffff60000 t3 : 0000000000000004 t4 : 0000000000000000\n[  107.320023]  t5 : ffffaf7f80000000 t6 : ffffaf8000000000\n[  107.320037] status: 0000000200000100 badaddr: 0000000000000000 cause: 0000000000000003\n[  107.320081] [\u003cffffffff80a0a77c\u003e] pmu_sbi_ovf_handler+0x3a4/0x3ae\n[  107.320112] [\u003cffffffff800b42d0\u003e] handle_percpu_devid_irq+0x9e/0x1a0\n[  107.320131] [\u003cffffffff800ad92c\u003e] generic_handle_domain_irq+0x28/0x36\n[  107.320148] [\u003cffffffff8065f9f8\u003e] riscv_intc_irq+0x36/0x4e\n[  107.320166] [\u003cffffffff80caf4a0\u003e] handle_riscv_irq+0x54/0x86\n[  107.320189] [\u003cffffffff80cb0036\u003e] do_irq+0x64/0x96\n[  107.320271] Code: 85a6 855e b097 ff7f 80e7 9220 b709 9002 4501 bbd9 (9002) 6097\n[  107.320585] ---[ end trace 0000000000000000 ]---\n[  107.320704] Kernel panic - not syncing: Fatal exception in interrupt\n[  107.320775] SMP: stopping secondary CPUs\n[  107.321219] Kernel Offset: 0x0 from 0xffffffff80000000\n[  107.333051] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:54.933Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2c86b24095fcf72cf51bc72d12e4350163b4e11d"
        },
        {
          "url": "https://git.kernel.org/stable/c/45a0de41ec383c8b7c6d442734ba3852dd2fc4a7"
        },
        {
          "url": "https://git.kernel.org/stable/c/c6e316ac05532febb0c966fa9b55f5258ed037be"
        }
      ],
      "title": "drivers: perf: Check find_first_bit() return value",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52797",
    "datePublished": "2024-05-21T15:31:10.952Z",
    "dateReserved": "2024-05-21T15:19:24.246Z",
    "dateUpdated": "2024-11-04T14:52:54.933Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47381

Vulnerability from cvelistv5

Published

2024-05-21 15:03

Modified

2024-11-04 12:04

Severity ?

Summary

ASoC: SOF: Fix DSP oops stack dump output contents

References

▼	URL	Tags
	https://git.kernel.org/stable/c/a6bb576ead074ca6fa3b53cb1c5d4037a23de81b
	https://git.kernel.org/stable/c/ac4dfccb96571ca03af7cac64b7a0b2952c97f3a

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47381",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-28T18:29:17.455627Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:15:11.897Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:08.606Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a6bb576ead074ca6fa3b53cb1c5d4037a23de81b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ac4dfccb96571ca03af7cac64b7a0b2952c97f3a"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "sound/soc/sof/xtensa/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a6bb576ead07",
              "status": "affected",
              "version": "e657c18a01c8",
              "versionType": "git"
            },
            {
              "lessThan": "ac4dfccb9657",
              "status": "affected",
              "version": "e657c18a01c8",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "sound/soc/sof/xtensa/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.2"
            },
            {
              "lessThan": "5.2",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Fix DSP oops stack dump output contents\n\nFix @buf arg given to hex_dump_to_buffer() and stack address used\nin dump error output."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:04:48.114Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a6bb576ead074ca6fa3b53cb1c5d4037a23de81b"
        },
        {
          "url": "https://git.kernel.org/stable/c/ac4dfccb96571ca03af7cac64b7a0b2952c97f3a"
        }
      ],
      "title": "ASoC: SOF: Fix DSP oops stack dump output contents",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47381",
    "datePublished": "2024-05-21T15:03:42.967Z",
    "dateReserved": "2024-05-21T14:58:30.812Z",
    "dateUpdated": "2024-11-04T12:04:48.114Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52866

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:54

Severity ?

Summary

HID: uclogic: Fix user-memory-access bug in uclogic_params_ugee_v2_init_event_hooks()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/64da1f6147dac7f8499d4937a0d7ea990bf569e8
	https://git.kernel.org/stable/c/6c8f953728d75104d994893f58801c457274335a
	https://git.kernel.org/stable/c/91cfe0bbaa1c434d4271eb6e1d7aaa1fe8d121f6

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52866",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T17:53:04.832614Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:47.041Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.045Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/64da1f6147dac7f8499d4937a0d7ea990bf569e8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6c8f953728d75104d994893f58801c457274335a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/91cfe0bbaa1c434d4271eb6e1d7aaa1fe8d121f6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/hid/hid-uclogic-params-test.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "64da1f6147da",
              "status": "affected",
              "version": "a251d6576d2a",
              "versionType": "git"
            },
            {
              "lessThan": "6c8f953728d7",
              "status": "affected",
              "version": "a251d6576d2a",
              "versionType": "git"
            },
            {
              "lessThan": "91cfe0bbaa1c",
              "status": "affected",
              "version": "a251d6576d2a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/hid/hid-uclogic-params-test.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "lessThan": "6.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: uclogic: Fix user-memory-access bug in uclogic_params_ugee_v2_init_event_hooks()\n\nWhen CONFIG_HID_UCLOGIC=y and CONFIG_KUNIT_ALL_TESTS=y, launch kernel and\nthen the below user-memory-access bug occurs.\n\nIn hid_test_uclogic_params_cleanup_event_hooks(),it call\nuclogic_params_ugee_v2_init_event_hooks() with the first arg=NULL, so\nwhen it calls uclogic_params_ugee_v2_has_battery(), the hid_get_drvdata()\nwill access hdev-\u003edev with hdev=NULL, which will cause below\nuser-memory-access.\n\nSo add a fake_device with quirks member and call hid_set_drvdata()\nto assign hdev-\u003edev-\u003edriver_data which avoids the null-ptr-def bug\nfor drvdata-\u003equirks in uclogic_params_ugee_v2_has_battery(). After applying\nthis patch, the below user-memory-access bug never occurs.\n\n general protection fault, probably for non-canonical address 0xdffffc0000000329: 0000 [#1] PREEMPT SMP KASAN\n KASAN: probably user-memory-access in range [0x0000000000001948-0x000000000000194f]\n CPU: 5 PID: 2189 Comm: kunit_try_catch Tainted: G    B   W        N 6.6.0-rc2+ #30\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n RIP: 0010:uclogic_params_ugee_v2_init_event_hooks+0x87/0x600\n Code: f3 f3 65 48 8b 14 25 28 00 00 00 48 89 54 24 60 31 d2 48 89 fa c7 44 24 30 00 00 00 00 48 c7 44 24 28 02 f8 02 01 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 2c 04 00 00 48 8b 9d 48 19 00 00 48 b8 00 00 00\n RSP: 0000:ffff88810679fc88 EFLAGS: 00010202\n RAX: dffffc0000000000 RBX: 0000000000000004 RCX: 0000000000000000\n RDX: 0000000000000329 RSI: ffff88810679fd88 RDI: 0000000000001948\n RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed1020f639f0\n R10: ffff888107b1cf87 R11: 0000000000000400 R12: 1ffff11020cf3f92\n R13: ffff88810679fd88 R14: ffff888100b97b08 R15: ffff8881030bb080\n FS:  0000000000000000(0000) GS:ffff888119e80000(0000) knlGS:0000000000000000\n CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000000005286001 CR4: 0000000000770ee0\n DR0: ffffffff8fdd6cf4 DR1: ffffffff8fdd6cf5 DR2: ffffffff8fdd6cf6\n DR3: ffffffff8fdd6cf7 DR6: 00000000fffe0ff0 DR7: 0000000000000600\n PKRU: 55555554\n Call Trace:\n  \u003cTASK\u003e\n  ? die_addr+0x3d/0xa0\n  ? exc_general_protection+0x144/0x220\n  ? asm_exc_general_protection+0x22/0x30\n  ? uclogic_params_ugee_v2_init_event_hooks+0x87/0x600\n  ? sched_clock_cpu+0x69/0x550\n  ? uclogic_parse_ugee_v2_desc_gen_params+0x70/0x70\n  ? load_balance+0x2950/0x2950\n  ? rcu_trc_cmpxchg_need_qs+0x67/0xa0\n  hid_test_uclogic_params_cleanup_event_hooks+0x9e/0x1a0\n  ? uclogic_params_ugee_v2_init_event_hooks+0x600/0x600\n  ? __switch_to+0x5cf/0xe60\n  ? migrate_enable+0x260/0x260\n  ? __kthread_parkme+0x83/0x150\n  ? kunit_try_run_case_cleanup+0xe0/0xe0\n  kunit_generic_run_threadfn_adapter+0x4a/0x90\n  ? kunit_try_catch_throw+0x80/0x80\n  kthread+0x2b5/0x380\n  ? kthread_complete_and_exit+0x20/0x20\n  ret_from_fork+0x2d/0x70\n  ? kthread_complete_and_exit+0x20/0x20\n  ret_from_fork_asm+0x11/0x20\n  \u003c/TASK\u003e\n Modules linked in:\n Dumping ftrace buffer:\n    (ftrace buffer empty)\n ---[ end trace 0000000000000000 ]---\n RIP: 0010:uclogic_params_ugee_v2_init_event_hooks+0x87/0x600\n Code: f3 f3 65 48 8b 14 25 28 00 00 00 48 89 54 24 60 31 d2 48 89 fa c7 44 24 30 00 00 00 00 48 c7 44 24 28 02 f8 02 01 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 2c 04 00 00 48 8b 9d 48 19 00 00 48 b8 00 00 00\n RSP: 0000:ffff88810679fc88 EFLAGS: 00010202\n RAX: dffffc0000000000 RBX: 0000000000000004 RCX: 0000000000000000\n RDX: 0000000000000329 RSI: ffff88810679fd88 RDI: 0000000000001948\n RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed1020f639f0\n R10: ffff888107b1cf87 R11: 0000000000000400 R12: 1ffff11020cf3f92\n R13: ffff88810679fd88 R14: ffff888100b97b08 R15: ffff8881030bb080\n FS:  0000000000000000(0000) GS:ffff888119e80000(0000) knlGS:0000000000000000\n CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000000005286001 CR4: 0000000000770ee0\n DR0: ffffffff8fdd6cf4 DR1: \n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:10.609Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/64da1f6147dac7f8499d4937a0d7ea990bf569e8"
        },
        {
          "url": "https://git.kernel.org/stable/c/6c8f953728d75104d994893f58801c457274335a"
        },
        {
          "url": "https://git.kernel.org/stable/c/91cfe0bbaa1c434d4271eb6e1d7aaa1fe8d121f6"
        }
      ],
      "title": "HID: uclogic: Fix user-memory-access bug in uclogic_params_ugee_v2_init_event_hooks()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52866",
    "datePublished": "2024-05-21T15:31:57.191Z",
    "dateReserved": "2024-05-21T15:19:24.262Z",
    "dateUpdated": "2024-11-04T14:54:10.609Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52708

Vulnerability from cvelistv5

Published

2024-05-21 15:22

Modified

2024-11-04 14:51

Severity ?

Summary

mmc: mmc_spi: fix error handling in mmc_spi_probe()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/e9b488d60f51ae312006e224e03a30a151c28bdd
	https://git.kernel.org/stable/c/0b3edcb24bd81b3b2e3dac89f4733bfd47d283be
	https://git.kernel.org/stable/c/ecad2fafd424ffdc203b2748ded0b37e4bbecef3
	https://git.kernel.org/stable/c/82645bf4ed02abe930a659c5fe16d593a6dbd93f
	https://git.kernel.org/stable/c/cf4c9d2ac1e42c7d18b921bec39486896645b714

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52708",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:27:42.948187Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:21.454Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.045Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e9b488d60f51ae312006e224e03a30a151c28bdd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0b3edcb24bd81b3b2e3dac89f4733bfd47d283be"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ecad2fafd424ffdc203b2748ded0b37e4bbecef3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/82645bf4ed02abe930a659c5fe16d593a6dbd93f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cf4c9d2ac1e42c7d18b921bec39486896645b714"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/mmc/host/mmc_spi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e9b488d60f51",
              "status": "affected",
              "version": "15a0580ced08",
              "versionType": "git"
            },
            {
              "lessThan": "0b3edcb24bd8",
              "status": "affected",
              "version": "15a0580ced08",
              "versionType": "git"
            },
            {
              "lessThan": "ecad2fafd424",
              "status": "affected",
              "version": "15a0580ced08",
              "versionType": "git"
            },
            {
              "lessThan": "82645bf4ed02",
              "status": "affected",
              "version": "15a0580ced08",
              "versionType": "git"
            },
            {
              "lessThan": "cf4c9d2ac1e4",
              "status": "affected",
              "version": "15a0580ced08",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/mmc/host/mmc_spi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.24"
            },
            {
              "lessThan": "2.6.24",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.232",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.169",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.95",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: mmc_spi: fix error handling in mmc_spi_probe()\n\nIf mmc_add_host() fails, it doesn\u0027t need to call mmc_remove_host(),\nor it will cause null-ptr-deref, because of deleting a not added\ndevice in mmc_remove_host().\n\nTo fix this, goto label \u0027fail_glue_init\u0027, if mmc_add_host() fails,\nand change the label \u0027fail_add_host\u0027 to \u0027fail_gpiod_request\u0027."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:35.567Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e9b488d60f51ae312006e224e03a30a151c28bdd"
        },
        {
          "url": "https://git.kernel.org/stable/c/0b3edcb24bd81b3b2e3dac89f4733bfd47d283be"
        },
        {
          "url": "https://git.kernel.org/stable/c/ecad2fafd424ffdc203b2748ded0b37e4bbecef3"
        },
        {
          "url": "https://git.kernel.org/stable/c/82645bf4ed02abe930a659c5fe16d593a6dbd93f"
        },
        {
          "url": "https://git.kernel.org/stable/c/cf4c9d2ac1e42c7d18b921bec39486896645b714"
        }
      ],
      "title": "mmc: mmc_spi: fix error handling in mmc_spi_probe()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52708",
    "datePublished": "2024-05-21T15:22:55.975Z",
    "dateReserved": "2024-03-07T14:49:46.892Z",
    "dateUpdated": "2024-11-04T14:51:35.567Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47437

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:05

Severity ?

Summary

iio: adis16475: fix deadlock on frequency set

References

▼	URL	Tags
	https://git.kernel.org/stable/c/04e03b907022ebd876f422f17efcc2c6cc934dc6
	https://git.kernel.org/stable/c/9da1b86865ab4376408c58cd9fec332c8bdb5c73

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47437",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:17:08.445721Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:58.331Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.217Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/04e03b907022ebd876f422f17efcc2c6cc934dc6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9da1b86865ab4376408c58cd9fec332c8bdb5c73"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/iio/imu/adis16475.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "04e03b907022",
              "status": "affected",
              "version": "39c024b51b56",
              "versionType": "git"
            },
            {
              "lessThan": "9da1b86865ab",
              "status": "affected",
              "version": "39c024b51b56",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/iio/imu/adis16475.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.13"
            },
            {
              "lessThan": "5.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adis16475: fix deadlock on frequency set\n\nWith commit 39c024b51b560\n(\"iio: adis16475: improve sync scale mode handling\"), two deadlocks were\nintroduced:\n 1) The call to \u0027adis_write_reg_16()\u0027 was not changed to it\u0027s unlocked\n    version.\n 2) The lock was not being released on the success path of the function.\n\nThis change fixes both these issues."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:52.945Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/04e03b907022ebd876f422f17efcc2c6cc934dc6"
        },
        {
          "url": "https://git.kernel.org/stable/c/9da1b86865ab4376408c58cd9fec332c8bdb5c73"
        }
      ],
      "title": "iio: adis16475: fix deadlock on frequency set",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47437",
    "datePublished": "2024-05-22T06:19:32.879Z",
    "dateReserved": "2024-05-21T14:58:30.831Z",
    "dateUpdated": "2024-11-04T12:05:52.945Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52801

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:52

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Summary

iommufd: Fix missing update of domains_itree after splitting iopt_area

References

▼	URL	Tags
	https://git.kernel.org/stable/c/836db2e7e4565d8218923b3552304a1637e2f28d
	https://git.kernel.org/stable/c/fcb32111f01ddf3cbd04644cde1773428e31de6a
	https://git.kernel.org/stable/c/e7250ab7ca4998fe026f2149805b03e09dc32498

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "836db2e7e456",
                "status": "affected",
                "version": "51fe6141f0f6",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "fcb32111f01d",
                "status": "affected",
                "version": "51fe6141f0f6",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "e7250ab7ca49",
                "status": "affected",
                "version": "51fe6141f0f6",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "6..2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "6.2",
                "status": "unaffected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "6.5.*",
                "status": "unaffected",
                "version": "6.5.13",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "6.6.*",
                "status": "unaffected",
                "version": "6.6.3",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.7"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52801",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-24T15:13:11.142898Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-284",
                "description": "CWE-284 Improper Access Control",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-05T19:16:04.430Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.602Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/836db2e7e4565d8218923b3552304a1637e2f28d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fcb32111f01ddf3cbd04644cde1773428e31de6a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e7250ab7ca4998fe026f2149805b03e09dc32498"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/iommu/iommufd/io_pagetable.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "836db2e7e456",
              "status": "affected",
              "version": "51fe6141f0f6",
              "versionType": "git"
            },
            {
              "lessThan": "fcb32111f01d",
              "status": "affected",
              "version": "51fe6141f0f6",
              "versionType": "git"
            },
            {
              "lessThan": "e7250ab7ca49",
              "status": "affected",
              "version": "51fe6141f0f6",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/iommu/iommufd/io_pagetable.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "lessThan": "6.2",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd: Fix missing update of domains_itree after splitting iopt_area\n\nIn iopt_area_split(), if the original iopt_area has filled a domain and is\nlinked to domains_itree, pages_nodes have to be properly\nreinserted. Otherwise the domains_itree becomes corrupted and we will UAF."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:59.713Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/836db2e7e4565d8218923b3552304a1637e2f28d"
        },
        {
          "url": "https://git.kernel.org/stable/c/fcb32111f01ddf3cbd04644cde1773428e31de6a"
        },
        {
          "url": "https://git.kernel.org/stable/c/e7250ab7ca4998fe026f2149805b03e09dc32498"
        }
      ],
      "title": "iommufd: Fix missing update of domains_itree after splitting iopt_area",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52801",
    "datePublished": "2024-05-21T15:31:13.700Z",
    "dateReserved": "2024-05-21T15:19:24.247Z",
    "dateUpdated": "2024-11-04T14:52:59.713Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52840

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/2f236d8638f5b43e0c72919a6a27fe286c32053f
	https://git.kernel.org/stable/c/50d12253666195a14c6cd2b81c376e2dbeedbdff
	https://git.kernel.org/stable/c/6c71e065befb2fae8f1461559b940c04e1071bd5
	https://git.kernel.org/stable/c/303766bb92c5c225cf40f9bbbe7e29749406e2f2
	https://git.kernel.org/stable/c/7082b1fb5321037bc11ba1cf2d7ed23c6b2b521f
	https://git.kernel.org/stable/c/cc56c4d17721dcb10ad4e9c9266e449be1462683
	https://git.kernel.org/stable/c/c8e639f5743cf4b01f8c65e0df075fe4d782b585
	https://git.kernel.org/stable/c/eb988e46da2e4eae89f5337e047ce372fe33d5b1

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52840",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-12T18:01:30.625524Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-12T18:01:37.971Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.065Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2f236d8638f5b43e0c72919a6a27fe286c32053f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/50d12253666195a14c6cd2b81c376e2dbeedbdff"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6c71e065befb2fae8f1461559b940c04e1071bd5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/303766bb92c5c225cf40f9bbbe7e29749406e2f2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7082b1fb5321037bc11ba1cf2d7ed23c6b2b521f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cc56c4d17721dcb10ad4e9c9266e449be1462683"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c8e639f5743cf4b01f8c65e0df075fe4d782b585"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eb988e46da2e4eae89f5337e047ce372fe33d5b1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/input/rmi4/rmi_bus.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2f236d8638f5",
              "status": "affected",
              "version": "24d28e4f1271",
              "versionType": "git"
            },
            {
              "lessThan": "50d122536661",
              "status": "affected",
              "version": "24d28e4f1271",
              "versionType": "git"
            },
            {
              "lessThan": "6c71e065befb",
              "status": "affected",
              "version": "24d28e4f1271",
              "versionType": "git"
            },
            {
              "lessThan": "303766bb92c5",
              "status": "affected",
              "version": "24d28e4f1271",
              "versionType": "git"
            },
            {
              "lessThan": "7082b1fb5321",
              "status": "affected",
              "version": "24d28e4f1271",
              "versionType": "git"
            },
            {
              "lessThan": "cc56c4d17721",
              "status": "affected",
              "version": "24d28e4f1271",
              "versionType": "git"
            },
            {
              "lessThan": "c8e639f5743c",
              "status": "affected",
              "version": "24d28e4f1271",
              "versionType": "git"
            },
            {
              "lessThan": "eb988e46da2e",
              "status": "affected",
              "version": "24d28e4f1271",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/input/rmi4/rmi_bus.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.18"
            },
            {
              "lessThan": "4.18",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.299",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.261",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: synaptics-rmi4 - fix use after free in rmi_unregister_function()\n\nThe put_device() calls rmi_release_function() which frees \"fn\" so the\ndereference on the next line \"fn-\u003enum_of_irqs\" is a use after free.\nMove the put_device() to the end to fix this."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:38.605Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2f236d8638f5b43e0c72919a6a27fe286c32053f"
        },
        {
          "url": "https://git.kernel.org/stable/c/50d12253666195a14c6cd2b81c376e2dbeedbdff"
        },
        {
          "url": "https://git.kernel.org/stable/c/6c71e065befb2fae8f1461559b940c04e1071bd5"
        },
        {
          "url": "https://git.kernel.org/stable/c/303766bb92c5c225cf40f9bbbe7e29749406e2f2"
        },
        {
          "url": "https://git.kernel.org/stable/c/7082b1fb5321037bc11ba1cf2d7ed23c6b2b521f"
        },
        {
          "url": "https://git.kernel.org/stable/c/cc56c4d17721dcb10ad4e9c9266e449be1462683"
        },
        {
          "url": "https://git.kernel.org/stable/c/c8e639f5743cf4b01f8c65e0df075fe4d782b585"
        },
        {
          "url": "https://git.kernel.org/stable/c/eb988e46da2e4eae89f5337e047ce372fe33d5b1"
        }
      ],
      "title": "Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52840",
    "datePublished": "2024-05-21T15:31:39.862Z",
    "dateReserved": "2024-05-21T15:19:24.253Z",
    "dateUpdated": "2024-11-04T14:53:38.605Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47423

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

drm/nouveau/debugfs: fix file release memory leak

References

▼	URL	Tags
	https://git.kernel.org/stable/c/df0c9418923679bc6d0060bdb1b5bf2c755159e0
	https://git.kernel.org/stable/c/9f9d4c88b2edc7924e19c44909cfc3fa4e4d3d43
	https://git.kernel.org/stable/c/1508b09945bde393326a9dab73b1fc35f672d771
	https://git.kernel.org/stable/c/11cd944bb87d9e575b94c07c952105eda745b459
	https://git.kernel.org/stable/c/f69556a42043b5444ca712ee889829ba89fdcba8
	https://git.kernel.org/stable/c/88c3610045ca6e699331b6bb5c095c5565f30721
	https://git.kernel.org/stable/c/f5a8703a9c418c6fc54eb772712dfe7641e3991c

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47423",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:29:52.464224Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:23.519Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.135Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/df0c9418923679bc6d0060bdb1b5bf2c755159e0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9f9d4c88b2edc7924e19c44909cfc3fa4e4d3d43"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1508b09945bde393326a9dab73b1fc35f672d771"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/11cd944bb87d9e575b94c07c952105eda745b459"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f69556a42043b5444ca712ee889829ba89fdcba8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/88c3610045ca6e699331b6bb5c095c5565f30721"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f5a8703a9c418c6fc54eb772712dfe7641e3991c"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/nouveau/nouveau_debugfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "df0c94189236",
              "status": "affected",
              "version": "6e9fc177399f",
              "versionType": "git"
            },
            {
              "lessThan": "9f9d4c88b2ed",
              "status": "affected",
              "version": "6e9fc177399f",
              "versionType": "git"
            },
            {
              "lessThan": "1508b09945bd",
              "status": "affected",
              "version": "6e9fc177399f",
              "versionType": "git"
            },
            {
              "lessThan": "11cd944bb87d",
              "status": "affected",
              "version": "6e9fc177399f",
              "versionType": "git"
            },
            {
              "lessThan": "f69556a42043",
              "status": "affected",
              "version": "6e9fc177399f",
              "versionType": "git"
            },
            {
              "lessThan": "88c3610045ca",
              "status": "affected",
              "version": "6e9fc177399f",
              "versionType": "git"
            },
            {
              "lessThan": "f5a8703a9c41",
              "status": "affected",
              "version": "6e9fc177399f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/nouveau/nouveau_debugfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.5"
            },
            {
              "lessThan": "4.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.287",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.251",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.211",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.153",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.73",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau/debugfs: fix file release memory leak\n\nWhen using single_open() for opening, single_release() should be\ncalled, otherwise the \u0027op\u0027 allocated in single_open() will be leaked."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:37.647Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/df0c9418923679bc6d0060bdb1b5bf2c755159e0"
        },
        {
          "url": "https://git.kernel.org/stable/c/9f9d4c88b2edc7924e19c44909cfc3fa4e4d3d43"
        },
        {
          "url": "https://git.kernel.org/stable/c/1508b09945bde393326a9dab73b1fc35f672d771"
        },
        {
          "url": "https://git.kernel.org/stable/c/11cd944bb87d9e575b94c07c952105eda745b459"
        },
        {
          "url": "https://git.kernel.org/stable/c/f69556a42043b5444ca712ee889829ba89fdcba8"
        },
        {
          "url": "https://git.kernel.org/stable/c/88c3610045ca6e699331b6bb5c095c5565f30721"
        },
        {
          "url": "https://git.kernel.org/stable/c/f5a8703a9c418c6fc54eb772712dfe7641e3991c"
        }
      ],
      "title": "drm/nouveau/debugfs: fix file release memory leak",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47423",
    "datePublished": "2024-05-21T15:04:10.611Z",
    "dateReserved": "2024-05-21T14:58:30.820Z",
    "dateUpdated": "2024-11-04T12:05:37.647Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52794

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:52

Severity ?

Summary

thermal: intel: powerclamp: fix mismatch in get function for max_idle

References

▼	URL	Tags
	https://git.kernel.org/stable/c/6a3866dbdcf39ac93e98708e6abced511733dc18
	https://git.kernel.org/stable/c/0a8585281b11e3a0723bba8d8085d61f0b55f37c
	https://git.kernel.org/stable/c/fae633cfb729da2771b5433f6b84ae7e8b4aa5f7

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.955Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6a3866dbdcf39ac93e98708e6abced511733dc18"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0a8585281b11e3a0723bba8d8085d61f0b55f37c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fae633cfb729da2771b5433f6b84ae7e8b4aa5f7"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52794",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:53.470332Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:29.826Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/thermal/intel/intel_powerclamp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6a3866dbdcf3",
              "status": "affected",
              "version": "ebf519710218",
              "versionType": "git"
            },
            {
              "lessThan": "0a8585281b11",
              "status": "affected",
              "version": "ebf519710218",
              "versionType": "git"
            },
            {
              "lessThan": "fae633cfb729",
              "status": "affected",
              "version": "ebf519710218",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/thermal/intel/intel_powerclamp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "lessThan": "6.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: intel: powerclamp: fix mismatch in get function for max_idle\n\nKASAN reported this\n\n      [ 444.853098] BUG: KASAN: global-out-of-bounds in param_get_int+0x77/0x90\n      [ 444.853111] Read of size 4 at addr ffffffffc16c9220 by task cat/2105\n      ...\n      [ 444.853442] The buggy address belongs to the variable:\n      [ 444.853443] max_idle+0x0/0xffffffffffffcde0 [intel_powerclamp]\n\nThere is a mismatch between the param_get_int and the definition of\nmax_idle.  Replacing param_get_int with param_get_byte resolves this\nissue."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:51.268Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6a3866dbdcf39ac93e98708e6abced511733dc18"
        },
        {
          "url": "https://git.kernel.org/stable/c/0a8585281b11e3a0723bba8d8085d61f0b55f37c"
        },
        {
          "url": "https://git.kernel.org/stable/c/fae633cfb729da2771b5433f6b84ae7e8b4aa5f7"
        }
      ],
      "title": "thermal: intel: powerclamp: fix mismatch in get function for max_idle",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52794",
    "datePublished": "2024-05-21T15:31:08.970Z",
    "dateReserved": "2024-05-21T15:19:24.246Z",
    "dateUpdated": "2024-11-04T14:52:51.268Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52782

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:52

Severity ?

Summary

net/mlx5e: Track xmit submission to PTP WQ after populating metadata map

References

▼	URL	Tags
	https://git.kernel.org/stable/c/a9d6c0c5a6bd9ca88e964f8843ea41bc085de866
	https://git.kernel.org/stable/c/4d510506b46504664eacf8a44a9e8f3e54c137b8
	https://git.kernel.org/stable/c/7e3f3ba97e6cc6fce5bf62df2ca06c8e59040167

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52782",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T18:32:52.154799Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:11.095Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.019Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a9d6c0c5a6bd9ca88e964f8843ea41bc085de866"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4d510506b46504664eacf8a44a9e8f3e54c137b8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7e3f3ba97e6cc6fce5bf62df2ca06c8e59040167"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/en_tx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a9d6c0c5a6bd",
              "status": "affected",
              "version": "e729382c297e",
              "versionType": "git"
            },
            {
              "lessThan": "4d510506b465",
              "status": "affected",
              "version": "3178308ad4ca",
              "versionType": "git"
            },
            {
              "lessThan": "7e3f3ba97e6c",
              "status": "affected",
              "version": "3178308ad4ca",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/en_tx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.6"
            },
            {
              "lessThan": "6.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Track xmit submission to PTP WQ after populating metadata map\n\nEnsure the skb is available in metadata mapping to skbs before tracking the\nmetadata index for detecting undelivered CQEs. If the metadata index is put\nin the tracking list before putting the skb in the map, the metadata index\nmight be used for detecting undelivered CQEs before the relevant skb is\navailable in the map, which can lead to a null-ptr-deref.\n\nLog:\n    general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN\n    KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n    CPU: 0 PID: 1243 Comm: kworker/0:2 Not tainted 6.6.0-rc4+ #108\n    Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n    Workqueue: events mlx5e_rx_dim_work [mlx5_core]\n    RIP: 0010:mlx5e_ptp_napi_poll+0x9a4/0x2290 [mlx5_core]\n    Code: 8c 24 38 cc ff ff 4c 8d 3c c1 4c 89 f9 48 c1 e9 03 42 80 3c 31 00 0f 85 97 0f 00 00 4d 8b 3f 49 8d 7f 28 48 89 f9 48 c1 e9 03 \u003c42\u003e 80 3c 31 00 0f 85 8b 0f 00 00 49 8b 47 28 48 85 c0 0f 84 05 07\n    RSP: 0018:ffff8884d3c09c88 EFLAGS: 00010206\n    RAX: 0000000000000069 RBX: ffff8881160349d8 RCX: 0000000000000005\n    RDX: ffffed10218f48cf RSI: 0000000000000004 RDI: 0000000000000028\n    RBP: ffff888122707700 R08: 0000000000000001 R09: ffffed109a781383\n    R10: 0000000000000003 R11: 0000000000000003 R12: ffff88810c7a7a40\n    R13: ffff888122707700 R14: dffffc0000000000 R15: 0000000000000000\n    FS:  0000000000000000(0000) GS:ffff8884d3c00000(0000) knlGS:0000000000000000\n    CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n    CR2: 00007f4f878dd6e0 CR3: 000000014d108002 CR4: 0000000000370eb0\n    DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n    DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n    Call Trace:\n    \u003cIRQ\u003e\n    ? die_addr+0x3c/0xa0\n    ? exc_general_protection+0x144/0x210\n    ? asm_exc_general_protection+0x22/0x30\n    ? mlx5e_ptp_napi_poll+0x9a4/0x2290 [mlx5_core]\n    ? mlx5e_ptp_napi_poll+0x8f6/0x2290 [mlx5_core]\n    __napi_poll.constprop.0+0xa4/0x580\n    net_rx_action+0x460/0xb80\n    ? _raw_spin_unlock_irqrestore+0x32/0x60\n    ? __napi_poll.constprop.0+0x580/0x580\n    ? tasklet_action_common.isra.0+0x2ef/0x760\n    __do_softirq+0x26c/0x827\n    irq_exit_rcu+0xc2/0x100\n    common_interrupt+0x7f/0xa0\n    \u003c/IRQ\u003e\n    \u003cTASK\u003e\n    asm_common_interrupt+0x22/0x40\n    RIP: 0010:__kmem_cache_alloc_node+0xb/0x330\n    Code: 41 5d 41 5e 41 5f c3 8b 44 24 14 8b 4c 24 10 09 c8 eb d5 e8 b7 43 ca 01 0f 1f 80 00 00 00 00 0f 1f 44 00 00 55 48 89 e5 41 57 \u003c41\u003e 56 41 89 d6 41 55 41 89 f5 41 54 49 89 fc 53 48 83 e4 f0 48 83\n    RSP: 0018:ffff88812c4079c0 EFLAGS: 00000246\n    RAX: 1ffffffff083c7fe RBX: ffff888100042dc0 RCX: 0000000000000218\n    RDX: 00000000ffffffff RSI: 0000000000000dc0 RDI: ffff888100042dc0\n    RBP: ffff88812c4079c8 R08: ffffffffa0289f96 R09: ffffed1025880ea9\n    R10: ffff888138839f80 R11: 0000000000000002 R12: 0000000000000dc0\n    R13: 0000000000000100 R14: 000000000000008c R15: ffff8881271fc450\n    ? cmd_exec+0x796/0x2200 [mlx5_core]\n    kmalloc_trace+0x26/0xc0\n    cmd_exec+0x796/0x2200 [mlx5_core]\n    mlx5_cmd_do+0x22/0xc0 [mlx5_core]\n    mlx5_cmd_exec+0x17/0x30 [mlx5_core]\n    mlx5_core_modify_cq_moderation+0x139/0x1b0 [mlx5_core]\n    ? mlx5_add_cq_to_tasklet+0x280/0x280 [mlx5_core]\n    ? lockdep_set_lock_cmp_fn+0x190/0x190\n    ? process_one_work+0x659/0x1220\n    mlx5e_rx_dim_work+0x9d/0x100 [mlx5_core]\n    process_one_work+0x730/0x1220\n    ? lockdep_hardirqs_on_prepare+0x400/0x400\n    ? max_active_store+0xf0/0xf0\n    ? assign_work+0x168/0x240\n    worker_thread+0x70f/0x12d0\n    ? __kthread_parkme+0xd1/0x1d0\n    ? process_one_work+0x1220/0x1220\n    kthread+0x2d9/0x3b0\n    ? kthread_complete_and_exit+0x20/0x20\n    ret_from_fork+0x2d/0x70\n    ? kthread_complete_and_exit+0x20/0x20\n    ret_from_fork_as\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:37.835Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a9d6c0c5a6bd9ca88e964f8843ea41bc085de866"
        },
        {
          "url": "https://git.kernel.org/stable/c/4d510506b46504664eacf8a44a9e8f3e54c137b8"
        },
        {
          "url": "https://git.kernel.org/stable/c/7e3f3ba97e6cc6fce5bf62df2ca06c8e59040167"
        }
      ],
      "title": "net/mlx5e: Track xmit submission to PTP WQ after populating metadata map",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52782",
    "datePublished": "2024-05-21T15:31:00.897Z",
    "dateReserved": "2024-05-21T15:19:24.240Z",
    "dateUpdated": "2024-11-04T14:52:37.835Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52737

Vulnerability from cvelistv5

Published

2024-05-21 15:23

Modified

2024-11-04 14:51

Severity ?

Summary

btrfs: lock the inode in shared mode before starting fiemap

References

▼	URL	Tags
	https://git.kernel.org/stable/c/d8c594da79bc0244e610a70594e824a401802be1
	https://git.kernel.org/stable/c/519b7e13b5ae8dd38da1e52275705343be6bb508

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.060Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d8c594da79bc0244e610a70594e824a401802be1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/519b7e13b5ae8dd38da1e52275705343be6bb508"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52737",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:35.005166Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:35.821Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/btrfs/extent_io.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d8c594da79bc",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "519b7e13b5ae",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/btrfs/extent_io.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: lock the inode in shared mode before starting fiemap\n\nCurrently fiemap does not take the inode\u0027s lock (VFS lock), it only locks\na file range in the inode\u0027s io tree. This however can lead to a deadlock\nif we have a concurrent fsync on the file and fiemap code triggers a fault\nwhen accessing the user space buffer with fiemap_fill_next_extent(). The\ndeadlock happens on the inode\u0027s i_mmap_lock semaphore, which is taken both\nby fsync and btrfs_page_mkwrite(). This deadlock was recently reported by\nsyzbot and triggers a trace like the following:\n\n   task:syz-executor361 state:D stack:20264 pid:5668  ppid:5119   flags:0x00004004\n   Call Trace:\n    \u003cTASK\u003e\n    context_switch kernel/sched/core.c:5293 [inline]\n    __schedule+0x995/0xe20 kernel/sched/core.c:6606\n    schedule+0xcb/0x190 kernel/sched/core.c:6682\n    wait_on_state fs/btrfs/extent-io-tree.c:707 [inline]\n    wait_extent_bit+0x577/0x6f0 fs/btrfs/extent-io-tree.c:751\n    lock_extent+0x1c2/0x280 fs/btrfs/extent-io-tree.c:1742\n    find_lock_delalloc_range+0x4e6/0x9c0 fs/btrfs/extent_io.c:488\n    writepage_delalloc+0x1ef/0x540 fs/btrfs/extent_io.c:1863\n    __extent_writepage+0x736/0x14e0 fs/btrfs/extent_io.c:2174\n    extent_write_cache_pages+0x983/0x1220 fs/btrfs/extent_io.c:3091\n    extent_writepages+0x219/0x540 fs/btrfs/extent_io.c:3211\n    do_writepages+0x3c3/0x680 mm/page-writeback.c:2581\n    filemap_fdatawrite_wbc+0x11e/0x170 mm/filemap.c:388\n    __filemap_fdatawrite_range mm/filemap.c:421 [inline]\n    filemap_fdatawrite_range+0x175/0x200 mm/filemap.c:439\n    btrfs_fdatawrite_range fs/btrfs/file.c:3850 [inline]\n    start_ordered_ops fs/btrfs/file.c:1737 [inline]\n    btrfs_sync_file+0x4ff/0x1190 fs/btrfs/file.c:1839\n    generic_write_sync include/linux/fs.h:2885 [inline]\n    btrfs_do_write_iter+0xcd3/0x1280 fs/btrfs/file.c:1684\n    call_write_iter include/linux/fs.h:2189 [inline]\n    new_sync_write fs/read_write.c:491 [inline]\n    vfs_write+0x7dc/0xc50 fs/read_write.c:584\n    ksys_write+0x177/0x2a0 fs/read_write.c:637\n    do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n    do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n    entry_SYSCALL_64_after_hwframe+0x63/0xcd\n   RIP: 0033:0x7f7d4054e9b9\n   RSP: 002b:00007f7d404fa2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n   RAX: ffffffffffffffda RBX: 00007f7d405d87a0 RCX: 00007f7d4054e9b9\n   RDX: 0000000000000090 RSI: 0000000020000000 RDI: 0000000000000006\n   RBP: 00007f7d405a51d0 R08: 0000000000000000 R09: 0000000000000000\n   R10: 0000000000000000 R11: 0000000000000246 R12: 61635f65646f6e69\n   R13: 65646f7475616f6e R14: 7261637369646f6e R15: 00007f7d405d87a8\n    \u003c/TASK\u003e\n   INFO: task syz-executor361:5697 blocked for more than 145 seconds.\n         Not tainted 6.2.0-rc3-syzkaller-00376-g7c6984405241 #0\n   \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n   task:syz-executor361 state:D stack:21216 pid:5697  ppid:5119   flags:0x00004004\n   Call Trace:\n    \u003cTASK\u003e\n    context_switch kernel/sched/core.c:5293 [inline]\n    __schedule+0x995/0xe20 kernel/sched/core.c:6606\n    schedule+0xcb/0x190 kernel/sched/core.c:6682\n    rwsem_down_read_slowpath+0x5f9/0x930 kernel/locking/rwsem.c:1095\n    __down_read_common+0x54/0x2a0 kernel/locking/rwsem.c:1260\n    btrfs_page_mkwrite+0x417/0xc80 fs/btrfs/inode.c:8526\n    do_page_mkwrite+0x19e/0x5e0 mm/memory.c:2947\n    wp_page_shared+0x15e/0x380 mm/memory.c:3295\n    handle_pte_fault mm/memory.c:4949 [inline]\n    __handle_mm_fault mm/memory.c:5073 [inline]\n    handle_mm_fault+0x1b79/0x26b0 mm/memory.c:5219\n    do_user_addr_fault+0x69b/0xcb0 arch/x86/mm/fault.c:1428\n    handle_page_fault arch/x86/mm/fault.c:1519 [inline]\n    exc_page_fault+0x7a/0x110 arch/x86/mm/fault.c:1575\n    asm_exc_page_fault+0x22/0x30 arch/x86/include/asm/idtentry.h:570\n   RIP: 0010:copy_user_short_string+0xd/0x40 arch/x86/lib/copy_user_64.S:233\n   Code: 74 0a 89 (...)\n   RSP: 0018:ffffc9000570f330 EFLAGS: 000502\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:43.851Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d8c594da79bc0244e610a70594e824a401802be1"
        },
        {
          "url": "https://git.kernel.org/stable/c/519b7e13b5ae8dd38da1e52275705343be6bb508"
        }
      ],
      "title": "btrfs: lock the inode in shared mode before starting fiemap",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52737",
    "datePublished": "2024-05-21T15:23:01.202Z",
    "dateReserved": "2024-05-21T15:19:24.233Z",
    "dateUpdated": "2024-11-04T14:51:43.851Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52836

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

locking/ww_mutex/test: Fix potential workqueue corruption

References

▼	URL	Tags
	https://git.kernel.org/stable/c/d4d37c9e6a4dbcca958dabd99216550525c7e389
	https://git.kernel.org/stable/c/d8267cabbe1bed15ccf8b0e684c528bf8eeef715
	https://git.kernel.org/stable/c/dcd85e3c929368076a7592b27f541e0da8b427f5
	https://git.kernel.org/stable/c/9ed2d68b3925145f5f51c46559484881d6082f75
	https://git.kernel.org/stable/c/e89d0ed45a419c485bae999426ecf92697cbdda3
	https://git.kernel.org/stable/c/c56df79d68677cf062da1b6e3b33e74299a92dfc
	https://git.kernel.org/stable/c/e36407713163363e65566e7af0abe207d5f59a0c
	https://git.kernel.org/stable/c/304a2c4aad0fff887ce493e4197bf9cbaf394479
	https://git.kernel.org/stable/c/bccdd808902f8c677317cec47c306e42b93b849e

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52836",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T19:05:10.965267Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:59.048Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.040Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d4d37c9e6a4dbcca958dabd99216550525c7e389"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d8267cabbe1bed15ccf8b0e684c528bf8eeef715"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dcd85e3c929368076a7592b27f541e0da8b427f5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9ed2d68b3925145f5f51c46559484881d6082f75"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e89d0ed45a419c485bae999426ecf92697cbdda3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c56df79d68677cf062da1b6e3b33e74299a92dfc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e36407713163363e65566e7af0abe207d5f59a0c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/304a2c4aad0fff887ce493e4197bf9cbaf394479"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bccdd808902f8c677317cec47c306e42b93b849e"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/locking/test-ww_mutex.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d4d37c9e6a4d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d8267cabbe1b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "dcd85e3c9293",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "9ed2d68b3925",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e89d0ed45a41",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c56df79d6867",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e36407713163",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "304a2c4aad0f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "bccdd808902f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/locking/test-ww_mutex.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.331",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlocking/ww_mutex/test: Fix potential workqueue corruption\n\nIn some cases running with the test-ww_mutex code, I was seeing\nodd behavior where sometimes it seemed flush_workqueue was\nreturning before all the work threads were finished.\n\nOften this would cause strange crashes as the mutexes would be\nfreed while they were being used.\n\nLooking at the code, there is a lifetime problem as the\ncontrolling thread that spawns the work allocates the\n\"struct stress\" structures that are passed to the workqueue\nthreads. Then when the workqueue threads are finished,\nthey free the stress struct that was passed to them.\n\nUnfortunately the workqueue work_struct node is in the stress\nstruct. Which means the work_struct is freed before the work\nthread returns and while flush_workqueue is waiting.\n\nIt seems like a better idea to have the controlling thread\nboth allocate and free the stress structures, so that we can\nbe sure we don\u0027t corrupt the workqueue by freeing the structure\nprematurely.\n\nSo this patch reworks the test to do so, and with this change\nI no longer see the early flush_workqueue returns."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:33.912Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d4d37c9e6a4dbcca958dabd99216550525c7e389"
        },
        {
          "url": "https://git.kernel.org/stable/c/d8267cabbe1bed15ccf8b0e684c528bf8eeef715"
        },
        {
          "url": "https://git.kernel.org/stable/c/dcd85e3c929368076a7592b27f541e0da8b427f5"
        },
        {
          "url": "https://git.kernel.org/stable/c/9ed2d68b3925145f5f51c46559484881d6082f75"
        },
        {
          "url": "https://git.kernel.org/stable/c/e89d0ed45a419c485bae999426ecf92697cbdda3"
        },
        {
          "url": "https://git.kernel.org/stable/c/c56df79d68677cf062da1b6e3b33e74299a92dfc"
        },
        {
          "url": "https://git.kernel.org/stable/c/e36407713163363e65566e7af0abe207d5f59a0c"
        },
        {
          "url": "https://git.kernel.org/stable/c/304a2c4aad0fff887ce493e4197bf9cbaf394479"
        },
        {
          "url": "https://git.kernel.org/stable/c/bccdd808902f8c677317cec47c306e42b93b849e"
        }
      ],
      "title": "locking/ww_mutex/test: Fix potential workqueue corruption",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52836",
    "datePublished": "2024-05-21T15:31:37.174Z",
    "dateReserved": "2024-05-21T15:19:24.252Z",
    "dateUpdated": "2024-11-04T14:53:33.912Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52865

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:54

Severity ?

Summary

clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data

References

▼	URL	Tags
	https://git.kernel.org/stable/c/c26feedbc561f2a3cee1a4f717e61bdbdfb4fa92
	https://git.kernel.org/stable/c/4c79cbfb8e9e2311be77182893fda5ea4068c836
	https://git.kernel.org/stable/c/2705c5b97f504e831ae1935c05f0e44f80dfa6b3
	https://git.kernel.org/stable/c/81b16286110728674dcf81137be0687c5055e7bf
	https://git.kernel.org/stable/c/3aefc6fcfbada57fac27f470602d5565e5b76cb4
	https://git.kernel.org/stable/c/357df1c2f6ace96defd557fad709ed1f9f70e16c
	https://git.kernel.org/stable/c/be3f12f16038a558f08fa93cc32fa715746a5235
	https://git.kernel.org/stable/c/122ac6496e4975ddd7ec1edba4f6fc1e15e39478
	https://git.kernel.org/stable/c/606f6366a35a3329545e38129804d65ef26ed7d2

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52865",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-24T19:32:41.804264Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:00.743Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.063Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c26feedbc561f2a3cee1a4f717e61bdbdfb4fa92"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4c79cbfb8e9e2311be77182893fda5ea4068c836"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2705c5b97f504e831ae1935c05f0e44f80dfa6b3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/81b16286110728674dcf81137be0687c5055e7bf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3aefc6fcfbada57fac27f470602d5565e5b76cb4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/357df1c2f6ace96defd557fad709ed1f9f70e16c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/be3f12f16038a558f08fa93cc32fa715746a5235"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/122ac6496e4975ddd7ec1edba4f6fc1e15e39478"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/606f6366a35a3329545e38129804d65ef26ed7d2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/clk/mediatek/clk-mt6797.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c26feedbc561",
              "status": "affected",
              "version": "96596aa06628",
              "versionType": "git"
            },
            {
              "lessThan": "4c79cbfb8e9e",
              "status": "affected",
              "version": "96596aa06628",
              "versionType": "git"
            },
            {
              "lessThan": "2705c5b97f50",
              "status": "affected",
              "version": "96596aa06628",
              "versionType": "git"
            },
            {
              "lessThan": "81b162861107",
              "status": "affected",
              "version": "96596aa06628",
              "versionType": "git"
            },
            {
              "lessThan": "3aefc6fcfbad",
              "status": "affected",
              "version": "96596aa06628",
              "versionType": "git"
            },
            {
              "lessThan": "357df1c2f6ac",
              "status": "affected",
              "version": "96596aa06628",
              "versionType": "git"
            },
            {
              "lessThan": "be3f12f16038",
              "status": "affected",
              "version": "96596aa06628",
              "versionType": "git"
            },
            {
              "lessThan": "122ac6496e49",
              "status": "affected",
              "version": "96596aa06628",
              "versionType": "git"
            },
            {
              "lessThan": "606f6366a35a",
              "status": "affected",
              "version": "96596aa06628",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/clk/mediatek/clk-mt6797.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.12"
            },
            {
              "lessThan": "4.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.330",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.299",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.261",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:09.326Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c26feedbc561f2a3cee1a4f717e61bdbdfb4fa92"
        },
        {
          "url": "https://git.kernel.org/stable/c/4c79cbfb8e9e2311be77182893fda5ea4068c836"
        },
        {
          "url": "https://git.kernel.org/stable/c/2705c5b97f504e831ae1935c05f0e44f80dfa6b3"
        },
        {
          "url": "https://git.kernel.org/stable/c/81b16286110728674dcf81137be0687c5055e7bf"
        },
        {
          "url": "https://git.kernel.org/stable/c/3aefc6fcfbada57fac27f470602d5565e5b76cb4"
        },
        {
          "url": "https://git.kernel.org/stable/c/357df1c2f6ace96defd557fad709ed1f9f70e16c"
        },
        {
          "url": "https://git.kernel.org/stable/c/be3f12f16038a558f08fa93cc32fa715746a5235"
        },
        {
          "url": "https://git.kernel.org/stable/c/122ac6496e4975ddd7ec1edba4f6fc1e15e39478"
        },
        {
          "url": "https://git.kernel.org/stable/c/606f6366a35a3329545e38129804d65ef26ed7d2"
        }
      ],
      "title": "clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52865",
    "datePublished": "2024-05-21T15:31:56.527Z",
    "dateReserved": "2024-05-21T15:19:24.262Z",
    "dateUpdated": "2024-11-04T14:54:09.326Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47223

Vulnerability from cvelistv5

Published

2024-05-21 14:19

Modified

2024-11-04 12:01

Severity ?

Summary

net: bridge: fix vlan tunnel dst null pointer dereference

References

▼	URL	Tags
	https://git.kernel.org/stable/c/ad7feefe7164892db424c45687472db803d87f79
	https://git.kernel.org/stable/c/24a6e55f17aa123bc1fc54b7d3c410b41bc16530
	https://git.kernel.org/stable/c/a2241e62f6b4a774d8a92048fdf59c45f6c2fe5c
	https://git.kernel.org/stable/c/fe0448a3fad365a747283a00a1d1ad5e8d6675b7
	https://git.kernel.org/stable/c/abb02e05cb1c0a30dd873a29f33bc092067dc35d
	https://git.kernel.org/stable/c/58e2071742e38f29f051b709a5cca014ba51166f

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47223",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T18:10:14.404752Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:02.341Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:07.485Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ad7feefe7164892db424c45687472db803d87f79"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/24a6e55f17aa123bc1fc54b7d3c410b41bc16530"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a2241e62f6b4a774d8a92048fdf59c45f6c2fe5c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fe0448a3fad365a747283a00a1d1ad5e8d6675b7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/abb02e05cb1c0a30dd873a29f33bc092067dc35d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/58e2071742e38f29f051b709a5cca014ba51166f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/bridge/br_private.h",
            "net/bridge/br_vlan_tunnel.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ad7feefe7164",
              "status": "affected",
              "version": "11538d039ac6",
              "versionType": "git"
            },
            {
              "lessThan": "24a6e55f17aa",
              "status": "affected",
              "version": "11538d039ac6",
              "versionType": "git"
            },
            {
              "lessThan": "a2241e62f6b4",
              "status": "affected",
              "version": "11538d039ac6",
              "versionType": "git"
            },
            {
              "lessThan": "fe0448a3fad3",
              "status": "affected",
              "version": "11538d039ac6",
              "versionType": "git"
            },
            {
              "lessThan": "abb02e05cb1c",
              "status": "affected",
              "version": "11538d039ac6",
              "versionType": "git"
            },
            {
              "lessThan": "58e2071742e3",
              "status": "affected",
              "version": "11538d039ac6",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/bridge/br_private.h",
            "net/bridge/br_vlan_tunnel.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.11"
            },
            {
              "lessThan": "4.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.238",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.196",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.128",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.46",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: fix vlan tunnel dst null pointer dereference\n\nThis patch fixes a tunnel_dst null pointer dereference due to lockless\naccess in the tunnel egress path. When deleting a vlan tunnel the\ntunnel_dst pointer is set to NULL without waiting a grace period (i.e.\nwhile it\u0027s still usable) and packets egressing are dereferencing it\nwithout checking. Use READ/WRITE_ONCE to annotate the lockless use of\ntunnel_id, use RCU for accessing tunnel_dst and make sure it is read\nonly once and checked in the egress path. The dst is already properly RCU\nprotected so we don\u0027t need to do anything fancy than to make sure\ntunnel_id and tunnel_dst are read only once and checked in the egress path."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:01:47.587Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ad7feefe7164892db424c45687472db803d87f79"
        },
        {
          "url": "https://git.kernel.org/stable/c/24a6e55f17aa123bc1fc54b7d3c410b41bc16530"
        },
        {
          "url": "https://git.kernel.org/stable/c/a2241e62f6b4a774d8a92048fdf59c45f6c2fe5c"
        },
        {
          "url": "https://git.kernel.org/stable/c/fe0448a3fad365a747283a00a1d1ad5e8d6675b7"
        },
        {
          "url": "https://git.kernel.org/stable/c/abb02e05cb1c0a30dd873a29f33bc092067dc35d"
        },
        {
          "url": "https://git.kernel.org/stable/c/58e2071742e38f29f051b709a5cca014ba51166f"
        }
      ],
      "title": "net: bridge: fix vlan tunnel dst null pointer dereference",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47223",
    "datePublished": "2024-05-21T14:19:28.882Z",
    "dateReserved": "2024-04-10T18:59:19.529Z",
    "dateUpdated": "2024-11-04T12:01:47.587Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52819

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-05 19:06

Severity ?

6.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Summary

drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga

References

▼	URL	Tags
	https://git.kernel.org/stable/c/60a00dfc7c5deafd1dd393beaf53224f7256dad6
	https://git.kernel.org/stable/c/a63fd579e7b1c3a9ebd6e6c494d49b1b6cf5515e
	https://git.kernel.org/stable/c/d50a56749e5afdc63491b88f5153c1aae00d4679
	https://git.kernel.org/stable/c/8c1dbddbfcb051e82cea0c197c620f9dcdc38e92
	https://git.kernel.org/stable/c/a237675aa1e62bbfaa341c535331c8656a508fa1
	https://git.kernel.org/stable/c/d0725232da777840703f5f1e22f2e3081d712aa4
	https://git.kernel.org/stable/c/7c68283f3166221af3df5791f0e13d3137a72216
	https://git.kernel.org/stable/c/b3b8b7c040cf069da7afe11c5bd73b870b8f3d18
	https://git.kernel.org/stable/c/0f0e59075b5c22f1e871fbd508d6e4f495048356

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.6,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52819",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T17:21:07.724623Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-05T19:06:09.154Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.956Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/60a00dfc7c5deafd1dd393beaf53224f7256dad6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a63fd579e7b1c3a9ebd6e6c494d49b1b6cf5515e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d50a56749e5afdc63491b88f5153c1aae00d4679"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8c1dbddbfcb051e82cea0c197c620f9dcdc38e92"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a237675aa1e62bbfaa341c535331c8656a508fa1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d0725232da777840703f5f1e22f2e3081d712aa4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7c68283f3166221af3df5791f0e13d3137a72216"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b3b8b7c040cf069da7afe11c5bd73b870b8f3d18"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0f0e59075b5c22f1e871fbd508d6e4f495048356"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/pm/powerplay/hwmgr/pptable_v1_0.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "60a00dfc7c5d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a63fd579e7b1",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d50a56749e5a",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8c1dbddbfcb0",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a237675aa1e6",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d0725232da77",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "7c68283f3166",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "b3b8b7c040cf",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "0f0e59075b5c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/pm/powerplay/hwmgr/pptable_v1_0.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.331",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga\n\nFor pptable structs that use flexible array sizes, use flexible arrays."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:19.914Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/60a00dfc7c5deafd1dd393beaf53224f7256dad6"
        },
        {
          "url": "https://git.kernel.org/stable/c/a63fd579e7b1c3a9ebd6e6c494d49b1b6cf5515e"
        },
        {
          "url": "https://git.kernel.org/stable/c/d50a56749e5afdc63491b88f5153c1aae00d4679"
        },
        {
          "url": "https://git.kernel.org/stable/c/8c1dbddbfcb051e82cea0c197c620f9dcdc38e92"
        },
        {
          "url": "https://git.kernel.org/stable/c/a237675aa1e62bbfaa341c535331c8656a508fa1"
        },
        {
          "url": "https://git.kernel.org/stable/c/d0725232da777840703f5f1e22f2e3081d712aa4"
        },
        {
          "url": "https://git.kernel.org/stable/c/7c68283f3166221af3df5791f0e13d3137a72216"
        },
        {
          "url": "https://git.kernel.org/stable/c/b3b8b7c040cf069da7afe11c5bd73b870b8f3d18"
        },
        {
          "url": "https://git.kernel.org/stable/c/0f0e59075b5c22f1e871fbd508d6e4f495048356"
        }
      ],
      "title": "drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52819",
    "datePublished": "2024-05-21T15:31:25.582Z",
    "dateReserved": "2024-05-21T15:19:24.249Z",
    "dateUpdated": "2024-11-05T19:06:09.154Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47474

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:06

Severity ?

Summary

comedi: vmk80xx: fix bulk-buffer overflow

References

▼	URL	Tags
	https://git.kernel.org/stable/c/e0e6a63fd97ad95fe05dfd77268a1952551e11a7
	https://git.kernel.org/stable/c/7cfb35db607760698d299fd1cf7402dfa8f09973
	https://git.kernel.org/stable/c/0866dcaa828c21bc2f94dac00e086078f11b5772
	https://git.kernel.org/stable/c/063f576c43d589a4c153554b681d32b3f8317c7b
	https://git.kernel.org/stable/c/1ae4715121a57bc6fa29fd992127b01907f2f993
	https://git.kernel.org/stable/c/b7fd7f3387f070215e6be341e68eb5c087eeecc0
	https://git.kernel.org/stable/c/7b0e356189327287d0eb98ec081bd6dd97068cd3
	https://git.kernel.org/stable/c/47b4636ebdbeba2044b3db937c4d2b6a4fe3d0f2
	https://git.kernel.org/stable/c/78cdfd62bd54af615fba9e3ca1ba35de39d3871d

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47474",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-10T18:55:02.820898Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-10T18:55:10.246Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.764Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e0e6a63fd97ad95fe05dfd77268a1952551e11a7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7cfb35db607760698d299fd1cf7402dfa8f09973"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0866dcaa828c21bc2f94dac00e086078f11b5772"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/063f576c43d589a4c153554b681d32b3f8317c7b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1ae4715121a57bc6fa29fd992127b01907f2f993"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b7fd7f3387f070215e6be341e68eb5c087eeecc0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7b0e356189327287d0eb98ec081bd6dd97068cd3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/47b4636ebdbeba2044b3db937c4d2b6a4fe3d0f2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/78cdfd62bd54af615fba9e3ca1ba35de39d3871d"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/comedi/drivers/vmk80xx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e0e6a63fd97a",
              "status": "affected",
              "version": "985cafccbf9b",
              "versionType": "git"
            },
            {
              "lessThan": "7cfb35db6077",
              "status": "affected",
              "version": "985cafccbf9b",
              "versionType": "git"
            },
            {
              "lessThan": "0866dcaa828c",
              "status": "affected",
              "version": "985cafccbf9b",
              "versionType": "git"
            },
            {
              "lessThan": "063f576c43d5",
              "status": "affected",
              "version": "985cafccbf9b",
              "versionType": "git"
            },
            {
              "lessThan": "1ae4715121a5",
              "status": "affected",
              "version": "985cafccbf9b",
              "versionType": "git"
            },
            {
              "lessThan": "b7fd7f3387f0",
              "status": "affected",
              "version": "985cafccbf9b",
              "versionType": "git"
            },
            {
              "lessThan": "7b0e35618932",
              "status": "affected",
              "version": "985cafccbf9b",
              "versionType": "git"
            },
            {
              "lessThan": "47b4636ebdbe",
              "status": "affected",
              "version": "985cafccbf9b",
              "versionType": "git"
            },
            {
              "lessThan": "78cdfd62bd54",
              "status": "affected",
              "version": "985cafccbf9b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/comedi/drivers/vmk80xx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.31"
            },
            {
              "lessThan": "2.6.31",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.292",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.255",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.217",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.159",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.79",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: vmk80xx: fix bulk-buffer overflow\n\nThe driver is using endpoint-sized buffers but must not assume that the\ntx and rx buffers are of equal size or a malicious device could overflow\nthe slab-allocated receive buffer when doing bulk transfers."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:37.774Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e0e6a63fd97ad95fe05dfd77268a1952551e11a7"
        },
        {
          "url": "https://git.kernel.org/stable/c/7cfb35db607760698d299fd1cf7402dfa8f09973"
        },
        {
          "url": "https://git.kernel.org/stable/c/0866dcaa828c21bc2f94dac00e086078f11b5772"
        },
        {
          "url": "https://git.kernel.org/stable/c/063f576c43d589a4c153554b681d32b3f8317c7b"
        },
        {
          "url": "https://git.kernel.org/stable/c/1ae4715121a57bc6fa29fd992127b01907f2f993"
        },
        {
          "url": "https://git.kernel.org/stable/c/b7fd7f3387f070215e6be341e68eb5c087eeecc0"
        },
        {
          "url": "https://git.kernel.org/stable/c/7b0e356189327287d0eb98ec081bd6dd97068cd3"
        },
        {
          "url": "https://git.kernel.org/stable/c/47b4636ebdbeba2044b3db937c4d2b6a4fe3d0f2"
        },
        {
          "url": "https://git.kernel.org/stable/c/78cdfd62bd54af615fba9e3ca1ba35de39d3871d"
        }
      ],
      "title": "comedi: vmk80xx: fix bulk-buffer overflow",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47474",
    "datePublished": "2024-05-22T08:19:28.759Z",
    "dateReserved": "2024-05-22T06:20:56.199Z",
    "dateUpdated": "2024-11-04T12:06:37.774Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52746

Vulnerability from cvelistv5

Published

2024-05-21 15:23

Modified

2024-11-07 15:13

Severity ?

2.5 (Low) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

Summary

xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/a893cc644812728e86e9aff517fd5698812ecef0
	https://git.kernel.org/stable/c/5dc688fae6b7be9dbbf5304a3d2520d038e06db5
	https://git.kernel.org/stable/c/419674224390fca298020fc0751a20812f84b12d
	https://git.kernel.org/stable/c/b6ee896385380aa621102e8ea402ba12db1cabff

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 2.5,
              "baseSeverity": "LOW",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52746",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T17:50:37.070696Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T15:13:49.462Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.022Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a893cc644812728e86e9aff517fd5698812ecef0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5dc688fae6b7be9dbbf5304a3d2520d038e06db5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/419674224390fca298020fc0751a20812f84b12d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b6ee896385380aa621102e8ea402ba12db1cabff"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/xfrm/xfrm_compat.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a893cc644812",
              "status": "affected",
              "version": "5106f4a8acff",
              "versionType": "git"
            },
            {
              "lessThan": "5dc688fae6b7",
              "status": "affected",
              "version": "5106f4a8acff",
              "versionType": "git"
            },
            {
              "lessThan": "419674224390",
              "status": "affected",
              "version": "5106f4a8acff",
              "versionType": "git"
            },
            {
              "lessThan": "b6ee89638538",
              "status": "affected",
              "version": "5106f4a8acff",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/xfrm/xfrm_compat.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.10"
            },
            {
              "lessThan": "5.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.168",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.94",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr()\n\n  int type = nla_type(nla);\n\n  if (type \u003e XFRMA_MAX) {\n            return -EOPNOTSUPP;\n  }\n\n@type is then used as an array index and can be used\nas a Spectre v1 gadget.\n\n  if (nla_len(nla) \u003c compat_policy[type].len) {\n\narray_index_nospec() can be used to prevent leaking\ncontent of kernel memory to malicious users."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:54.534Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a893cc644812728e86e9aff517fd5698812ecef0"
        },
        {
          "url": "https://git.kernel.org/stable/c/5dc688fae6b7be9dbbf5304a3d2520d038e06db5"
        },
        {
          "url": "https://git.kernel.org/stable/c/419674224390fca298020fc0751a20812f84b12d"
        },
        {
          "url": "https://git.kernel.org/stable/c/b6ee896385380aa621102e8ea402ba12db1cabff"
        }
      ],
      "title": "xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52746",
    "datePublished": "2024-05-21T15:23:07.255Z",
    "dateReserved": "2024-05-21T15:19:24.233Z",
    "dateUpdated": "2024-11-07T15:13:49.462Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47270

Vulnerability from cvelistv5

Published

2024-05-21 14:19

Modified

2024-11-04 12:02

Severity ?

Summary

usb: fix various gadgets null ptr deref on 10gbps cabling.

References

▼	URL	Tags
	https://git.kernel.org/stable/c/beb1e67a5ca8d69703c776db9000527f44c0c93c
	https://git.kernel.org/stable/c/8cd5f45c1b769e3e9e0f4325dd08b6c3749dc7ee
	https://git.kernel.org/stable/c/10770d2ac0094b053c8897d96d7b2737cd72f7c5
	https://git.kernel.org/stable/c/b4903f7fdc484628d0b8022daf86e2439d3ab4db
	https://git.kernel.org/stable/c/4b289a0f3033f465b4fd51ba995251a7867a2aa2
	https://git.kernel.org/stable/c/f17aae7c4009160f0630a91842a281773976a5bc
	https://git.kernel.org/stable/c/90c4d05780d47e14a50e11a7f17373104cd47d25

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:08.023Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/beb1e67a5ca8d69703c776db9000527f44c0c93c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8cd5f45c1b769e3e9e0f4325dd08b6c3749dc7ee"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/10770d2ac0094b053c8897d96d7b2737cd72f7c5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b4903f7fdc484628d0b8022daf86e2439d3ab4db"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4b289a0f3033f465b4fd51ba995251a7867a2aa2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f17aae7c4009160f0630a91842a281773976a5bc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/90c4d05780d47e14a50e11a7f17373104cd47d25"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47270",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:39:41.783429Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:47.414Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/gadget/function/f_ecm.c",
            "drivers/usb/gadget/function/f_eem.c",
            "drivers/usb/gadget/function/f_hid.c",
            "drivers/usb/gadget/function/f_loopback.c",
            "drivers/usb/gadget/function/f_printer.c",
            "drivers/usb/gadget/function/f_rndis.c",
            "drivers/usb/gadget/function/f_serial.c",
            "drivers/usb/gadget/function/f_sourcesink.c",
            "drivers/usb/gadget/function/f_subset.c",
            "drivers/usb/gadget/function/f_tcm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "beb1e67a5ca8",
              "status": "affected",
              "version": "eaef50c76057",
              "versionType": "git"
            },
            {
              "lessThan": "8cd5f45c1b76",
              "status": "affected",
              "version": "eaef50c76057",
              "versionType": "git"
            },
            {
              "lessThan": "10770d2ac009",
              "status": "affected",
              "version": "eaef50c76057",
              "versionType": "git"
            },
            {
              "lessThan": "b4903f7fdc48",
              "status": "affected",
              "version": "eaef50c76057",
              "versionType": "git"
            },
            {
              "lessThan": "4b289a0f3033",
              "status": "affected",
              "version": "eaef50c76057",
              "versionType": "git"
            },
            {
              "lessThan": "f17aae7c4009",
              "status": "affected",
              "version": "eaef50c76057",
              "versionType": "git"
            },
            {
              "lessThan": "90c4d05780d4",
              "status": "affected",
              "version": "eaef50c76057",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/gadget/function/f_ecm.c",
            "drivers/usb/gadget/function/f_eem.c",
            "drivers/usb/gadget/function/f_hid.c",
            "drivers/usb/gadget/function/f_loopback.c",
            "drivers/usb/gadget/function/f_printer.c",
            "drivers/usb/gadget/function/f_rndis.c",
            "drivers/usb/gadget/function/f_serial.c",
            "drivers/usb/gadget/function/f_sourcesink.c",
            "drivers/usb/gadget/function/f_subset.c",
            "drivers/usb/gadget/function/f_tcm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.6"
            },
            {
              "lessThan": "4.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.273",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.237",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.195",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.126",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.44",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: fix various gadgets null ptr deref on 10gbps cabling.\n\nThis avoids a null pointer dereference in\nf_{ecm,eem,hid,loopback,printer,rndis,serial,sourcesink,subset,tcm}\nby simply reusing the 5gbps config for 10gbps."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:02:41.438Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/beb1e67a5ca8d69703c776db9000527f44c0c93c"
        },
        {
          "url": "https://git.kernel.org/stable/c/8cd5f45c1b769e3e9e0f4325dd08b6c3749dc7ee"
        },
        {
          "url": "https://git.kernel.org/stable/c/10770d2ac0094b053c8897d96d7b2737cd72f7c5"
        },
        {
          "url": "https://git.kernel.org/stable/c/b4903f7fdc484628d0b8022daf86e2439d3ab4db"
        },
        {
          "url": "https://git.kernel.org/stable/c/4b289a0f3033f465b4fd51ba995251a7867a2aa2"
        },
        {
          "url": "https://git.kernel.org/stable/c/f17aae7c4009160f0630a91842a281773976a5bc"
        },
        {
          "url": "https://git.kernel.org/stable/c/90c4d05780d47e14a50e11a7f17373104cd47d25"
        }
      ],
      "title": "usb: fix various gadgets null ptr deref on 10gbps cabling.",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47270",
    "datePublished": "2024-05-21T14:19:59.874Z",
    "dateReserved": "2024-05-21T13:27:52.127Z",
    "dateUpdated": "2024-11-04T12:02:41.438Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47477

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-06 19:35

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

comedi: dt9812: fix DMA buffers on stack

References

▼	URL	Tags
	https://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723
	https://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2
	https://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97
	https://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3
	https://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe
	https://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6
	https://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed
	https://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e
	https://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47477",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T15:50:06.158354Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T19:35:17.051Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.539Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/comedi/drivers/dt9812.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a6af69768d5c",
              "status": "affected",
              "version": "63274cd7d38a",
              "versionType": "git"
            },
            {
              "lessThan": "365a346cda82",
              "status": "affected",
              "version": "63274cd7d38a",
              "versionType": "git"
            },
            {
              "lessThan": "8a52bc480992",
              "status": "affected",
              "version": "63274cd7d38a",
              "versionType": "git"
            },
            {
              "lessThan": "39ea61037ae7",
              "status": "affected",
              "version": "63274cd7d38a",
              "versionType": "git"
            },
            {
              "lessThan": "3efb7af8ac43",
              "status": "affected",
              "version": "63274cd7d38a",
              "versionType": "git"
            },
            {
              "lessThan": "786f5b034504",
              "status": "affected",
              "version": "63274cd7d38a",
              "versionType": "git"
            },
            {
              "lessThan": "3ac273d154d6",
              "status": "affected",
              "version": "63274cd7d38a",
              "versionType": "git"
            },
            {
              "lessThan": "20cebb8b620d",
              "status": "affected",
              "version": "63274cd7d38a",
              "versionType": "git"
            },
            {
              "lessThan": "536de747bc48",
              "status": "affected",
              "version": "63274cd7d38a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/comedi/drivers/dt9812.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.29"
            },
            {
              "lessThan": "2.6.29",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.292",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.255",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.217",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.159",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.79",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: dt9812: fix DMA buffers on stack\n\nUSB transfer buffers are typically mapped for DMA and must not be\nallocated on the stack or transfers will fail.\n\nAllocate proper transfer buffers in the various command helpers and\nreturn an error on short transfers instead of acting on random stack\ndata.\n\nNote that this also fixes a stack info leak on systems where DMA is not\nused as 32 bytes are always sent to the device regardless of how short\nthe command is."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:41.342Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723"
        },
        {
          "url": "https://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2"
        },
        {
          "url": "https://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97"
        },
        {
          "url": "https://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3"
        },
        {
          "url": "https://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe"
        },
        {
          "url": "https://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6"
        },
        {
          "url": "https://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed"
        },
        {
          "url": "https://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e"
        },
        {
          "url": "https://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3"
        }
      ],
      "title": "comedi: dt9812: fix DMA buffers on stack",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47477",
    "datePublished": "2024-05-22T08:19:30.860Z",
    "dateReserved": "2024-05-22T06:20:56.200Z",
    "dateUpdated": "2024-11-06T19:35:17.051Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52787

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:52

Severity ?

Summary

blk-mq: make sure active queue usage is held for bio_integrity_prep()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/b5c8e0ff76d10f6bf70a7237678f27c20cf59bc9
	https://git.kernel.org/stable/c/e9c309ded295b7f8849097d71ae231456ca79f78
	https://git.kernel.org/stable/c/b80056bd75a16e4550873ecefe12bc8fd190b1cf
	https://git.kernel.org/stable/c/b0077e269f6c152e807fdac90b58caf012cdbaab

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52787",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T19:34:28.406298Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:03.186Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.557Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b5c8e0ff76d10f6bf70a7237678f27c20cf59bc9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e9c309ded295b7f8849097d71ae231456ca79f78"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b80056bd75a16e4550873ecefe12bc8fd190b1cf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b0077e269f6c152e807fdac90b58caf012cdbaab"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "block/blk-mq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b5c8e0ff76d1",
              "status": "affected",
              "version": "900e08075202",
              "versionType": "git"
            },
            {
              "lessThan": "e9c309ded295",
              "status": "affected",
              "version": "900e08075202",
              "versionType": "git"
            },
            {
              "lessThan": "b80056bd75a1",
              "status": "affected",
              "version": "900e08075202",
              "versionType": "git"
            },
            {
              "lessThan": "b0077e269f6c",
              "status": "affected",
              "version": "900e08075202",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "block/blk-mq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.16"
            },
            {
              "lessThan": "5.16",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.72",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: make sure active queue usage is held for bio_integrity_prep()\n\nblk_integrity_unregister() can come if queue usage counter isn\u0027t held\nfor one bio with integrity prepared, so this request may be completed with\ncalling profile-\u003ecomplete_fn, then kernel panic.\n\nAnother constraint is that bio_integrity_prep() needs to be called\nbefore bio merge.\n\nFix the issue by:\n\n- call bio_integrity_prep() with one queue usage counter grabbed reliably\n\n- call bio_integrity_prep() before bio merge"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:44.063Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b5c8e0ff76d10f6bf70a7237678f27c20cf59bc9"
        },
        {
          "url": "https://git.kernel.org/stable/c/e9c309ded295b7f8849097d71ae231456ca79f78"
        },
        {
          "url": "https://git.kernel.org/stable/c/b80056bd75a16e4550873ecefe12bc8fd190b1cf"
        },
        {
          "url": "https://git.kernel.org/stable/c/b0077e269f6c152e807fdac90b58caf012cdbaab"
        }
      ],
      "title": "blk-mq: make sure active queue usage is held for bio_integrity_prep()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52787",
    "datePublished": "2024-05-21T15:31:04.343Z",
    "dateReserved": "2024-05-21T15:19:24.241Z",
    "dateUpdated": "2024-11-04T14:52:44.063Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52803

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

SUNRPC: Fix RPC client cleaned up the freed pipefs dentries

References

▼	URL	Tags
	https://git.kernel.org/stable/c/17866066b8ac1cc38fb449670bc15dc9fee4b40a
	https://git.kernel.org/stable/c/7d61d1da2ed1f682c41cae0c8d4719cdaccee5c5
	https://git.kernel.org/stable/c/dedf2a0eb9448ae73b270743e6ea9b108189df46
	https://git.kernel.org/stable/c/194454afa6aa9d6ed74f0c57127bc8beb27c20df
	https://git.kernel.org/stable/c/7749fd2dbef72a52b5c9ffdbf877691950ed4680
	https://git.kernel.org/stable/c/1cdb52ffd6600a37bd355d8dce58ecd03e55e618
	https://git.kernel.org/stable/c/cc2e7ebbeb1d0601f7f3c8d93b78fcc03a95e44a
	https://git.kernel.org/stable/c/bfca5fb4e97c46503ddfc582335917b0cc228264

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52803",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:36:49.719946Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:37:08.071Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.893Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/17866066b8ac1cc38fb449670bc15dc9fee4b40a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7d61d1da2ed1f682c41cae0c8d4719cdaccee5c5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dedf2a0eb9448ae73b270743e6ea9b108189df46"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/194454afa6aa9d6ed74f0c57127bc8beb27c20df"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7749fd2dbef72a52b5c9ffdbf877691950ed4680"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1cdb52ffd6600a37bd355d8dce58ecd03e55e618"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cc2e7ebbeb1d0601f7f3c8d93b78fcc03a95e44a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bfca5fb4e97c46503ddfc582335917b0cc228264"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/linux/sunrpc/clnt.h",
            "net/sunrpc/clnt.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "17866066b8ac",
              "status": "affected",
              "version": "0157d021d23a",
              "versionType": "git"
            },
            {
              "lessThan": "7d61d1da2ed1",
              "status": "affected",
              "version": "0157d021d23a",
              "versionType": "git"
            },
            {
              "lessThan": "dedf2a0eb944",
              "status": "affected",
              "version": "0157d021d23a",
              "versionType": "git"
            },
            {
              "lessThan": "194454afa6aa",
              "status": "affected",
              "version": "0157d021d23a",
              "versionType": "git"
            },
            {
              "lessThan": "7749fd2dbef7",
              "status": "affected",
              "version": "0157d021d23a",
              "versionType": "git"
            },
            {
              "lessThan": "1cdb52ffd660",
              "status": "affected",
              "version": "0157d021d23a",
              "versionType": "git"
            },
            {
              "lessThan": "cc2e7ebbeb1d",
              "status": "affected",
              "version": "0157d021d23a",
              "versionType": "git"
            },
            {
              "lessThan": "bfca5fb4e97c",
              "status": "affected",
              "version": "0157d021d23a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "include/linux/sunrpc/clnt.h",
            "net/sunrpc/clnt.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.4"
            },
            {
              "lessThan": "3.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.318",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.280",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix RPC client cleaned up the freed pipefs dentries\n\nRPC client pipefs dentries cleanup is in separated rpc_remove_pipedir()\nworkqueue,which takes care about pipefs superblock locking.\nIn some special scenarios, when kernel frees the pipefs sb of the\ncurrent client and immediately alloctes a new pipefs sb,\nrpc_remove_pipedir function would misjudge the existence of pipefs\nsb which is not the one it used to hold. As a result,\nthe rpc_remove_pipedir would clean the released freed pipefs dentries.\n\nTo fix this issue, rpc_remove_pipedir should check whether the\ncurrent pipefs sb is consistent with the original pipefs sb.\n\nThis error can be catched by KASAN:\n=========================================================\n[  250.497700] BUG: KASAN: slab-use-after-free in dget_parent+0x195/0x200\n[  250.498315] Read of size 4 at addr ffff88800a2ab804 by task kworker/0:18/106503\n[  250.500549] Workqueue: events rpc_free_client_work\n[  250.501001] Call Trace:\n[  250.502880]  kasan_report+0xb6/0xf0\n[  250.503209]  ? dget_parent+0x195/0x200\n[  250.503561]  dget_parent+0x195/0x200\n[  250.503897]  ? __pfx_rpc_clntdir_depopulate+0x10/0x10\n[  250.504384]  rpc_rmdir_depopulate+0x1b/0x90\n[  250.504781]  rpc_remove_client_dir+0xf5/0x150\n[  250.505195]  rpc_free_client_work+0xe4/0x230\n[  250.505598]  process_one_work+0x8ee/0x13b0\n...\n[   22.039056] Allocated by task 244:\n[   22.039390]  kasan_save_stack+0x22/0x50\n[   22.039758]  kasan_set_track+0x25/0x30\n[   22.040109]  __kasan_slab_alloc+0x59/0x70\n[   22.040487]  kmem_cache_alloc_lru+0xf0/0x240\n[   22.040889]  __d_alloc+0x31/0x8e0\n[   22.041207]  d_alloc+0x44/0x1f0\n[   22.041514]  __rpc_lookup_create_exclusive+0x11c/0x140\n[   22.041987]  rpc_mkdir_populate.constprop.0+0x5f/0x110\n[   22.042459]  rpc_create_client_dir+0x34/0x150\n[   22.042874]  rpc_setup_pipedir_sb+0x102/0x1c0\n[   22.043284]  rpc_client_register+0x136/0x4e0\n[   22.043689]  rpc_new_client+0x911/0x1020\n[   22.044057]  rpc_create_xprt+0xcb/0x370\n[   22.044417]  rpc_create+0x36b/0x6c0\n...\n[   22.049524] Freed by task 0:\n[   22.049803]  kasan_save_stack+0x22/0x50\n[   22.050165]  kasan_set_track+0x25/0x30\n[   22.050520]  kasan_save_free_info+0x2b/0x50\n[   22.050921]  __kasan_slab_free+0x10e/0x1a0\n[   22.051306]  kmem_cache_free+0xa5/0x390\n[   22.051667]  rcu_core+0x62c/0x1930\n[   22.051995]  __do_softirq+0x165/0x52a\n[   22.052347]\n[   22.052503] Last potentially related work creation:\n[   22.052952]  kasan_save_stack+0x22/0x50\n[   22.053313]  __kasan_record_aux_stack+0x8e/0xa0\n[   22.053739]  __call_rcu_common.constprop.0+0x6b/0x8b0\n[   22.054209]  dentry_free+0xb2/0x140\n[   22.054540]  __dentry_kill+0x3be/0x540\n[   22.054900]  shrink_dentry_list+0x199/0x510\n[   22.055293]  shrink_dcache_parent+0x190/0x240\n[   22.055703]  do_one_tree+0x11/0x40\n[   22.056028]  shrink_dcache_for_umount+0x61/0x140\n[   22.056461]  generic_shutdown_super+0x70/0x590\n[   22.056879]  kill_anon_super+0x3a/0x60\n[   22.057234]  rpc_kill_sb+0x121/0x200"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:00.924Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/17866066b8ac1cc38fb449670bc15dc9fee4b40a"
        },
        {
          "url": "https://git.kernel.org/stable/c/7d61d1da2ed1f682c41cae0c8d4719cdaccee5c5"
        },
        {
          "url": "https://git.kernel.org/stable/c/dedf2a0eb9448ae73b270743e6ea9b108189df46"
        },
        {
          "url": "https://git.kernel.org/stable/c/194454afa6aa9d6ed74f0c57127bc8beb27c20df"
        },
        {
          "url": "https://git.kernel.org/stable/c/7749fd2dbef72a52b5c9ffdbf877691950ed4680"
        },
        {
          "url": "https://git.kernel.org/stable/c/1cdb52ffd6600a37bd355d8dce58ecd03e55e618"
        },
        {
          "url": "https://git.kernel.org/stable/c/cc2e7ebbeb1d0601f7f3c8d93b78fcc03a95e44a"
        },
        {
          "url": "https://git.kernel.org/stable/c/bfca5fb4e97c46503ddfc582335917b0cc228264"
        }
      ],
      "title": "SUNRPC: Fix RPC client cleaned up the freed pipefs dentries",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52803",
    "datePublished": "2024-05-21T15:31:15.063Z",
    "dateReserved": "2024-05-21T15:19:24.247Z",
    "dateUpdated": "2024-11-04T14:53:00.924Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-48708

Vulnerability from cvelistv5

Published

2024-05-21 15:22

Modified

2024-11-04 12:14

Severity ?

Summary

pinctrl: single: fix potential NULL dereference

References

▼	URL	Tags
	https://git.kernel.org/stable/c/1177bdafe87cbe543a2dc48a9bbac265aa5864db
	https://git.kernel.org/stable/c/e671e63587c92b3fd767cf82e73129f6d5feeb33
	https://git.kernel.org/stable/c/2b763f7de108cb1a5ad5ed08e617d677341947cb
	https://git.kernel.org/stable/c/6e2a0521e4e84a2698f2da3950fb5c5496a4d208
	https://git.kernel.org/stable/c/71668706fbe7d20e6f172fa3287fa8aac1b56c26
	https://git.kernel.org/stable/c/bcc487001a15f71f103d102cba4ac8145d7a68f2
	https://git.kernel.org/stable/c/d2d73e6d4822140445ad4a7b1c6091e0f5fe703b

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-48708",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T17:23:32.256877Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T17:24:41.903Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:17:55.728Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1177bdafe87cbe543a2dc48a9bbac265aa5864db"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e671e63587c92b3fd767cf82e73129f6d5feeb33"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2b763f7de108cb1a5ad5ed08e617d677341947cb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6e2a0521e4e84a2698f2da3950fb5c5496a4d208"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/71668706fbe7d20e6f172fa3287fa8aac1b56c26"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bcc487001a15f71f103d102cba4ac8145d7a68f2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d2d73e6d4822140445ad4a7b1c6091e0f5fe703b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/pinctrl/pinctrl-single.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1177bdafe87c",
              "status": "affected",
              "version": "571aec4df5b7",
              "versionType": "git"
            },
            {
              "lessThan": "e671e63587c9",
              "status": "affected",
              "version": "571aec4df5b7",
              "versionType": "git"
            },
            {
              "lessThan": "2b763f7de108",
              "status": "affected",
              "version": "571aec4df5b7",
              "versionType": "git"
            },
            {
              "lessThan": "6e2a0521e4e8",
              "status": "affected",
              "version": "571aec4df5b7",
              "versionType": "git"
            },
            {
              "lessThan": "71668706fbe7",
              "status": "affected",
              "version": "571aec4df5b7",
              "versionType": "git"
            },
            {
              "lessThan": "bcc487001a15",
              "status": "affected",
              "version": "571aec4df5b7",
              "versionType": "git"
            },
            {
              "lessThan": "d2d73e6d4822",
              "status": "affected",
              "version": "571aec4df5b7",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/pinctrl/pinctrl-single.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.11"
            },
            {
              "lessThan": "4.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.306",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.273",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.232",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.168",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.94",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: single: fix potential NULL dereference\n\nAdded checking of pointer \"function\" in pcs_set_mux().\npinmux_generic_get_function() can return NULL and the pointer\n\"function\" was dereferenced without checking against NULL.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:14:58.297Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1177bdafe87cbe543a2dc48a9bbac265aa5864db"
        },
        {
          "url": "https://git.kernel.org/stable/c/e671e63587c92b3fd767cf82e73129f6d5feeb33"
        },
        {
          "url": "https://git.kernel.org/stable/c/2b763f7de108cb1a5ad5ed08e617d677341947cb"
        },
        {
          "url": "https://git.kernel.org/stable/c/6e2a0521e4e84a2698f2da3950fb5c5496a4d208"
        },
        {
          "url": "https://git.kernel.org/stable/c/71668706fbe7d20e6f172fa3287fa8aac1b56c26"
        },
        {
          "url": "https://git.kernel.org/stable/c/bcc487001a15f71f103d102cba4ac8145d7a68f2"
        },
        {
          "url": "https://git.kernel.org/stable/c/d2d73e6d4822140445ad4a7b1c6091e0f5fe703b"
        }
      ],
      "title": "pinctrl: single: fix potential NULL dereference",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-48708",
    "datePublished": "2024-05-21T15:22:49.381Z",
    "dateReserved": "2024-05-03T14:55:07.148Z",
    "dateUpdated": "2024-11-04T12:14:58.297Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52842

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

virtio/vsock: Fix uninit-value in virtio_transport_recv_pkt()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/cd12535b97dd7d18cf655ec78ce1cf1f29a576be
	https://git.kernel.org/stable/c/0b8906fb48b99e993d6e8a12539f618f4854dd26
	https://git.kernel.org/stable/c/34c4effacfc329aeca5635a69fd9e0f6c90b4101

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52842",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T17:26:02.672939Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:39.841Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.053Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cd12535b97dd7d18cf655ec78ce1cf1f29a576be"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0b8906fb48b99e993d6e8a12539f618f4854dd26"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/34c4effacfc329aeca5635a69fd9e0f6c90b4101"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/vmw_vsock/virtio_transport_common.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "cd12535b97dd",
              "status": "affected",
              "version": "baddcc2c7157",
              "versionType": "git"
            },
            {
              "lessThan": "0b8906fb48b9",
              "status": "affected",
              "version": "71dc9ec9ac7d",
              "versionType": "git"
            },
            {
              "lessThan": "34c4effacfc3",
              "status": "affected",
              "version": "71dc9ec9ac7d",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/vmw_vsock/virtio_transport_common.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "lessThan": "6.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio/vsock: Fix uninit-value in virtio_transport_recv_pkt()\n\nKMSAN reported the following uninit-value access issue:\n\n=====================================================\nBUG: KMSAN: uninit-value in virtio_transport_recv_pkt+0x1dfb/0x26a0 net/vmw_vsock/virtio_transport_common.c:1421\n virtio_transport_recv_pkt+0x1dfb/0x26a0 net/vmw_vsock/virtio_transport_common.c:1421\n vsock_loopback_work+0x3bb/0x5a0 net/vmw_vsock/vsock_loopback.c:120\n process_one_work kernel/workqueue.c:2630 [inline]\n process_scheduled_works+0xff6/0x1e60 kernel/workqueue.c:2703\n worker_thread+0xeca/0x14d0 kernel/workqueue.c:2784\n kthread+0x3cc/0x520 kernel/kthread.c:388\n ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304\n\nUninit was stored to memory at:\n virtio_transport_space_update net/vmw_vsock/virtio_transport_common.c:1274 [inline]\n virtio_transport_recv_pkt+0x1ee8/0x26a0 net/vmw_vsock/virtio_transport_common.c:1415\n vsock_loopback_work+0x3bb/0x5a0 net/vmw_vsock/vsock_loopback.c:120\n process_one_work kernel/workqueue.c:2630 [inline]\n process_scheduled_works+0xff6/0x1e60 kernel/workqueue.c:2703\n worker_thread+0xeca/0x14d0 kernel/workqueue.c:2784\n kthread+0x3cc/0x520 kernel/kthread.c:388\n ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304\n\nUninit was created at:\n slab_post_alloc_hook+0x105/0xad0 mm/slab.h:767\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x5a2/0xaf0 mm/slub.c:3523\n kmalloc_reserve+0x13c/0x4a0 net/core/skbuff.c:559\n __alloc_skb+0x2fd/0x770 net/core/skbuff.c:650\n alloc_skb include/linux/skbuff.h:1286 [inline]\n virtio_vsock_alloc_skb include/linux/virtio_vsock.h:66 [inline]\n virtio_transport_alloc_skb+0x90/0x11e0 net/vmw_vsock/virtio_transport_common.c:58\n virtio_transport_reset_no_sock net/vmw_vsock/virtio_transport_common.c:957 [inline]\n virtio_transport_recv_pkt+0x1279/0x26a0 net/vmw_vsock/virtio_transport_common.c:1387\n vsock_loopback_work+0x3bb/0x5a0 net/vmw_vsock/vsock_loopback.c:120\n process_one_work kernel/workqueue.c:2630 [inline]\n process_scheduled_works+0xff6/0x1e60 kernel/workqueue.c:2703\n worker_thread+0xeca/0x14d0 kernel/workqueue.c:2784\n kthread+0x3cc/0x520 kernel/kthread.c:388\n ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304\n\nCPU: 1 PID: 10664 Comm: kworker/1:5 Not tainted 6.6.0-rc3-00146-g9f3ebbef746f #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-1.fc38 04/01/2014\nWorkqueue: vsock-loopback vsock_loopback_work\n=====================================================\n\nThe following simple reproducer can cause the issue described above:\n\nint main(void)\n{\n  int sock;\n  struct sockaddr_vm addr = {\n    .svm_family = AF_VSOCK,\n    .svm_cid = VMADDR_CID_ANY,\n    .svm_port = 1234,\n  };\n\n  sock = socket(AF_VSOCK, SOCK_STREAM, 0);\n  connect(sock, (struct sockaddr *)\u0026addr, sizeof(addr));\n  return 0;\n}\n\nThis issue occurs because the `buf_alloc` and `fwd_cnt` fields of the\n`struct virtio_vsock_hdr` are not initialized when a new skb is allocated\nin `virtio_transport_init_hdr()`. This patch resolves the issue by\ninitializing these fields during allocation."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:40.906Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/cd12535b97dd7d18cf655ec78ce1cf1f29a576be"
        },
        {
          "url": "https://git.kernel.org/stable/c/0b8906fb48b99e993d6e8a12539f618f4854dd26"
        },
        {
          "url": "https://git.kernel.org/stable/c/34c4effacfc329aeca5635a69fd9e0f6c90b4101"
        }
      ],
      "title": "virtio/vsock: Fix uninit-value in virtio_transport_recv_pkt()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52842",
    "datePublished": "2024-05-21T15:31:41.180Z",
    "dateReserved": "2024-05-21T15:19:24.254Z",
    "dateUpdated": "2024-11-04T14:53:40.906Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52734

Vulnerability from cvelistv5

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2024-05-28T19:06:48.152Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52734",
    "datePublished": "2024-05-21T15:22:59.252Z",
    "dateRejected": "2024-05-28T19:06:48.152Z",
    "dateReserved": "2024-05-21T15:19:24.232Z",
    "dateUpdated": "2024-05-28T19:06:48.152Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52796

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:52

Severity ?

Summary

ipvlan: add ipvlan_route_v6_outbound() helper

References

▼	URL	Tags
	https://git.kernel.org/stable/c/4f7f850611aa27aaaf1bf5687702ad2240ae442a
	https://git.kernel.org/stable/c/4d2d30f0792b47908af64c4d02ed1ee25ff50542
	https://git.kernel.org/stable/c/43b781e7cb5cd0b435de276111953bf2bacd1f02
	https://git.kernel.org/stable/c/1f64cad3ac38ac5978b53c40e6c5e6fd3477c68f
	https://git.kernel.org/stable/c/732a67ca436887b594ebc43bb5a04ffb0971a760
	https://git.kernel.org/stable/c/8872dc638c24bb774cd2224a69d72a7f661a4d56
	https://git.kernel.org/stable/c/03cddc4df8c6be47fd27c8f8b87e5f9a989e1458
	https://git.kernel.org/stable/c/18f039428c7df183b09c69ebf10ffd4e521035d2

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52796",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T19:45:36.487225Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:52.629Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.019Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4f7f850611aa27aaaf1bf5687702ad2240ae442a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4d2d30f0792b47908af64c4d02ed1ee25ff50542"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/43b781e7cb5cd0b435de276111953bf2bacd1f02"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1f64cad3ac38ac5978b53c40e6c5e6fd3477c68f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/732a67ca436887b594ebc43bb5a04ffb0971a760"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8872dc638c24bb774cd2224a69d72a7f661a4d56"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/03cddc4df8c6be47fd27c8f8b87e5f9a989e1458"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/18f039428c7df183b09c69ebf10ffd4e521035d2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ipvlan/ipvlan_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4f7f850611aa",
              "status": "affected",
              "version": "2ad7bf363841",
              "versionType": "git"
            },
            {
              "lessThan": "4d2d30f0792b",
              "status": "affected",
              "version": "2ad7bf363841",
              "versionType": "git"
            },
            {
              "lessThan": "43b781e7cb5c",
              "status": "affected",
              "version": "2ad7bf363841",
              "versionType": "git"
            },
            {
              "lessThan": "1f64cad3ac38",
              "status": "affected",
              "version": "2ad7bf363841",
              "versionType": "git"
            },
            {
              "lessThan": "732a67ca4368",
              "status": "affected",
              "version": "2ad7bf363841",
              "versionType": "git"
            },
            {
              "lessThan": "8872dc638c24",
              "status": "affected",
              "version": "2ad7bf363841",
              "versionType": "git"
            },
            {
              "lessThan": "03cddc4df8c6",
              "status": "affected",
              "version": "2ad7bf363841",
              "versionType": "git"
            },
            {
              "lessThan": "18f039428c7d",
              "status": "affected",
              "version": "2ad7bf363841",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ipvlan/ipvlan_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.19"
            },
            {
              "lessThan": "3.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: add ipvlan_route_v6_outbound() helper\n\nInspired by syzbot reports using a stack of multiple ipvlan devices.\n\nReduce stack size needed in ipvlan_process_v6_outbound() by moving\nthe flowi6 struct used for the route lookup in an non inlined\nhelper. ipvlan_route_v6_outbound() needs 120 bytes on the stack,\nimmediately reclaimed.\n\nAlso make sure ipvlan_process_v4_outbound() is not inlined.\n\nWe might also have to lower MAX_NEST_DEV, because only syzbot uses\nsetups with more than four stacked devices.\n\nBUG: TASK stack guard page was hit at ffffc9000e803ff8 (stack is ffffc9000e804000..ffffc9000e808000)\nstack guard page: 0000 [#1] SMP KASAN\nCPU: 0 PID: 13442 Comm: syz-executor.4 Not tainted 6.1.52-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023\nRIP: 0010:kasan_check_range+0x4/0x2a0 mm/kasan/generic.c:188\nCode: 48 01 c6 48 89 c7 e8 db 4e c1 03 31 c0 5d c3 cc 0f 0b eb 02 0f 0b b8 ea ff ff ff 5d c3 cc 00 00 cc cc 00 00 cc cc 55 48 89 e5 \u003c41\u003e 57 41 56 41 55 41 54 53 b0 01 48 85 f6 0f 84 a4 01 00 00 48 89\nRSP: 0018:ffffc9000e804000 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817e5bf2\nRDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff887c6568\nRBP: ffffc9000e804000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92001d0080c\nR13: dffffc0000000000 R14: ffffffff87e6b100 R15: 0000000000000000\nFS: 00007fd0c55826c0(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000e803ff8 CR3: 0000000170ef7000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003c#DF\u003e\n\u003c/#DF\u003e\n\u003cTASK\u003e\n[\u003cffffffff81f281d1\u003e] __kasan_check_read+0x11/0x20 mm/kasan/shadow.c:31\n[\u003cffffffff817e5bf2\u003e] instrument_atomic_read include/linux/instrumented.h:72 [inline]\n[\u003cffffffff817e5bf2\u003e] _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n[\u003cffffffff817e5bf2\u003e] cpumask_test_cpu include/linux/cpumask.h:506 [inline]\n[\u003cffffffff817e5bf2\u003e] cpu_online include/linux/cpumask.h:1092 [inline]\n[\u003cffffffff817e5bf2\u003e] trace_lock_acquire include/trace/events/lock.h:24 [inline]\n[\u003cffffffff817e5bf2\u003e] lock_acquire+0xe2/0x590 kernel/locking/lockdep.c:5632\n[\u003cffffffff8563221e\u003e] rcu_lock_acquire+0x2e/0x40 include/linux/rcupdate.h:306\n[\u003cffffffff8561464d\u003e] rcu_read_lock include/linux/rcupdate.h:747 [inline]\n[\u003cffffffff8561464d\u003e] ip6_pol_route+0x15d/0x1440 net/ipv6/route.c:2221\n[\u003cffffffff85618120\u003e] ip6_pol_route_output+0x50/0x80 net/ipv6/route.c:2606\n[\u003cffffffff856f65b5\u003e] pol_lookup_func include/net/ip6_fib.h:584 [inline]\n[\u003cffffffff856f65b5\u003e] fib6_rule_lookup+0x265/0x620 net/ipv6/fib6_rules.c:116\n[\u003cffffffff85618009\u003e] ip6_route_output_flags_noref+0x2d9/0x3a0 net/ipv6/route.c:2638\n[\u003cffffffff8561821a\u003e] ip6_route_output_flags+0xca/0x340 net/ipv6/route.c:2651\n[\u003cffffffff838bd5a3\u003e] ip6_route_output include/net/ip6_route.h:100 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:473 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:529 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:602 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_queue_xmit+0xc33/0x1be0 drivers/net/ipvlan/ipvlan_core.c:677\n[\u003cffffffff838c2909\u003e] ipvlan_start_xmit+0x49/0x100 drivers/net/ipvlan/ipvlan_main.c:229\n[\u003cffffffff84d03900\u003e] netdev_start_xmit include/linux/netdevice.h:4966 [inline]\n[\u003cffffffff84d03900\u003e] xmit_one net/core/dev.c:3644 [inline]\n[\u003cffffffff84d03900\u003e] dev_hard_start_xmit+0x320/0x980 net/core/dev.c:3660\n[\u003cffffffff84d080e2\u003e] __dev_queue_xmit+0x16b2/0x3370 net/core/dev.c:4324\n[\u003cffffffff855ce4cd\u003e] dev_queue_xmit include/linux/netdevice.h:3067 [inline]\n[\u003cffffffff855ce4cd\u003e] neigh_hh_output include/net/neighbour.h:529 [inline]\n[\u003cf\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:53.688Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4f7f850611aa27aaaf1bf5687702ad2240ae442a"
        },
        {
          "url": "https://git.kernel.org/stable/c/4d2d30f0792b47908af64c4d02ed1ee25ff50542"
        },
        {
          "url": "https://git.kernel.org/stable/c/43b781e7cb5cd0b435de276111953bf2bacd1f02"
        },
        {
          "url": "https://git.kernel.org/stable/c/1f64cad3ac38ac5978b53c40e6c5e6fd3477c68f"
        },
        {
          "url": "https://git.kernel.org/stable/c/732a67ca436887b594ebc43bb5a04ffb0971a760"
        },
        {
          "url": "https://git.kernel.org/stable/c/8872dc638c24bb774cd2224a69d72a7f661a4d56"
        },
        {
          "url": "https://git.kernel.org/stable/c/03cddc4df8c6be47fd27c8f8b87e5f9a989e1458"
        },
        {
          "url": "https://git.kernel.org/stable/c/18f039428c7df183b09c69ebf10ffd4e521035d2"
        }
      ],
      "title": "ipvlan: add ipvlan_route_v6_outbound() helper",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52796",
    "datePublished": "2024-05-21T15:31:10.290Z",
    "dateReserved": "2024-05-21T15:19:24.246Z",
    "dateUpdated": "2024-11-04T14:52:53.688Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47469

Vulnerability from cvelistv5

Published

2024-05-22 06:23

Modified

2024-11-17 15:02

Severity ?

Summary

spi: Fix deadlock when adding SPI controllers on SPI buses

References

▼	URL	Tags
	https://git.kernel.org/stable/c/aa3f3d7bef59583f2d3234173105a27ff61ef8fe
	https://git.kernel.org/stable/c/c8dce228db6f81dbc897a018dfc5c418e917cf64
	https://git.kernel.org/stable/c/722ef19a161ce3fffb3d1b01ce2301c306639bdd
	https://git.kernel.org/stable/c/6098475d4cb48d821bdf453c61118c56e26294f0

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47469",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T18:03:27.288931Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T18:03:45.404Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.480Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/722ef19a161ce3fffb3d1b01ce2301c306639bdd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6098475d4cb48d821bdf453c61118c56e26294f0"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/spi/spi.c",
            "include/linux/spi/spi.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "aa3f3d7bef59",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c8dce228db6f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "722ef19a161c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6098475d4cb4",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/spi/spi.c",
            "include/linux/spi/spi.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.286",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.230",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: Fix deadlock when adding SPI controllers on SPI buses\n\nCurrently we have a global spi_add_lock which we take when adding new\ndevices so that we can check that we\u0027re not trying to reuse a chip\nselect that\u0027s already controlled.  This means that if the SPI device is\nitself a SPI controller and triggers the instantiation of further SPI\ndevices we trigger a deadlock as we try to register and instantiate\nthose devices while in the process of doing so for the parent controller\nand hence already holding the global spi_add_lock.  Since we only care\nabout concurrency within a single SPI bus move the lock to be per\ncontroller, avoiding the deadlock.\n\nThis can be easily triggered in the case of spi-mux."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-17T15:02:35.197Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/aa3f3d7bef59583f2d3234173105a27ff61ef8fe"
        },
        {
          "url": "https://git.kernel.org/stable/c/c8dce228db6f81dbc897a018dfc5c418e917cf64"
        },
        {
          "url": "https://git.kernel.org/stable/c/722ef19a161ce3fffb3d1b01ce2301c306639bdd"
        },
        {
          "url": "https://git.kernel.org/stable/c/6098475d4cb48d821bdf453c61118c56e26294f0"
        }
      ],
      "title": "spi: Fix deadlock when adding SPI controllers on SPI buses",
      "x_generator": {
        "engine": "bippy-8e903de6a542"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47469",
    "datePublished": "2024-05-22T06:23:27.629Z",
    "dateReserved": "2024-05-22T06:20:56.199Z",
    "dateUpdated": "2024-11-17T15:02:35.197Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47490

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:06

Severity ?

Summary

drm/ttm: fix memleak in ttm_transfered_destroy

References

▼	URL	Tags
	https://git.kernel.org/stable/c/bd99782f3ca491879e8524c89b1c0f40071903bd
	https://git.kernel.org/stable/c/960b1fdfc39aba8f41e9e27b2de0c925c74182d9
	https://git.kernel.org/stable/c/c21b4002214c1c7e7b627b9b53375612f7aab6db
	https://git.kernel.org/stable/c/bbc920fb320f1c241cc34ac85edaa0058922246a
	https://git.kernel.org/stable/c/132a3d998d6753047f22152731fba2b0d6b463dd
	https://git.kernel.org/stable/c/0db55f9a1bafbe3dac750ea669de9134922389b5

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47490",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-06T18:35:40.816155Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-06T18:35:50.447Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.749Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bd99782f3ca491879e8524c89b1c0f40071903bd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/960b1fdfc39aba8f41e9e27b2de0c925c74182d9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c21b4002214c1c7e7b627b9b53375612f7aab6db"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bbc920fb320f1c241cc34ac85edaa0058922246a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/132a3d998d6753047f22152731fba2b0d6b463dd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0db55f9a1bafbe3dac750ea669de9134922389b5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/ttm/ttm_bo_util.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "bd99782f3ca4",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "960b1fdfc39a",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c21b4002214c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "bbc920fb320f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "132a3d998d67",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "0db55f9a1baf",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/ttm/ttm_bo_util.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.157",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.158",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.77",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.78",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ttm: fix memleak in ttm_transfered_destroy\n\nWe need to cleanup the fences for ghost objects as well.\n\nBug: https://bugzilla.kernel.org/show_bug.cgi?id=214029\nBug: https://bugzilla.kernel.org/show_bug.cgi?id=214447"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:55.533Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/bd99782f3ca491879e8524c89b1c0f40071903bd"
        },
        {
          "url": "https://git.kernel.org/stable/c/960b1fdfc39aba8f41e9e27b2de0c925c74182d9"
        },
        {
          "url": "https://git.kernel.org/stable/c/c21b4002214c1c7e7b627b9b53375612f7aab6db"
        },
        {
          "url": "https://git.kernel.org/stable/c/bbc920fb320f1c241cc34ac85edaa0058922246a"
        },
        {
          "url": "https://git.kernel.org/stable/c/132a3d998d6753047f22152731fba2b0d6b463dd"
        },
        {
          "url": "https://git.kernel.org/stable/c/0db55f9a1bafbe3dac750ea669de9134922389b5"
        }
      ],
      "title": "drm/ttm: fix memleak in ttm_transfered_destroy",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47490",
    "datePublished": "2024-05-22T08:19:39.424Z",
    "dateReserved": "2024-05-22T06:20:56.201Z",
    "dateUpdated": "2024-11-04T12:06:55.533Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47488

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:06

Severity ?

Summary

cgroup: Fix memory leak caused by missing cgroup_bpf_offline

References

▼	URL	Tags
	https://git.kernel.org/stable/c/01599bf7cc2b49c3d2be886cb438647dc25446ed
	https://git.kernel.org/stable/c/b529f88d93884cf8ccafda793ee3d27b82fa578d
	https://git.kernel.org/stable/c/04f8ef5643bcd8bcde25dfdebef998aea480b2ba

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.588Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/01599bf7cc2b49c3d2be886cb438647dc25446ed"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b529f88d93884cf8ccafda793ee3d27b82fa578d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/04f8ef5643bcd8bcde25dfdebef998aea480b2ba"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47488",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:35:55.494242Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:53.086Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/cgroup/cgroup.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "01599bf7cc2b",
              "status": "affected",
              "version": "4bfc0bb2c60e",
              "versionType": "git"
            },
            {
              "lessThan": "b529f88d9388",
              "status": "affected",
              "version": "4bfc0bb2c60e",
              "versionType": "git"
            },
            {
              "lessThan": "04f8ef5643bc",
              "status": "affected",
              "version": "4bfc0bb2c60e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/cgroup/cgroup.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.3"
            },
            {
              "lessThan": "5.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.77",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncgroup: Fix memory leak caused by missing cgroup_bpf_offline\n\nWhen enabling CONFIG_CGROUP_BPF, kmemleak can be observed by running\nthe command as below:\n\n    $mount -t cgroup -o none,name=foo cgroup cgroup/\n    $umount cgroup/\n\nunreferenced object 0xc3585c40 (size 64):\n  comm \"mount\", pid 425, jiffies 4294959825 (age 31.990s)\n  hex dump (first 32 bytes):\n    01 00 00 80 84 8c 28 c0 00 00 00 00 00 00 00 00  ......(.........\n    00 00 00 00 00 00 00 00 6c 43 a0 c3 00 00 00 00  ........lC......\n  backtrace:\n    [\u003ce95a2f9e\u003e] cgroup_bpf_inherit+0x44/0x24c\n    [\u003c1f03679c\u003e] cgroup_setup_root+0x174/0x37c\n    [\u003ced4b0ac5\u003e] cgroup1_get_tree+0x2c0/0x4a0\n    [\u003cf85b12fd\u003e] vfs_get_tree+0x24/0x108\n    [\u003cf55aec5c\u003e] path_mount+0x384/0x988\n    [\u003ce2d5e9cd\u003e] do_mount+0x64/0x9c\n    [\u003c208c9cfe\u003e] sys_mount+0xfc/0x1f4\n    [\u003c06dd06e0\u003e] ret_fast_syscall+0x0/0x48\n    [\u003ca8308cb3\u003e] 0xbeb4daa8\n\nThis is because that since the commit 2b0d3d3e4fcf (\"percpu_ref: reduce\nmemory footprint of percpu_ref in fast path\") root_cgrp-\u003ebpf.refcnt.data\nis allocated by the function percpu_ref_init in cgroup_bpf_inherit which\nis called by cgroup_setup_root when mounting, but not freed along with\nroot_cgrp when umounting. Adding cgroup_bpf_offline which calls\npercpu_ref_kill to cgroup_kill_sb can free root_cgrp-\u003ebpf.refcnt.data in\numount path.\n\nThis patch also fixes the commit 4bfc0bb2c60e (\"bpf: decouple the lifetime\nof cgroup_bpf from cgroup itself\"). A cgroup_bpf_offline is needed to do a\ncleanup that frees the resources which are allocated by cgroup_bpf_inherit\nin cgroup_setup_root.\n\nAnd inside cgroup_bpf_offline, cgroup_get() is at the beginning and\ncgroup_put is at the end of cgroup_bpf_release which is called by\ncgroup_bpf_offline. So cgroup_bpf_offline can keep the balance of\ncgroup\u0027s refcount."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:53.179Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/01599bf7cc2b49c3d2be886cb438647dc25446ed"
        },
        {
          "url": "https://git.kernel.org/stable/c/b529f88d93884cf8ccafda793ee3d27b82fa578d"
        },
        {
          "url": "https://git.kernel.org/stable/c/04f8ef5643bcd8bcde25dfdebef998aea480b2ba"
        }
      ],
      "title": "cgroup: Fix memory leak caused by missing cgroup_bpf_offline",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47488",
    "datePublished": "2024-05-22T08:19:38.117Z",
    "dateReserved": "2024-05-22T06:20:56.201Z",
    "dateUpdated": "2024-11-04T12:06:53.179Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52732

Vulnerability from cvelistv5

Published

2024-05-21 15:22

Modified

2024-11-04 14:51

Severity ?

Summary

ceph: blocklist the kclient when receiving corrupted snap trace

References

▼	URL	Tags
	https://git.kernel.org/stable/c/66ec619e4591f8350f99c5269a7ce160cccc7a7c
	https://git.kernel.org/stable/c/a68e564adcaa69b0930809fb64d9d5f7d9c32ba9

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52732",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T17:31:40.303033Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:22.758Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.612Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/66ec619e4591f8350f99c5269a7ce160cccc7a7c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a68e564adcaa69b0930809fb64d9d5f7d9c32ba9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/ceph/addr.c",
            "fs/ceph/caps.c",
            "fs/ceph/file.c",
            "fs/ceph/mds_client.c",
            "fs/ceph/snap.c",
            "fs/ceph/super.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "66ec619e4591",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a68e564adcaa",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/ceph/addr.c",
            "fs/ceph/caps.c",
            "fs/ceph/file.c",
            "fs/ceph/mds_client.c",
            "fs/ceph/snap.c",
            "fs/ceph/super.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: blocklist the kclient when receiving corrupted snap trace\n\nWhen received corrupted snap trace we don\u0027t know what exactly has\nhappened in MDS side. And we shouldn\u0027t continue IOs and metadatas\naccess to MDS, which may corrupt or get incorrect contents.\n\nThis patch will just block all the further IO/MDS requests\nimmediately and then evict the kclient itself.\n\nThe reason why we still need to evict the kclient just after\nblocking all the further IOs is that the MDS could revoke the caps\nfaster."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:39.075Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/66ec619e4591f8350f99c5269a7ce160cccc7a7c"
        },
        {
          "url": "https://git.kernel.org/stable/c/a68e564adcaa69b0930809fb64d9d5f7d9c32ba9"
        }
      ],
      "title": "ceph: blocklist the kclient when receiving corrupted snap trace",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52732",
    "datePublished": "2024-05-21T15:22:57.926Z",
    "dateReserved": "2024-05-21T15:19:24.232Z",
    "dateUpdated": "2024-11-04T14:51:39.075Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47421

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

drm/amdgpu: handle the case of pci_channel_io_frozen only in amdgpu_pci_resume

References

▼	URL	Tags
	https://git.kernel.org/stable/c/72e9a1bf9b722628c28092e0c2cd8717edd201dc
	https://git.kernel.org/stable/c/248b061689a40f4fed05252ee2c89f87cf26d7d8

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.007Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/72e9a1bf9b722628c28092e0c2cd8717edd201dc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/248b061689a40f4fed05252ee2c89f87cf26d7d8"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47421",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:47.598437Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:56.726Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu.h",
            "drivers/gpu/drm/amd/amdgpu/amdgpu_device.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "72e9a1bf9b72",
              "status": "affected",
              "version": "c9a6b82f45e2",
              "versionType": "git"
            },
            {
              "lessThan": "248b061689a4",
              "status": "affected",
              "version": "c9a6b82f45e2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu.h",
            "drivers/gpu/drm/amd/amdgpu/amdgpu_device.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.10"
            },
            {
              "lessThan": "5.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: handle the case of pci_channel_io_frozen only in amdgpu_pci_resume\n\nIn current code, when a PCI error state pci_channel_io_normal is detectd,\nit will report PCI_ERS_RESULT_CAN_RECOVER status to PCI driver, and PCI\ndriver will continue the execution of PCI resume callback report_resume by\npci_walk_bridge, and the callback will go into amdgpu_pci_resume\nfinally, where write lock is releasd unconditionally without acquiring\nsuch lock first. In this case, a deadlock will happen when other threads\nstart to acquire the read lock.\n\nTo fix this, add a member in amdgpu_device strucutre to cache\npci_channel_state, and only continue the execution in amdgpu_pci_resume\nwhen it\u0027s pci_channel_io_frozen."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:35.287Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/72e9a1bf9b722628c28092e0c2cd8717edd201dc"
        },
        {
          "url": "https://git.kernel.org/stable/c/248b061689a40f4fed05252ee2c89f87cf26d7d8"
        }
      ],
      "title": "drm/amdgpu: handle the case of pci_channel_io_frozen only in amdgpu_pci_resume",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47421",
    "datePublished": "2024-05-21T15:04:09.296Z",
    "dateReserved": "2024-05-21T14:58:30.820Z",
    "dateUpdated": "2024-11-04T12:05:35.287Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47430

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-08 21:23

Severity ?

Summary

x86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n

References

▼	URL	Tags
	https://git.kernel.org/stable/c/f2447f6587b8ffe42ba04d14ce67d429a1163e5e
	https://git.kernel.org/stable/c/4e9ec1c65da98c293f75d83755dfa5e03075a6d0
	https://git.kernel.org/stable/c/3958b9c34c2729597e182cc606cc43942fd19f7c

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47430",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T18:16:26.363902Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T21:23:00.189Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.010Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f2447f6587b8ffe42ba04d14ce67d429a1163e5e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4e9ec1c65da98c293f75d83755dfa5e03075a6d0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3958b9c34c2729597e182cc606cc43942fd19f7c"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/kernel/cpu/common.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f2447f6587b8",
              "status": "affected",
              "version": "3c73b81a9164",
              "versionType": "git"
            },
            {
              "lessThan": "4e9ec1c65da9",
              "status": "affected",
              "version": "3c73b81a9164",
              "versionType": "git"
            },
            {
              "lessThan": "3958b9c34c27",
              "status": "affected",
              "version": "3c73b81a9164",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/kernel/cpu/common.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            },
            {
              "lessThan": "5.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.73",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n\n\nCommit\n\n  3c73b81a9164 (\"x86/entry, selftests: Further improve user entry sanity checks\")\n\nadded a warning if AC is set when in the kernel.\n\nCommit\n\n  662a0221893a3d (\"x86/entry: Fix AC assertion\")\n\nchanged the warning to only fire if the CPU supports SMAP.\n\nHowever, the warning can still trigger on a machine that supports SMAP\nbut where it\u0027s disabled in the kernel config and when running the\nsyscall_nt selftest, for example:\n\n  ------------[ cut here ]------------\n  WARNING: CPU: 0 PID: 49 at irqentry_enter_from_user_mode\n  CPU: 0 PID: 49 Comm: init Tainted: G                T 5.15.0-rc4+ #98 e6202628ee053b4f310759978284bd8bb0ce6905\n  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014\n  RIP: 0010:irqentry_enter_from_user_mode\n  ...\n  Call Trace:\n   ? irqentry_enter\n   ? exc_general_protection\n   ? asm_exc_general_protection\n   ? asm_exc_general_protectio\n\nIS_ENABLED(CONFIG_X86_SMAP) could be added to the warning condition, but\neven this would not be enough in case SMAP is disabled at boot time with\nthe \"nosmap\" parameter.\n\nTo be consistent with \"nosmap\" behaviour, clear X86_FEATURE_SMAP when\n!CONFIG_X86_SMAP.\n\nFound using entry-fuzz + satrandconfig.\n\n [ bp: Massage commit message. ]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:45.821Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f2447f6587b8ffe42ba04d14ce67d429a1163e5e"
        },
        {
          "url": "https://git.kernel.org/stable/c/4e9ec1c65da98c293f75d83755dfa5e03075a6d0"
        },
        {
          "url": "https://git.kernel.org/stable/c/3958b9c34c2729597e182cc606cc43942fd19f7c"
        }
      ],
      "title": "x86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47430",
    "datePublished": "2024-05-21T15:04:15.352Z",
    "dateReserved": "2024-05-21T14:58:30.829Z",
    "dateUpdated": "2024-11-08T21:23:00.189Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52792

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:52

Severity ?

Summary

cxl/region: Do not try to cleanup after cxl_region_setup_targets() fails

References

▼	URL	Tags
	https://git.kernel.org/stable/c/90db4c1d5ebaf574d3c3065c055977982c378a83
	https://git.kernel.org/stable/c/9090c5537c93cd0811ab7bfbd925b57addfffb60
	https://git.kernel.org/stable/c/07ffcd8ec79cf7383e1e45815f4842fd357991c2
	https://git.kernel.org/stable/c/0718588c7aaa7a1510b4de972370535b61dddd0d

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52792",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T15:19:10.363547Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T15:19:25.796Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.979Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/90db4c1d5ebaf574d3c3065c055977982c378a83"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9090c5537c93cd0811ab7bfbd925b57addfffb60"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/07ffcd8ec79cf7383e1e45815f4842fd357991c2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0718588c7aaa7a1510b4de972370535b61dddd0d"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/cxl/core/region.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "90db4c1d5eba",
              "status": "affected",
              "version": "5e42bcbc3fef",
              "versionType": "git"
            },
            {
              "lessThan": "9090c5537c93",
              "status": "affected",
              "version": "5e42bcbc3fef",
              "versionType": "git"
            },
            {
              "lessThan": "07ffcd8ec79c",
              "status": "affected",
              "version": "5e42bcbc3fef",
              "versionType": "git"
            },
            {
              "lessThan": "0718588c7aaa",
              "status": "affected",
              "version": "5e42bcbc3fef",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/cxl/core/region.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.0"
            },
            {
              "lessThan": "6.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/region: Do not try to cleanup after cxl_region_setup_targets() fails\n\nCommit 5e42bcbc3fef (\"cxl/region: decrement -\u003enr_targets on error in\ncxl_region_attach()\") tried to avoid \u0027eiw\u0027 initialization errors when\n-\u003enr_targets exceeded 16, by just decrementing -\u003enr_targets when\ncxl_region_setup_targets() failed.\n\nCommit 86987c766276 (\"cxl/region: Cleanup target list on attach error\")\nextended that cleanup to also clear cxled-\u003epos and p-\u003etargets[pos]. The\ninitialization error was incidentally fixed separately by:\nCommit 8d4285425714 (\"cxl/region: Fix port setup uninitialized variable\nwarnings\") which was merged a few days after 5e42bcbc3fef.\n\nBut now the original cleanup when cxl_region_setup_targets() fails\nprevents endpoint and switch decoder resources from being reused:\n\n1) the cleanup does not set the decoder\u0027s region to NULL, which results\n   in future dpa_size_store() calls returning -EBUSY\n2) the decoder is not properly freed, which results in future commit\n   errors associated with the upstream switch\n\nNow that the initialization errors were fixed separately, the proper\ncleanup for this case is to just return immediately. Then the resources\nassociated with this target get cleanup up as normal when the failed\nregion is deleted.\n\nThe -\u003enr_targets decrement in the error case also helped prevent\na p-\u003etargets[] array overflow, so add a new check to prevent against\nthat overflow.\n\nTested by trying to create an invalid region for a 2 switch * 2 endpoint\ntopology, and then following up with creating a valid region."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:50.117Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/90db4c1d5ebaf574d3c3065c055977982c378a83"
        },
        {
          "url": "https://git.kernel.org/stable/c/9090c5537c93cd0811ab7bfbd925b57addfffb60"
        },
        {
          "url": "https://git.kernel.org/stable/c/07ffcd8ec79cf7383e1e45815f4842fd357991c2"
        },
        {
          "url": "https://git.kernel.org/stable/c/0718588c7aaa7a1510b4de972370535b61dddd0d"
        }
      ],
      "title": "cxl/region: Do not try to cleanup after cxl_region_setup_targets() fails",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52792",
    "datePublished": "2024-05-21T15:31:07.633Z",
    "dateReserved": "2024-05-21T15:19:24.241Z",
    "dateUpdated": "2024-11-04T14:52:50.117Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52805

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

jfs: fix array-index-out-of-bounds in diAlloc

References

▼	URL	Tags
	https://git.kernel.org/stable/c/2308d0fb0dc32446b4e6ca37cd09c30374bb64e9
	https://git.kernel.org/stable/c/cf7e3e84df36a9953796c737f080712f631d7083
	https://git.kernel.org/stable/c/7467ca10a5ff09b0e87edf6c4d2a4bfdee69cf2c
	https://git.kernel.org/stable/c/1ba7df5457dc1c1071c5f92ac11323533a6430e1
	https://git.kernel.org/stable/c/64f062baf202b82f54987a3f614a6c8f3e466641
	https://git.kernel.org/stable/c/8c68af2af697ba2ba3b138be0c6d72e2ce3a3d6d
	https://git.kernel.org/stable/c/665b44e55c2767a4f899c3b18f49e9e1c9983777
	https://git.kernel.org/stable/c/1708d0a9917fea579cc9da3d87b154285abd2cd8
	https://git.kernel.org/stable/c/05d9ea1ceb62a55af6727a69269a4fd310edf483

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52805",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T17:20:14.067853Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:11.929Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.055Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2308d0fb0dc32446b4e6ca37cd09c30374bb64e9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cf7e3e84df36a9953796c737f080712f631d7083"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7467ca10a5ff09b0e87edf6c4d2a4bfdee69cf2c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1ba7df5457dc1c1071c5f92ac11323533a6430e1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/64f062baf202b82f54987a3f614a6c8f3e466641"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8c68af2af697ba2ba3b138be0c6d72e2ce3a3d6d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/665b44e55c2767a4f899c3b18f49e9e1c9983777"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1708d0a9917fea579cc9da3d87b154285abd2cd8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/05d9ea1ceb62a55af6727a69269a4fd310edf483"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/jfs/jfs_imap.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2308d0fb0dc3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "cf7e3e84df36",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "7467ca10a5ff",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "1ba7df5457dc",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "64f062baf202",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8c68af2af697",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "665b44e55c27",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "1708d0a9917f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "05d9ea1ceb62",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/jfs/jfs_imap.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.331",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds in diAlloc\n\nCurrently there is not check against the agno of the iag while\nallocating new inodes to avoid fragmentation problem. Added the check\nwhich is required."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:03.363Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2308d0fb0dc32446b4e6ca37cd09c30374bb64e9"
        },
        {
          "url": "https://git.kernel.org/stable/c/cf7e3e84df36a9953796c737f080712f631d7083"
        },
        {
          "url": "https://git.kernel.org/stable/c/7467ca10a5ff09b0e87edf6c4d2a4bfdee69cf2c"
        },
        {
          "url": "https://git.kernel.org/stable/c/1ba7df5457dc1c1071c5f92ac11323533a6430e1"
        },
        {
          "url": "https://git.kernel.org/stable/c/64f062baf202b82f54987a3f614a6c8f3e466641"
        },
        {
          "url": "https://git.kernel.org/stable/c/8c68af2af697ba2ba3b138be0c6d72e2ce3a3d6d"
        },
        {
          "url": "https://git.kernel.org/stable/c/665b44e55c2767a4f899c3b18f49e9e1c9983777"
        },
        {
          "url": "https://git.kernel.org/stable/c/1708d0a9917fea579cc9da3d87b154285abd2cd8"
        },
        {
          "url": "https://git.kernel.org/stable/c/05d9ea1ceb62a55af6727a69269a4fd310edf483"
        }
      ],
      "title": "jfs: fix array-index-out-of-bounds in diAlloc",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52805",
    "datePublished": "2024-05-21T15:31:16.374Z",
    "dateReserved": "2024-05-21T15:19:24.247Z",
    "dateUpdated": "2024-11-04T14:53:03.363Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52759

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

gfs2: ignore negated quota changes

References

▼	URL	Tags
	https://git.kernel.org/stable/c/1c28dace66015b675a343b89b0c87abbfda05ff4
	https://git.kernel.org/stable/c/b4deec69fe32b58dc5fb4ace52456ece85b75561
	https://git.kernel.org/stable/c/2bb42a27a92ff3984c9fa5fbe128eced3ea693f2
	https://git.kernel.org/stable/c/2a054b87a1b799b391e578597a42ee6e57a987ae
	https://git.kernel.org/stable/c/5bfda356e903633d16ae1bac1ee38364e12628a3
	https://git.kernel.org/stable/c/53fc16c1ad84f5467ec24341670b63aa759335d3
	https://git.kernel.org/stable/c/212f112fe5e90e98eb8d48585682880dae139f4c
	https://git.kernel.org/stable/c/119565e566f91ff3588ffcd5812f0c8061586c6b
	https://git.kernel.org/stable/c/50e33567bc4a1c4ed79a1d289fe93c9a26491848
	https://git.kernel.org/stable/c/4c6a08125f2249531ec01783a5f4317d7342add5

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52759",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T19:42:27.384958Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:47.464Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.888Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1c28dace66015b675a343b89b0c87abbfda05ff4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b4deec69fe32b58dc5fb4ace52456ece85b75561"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2bb42a27a92ff3984c9fa5fbe128eced3ea693f2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2a054b87a1b799b391e578597a42ee6e57a987ae"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5bfda356e903633d16ae1bac1ee38364e12628a3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/53fc16c1ad84f5467ec24341670b63aa759335d3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/212f112fe5e90e98eb8d48585682880dae139f4c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/119565e566f91ff3588ffcd5812f0c8061586c6b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4c6a08125f2249531ec01783a5f4317d7342add5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/gfs2/quota.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1c28dace6601",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "b4deec69fe32",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2bb42a27a92f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2a054b87a1b7",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "5bfda356e903",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "53fc16c1ad84",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "212f112fe5e9",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "119565e566f9",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "50e33567bc4a",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "4c6a08125f22",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/gfs2/quota.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.331",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.57",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: ignore negated quota changes\n\nWhen lots of quota changes are made, there may be cases in which an\ninode\u0027s quota information is increased and then decreased, such as when\nblocks are added to a file, then deleted from it. If the timing is\nright, function do_qc can add pending quota changes to a transaction,\nthen later, another call to do_qc can negate those changes, resulting\nin a net gain of 0. The quota_change information is recorded in the qc\nbuffer (and qd element of the inode as well). The buffer is added to the\ntransaction by the first call to do_qc, but a subsequent call changes\nthe value from non-zero back to zero. At that point it\u0027s too late to\nremove the buffer_head from the transaction. Later, when the quota sync\ncode is called, the zero-change qd element is discovered and flagged as\nan assert warning. If the fs is mounted with errors=panic, the kernel\nwill panic.\n\nThis is usually seen when files are truncated and the quota changes are\nnegated by punch_hole/truncate which uses gfs2_quota_hold and\ngfs2_quota_unhold rather than block allocations that use gfs2_quota_lock\nand gfs2_quota_unlock which automatically do quota sync.\n\nThis patch solves the problem by adding a check to qd_check_sync such\nthat net-zero quota changes already added to the transaction are no\nlonger deemed necessary to be synced, and skipped.\n\nIn this case references are taken for the qd and the slot from do_qc\nso those need to be put. The normal sequence of events for a normal\nnon-zero quota change is as follows:\n\ngfs2_quota_change\n   do_qc\n      qd_hold\n      slot_hold\n\nLater, when the changes are to be synced:\n\ngfs2_quota_sync\n   qd_fish\n      qd_check_sync\n         gets qd ref via lockref_get_not_dead\n   do_sync\n      do_qc(QC_SYNC)\n         qd_put\n\t    lockref_put_or_lock\n   qd_unlock\n      qd_put\n         lockref_put_or_lock\n\nIn the net-zero change case, we add a check to qd_check_sync so it puts\nthe qd and slot references acquired in gfs2_quota_change and skip the\nunneeded sync."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:08.262Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1c28dace66015b675a343b89b0c87abbfda05ff4"
        },
        {
          "url": "https://git.kernel.org/stable/c/b4deec69fe32b58dc5fb4ace52456ece85b75561"
        },
        {
          "url": "https://git.kernel.org/stable/c/2bb42a27a92ff3984c9fa5fbe128eced3ea693f2"
        },
        {
          "url": "https://git.kernel.org/stable/c/2a054b87a1b799b391e578597a42ee6e57a987ae"
        },
        {
          "url": "https://git.kernel.org/stable/c/5bfda356e903633d16ae1bac1ee38364e12628a3"
        },
        {
          "url": "https://git.kernel.org/stable/c/53fc16c1ad84f5467ec24341670b63aa759335d3"
        },
        {
          "url": "https://git.kernel.org/stable/c/212f112fe5e90e98eb8d48585682880dae139f4c"
        },
        {
          "url": "https://git.kernel.org/stable/c/119565e566f91ff3588ffcd5812f0c8061586c6b"
        },
        {
          "url": "https://git.kernel.org/stable/c/50e33567bc4a1c4ed79a1d289fe93c9a26491848"
        },
        {
          "url": "https://git.kernel.org/stable/c/4c6a08125f2249531ec01783a5f4317d7342add5"
        }
      ],
      "title": "gfs2: ignore negated quota changes",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52759",
    "datePublished": "2024-05-21T15:30:45.773Z",
    "dateReserved": "2024-05-21T15:19:24.237Z",
    "dateUpdated": "2024-11-04T14:52:08.262Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47465

Vulnerability from cvelistv5

Published

2024-05-22 06:23

Modified

2024-11-07 14:41

Severity ?

7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Summary

KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/80bbb0bc3a0288442f7fe6fc514f4ee1cb06ccb7
	https://git.kernel.org/stable/c/fbd724c49bead048ae9fc1a5b7bff2fb3e54f855
	https://git.kernel.org/stable/c/6d077c37c4643394b1bae9682da48164fc147ea8
	https://git.kernel.org/stable/c/9b4416c5095c20e110c82ae602c254099b83b72f

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.1,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47465",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T18:41:27.701748Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T14:41:05.510Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.601Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/80bbb0bc3a0288442f7fe6fc514f4ee1cb06ccb7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fbd724c49bead048ae9fc1a5b7bff2fb3e54f855"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6d077c37c4643394b1bae9682da48164fc147ea8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9b4416c5095c20e110c82ae602c254099b83b72f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/powerpc/kvm/book3s_hv_rmhandlers.S"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "80bbb0bc3a02",
              "status": "affected",
              "version": "10d91611f426",
              "versionType": "git"
            },
            {
              "lessThan": "fbd724c49bea",
              "status": "affected",
              "version": "10d91611f426",
              "versionType": "git"
            },
            {
              "lessThan": "6d077c37c464",
              "status": "affected",
              "version": "10d91611f426",
              "versionType": "git"
            },
            {
              "lessThan": "9b4416c5095c",
              "status": "affected",
              "version": "10d91611f426",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/powerpc/kvm/book3s_hv_rmhandlers.S"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.2"
            },
            {
              "lessThan": "5.2",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.156",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.76",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest()\n\nIn commit 10d91611f426 (\"powerpc/64s: Reimplement book3s idle code in\nC\") kvm_start_guest() became idle_kvm_start_guest(). The old code\nallocated a stack frame on the emergency stack, but didn\u0027t use the\nframe to store anything, and also didn\u0027t store anything in its caller\u0027s\nframe.\n\nidle_kvm_start_guest() on the other hand is written more like a normal C\nfunction, it creates a frame on entry, and also stores CR/LR into its\ncallers frame (per the ABI). The problem is that there is no caller\nframe on the emergency stack.\n\nThe emergency stack for a given CPU is allocated with:\n\n  paca_ptrs[i]-\u003eemergency_sp = alloc_stack(limit, i) + THREAD_SIZE;\n\nSo emergency_sp actually points to the first address above the emergency\nstack allocation for a given CPU, we must not store above it without\nfirst decrementing it to create a frame. This is different to the\nregular kernel stack, paca-\u003ekstack, which is initialised to point at an\ninitial frame that is ready to use.\n\nidle_kvm_start_guest() stores the backchain, CR and LR all of which\nwrite outside the allocation for the emergency stack. It then creates a\nstack frame and saves the non-volatile registers. Unfortunately the\nframe it creates is not large enough to fit the non-volatiles, and so\nthe saving of the non-volatile registers also writes outside the\nemergency stack allocation.\n\nThe end result is that we corrupt whatever is at 0-24 bytes, and 112-248\nbytes above the emergency stack allocation.\n\nIn practice this has gone unnoticed because the memory immediately above\nthe emergency stack happens to be used for other stack allocations,\neither another CPUs mc_emergency_sp or an IRQ stack. See the order of\ncalls to irqstack_early_init() and emergency_stack_init().\n\nThe low addresses of another stack are the top of that stack, and so are\nonly used if that stack is under extreme pressue, which essentially\nnever happens in practice - and if it did there\u0027s a high likelyhood we\u0027d\ncrash due to that stack overflowing.\n\nStill, we shouldn\u0027t be corrupting someone else\u0027s stack, and it is purely\nluck that we aren\u0027t corrupting something else.\n\nTo fix it we save CR/LR into the caller\u0027s frame using the existing r1 on\nentry, we then create a SWITCH_FRAME_SIZE frame (which has space for\npt_regs) on the emergency stack with the backchain pointing to the\nexisting stack, and then finally we switch to the new frame on the\nemergency stack."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:28.290Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/80bbb0bc3a0288442f7fe6fc514f4ee1cb06ccb7"
        },
        {
          "url": "https://git.kernel.org/stable/c/fbd724c49bead048ae9fc1a5b7bff2fb3e54f855"
        },
        {
          "url": "https://git.kernel.org/stable/c/6d077c37c4643394b1bae9682da48164fc147ea8"
        },
        {
          "url": "https://git.kernel.org/stable/c/9b4416c5095c20e110c82ae602c254099b83b72f"
        }
      ],
      "title": "KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47465",
    "datePublished": "2024-05-22T06:23:25.027Z",
    "dateReserved": "2024-05-22T06:20:56.198Z",
    "dateUpdated": "2024-11-07T14:41:05.510Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52753

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

drm/amd/display: Avoid NULL dereference of timing generator

References

▼	URL	Tags
	https://git.kernel.org/stable/c/09909f515032fa80b921fd3118efe66b185d10fd
	https://git.kernel.org/stable/c/eac3e4760aa12159f7f5475d55a67b7933abc195
	https://git.kernel.org/stable/c/79b6a90f4f2433312154cd68452b0ba501fa74db
	https://git.kernel.org/stable/c/4e497f1acd99075b13605b2e7fa0cba721a2cfd9
	https://git.kernel.org/stable/c/8a06894666e0b462c9316b26ab615cefdd0d676c
	https://git.kernel.org/stable/c/6d8653b1a7a8dc938b566ae8c4f373b36e792c68
	https://git.kernel.org/stable/c/df8bc953eed72371e43ca407bd063507f760cf89
	https://git.kernel.org/stable/c/b1904ed480cee3f9f4036ea0e36d139cb5fee2d6

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52753",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T19:43:36.953665Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:11.593Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.696Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/09909f515032fa80b921fd3118efe66b185d10fd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eac3e4760aa12159f7f5475d55a67b7933abc195"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/79b6a90f4f2433312154cd68452b0ba501fa74db"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4e497f1acd99075b13605b2e7fa0cba721a2cfd9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8a06894666e0b462c9316b26ab615cefdd0d676c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6d8653b1a7a8dc938b566ae8c4f373b36e792c68"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/df8bc953eed72371e43ca407bd063507f760cf89"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b1904ed480cee3f9f4036ea0e36d139cb5fee2d6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/display/dc/core/dc_stream.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "09909f515032",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "eac3e4760aa1",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "79b6a90f4f24",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "4e497f1acd99",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8a06894666e0",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6d8653b1a7a8",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "df8bc953eed7",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "b1904ed480ce",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/display/dc/core/dc_stream.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid NULL dereference of timing generator\n\n[Why \u0026 How]\nCheck whether assigned timing generator is NULL or not before\naccessing its funcs to prevent NULL dereference."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:03.402Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/09909f515032fa80b921fd3118efe66b185d10fd"
        },
        {
          "url": "https://git.kernel.org/stable/c/eac3e4760aa12159f7f5475d55a67b7933abc195"
        },
        {
          "url": "https://git.kernel.org/stable/c/79b6a90f4f2433312154cd68452b0ba501fa74db"
        },
        {
          "url": "https://git.kernel.org/stable/c/4e497f1acd99075b13605b2e7fa0cba721a2cfd9"
        },
        {
          "url": "https://git.kernel.org/stable/c/8a06894666e0b462c9316b26ab615cefdd0d676c"
        },
        {
          "url": "https://git.kernel.org/stable/c/6d8653b1a7a8dc938b566ae8c4f373b36e792c68"
        },
        {
          "url": "https://git.kernel.org/stable/c/df8bc953eed72371e43ca407bd063507f760cf89"
        },
        {
          "url": "https://git.kernel.org/stable/c/b1904ed480cee3f9f4036ea0e36d139cb5fee2d6"
        }
      ],
      "title": "drm/amd/display: Avoid NULL dereference of timing generator",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52753",
    "datePublished": "2024-05-21T15:30:41.548Z",
    "dateReserved": "2024-05-21T15:19:24.234Z",
    "dateUpdated": "2024-11-04T14:52:03.402Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47406

Vulnerability from cvelistv5

Published

2024-05-21 15:03

Modified

2024-11-04 12:05

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

ext4: add error checking to ext4_ext_replay_set_iblocks()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/a63474dbf692dd09b50fed592bc41f6de5f102fc
	https://git.kernel.org/stable/c/27e10c5d31ff1d222c7f797f1ee96d422859ba67
	https://git.kernel.org/stable/c/1fd95c05d8f742abfe906620780aee4dbe1a2db0

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47406",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T18:09:07.067363Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-01T19:15:09.194Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.310Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a63474dbf692dd09b50fed592bc41f6de5f102fc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/27e10c5d31ff1d222c7f797f1ee96d422859ba67"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1fd95c05d8f742abfe906620780aee4dbe1a2db0"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/ext4/extents.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a63474dbf692",
              "status": "affected",
              "version": "8016e29f4362",
              "versionType": "git"
            },
            {
              "lessThan": "27e10c5d31ff",
              "status": "affected",
              "version": "8016e29f4362",
              "versionType": "git"
            },
            {
              "lessThan": "1fd95c05d8f7",
              "status": "affected",
              "version": "8016e29f4362",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/ext4/extents.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.10"
            },
            {
              "lessThan": "5.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.71",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: add error checking to ext4_ext_replay_set_iblocks()\n\nIf the call to ext4_map_blocks() fails due to an corrupted file\nsystem, ext4_ext_replay_set_iblocks() can get stuck in an infinite\nloop.  This could be reproduced by running generic/526 with a file\nsystem that has inline_data and fast_commit enabled.  The system will\nrepeatedly log to the console:\n\nEXT4-fs warning (device dm-3): ext4_block_to_path:105: block 1074800922 \u003e max in inode 131076\n\nand the stack that it gets stuck in is:\n\n   ext4_block_to_path+0xe3/0x130\n   ext4_ind_map_blocks+0x93/0x690\n   ext4_map_blocks+0x100/0x660\n   skip_hole+0x47/0x70\n   ext4_ext_replay_set_iblocks+0x223/0x440\n   ext4_fc_replay_inode+0x29e/0x3b0\n   ext4_fc_replay+0x278/0x550\n   do_one_pass+0x646/0xc10\n   jbd2_journal_recover+0x14a/0x270\n   jbd2_journal_load+0xc4/0x150\n   ext4_load_journal+0x1f3/0x490\n   ext4_fill_super+0x22d4/0x2c00\n\nWith this patch, generic/526 still fails, but system is no longer\nlocking up in a tight loop.  It\u0027s likely the root casue is that\nfast_commit replay is corrupting file systems with inline_data, and we\nprobably need to add better error handling in the fast commit replay\ncode path beyond what is done here, which essentially just breaks the\ninfinite loop without reporting the to the higher levels of the code."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:18.966Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a63474dbf692dd09b50fed592bc41f6de5f102fc"
        },
        {
          "url": "https://git.kernel.org/stable/c/27e10c5d31ff1d222c7f797f1ee96d422859ba67"
        },
        {
          "url": "https://git.kernel.org/stable/c/1fd95c05d8f742abfe906620780aee4dbe1a2db0"
        }
      ],
      "title": "ext4: add error checking to ext4_ext_replay_set_iblocks()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47406",
    "datePublished": "2024-05-21T15:03:59.334Z",
    "dateReserved": "2024-05-21T14:58:30.817Z",
    "dateUpdated": "2024-11-04T12:05:18.966Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47482

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:06

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

net: batman-adv: fix error handling

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73
	https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20
	https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00
	https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51
	https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e
	https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8
	https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347
	https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:linux:kernel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "6f68cd634856",
                "status": "affected",
                "version": "c6c8fea29769",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47482",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T14:23:49.834451Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-544",
                "description": "CWE-544 Missing Standardized Error Handling Mechanism",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:15:18.900Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.554Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/batman-adv/bridge_loop_avoidance.c",
            "net/batman-adv/main.c",
            "net/batman-adv/network-coding.c",
            "net/batman-adv/translation-table.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0c6b199f09be",
              "status": "affected",
              "version": "c6c8fea29769",
              "versionType": "git"
            },
            {
              "lessThan": "07533f1a673c",
              "status": "affected",
              "version": "c6c8fea29769",
              "versionType": "git"
            },
            {
              "lessThan": "e50f95765219",
              "status": "affected",
              "version": "c6c8fea29769",
              "versionType": "git"
            },
            {
              "lessThan": "fbf150b16a36",
              "status": "affected",
              "version": "c6c8fea29769",
              "versionType": "git"
            },
            {
              "lessThan": "6422e8471890",
              "status": "affected",
              "version": "c6c8fea29769",
              "versionType": "git"
            },
            {
              "lessThan": "b0a2cd38553c",
              "status": "affected",
              "version": "c6c8fea29769",
              "versionType": "git"
            },
            {
              "lessThan": "a8f7359259dd",
              "status": "affected",
              "version": "c6c8fea29769",
              "versionType": "git"
            },
            {
              "lessThan": "6f68cd634856",
              "status": "affected",
              "version": "c6c8fea29769",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/batman-adv/bridge_loop_avoidance.c",
            "net/batman-adv/main.c",
            "net/batman-adv/network-coding.c",
            "net/batman-adv/translation-table.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.38"
            },
            {
              "lessThan": "2.6.38",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.293",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.289",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.254",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.215",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.157",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.77",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: batman-adv: fix error handling\n\nSyzbot reported ODEBUG warning in batadv_nc_mesh_free(). The problem was\nin wrong error handling in batadv_mesh_init().\n\nBefore this patch batadv_mesh_init() was calling batadv_mesh_free() in case\nof any batadv_*_init() calls failure. This approach may work well, when\nthere is some kind of indicator, which can tell which parts of batadv are\ninitialized; but there isn\u0027t any.\n\nAll written above lead to cleaning up uninitialized fields. Even if we hide\nODEBUG warning by initializing bat_priv-\u003enc.work, syzbot was able to hit\nGPF in batadv_nc_purge_paths(), because hash pointer in still NULL. [1]\n\nTo fix these bugs we can unwind batadv_*_init() calls one by one.\nIt is good approach for 2 reasons: 1) It fixes bugs on error handling\npath 2) It improves the performance, since we won\u0027t call unneeded\nbatadv_*_free() functions.\n\nSo, this patch makes all batadv_*_init() clean up all allocated memory\nbefore returning with an error to no call correspoing batadv_*_free()\nand open-codes batadv_mesh_free() with proper order to avoid touching\nuninitialized fields."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:47.202Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73"
        },
        {
          "url": "https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20"
        },
        {
          "url": "https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00"
        },
        {
          "url": "https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51"
        },
        {
          "url": "https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e"
        },
        {
          "url": "https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8"
        },
        {
          "url": "https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347"
        },
        {
          "url": "https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68"
        }
      ],
      "title": "net: batman-adv: fix error handling",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47482",
    "datePublished": "2024-05-22T08:19:34.174Z",
    "dateReserved": "2024-05-22T06:20:56.200Z",
    "dateUpdated": "2024-11-04T12:06:47.202Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52740

Vulnerability from cvelistv5

Published

2024-05-21 15:23

Modified

2024-11-04 14:51

Severity ?

Summary

powerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch

References

▼	URL	Tags
	https://git.kernel.org/stable/c/86f7e423933608d536015a0f2eb9e0338c1227e0
	https://git.kernel.org/stable/c/6f097c24815e67909a1fcc2c605586d02babd673
	https://git.kernel.org/stable/c/2ea31e2e62bbc4d11c411eeb36f1b02841dbcab1

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52740",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T18:15:22.000735Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:49.892Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.916Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/86f7e423933608d536015a0f2eb9e0338c1227e0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6f097c24815e67909a1fcc2c605586d02babd673"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2ea31e2e62bbc4d11c411eeb36f1b02841dbcab1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/powerpc/kernel/interrupt.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "86f7e4239336",
              "status": "affected",
              "version": "13799748b957",
              "versionType": "git"
            },
            {
              "lessThan": "6f097c24815e",
              "status": "affected",
              "version": "13799748b957",
              "versionType": "git"
            },
            {
              "lessThan": "2ea31e2e62bb",
              "status": "affected",
              "version": "13799748b957",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/powerpc/kernel/interrupt.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "lessThan": "5.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.94",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch\n\nThe RFI and STF security mitigation options can flip the\ninterrupt_exit_not_reentrant static branch condition concurrently with\nthe interrupt exit code which tests that branch.\n\nInterrupt exit tests this condition to set MSR[EE|RI] for exit, then\nagain in the case a soft-masked interrupt is found pending, to recover\nthe MSR so the interrupt can be replayed before attempting to exit\nagain. If the condition changes between these two tests, the MSR and irq\nsoft-mask state will become corrupted, leading to warnings and possible\ncrashes. For example, if the branch is initially true then false,\nMSR[EE] will be 0 but PACA_IRQ_HARD_DIS clear and EE may not get\nenabled, leading to warnings in irq_64.c."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:51:47.485Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/86f7e423933608d536015a0f2eb9e0338c1227e0"
        },
        {
          "url": "https://git.kernel.org/stable/c/6f097c24815e67909a1fcc2c605586d02babd673"
        },
        {
          "url": "https://git.kernel.org/stable/c/2ea31e2e62bbc4d11c411eeb36f1b02841dbcab1"
        }
      ],
      "title": "powerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52740",
    "datePublished": "2024-05-21T15:23:03.201Z",
    "dateReserved": "2024-05-21T15:19:24.233Z",
    "dateUpdated": "2024-11-04T14:51:47.485Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47463

Vulnerability from cvelistv5

Published

2024-05-22 06:23

Modified

2024-11-04 12:06

Severity ?

Summary

mm/secretmem: fix NULL page->mapping dereference in page_is_secretmem()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/b77ba1e02345bafd703f0d407bdbd88c3be1f767
	https://git.kernel.org/stable/c/79f9bc5843142b649575f887dccdf1c07ad75c20

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47463",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T17:54:35.234529Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:47.455Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.505Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b77ba1e02345bafd703f0d407bdbd88c3be1f767"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/79f9bc5843142b649575f887dccdf1c07ad75c20"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/linux/secretmem.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b77ba1e02345",
              "status": "affected",
              "version": "1507f51255c9",
              "versionType": "git"
            },
            {
              "lessThan": "79f9bc584314",
              "status": "affected",
              "version": "1507f51255c9",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "include/linux/secretmem.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "lessThan": "5.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/secretmem: fix NULL page-\u003emapping dereference in page_is_secretmem()\n\nCheck for a NULL page-\u003emapping before dereferencing the mapping in\npage_is_secretmem(), as the page\u0027s mapping can be nullified while gup()\nis running, e.g.  by reclaim or truncation.\n\n  BUG: kernel NULL pointer dereference, address: 0000000000000068\n  #PF: supervisor read access in kernel mode\n  #PF: error_code(0x0000) - not-present page\n  PGD 0 P4D 0\n  Oops: 0000 [#1] PREEMPT SMP NOPTI\n  CPU: 6 PID: 4173897 Comm: CPU 3/KVM Tainted: G        W\n  RIP: 0010:internal_get_user_pages_fast+0x621/0x9d0\n  Code: \u003c48\u003e 81 7a 68 80 08 04 bc 0f 85 21 ff ff 8 89 c7 be\n  RSP: 0018:ffffaa90087679b0 EFLAGS: 00010046\n  RAX: ffffe3f37905b900 RBX: 00007f2dd561e000 RCX: ffffe3f37905b934\n  RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffe3f37905b900\n  ...\n  CR2: 0000000000000068 CR3: 00000004c5898003 CR4: 00000000001726e0\n  Call Trace:\n   get_user_pages_fast_only+0x13/0x20\n   hva_to_pfn+0xa9/0x3e0\n   try_async_pf+0xa1/0x270\n   direct_page_fault+0x113/0xad0\n   kvm_mmu_page_fault+0x69/0x680\n   vmx_handle_exit+0xe1/0x5d0\n   kvm_arch_vcpu_ioctl_run+0xd81/0x1c70\n   kvm_vcpu_ioctl+0x267/0x670\n   __x64_sys_ioctl+0x83/0xa0\n   do_syscall_64+0x56/0x80\n   entry_SYSCALL_64_after_hwframe+0x44/0xae"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:25.964Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b77ba1e02345bafd703f0d407bdbd88c3be1f767"
        },
        {
          "url": "https://git.kernel.org/stable/c/79f9bc5843142b649575f887dccdf1c07ad75c20"
        }
      ],
      "title": "mm/secretmem: fix NULL page-\u003emapping dereference in page_is_secretmem()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47463",
    "datePublished": "2024-05-22T06:23:23.688Z",
    "dateReserved": "2024-05-22T06:20:56.198Z",
    "dateUpdated": "2024-11-04T12:06:25.964Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52811

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool

References

▼	URL	Tags
	https://git.kernel.org/stable/c/e1d1f79b1929dce470a5dc9281c574cd58e8c6c0
	https://git.kernel.org/stable/c/88984ec4792766df5a9de7a2ff2b5f281f94c7d4
	https://git.kernel.org/stable/c/d2af4ef80601224b90630c1ddc7cd2c7c8ab4dd8
	https://git.kernel.org/stable/c/8bbe784c2ff28d56ca0c548aaf3e584edc77052d
	https://git.kernel.org/stable/c/b39f2d10b86d0af353ea339e5815820026bca48f

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52811",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T17:41:58.046532Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-31T14:23:46.948Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.895Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e1d1f79b1929dce470a5dc9281c574cd58e8c6c0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/88984ec4792766df5a9de7a2ff2b5f281f94c7d4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d2af4ef80601224b90630c1ddc7cd2c7c8ab4dd8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8bbe784c2ff28d56ca0c548aaf3e584edc77052d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b39f2d10b86d0af353ea339e5815820026bca48f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/ibmvscsi/ibmvfc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e1d1f79b1929",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "88984ec47927",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d2af4ef80601",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8bbe784c2ff2",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "b39f2d10b86d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/ibmvscsi/ibmvfc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ibmvfc: Remove BUG_ON in the case of an empty event pool\n\nIn practice the driver should never send more commands than are allocated\nto a queue\u0027s event pool. In the unlikely event that this happens, the code\nasserts a BUG_ON, and in the case that the kernel is not configured to\ncrash on panic returns a junk event pointer from the empty event list\ncausing things to spiral from there. This BUG_ON is a historical artifact\nof the ibmvfc driver first being upstreamed, and it is well known now that\nthe use of BUG_ON is bad practice except in the most unrecoverable\nscenario. There is nothing about this scenario that prevents the driver\nfrom recovering and carrying on.\n\nRemove the BUG_ON in question from ibmvfc_get_event() and return a NULL\npointer in the case of an empty event pool. Update all call sites to\nibmvfc_get_event() to check for a NULL pointer and perfrom the appropriate\nfailure or recovery action."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:10.556Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e1d1f79b1929dce470a5dc9281c574cd58e8c6c0"
        },
        {
          "url": "https://git.kernel.org/stable/c/88984ec4792766df5a9de7a2ff2b5f281f94c7d4"
        },
        {
          "url": "https://git.kernel.org/stable/c/d2af4ef80601224b90630c1ddc7cd2c7c8ab4dd8"
        },
        {
          "url": "https://git.kernel.org/stable/c/8bbe784c2ff28d56ca0c548aaf3e584edc77052d"
        },
        {
          "url": "https://git.kernel.org/stable/c/b39f2d10b86d0af353ea339e5815820026bca48f"
        }
      ],
      "title": "scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52811",
    "datePublished": "2024-05-21T15:31:20.282Z",
    "dateReserved": "2024-05-21T15:19:24.248Z",
    "dateUpdated": "2024-11-04T14:53:10.556Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52777

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

wifi: ath11k: fix gtk offload status event locking

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0cf7577b6b3153b4b49deea9719fe43f96469c6d
	https://git.kernel.org/stable/c/cf9c7d783a2bf9305df4ef5b93d9063a52e18fca
	https://git.kernel.org/stable/c/e83246ecd3b193f8d91fce778e8a5ba747fc7d8a
	https://git.kernel.org/stable/c/1dea3c0720a146bd7193969f2847ccfed5be2221

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52777",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T19:02:33.104865Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T19:03:07.955Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.014Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0cf7577b6b3153b4b49deea9719fe43f96469c6d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cf9c7d783a2bf9305df4ef5b93d9063a52e18fca"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e83246ecd3b193f8d91fce778e8a5ba747fc7d8a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1dea3c0720a146bd7193969f2847ccfed5be2221"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath11k/wmi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0cf7577b6b31",
              "status": "affected",
              "version": "a16d9b50cfba",
              "versionType": "git"
            },
            {
              "lessThan": "cf9c7d783a2b",
              "status": "affected",
              "version": "a16d9b50cfba",
              "versionType": "git"
            },
            {
              "lessThan": "e83246ecd3b1",
              "status": "affected",
              "version": "a16d9b50cfba",
              "versionType": "git"
            },
            {
              "lessThan": "1dea3c0720a1",
              "status": "affected",
              "version": "a16d9b50cfba",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath11k/wmi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.19"
            },
            {
              "lessThan": "5.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix gtk offload status event locking\n\nThe ath11k active pdevs are protected by RCU but the gtk offload status\nevent handling code calling ath11k_mac_get_arvif_by_vdev_id() was not\nmarked as a read-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:30.957Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0cf7577b6b3153b4b49deea9719fe43f96469c6d"
        },
        {
          "url": "https://git.kernel.org/stable/c/cf9c7d783a2bf9305df4ef5b93d9063a52e18fca"
        },
        {
          "url": "https://git.kernel.org/stable/c/e83246ecd3b193f8d91fce778e8a5ba747fc7d8a"
        },
        {
          "url": "https://git.kernel.org/stable/c/1dea3c0720a146bd7193969f2847ccfed5be2221"
        }
      ],
      "title": "wifi: ath11k: fix gtk offload status event locking",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52777",
    "datePublished": "2024-05-21T15:30:57.598Z",
    "dateReserved": "2024-05-21T15:19:24.240Z",
    "dateUpdated": "2024-11-04T14:52:30.957Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52823

Vulnerability from cvelistv5

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2024-05-24T10:16:07.397Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52823",
    "datePublished": "2024-05-21T15:31:28.211Z",
    "dateRejected": "2024-05-24T10:16:07.397Z",
    "dateReserved": "2024-05-21T15:19:24.249Z",
    "dateUpdated": "2024-05-24T10:16:07.397Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52879

Vulnerability from cvelistv5

Published

2024-05-21 15:32

Modified

2024-11-04 14:54

Severity ?

Summary

tracing: Have trace_event_file have ref counters

References

▼	URL	Tags
	https://git.kernel.org/stable/c/961c4511c7578d6b8f39118be919016ec3db1c1e
	https://git.kernel.org/stable/c/a98172e36e5f1b3d29ad71fade2d611cfcc2fe6f
	https://git.kernel.org/stable/c/cbc7c29dff0fa18162f2a3889d82eeefd67305e0
	https://git.kernel.org/stable/c/2fa74d29fc1899c237d51bf9a6e132ea5c488976
	https://git.kernel.org/stable/c/2c9de867ca285c397cd71af703763fe416265706
	https://git.kernel.org/stable/c/9034c87d61be8cff989017740a91701ac8195a1d
	https://git.kernel.org/stable/c/bb32500fb9b78215e4ef6ee8b4345c5f5d7eafb4

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52879",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T16:59:47.559597Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:30.864Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:18:41.182Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/961c4511c7578d6b8f39118be919016ec3db1c1e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a98172e36e5f1b3d29ad71fade2d611cfcc2fe6f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cbc7c29dff0fa18162f2a3889d82eeefd67305e0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2fa74d29fc1899c237d51bf9a6e132ea5c488976"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2c9de867ca285c397cd71af703763fe416265706"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9034c87d61be8cff989017740a91701ac8195a1d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bb32500fb9b78215e4ef6ee8b4345c5f5d7eafb4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/linux/trace_events.h",
            "kernel/trace/trace.c",
            "kernel/trace/trace.h",
            "kernel/trace/trace_events.c",
            "kernel/trace/trace_events_filter.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "961c4511c757",
              "status": "affected",
              "version": "e6807c873d87",
              "versionType": "git"
            },
            {
              "lessThan": "a98172e36e5f",
              "status": "affected",
              "version": "407bf1c140f0",
              "versionType": "git"
            },
            {
              "lessThan": "cbc7c29dff0f",
              "status": "affected",
              "version": "fa6d449e4d02",
              "versionType": "git"
            },
            {
              "lessThan": "2fa74d29fc18",
              "status": "affected",
              "version": "a46bf337a20f",
              "versionType": "git"
            },
            {
              "lessThan": "2c9de867ca28",
              "status": "affected",
              "version": "9beec0437013",
              "versionType": "git"
            },
            {
              "lessThan": "9034c87d61be",
              "status": "affected",
              "version": "f5ca233e2e66",
              "versionType": "git"
            },
            {
              "lessThan": "bb32500fb9b7",
              "status": "affected",
              "version": "f5ca233e2e66",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "include/linux/trace_events.h",
            "kernel/trace/trace.c",
            "kernel/trace/trace.h",
            "kernel/trace/trace_events.c",
            "kernel/trace/trace_events_filter.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.6"
            },
            {
              "lessThan": "6.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Have trace_event_file have ref counters\n\nThe following can crash the kernel:\n\n # cd /sys/kernel/tracing\n # echo \u0027p:sched schedule\u0027 \u003e kprobe_events\n # exec 5\u003e\u003eevents/kprobes/sched/enable\n # \u003e kprobe_events\n # exec 5\u003e\u0026-\n\nThe above commands:\n\n 1. Change directory to the tracefs directory\n 2. Create a kprobe event (doesn\u0027t matter what one)\n 3. Open bash file descriptor 5 on the enable file of the kprobe event\n 4. Delete the kprobe event (removes the files too)\n 5. Close the bash file descriptor 5\n\nThe above causes a crash!\n\n BUG: kernel NULL pointer dereference, address: 0000000000000028\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP PTI\n CPU: 6 PID: 877 Comm: bash Not tainted 6.5.0-rc4-test-00008-g2c6b6b1029d4-dirty #186\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\n RIP: 0010:tracing_release_file_tr+0xc/0x50\n\nWhat happens here is that the kprobe event creates a trace_event_file\n\"file\" descriptor that represents the file in tracefs to the event. It\nmaintains state of the event (is it enabled for the given instance?).\nOpening the \"enable\" file gets a reference to the event \"file\" descriptor\nvia the open file descriptor. When the kprobe event is deleted, the file is\nalso deleted from the tracefs system which also frees the event \"file\"\ndescriptor.\n\nBut as the tracefs file is still opened by user space, it will not be\ntotally removed until the final dput() is called on it. But this is not\ntrue with the event \"file\" descriptor that is already freed. If the user\ndoes a write to or simply closes the file descriptor it will reference the\nevent \"file\" descriptor that was just freed, causing a use-after-free bug.\n\nTo solve this, add a ref count to the event \"file\" descriptor as well as a\nnew flag called \"FREED\". The \"file\" will not be freed until the last\nreference is released. But the FREE flag will be set when the event is\nremoved to prevent any more modifications to that event from happening,\neven if there\u0027s still a reference to the event \"file\" descriptor."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:27.196Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/961c4511c7578d6b8f39118be919016ec3db1c1e"
        },
        {
          "url": "https://git.kernel.org/stable/c/a98172e36e5f1b3d29ad71fade2d611cfcc2fe6f"
        },
        {
          "url": "https://git.kernel.org/stable/c/cbc7c29dff0fa18162f2a3889d82eeefd67305e0"
        },
        {
          "url": "https://git.kernel.org/stable/c/2fa74d29fc1899c237d51bf9a6e132ea5c488976"
        },
        {
          "url": "https://git.kernel.org/stable/c/2c9de867ca285c397cd71af703763fe416265706"
        },
        {
          "url": "https://git.kernel.org/stable/c/9034c87d61be8cff989017740a91701ac8195a1d"
        },
        {
          "url": "https://git.kernel.org/stable/c/bb32500fb9b78215e4ef6ee8b4345c5f5d7eafb4"
        }
      ],
      "title": "tracing: Have trace_event_file have ref counters",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52879",
    "datePublished": "2024-05-21T15:32:11.263Z",
    "dateReserved": "2024-05-21T15:19:24.265Z",
    "dateUpdated": "2024-11-04T14:54:27.196Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47408

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

netfilter: conntrack: serialize hash resizes and cleanups

References

▼	URL	Tags
	https://git.kernel.org/stable/c/e2d192301a0df8160d1555b66ae8611e8050e424
	https://git.kernel.org/stable/c/7ea6f5848281182ce0cff6cafdcf3fbdeb8ca7e1
	https://git.kernel.org/stable/c/e9edc188fc76499b0b9bd60364084037f6d03773

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 4.7,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47408",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T18:07:55.386862Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-01T14:37:40.499Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.320Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e2d192301a0df8160d1555b66ae8611e8050e424"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7ea6f5848281182ce0cff6cafdcf3fbdeb8ca7e1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e9edc188fc76499b0b9bd60364084037f6d03773"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nf_conntrack_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e2d192301a0d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "7ea6f5848281",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e9edc188fc76",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nf_conntrack_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.71",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: serialize hash resizes and cleanups\n\nSyzbot was able to trigger the following warning [1]\n\nNo repro found by syzbot yet but I was able to trigger similar issue\nby having 2 scripts running in parallel, changing conntrack hash sizes,\nand:\n\nfor j in `seq 1 1000` ; do unshare -n /bin/true \u003e/dev/null ; done\n\nIt would take more than 5 minutes for net_namespace structures\nto be cleaned up.\n\nThis is because nf_ct_iterate_cleanup() has to restart everytime\na resize happened.\n\nBy adding a mutex, we can serialize hash resizes and cleanups\nand also make get_next_corpse() faster by skipping over empty\nbuckets.\n\nEven without resizes in the picture, this patch considerably\nspeeds up network namespace dismantles.\n\n[1]\nINFO: task syz-executor.0:8312 can\u0027t die for more than 144 seconds.\ntask:syz-executor.0  state:R  running task     stack:25672 pid: 8312 ppid:  6573 flags:0x00004006\nCall Trace:\n context_switch kernel/sched/core.c:4955 [inline]\n __schedule+0x940/0x26f0 kernel/sched/core.c:6236\n preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6408\n preempt_schedule_thunk+0x16/0x18 arch/x86/entry/thunk_64.S:35\n __local_bh_enable_ip+0x109/0x120 kernel/softirq.c:390\n local_bh_enable include/linux/bottom_half.h:32 [inline]\n get_next_corpse net/netfilter/nf_conntrack_core.c:2252 [inline]\n nf_ct_iterate_cleanup+0x15a/0x450 net/netfilter/nf_conntrack_core.c:2275\n nf_conntrack_cleanup_net_list+0x14c/0x4f0 net/netfilter/nf_conntrack_core.c:2469\n ops_exit_list+0x10d/0x160 net/core/net_namespace.c:171\n setup_net+0x639/0xa30 net/core/net_namespace.c:349\n copy_net_ns+0x319/0x760 net/core/net_namespace.c:470\n create_new_namespaces+0x3f6/0xb20 kernel/nsproxy.c:110\n unshare_nsproxy_namespaces+0xc1/0x1f0 kernel/nsproxy.c:226\n ksys_unshare+0x445/0x920 kernel/fork.c:3128\n __do_sys_unshare kernel/fork.c:3202 [inline]\n __se_sys_unshare kernel/fork.c:3200 [inline]\n __x64_sys_unshare+0x2d/0x40 kernel/fork.c:3200\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f63da68e739\nRSP: 002b:00007f63d7c05188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110\nRAX: ffffffffffffffda RBX: 00007f63da792f80 RCX: 00007f63da68e739\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000\nRBP: 00007f63da6e8cc4 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007f63da792f80\nR13: 00007fff50b75d3f R14: 00007f63d7c05300 R15: 0000000000022000\n\nShowing all locks held in the system:\n1 lock held by khungtaskd/27:\n #0: ffffffff8b980020 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6446\n2 locks held by kworker/u4:2/153:\n #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]\n #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]\n #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1198 [inline]\n #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:634 [inline]\n #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:661 [inline]\n #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x896/0x1690 kernel/workqueue.c:2268\n #1: ffffc9000140fdb0 ((kfence_timer).work){+.+.}-{0:0}, at: process_one_work+0x8ca/0x1690 kernel/workqueue.c:2272\n1 lock held by systemd-udevd/2970:\n1 lock held by in:imklog/6258:\n #0: ffff88807f970ff0 (\u0026f-\u003ef_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 fs/file.c:990\n3 locks held by kworker/1:6/8158:\n1 lock held by syz-executor.0/8312:\n2 locks held by kworker/u4:13/9320:\n1 lock held by\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:21.262Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e2d192301a0df8160d1555b66ae8611e8050e424"
        },
        {
          "url": "https://git.kernel.org/stable/c/7ea6f5848281182ce0cff6cafdcf3fbdeb8ca7e1"
        },
        {
          "url": "https://git.kernel.org/stable/c/e9edc188fc76499b0b9bd60364084037f6d03773"
        }
      ],
      "title": "netfilter: conntrack: serialize hash resizes and cleanups",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47408",
    "datePublished": "2024-05-21T15:04:00.651Z",
    "dateReserved": "2024-05-21T14:58:30.817Z",
    "dateUpdated": "2024-11-04T12:05:21.262Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52869

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:54

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

pstore/platform: Add check for kstrdup

References

▼	URL	Tags
	https://git.kernel.org/stable/c/bb166bdae1a7d7db30e9be7e6ccaba606debc05f
	https://git.kernel.org/stable/c/379b120e4f27fd1cf636a5f85570c4d240a3f688
	https://git.kernel.org/stable/c/63f637309baadf81a095f2653e3b807d4b5814b9
	https://git.kernel.org/stable/c/1c426da79f9fc7b761021b5eb44185ba119cd44a
	https://git.kernel.org/stable/c/ad5cb6deb41417ef41b9d6ff54f789212108606f
	https://git.kernel.org/stable/c/a19d48f7c5d57c0f0405a7d4334d1d38fe9d3c1c

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "563ca40ddf40"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "5.8"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.10.201"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.15.139"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.1.63"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.5.12"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.6.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.7"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52869",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T18:43:39.605894Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:51.147Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.061Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bb166bdae1a7d7db30e9be7e6ccaba606debc05f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/379b120e4f27fd1cf636a5f85570c4d240a3f688"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/63f637309baadf81a095f2653e3b807d4b5814b9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1c426da79f9fc7b761021b5eb44185ba119cd44a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ad5cb6deb41417ef41b9d6ff54f789212108606f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a19d48f7c5d57c0f0405a7d4334d1d38fe9d3c1c"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/pstore/platform.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "bb166bdae1a7",
              "status": "affected",
              "version": "563ca40ddf40",
              "versionType": "git"
            },
            {
              "lessThan": "379b120e4f27",
              "status": "affected",
              "version": "563ca40ddf40",
              "versionType": "git"
            },
            {
              "lessThan": "63f637309baa",
              "status": "affected",
              "version": "563ca40ddf40",
              "versionType": "git"
            },
            {
              "lessThan": "1c426da79f9f",
              "status": "affected",
              "version": "563ca40ddf40",
              "versionType": "git"
            },
            {
              "lessThan": "ad5cb6deb414",
              "status": "affected",
              "version": "563ca40ddf40",
              "versionType": "git"
            },
            {
              "lessThan": "a19d48f7c5d5",
              "status": "affected",
              "version": "563ca40ddf40",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/pstore/platform.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            },
            {
              "lessThan": "5.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore/platform: Add check for kstrdup\n\nAdd check for the return value of kstrdup() and return the error\nif it fails in order to avoid NULL pointer dereference."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:14.499Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/bb166bdae1a7d7db30e9be7e6ccaba606debc05f"
        },
        {
          "url": "https://git.kernel.org/stable/c/379b120e4f27fd1cf636a5f85570c4d240a3f688"
        },
        {
          "url": "https://git.kernel.org/stable/c/63f637309baadf81a095f2653e3b807d4b5814b9"
        },
        {
          "url": "https://git.kernel.org/stable/c/1c426da79f9fc7b761021b5eb44185ba119cd44a"
        },
        {
          "url": "https://git.kernel.org/stable/c/ad5cb6deb41417ef41b9d6ff54f789212108606f"
        },
        {
          "url": "https://git.kernel.org/stable/c/a19d48f7c5d57c0f0405a7d4334d1d38fe9d3c1c"
        }
      ],
      "title": "pstore/platform: Add check for kstrdup",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52869",
    "datePublished": "2024-05-21T15:31:59.168Z",
    "dateReserved": "2024-05-21T15:19:24.263Z",
    "dateUpdated": "2024-11-04T14:54:14.499Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47492

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-04 12:06

Severity ?

Summary

mm, thp: bail out early in collapse_file for writeback page

References

▼	URL	Tags
	https://git.kernel.org/stable/c/69a7fa5cb0de06c8956b040f19a7248c8c8308ca
	https://git.kernel.org/stable/c/5e669d8ab30ab61dec3c36e27b4711f07611e6fc
	https://git.kernel.org/stable/c/74c42e1baacf206338b1dd6b6199ac964512b5bb

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47492",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T19:45:29.189112Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:55.710Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.622Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/69a7fa5cb0de06c8956b040f19a7248c8c8308ca"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5e669d8ab30ab61dec3c36e27b4711f07611e6fc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/74c42e1baacf206338b1dd6b6199ac964512b5bb"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "mm/khugepaged.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "69a7fa5cb0de",
              "status": "affected",
              "version": "99cb0dbd47a1",
              "versionType": "git"
            },
            {
              "lessThan": "5e669d8ab30a",
              "status": "affected",
              "version": "99cb0dbd47a1",
              "versionType": "git"
            },
            {
              "lessThan": "74c42e1baacf",
              "status": "affected",
              "version": "99cb0dbd47a1",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "mm/khugepaged.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.4"
            },
            {
              "lessThan": "5.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.77",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm, thp: bail out early in collapse_file for writeback page\n\nCurrently collapse_file does not explicitly check PG_writeback, instead,\npage_has_private and try_to_release_page are used to filter writeback\npages.  This does not work for xfs with blocksize equal to or larger\nthan pagesize, because in such case xfs has no page-\u003eprivate.\n\nThis makes collapse_file bail out early for writeback page.  Otherwise,\nxfs end_page_writeback will panic as follows.\n\n  page:fffffe00201bcc80 refcount:0 mapcount:0 mapping:ffff0003f88c86a8 index:0x0 pfn:0x84ef32\n  aops:xfs_address_space_operations [xfs] ino:30000b7 dentry name:\"libtest.so\"\n  flags: 0x57fffe0000008027(locked|referenced|uptodate|active|writeback)\n  raw: 57fffe0000008027 ffff80001b48bc28 ffff80001b48bc28 ffff0003f88c86a8\n  raw: 0000000000000000 0000000000000000 00000000ffffffff ffff0000c3e9a000\n  page dumped because: VM_BUG_ON_PAGE(((unsigned int) page_ref_count(page) + 127u \u003c= 127u))\n  page-\u003emem_cgroup:ffff0000c3e9a000\n  ------------[ cut here ]------------\n  kernel BUG at include/linux/mm.h:1212!\n  Internal error: Oops - BUG: 0 [#1] SMP\n  Modules linked in:\n  BUG: Bad page state in process khugepaged  pfn:84ef32\n   xfs(E)\n  page:fffffe00201bcc80 refcount:0 mapcount:0 mapping:0 index:0x0 pfn:0x84ef32\n   libcrc32c(E) rfkill(E) aes_ce_blk(E) crypto_simd(E) ...\n  CPU: 25 PID: 0 Comm: swapper/25 Kdump: loaded Tainted: ...\n  pstate: 60400005 (nZCv daif +PAN -UAO -TCO BTYPE=--)\n  Call trace:\n    end_page_writeback+0x1c0/0x214\n    iomap_finish_page_writeback+0x13c/0x204\n    iomap_finish_ioend+0xe8/0x19c\n    iomap_writepage_end_bio+0x38/0x50\n    bio_endio+0x168/0x1ec\n    blk_update_request+0x278/0x3f0\n    blk_mq_end_request+0x34/0x15c\n    virtblk_request_done+0x38/0x74 [virtio_blk]\n    blk_done_softirq+0xc4/0x110\n    __do_softirq+0x128/0x38c\n    __irq_exit_rcu+0x118/0x150\n    irq_exit+0x1c/0x30\n    __handle_domain_irq+0x8c/0xf0\n    gic_handle_irq+0x84/0x108\n    el1_irq+0xcc/0x180\n    arch_cpu_idle+0x18/0x40\n    default_idle_call+0x4c/0x1a0\n    cpuidle_idle_call+0x168/0x1e0\n    do_idle+0xb4/0x104\n    cpu_startup_entry+0x30/0x9c\n    secondary_start_kernel+0x104/0x180\n  Code: d4210000 b0006161 910c8021 94013f4d (d4210000)\n  ---[ end trace 4a88c6a074082f8c ]---\n  Kernel panic - not syncing: Oops - BUG: Fatal exception in interrupt"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:57.842Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/69a7fa5cb0de06c8956b040f19a7248c8c8308ca"
        },
        {
          "url": "https://git.kernel.org/stable/c/5e669d8ab30ab61dec3c36e27b4711f07611e6fc"
        },
        {
          "url": "https://git.kernel.org/stable/c/74c42e1baacf206338b1dd6b6199ac964512b5bb"
        }
      ],
      "title": "mm, thp: bail out early in collapse_file for writeback page",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47492",
    "datePublished": "2024-05-22T08:19:40.759Z",
    "dateReserved": "2024-05-22T06:20:56.201Z",
    "dateUpdated": "2024-11-04T12:06:57.842Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52810

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

fs/jfs: Add check for negative db_l2nbperpage

References

▼	URL	Tags
	https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01
	https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc
	https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1
	https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907
	https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f
	https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6
	https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45
	https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934b
	https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfa

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "cc61fcf7d1c9",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "8f2964df6bfc",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "a81a56b4cbe3",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "524b4f203afc",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "5f148b16972e",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "0cb567e72733",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "491085258185",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "1a7c53fdea1d",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "525b861a0081",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "4.14.*",
                "status": "unaffected",
                "version": "4.14.331",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "4.19.*",
                "status": "unaffected",
                "version": "4.19.300",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.4.*",
                "status": "unaffected",
                "version": "5.4.262",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.10.*",
                "status": "unaffected",
                "version": "5.10.202",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.15.*",
                "status": "unaffected",
                "version": "5.15.140",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "6.1.*",
                "status": "unaffected",
                "version": "6.1.64",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "6.5.*",
                "status": "unaffected",
                "version": "6.5.13",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "6.6.*",
                "status": "unaffected",
                "version": "6.6.3",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.7"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 8.4,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52810",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-05T16:17:58.719311Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-1335",
                "description": "CWE-1335 Incorrect Bitwise Shift of Integer",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-05T17:20:18.215Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.035Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfa"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/jfs/jfs_dmap.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "cc61fcf7d1c9",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8f2964df6bfc",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a81a56b4cbe3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "524b4f203afc",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "5f148b16972e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "0cb567e72733",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "491085258185",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "1a7c53fdea1d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "525b861a0081",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/jfs/jfs_dmap.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.331",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Add check for negative db_l2nbperpage\n\nl2nbperpage is log2(number of blks per page), and the minimum legal\nvalue should be 0, not negative.\n\nIn the case of l2nbperpage being negative, an error will occur\nwhen subsequently used as shift exponent.\n\nSyzbot reported this bug:\n\nUBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:799:12\nshift exponent -16777216 is negative"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:09.293Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01"
        },
        {
          "url": "https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc"
        },
        {
          "url": "https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1"
        },
        {
          "url": "https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907"
        },
        {
          "url": "https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f"
        },
        {
          "url": "https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6"
        },
        {
          "url": "https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45"
        },
        {
          "url": "https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934b"
        },
        {
          "url": "https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfa"
        }
      ],
      "title": "fs/jfs: Add check for negative db_l2nbperpage",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52810",
    "datePublished": "2024-05-21T15:31:19.629Z",
    "dateReserved": "2024-05-21T15:19:24.248Z",
    "dateUpdated": "2024-11-04T14:53:09.293Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-48707

Vulnerability from cvelistv5

Published

2024-05-21 15:22

Modified

2024-11-04 12:14

Severity ?

Summary

cxl/region: Fix null pointer dereference for resetting decoder

References

▼	URL	Tags
	https://git.kernel.org/stable/c/a04c7d062b537ff787d00da95bdfe343260d4beb
	https://git.kernel.org/stable/c/4fa4302d6dc7de7e8e74dc7405611a2efb4bf54b

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-48707",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T17:51:43.390258Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:16:39.940Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:17:55.855Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a04c7d062b537ff787d00da95bdfe343260d4beb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4fa4302d6dc7de7e8e74dc7405611a2efb4bf54b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/cxl/core/region.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a04c7d062b53",
              "status": "affected",
              "version": "176baefb2eb5",
              "versionType": "git"
            },
            {
              "lessThan": "4fa4302d6dc7",
              "status": "affected",
              "version": "176baefb2eb5",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/cxl/core/region.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.0"
            },
            {
              "lessThan": "6.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/region: Fix null pointer dereference for resetting decoder\n\nNot all decoders have a reset callback.\n\nThe CXL specification allows a host bridge with a single root port to\nhave no explicit HDM decoders. Currently the region driver assumes there\nare none.  As such the CXL core creates a special pass through decoder\ninstance without a commit/reset callback.\n\nPrior to this patch, the -\u003ereset() callback was called unconditionally when\ncalling cxl_region_decode_reset. Thus a configuration with 1 Host Bridge,\n1 Root Port, and one directly attached CXL type 3 device or multiple CXL\ntype 3 devices attached to downstream ports of a switch can cause a null\npointer dereference.\n\nBefore the fix, a kernel crash was observed when we destroy the region, and\na pass through decoder is reset.\n\nThe issue can be reproduced as below,\n    1) create a region with a CXL setup which includes a HB with a\n    single root port under which a memdev is attached directly.\n    2) destroy the region with cxl destroy-region regionX -f."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:14:57.167Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a04c7d062b537ff787d00da95bdfe343260d4beb"
        },
        {
          "url": "https://git.kernel.org/stable/c/4fa4302d6dc7de7e8e74dc7405611a2efb4bf54b"
        }
      ],
      "title": "cxl/region: Fix null pointer dereference for resetting decoder",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-48707",
    "datePublished": "2024-05-21T15:22:48.735Z",
    "dateReserved": "2024-05-03T14:55:07.147Z",
    "dateUpdated": "2024-11-04T12:14:57.167Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52822

Vulnerability from cvelistv5

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2024-05-24T15:25:25.145Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52822",
    "datePublished": "2024-05-21T15:31:27.548Z",
    "dateRejected": "2024-05-24T15:25:25.145Z",
    "dateReserved": "2024-05-21T15:19:24.249Z",
    "dateUpdated": "2024-05-24T15:25:25.145Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52843

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

llc: verify mac len before reading mac header

References

▼	URL	Tags
	https://git.kernel.org/stable/c/900a4418e3f66a32db6baaf23f92b99c20ae6535
	https://git.kernel.org/stable/c/9a3f9054a5227d7567cba1fb821df48ccecad10c
	https://git.kernel.org/stable/c/cbdcdf42d15dac74c7287679fb2a9d955f8feb1f
	https://git.kernel.org/stable/c/3a2653828ffc6101aef80bf58d5b77484239f779
	https://git.kernel.org/stable/c/352887b3edd007cf9b0abc30fe9d98622acd859b
	https://git.kernel.org/stable/c/f980e9a57dfb9530f1f4ee41a2420f2a256d7b29
	https://git.kernel.org/stable/c/0a720d0259ad3521ec6c9e4199f9f6fc75bac77a
	https://git.kernel.org/stable/c/ff5cb6a4f0c6d7fbdc84858323fb4b7af32cfd79
	https://git.kernel.org/stable/c/7b3ba18703a63f6fd487183b9262b08e5632da1b

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52843",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T18:03:39.566045Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T18:04:29.081Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.182Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/900a4418e3f66a32db6baaf23f92b99c20ae6535"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9a3f9054a5227d7567cba1fb821df48ccecad10c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cbdcdf42d15dac74c7287679fb2a9d955f8feb1f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3a2653828ffc6101aef80bf58d5b77484239f779"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/352887b3edd007cf9b0abc30fe9d98622acd859b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f980e9a57dfb9530f1f4ee41a2420f2a256d7b29"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0a720d0259ad3521ec6c9e4199f9f6fc75bac77a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ff5cb6a4f0c6d7fbdc84858323fb4b7af32cfd79"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7b3ba18703a63f6fd487183b9262b08e5632da1b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/llc/llc_input.c",
            "net/llc/llc_s_ac.c",
            "net/llc/llc_station.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "900a4418e3f6",
              "status": "affected",
              "version": "f83f1768f833",
              "versionType": "git"
            },
            {
              "lessThan": "9a3f9054a522",
              "status": "affected",
              "version": "f83f1768f833",
              "versionType": "git"
            },
            {
              "lessThan": "cbdcdf42d15d",
              "status": "affected",
              "version": "f83f1768f833",
              "versionType": "git"
            },
            {
              "lessThan": "3a2653828ffc",
              "status": "affected",
              "version": "f83f1768f833",
              "versionType": "git"
            },
            {
              "lessThan": "352887b3edd0",
              "status": "affected",
              "version": "f83f1768f833",
              "versionType": "git"
            },
            {
              "lessThan": "f980e9a57dfb",
              "status": "affected",
              "version": "f83f1768f833",
              "versionType": "git"
            },
            {
              "lessThan": "0a720d0259ad",
              "status": "affected",
              "version": "f83f1768f833",
              "versionType": "git"
            },
            {
              "lessThan": "ff5cb6a4f0c6",
              "status": "affected",
              "version": "f83f1768f833",
              "versionType": "git"
            },
            {
              "lessThan": "7b3ba18703a6",
              "status": "affected",
              "version": "f83f1768f833",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/llc/llc_input.c",
            "net/llc/llc_s_ac.c",
            "net/llc/llc_station.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.25"
            },
            {
              "lessThan": "2.6.25",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.330",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.299",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.261",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: verify mac len before reading mac header\n\nLLC reads the mac header with eth_hdr without verifying that the skb\nhas an Ethernet header.\n\nSyzbot was able to enter llc_rcv on a tun device. Tun can insert\npackets without mac len and with user configurable skb-\u003eprotocol\n(passing a tun_pi header when not configuring IFF_NO_PI).\n\n    BUG: KMSAN: uninit-value in llc_station_ac_send_test_r net/llc/llc_station.c:81 [inline]\n    BUG: KMSAN: uninit-value in llc_station_rcv+0x6fb/0x1290 net/llc/llc_station.c:111\n    llc_station_ac_send_test_r net/llc/llc_station.c:81 [inline]\n    llc_station_rcv+0x6fb/0x1290 net/llc/llc_station.c:111\n    llc_rcv+0xc5d/0x14a0 net/llc/llc_input.c:218\n    __netif_receive_skb_one_core net/core/dev.c:5523 [inline]\n    __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5637\n    netif_receive_skb_internal net/core/dev.c:5723 [inline]\n    netif_receive_skb+0x58/0x660 net/core/dev.c:5782\n    tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1555\n    tun_get_user+0x54c5/0x69c0 drivers/net/tun.c:2002\n\nAdd a mac_len test before all three eth_hdr(skb) calls under net/llc.\n\nThere are further uses in include/net/llc_pdu.h. All these are\nprotected by a test skb-\u003eprotocol == ETH_P_802_2. Which does not\nprotect against this tun scenario.\n\nBut the mac_len test added in this patch in llc_fixup_skb will\nindirectly protect those too. That is called from llc_rcv before any\nother LLC code.\n\nIt is tempting to just add a blanket mac_len check in llc_rcv, but\nnot sure whether that could break valid LLC paths that do not assume\nan Ethernet header. 802.2 LLC may be used on top of non-802.3\nprotocols in principle. The below referenced commit shows that used\nto, on top of Token Ring.\n\nAt least one of the three eth_hdr uses goes back to before the start\nof git history. But the one that syzbot exercises is introduced in\nthis commit. That commit is old enough (2008), that effectively all\nstable kernels should receive this."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:42.228Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/900a4418e3f66a32db6baaf23f92b99c20ae6535"
        },
        {
          "url": "https://git.kernel.org/stable/c/9a3f9054a5227d7567cba1fb821df48ccecad10c"
        },
        {
          "url": "https://git.kernel.org/stable/c/cbdcdf42d15dac74c7287679fb2a9d955f8feb1f"
        },
        {
          "url": "https://git.kernel.org/stable/c/3a2653828ffc6101aef80bf58d5b77484239f779"
        },
        {
          "url": "https://git.kernel.org/stable/c/352887b3edd007cf9b0abc30fe9d98622acd859b"
        },
        {
          "url": "https://git.kernel.org/stable/c/f980e9a57dfb9530f1f4ee41a2420f2a256d7b29"
        },
        {
          "url": "https://git.kernel.org/stable/c/0a720d0259ad3521ec6c9e4199f9f6fc75bac77a"
        },
        {
          "url": "https://git.kernel.org/stable/c/ff5cb6a4f0c6d7fbdc84858323fb4b7af32cfd79"
        },
        {
          "url": "https://git.kernel.org/stable/c/7b3ba18703a63f6fd487183b9262b08e5632da1b"
        }
      ],
      "title": "llc: verify mac len before reading mac header",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52843",
    "datePublished": "2024-05-21T15:31:41.872Z",
    "dateReserved": "2024-05-21T15:19:24.254Z",
    "dateUpdated": "2024-11-04T14:53:42.228Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52876

Vulnerability from cvelistv5

Published

2024-05-21 15:32

Modified

2024-11-04 14:54

Severity ?

Summary

clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data

References

▼	URL	Tags
	https://git.kernel.org/stable/c/cfa68e0ac5dcde43577adadf6f0f26f3b365ad68
	https://git.kernel.org/stable/c/96e9544a0c4faca616b3f9f4034dcd83a14e7f22
	https://git.kernel.org/stable/c/c4070ada5d5155c8d4d17ea64bd246949889f25b
	https://git.kernel.org/stable/c/a540ca0aeae83c2f3964bcb4e383f64ce2ec1783
	https://git.kernel.org/stable/c/b20cfe007a46f8c165d42a05c50a8d3d893e6592
	https://git.kernel.org/stable/c/1639072f6260babd017556e9f236ca2ad589d1e7
	https://git.kernel.org/stable/c/0884393c63cc9a1772f7121a6645ba7bd76feeb9

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52876",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:20:33.699635Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:18.864Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.122Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cfa68e0ac5dcde43577adadf6f0f26f3b365ad68"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/96e9544a0c4faca616b3f9f4034dcd83a14e7f22"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c4070ada5d5155c8d4d17ea64bd246949889f25b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a540ca0aeae83c2f3964bcb4e383f64ce2ec1783"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b20cfe007a46f8c165d42a05c50a8d3d893e6592"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1639072f6260babd017556e9f236ca2ad589d1e7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0884393c63cc9a1772f7121a6645ba7bd76feeb9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/clk/mediatek/clk-mt7629-eth.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "cfa68e0ac5dc",
              "status": "affected",
              "version": "3b5e748615e7",
              "versionType": "git"
            },
            {
              "lessThan": "96e9544a0c4f",
              "status": "affected",
              "version": "3b5e748615e7",
              "versionType": "git"
            },
            {
              "lessThan": "c4070ada5d51",
              "status": "affected",
              "version": "3b5e748615e7",
              "versionType": "git"
            },
            {
              "lessThan": "a540ca0aeae8",
              "status": "affected",
              "version": "3b5e748615e7",
              "versionType": "git"
            },
            {
              "lessThan": "b20cfe007a46",
              "status": "affected",
              "version": "3b5e748615e7",
              "versionType": "git"
            },
            {
              "lessThan": "1639072f6260",
              "status": "affected",
              "version": "3b5e748615e7",
              "versionType": "git"
            },
            {
              "lessThan": "0884393c63cc",
              "status": "affected",
              "version": "3b5e748615e7",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/clk/mediatek/clk-mt7629-eth.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.0"
            },
            {
              "lessThan": "5.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.261",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:23.535Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/cfa68e0ac5dcde43577adadf6f0f26f3b365ad68"
        },
        {
          "url": "https://git.kernel.org/stable/c/96e9544a0c4faca616b3f9f4034dcd83a14e7f22"
        },
        {
          "url": "https://git.kernel.org/stable/c/c4070ada5d5155c8d4d17ea64bd246949889f25b"
        },
        {
          "url": "https://git.kernel.org/stable/c/a540ca0aeae83c2f3964bcb4e383f64ce2ec1783"
        },
        {
          "url": "https://git.kernel.org/stable/c/b20cfe007a46f8c165d42a05c50a8d3d893e6592"
        },
        {
          "url": "https://git.kernel.org/stable/c/1639072f6260babd017556e9f236ca2ad589d1e7"
        },
        {
          "url": "https://git.kernel.org/stable/c/0884393c63cc9a1772f7121a6645ba7bd76feeb9"
        }
      ],
      "title": "clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52876",
    "datePublished": "2024-05-21T15:32:09.269Z",
    "dateReserved": "2024-05-21T15:19:24.264Z",
    "dateUpdated": "2024-11-04T14:54:23.535Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47424

Vulnerability from cvelistv5

Published

2024-05-21 15:04

Modified

2024-11-04 12:05

Severity ?

Summary

i40e: Fix freeing of uninitialized misc IRQ vector

References

▼	URL	Tags
	https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4
	https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312
	https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236
	https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef
	https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47424",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T17:26:01.019314Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T17:26:22.350Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.004Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/i40e/i40e_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "60ad4cde0ad2",
              "status": "affected",
              "version": "c17401a1dd21",
              "versionType": "git"
            },
            {
              "lessThan": "17063cac4088",
              "status": "affected",
              "version": "c17401a1dd21",
              "versionType": "git"
            },
            {
              "lessThan": "97aeed72af4f",
              "status": "affected",
              "version": "c17401a1dd21",
              "versionType": "git"
            },
            {
              "lessThan": "75099439209d",
              "status": "affected",
              "version": "c17401a1dd21",
              "versionType": "git"
            },
            {
              "lessThan": "2e5a20573a92",
              "status": "affected",
              "version": "c17401a1dd21",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/i40e/i40e_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.15"
            },
            {
              "lessThan": "4.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.211",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.153",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.73",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix freeing of uninitialized misc IRQ vector\n\nWhen VSI set up failed in i40e_probe() as part of PF switch set up\ndriver was trying to free misc IRQ vectors in\ni40e_clear_interrupt_scheme and produced a kernel Oops:\n\n   Trying to free already-free IRQ 266\n   WARNING: CPU: 0 PID: 5 at kernel/irq/manage.c:1731 __free_irq+0x9a/0x300\n   Workqueue: events work_for_cpu_fn\n   RIP: 0010:__free_irq+0x9a/0x300\n   Call Trace:\n   ? synchronize_irq+0x3a/0xa0\n   free_irq+0x2e/0x60\n   i40e_clear_interrupt_scheme+0x53/0x190 [i40e]\n   i40e_probe.part.108+0x134b/0x1a40 [i40e]\n   ? kmem_cache_alloc+0x158/0x1c0\n   ? acpi_ut_update_ref_count.part.1+0x8e/0x345\n   ? acpi_ut_update_object_reference+0x15e/0x1e2\n   ? strstr+0x21/0x70\n   ? irq_get_irq_data+0xa/0x20\n   ? mp_check_pin_attr+0x13/0xc0\n   ? irq_get_irq_data+0xa/0x20\n   ? mp_map_pin_to_irq+0xd3/0x2f0\n   ? acpi_register_gsi_ioapic+0x93/0x170\n   ? pci_conf1_read+0xa4/0x100\n   ? pci_bus_read_config_word+0x49/0x70\n   ? do_pci_enable_device+0xcc/0x100\n   local_pci_probe+0x41/0x90\n   work_for_cpu_fn+0x16/0x20\n   process_one_work+0x1a7/0x360\n   worker_thread+0x1cf/0x390\n   ? create_worker+0x1a0/0x1a0\n   kthread+0x112/0x130\n   ? kthread_flush_work_fn+0x10/0x10\n   ret_from_fork+0x1f/0x40\n\nThe problem is that at that point misc IRQ vectors\nwere not allocated yet and we get a call trace\nthat driver is trying to free already free IRQ vectors.\n\nAdd a check in i40e_clear_interrupt_scheme for __I40E_MISC_IRQ_REQUESTED\nPF state before calling i40e_free_misc_vector. This state is set only if\nmisc IRQ vectors were properly initialized."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:05:38.842Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4"
        },
        {
          "url": "https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312"
        },
        {
          "url": "https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236"
        },
        {
          "url": "https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef"
        },
        {
          "url": "https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e"
        }
      ],
      "title": "i40e: Fix freeing of uninitialized misc IRQ vector",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47424",
    "datePublished": "2024-05-21T15:04:11.271Z",
    "dateReserved": "2024-05-21T14:58:30.827Z",
    "dateUpdated": "2024-11-04T12:05:38.842Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52785

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:52

Severity ?

Summary

scsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR

References

▼	URL	Tags
	https://git.kernel.org/stable/c/8f15a7e3c054d960bbd1521110700450bbf798a1
	https://git.kernel.org/stable/c/f84d461f33a6b27304d468d9cfb56c0cefdb4ee7
	https://git.kernel.org/stable/c/27900d7119c464b43cd9eac69c85884d17bae240

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52785",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T18:33:28.174568Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:35.194Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.024Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8f15a7e3c054d960bbd1521110700450bbf798a1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f84d461f33a6b27304d468d9cfb56c0cefdb4ee7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/27900d7119c464b43cd9eac69c85884d17bae240"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/ufs/core/ufs-mcq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "8f15a7e3c054",
              "status": "affected",
              "version": "f1304d442077",
              "versionType": "git"
            },
            {
              "lessThan": "f84d461f33a6",
              "status": "affected",
              "version": "f1304d442077",
              "versionType": "git"
            },
            {
              "lessThan": "27900d7119c4",
              "status": "affected",
              "version": "f1304d442077",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/ufs/core/ufs-mcq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.5"
            },
            {
              "lessThan": "6.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR\n\nIf command timeout happens and cq complete IRQ is raised at the same time,\nufshcd_mcq_abort clears lprb-\u003ecmd and a NULL pointer deref happens in the\nISR. Error log:\n\nufshcd_abort: Device abort task at tag 18\nUnable to handle kernel NULL pointer dereference at virtual address\n0000000000000108\npc : [0xffffffe27ef867ac] scsi_dma_unmap+0xc/0x44\nlr : [0xffffffe27f1b898c] ufshcd_release_scsi_cmd+0x24/0x114"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:41.606Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/8f15a7e3c054d960bbd1521110700450bbf798a1"
        },
        {
          "url": "https://git.kernel.org/stable/c/f84d461f33a6b27304d468d9cfb56c0cefdb4ee7"
        },
        {
          "url": "https://git.kernel.org/stable/c/27900d7119c464b43cd9eac69c85884d17bae240"
        }
      ],
      "title": "scsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52785",
    "datePublished": "2024-05-21T15:31:03.040Z",
    "dateReserved": "2024-05-21T15:19:24.241Z",
    "dateUpdated": "2024-11-04T14:52:41.606Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52852

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

f2fs: compress: fix to avoid use-after-free on dic

References

▼	URL	Tags
	https://git.kernel.org/stable/c/8c4504cc0c64862740a6acb301e0cfa59580dbc5
	https://git.kernel.org/stable/c/9375ea7f269093d7c884857ae1f47633a91f429c
	https://git.kernel.org/stable/c/932ddb5c29e884cc6fac20417ece72ba4a35c401
	https://git.kernel.org/stable/c/9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2
	https://git.kernel.org/stable/c/b0327c84e91a0f4f0abced8cb83ec86a7083f086

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52852",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T17:16:38.626939Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:10.682Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.038Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8c4504cc0c64862740a6acb301e0cfa59580dbc5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9375ea7f269093d7c884857ae1f47633a91f429c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/932ddb5c29e884cc6fac20417ece72ba4a35c401"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b0327c84e91a0f4f0abced8cb83ec86a7083f086"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/f2fs/data.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "8c4504cc0c64",
              "status": "affected",
              "version": "6ce19aff0b8c",
              "versionType": "git"
            },
            {
              "lessThan": "9375ea7f2690",
              "status": "affected",
              "version": "6ce19aff0b8c",
              "versionType": "git"
            },
            {
              "lessThan": "932ddb5c29e8",
              "status": "affected",
              "version": "6ce19aff0b8c",
              "versionType": "git"
            },
            {
              "lessThan": "9d065aa52b6e",
              "status": "affected",
              "version": "6ce19aff0b8c",
              "versionType": "git"
            },
            {
              "lessThan": "b0327c84e91a",
              "status": "affected",
              "version": "6ce19aff0b8c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/f2fs/data.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "lessThan": "5.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: compress: fix to avoid use-after-free on dic\n\nCall trace:\n __memcpy+0x128/0x250\n f2fs_read_multi_pages+0x940/0xf7c\n f2fs_mpage_readpages+0x5a8/0x624\n f2fs_readahead+0x5c/0x110\n page_cache_ra_unbounded+0x1b8/0x590\n do_sync_mmap_readahead+0x1dc/0x2e4\n filemap_fault+0x254/0xa8c\n f2fs_filemap_fault+0x2c/0x104\n __do_fault+0x7c/0x238\n do_handle_mm_fault+0x11bc/0x2d14\n do_mem_abort+0x3a8/0x1004\n el0_da+0x3c/0xa0\n el0t_64_sync_handler+0xc4/0xec\n el0t_64_sync+0x1b4/0x1b8\n\nIn f2fs_read_multi_pages(), once f2fs_decompress_cluster() was called if\nwe hit cached page in compress_inode\u0027s cache, dic may be released, it needs\nbreak the loop rather than continuing it, in order to avoid accessing\ninvalid dic pointer."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:52.988Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/8c4504cc0c64862740a6acb301e0cfa59580dbc5"
        },
        {
          "url": "https://git.kernel.org/stable/c/9375ea7f269093d7c884857ae1f47633a91f429c"
        },
        {
          "url": "https://git.kernel.org/stable/c/932ddb5c29e884cc6fac20417ece72ba4a35c401"
        },
        {
          "url": "https://git.kernel.org/stable/c/9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2"
        },
        {
          "url": "https://git.kernel.org/stable/c/b0327c84e91a0f4f0abced8cb83ec86a7083f086"
        }
      ],
      "title": "f2fs: compress: fix to avoid use-after-free on dic",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52852",
    "datePublished": "2024-05-21T15:31:47.889Z",
    "dateReserved": "2024-05-21T15:19:24.255Z",
    "dateUpdated": "2024-11-04T14:53:52.988Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47458

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 12:06

Severity ?

Summary

ocfs2: mount fails with buffer overflow in strlen

References

▼	URL	Tags
	https://git.kernel.org/stable/c/ac011cb3ff7a76b3e0e6e77158ee4ba2f929e1fb
	https://git.kernel.org/stable/c/4b74ddcc22ee6455946e80a9c4808801f8f8561e
	https://git.kernel.org/stable/c/232ed9752510de4436468b653d145565669c8498
	https://git.kernel.org/stable/c/7623b1035ca2d17bde0f6a086ad6844a34648df1
	https://git.kernel.org/stable/c/d3a83576378b4c904f711598dde2c5e881c4295c
	https://git.kernel.org/stable/c/93be0eeea14cf39235e585c8f56df3b3859deaad
	https://git.kernel.org/stable/c/0e677ea5b7396f715a76b6b0ef441430e4c4b57f
	https://git.kernel.org/stable/c/b15fa9224e6e1239414525d8d556d824701849fc

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47458",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-10T18:55:25.437565Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-10T18:55:34.667Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.133Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ac011cb3ff7a76b3e0e6e77158ee4ba2f929e1fb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4b74ddcc22ee6455946e80a9c4808801f8f8561e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/232ed9752510de4436468b653d145565669c8498"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7623b1035ca2d17bde0f6a086ad6844a34648df1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d3a83576378b4c904f711598dde2c5e881c4295c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/93be0eeea14cf39235e585c8f56df3b3859deaad"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0e677ea5b7396f715a76b6b0ef441430e4c4b57f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b15fa9224e6e1239414525d8d556d824701849fc"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/ocfs2/super.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ac011cb3ff7a",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "4b74ddcc22ee",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "232ed9752510",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "7623b1035ca2",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d3a83576378b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "93be0eeea14c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "0e677ea5b739",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "b15fa9224e6e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/ocfs2/super.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.288",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.253",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.214",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.156",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.76",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: mount fails with buffer overflow in strlen\n\nStarting with kernel 5.11 built with CONFIG_FORTIFY_SOURCE mouting an\nocfs2 filesystem with either o2cb or pcmk cluster stack fails with the\ntrace below.  Problem seems to be that strings for cluster stack and\ncluster name are not guaranteed to be null terminated in the disk\nrepresentation, while strlcpy assumes that the source string is always\nnull terminated.  This causes a read outside of the source string\ntriggering the buffer overflow detection.\n\n  detected buffer overflow in strlen\n  ------------[ cut here ]------------\n  kernel BUG at lib/string.c:1149!\n  invalid opcode: 0000 [#1] SMP PTI\n  CPU: 1 PID: 910 Comm: mount.ocfs2 Not tainted 5.14.0-1-amd64 #1\n    Debian 5.14.6-2\n  RIP: 0010:fortify_panic+0xf/0x11\n  ...\n  Call Trace:\n   ocfs2_initialize_super.isra.0.cold+0xc/0x18 [ocfs2]\n   ocfs2_fill_super+0x359/0x19b0 [ocfs2]\n   mount_bdev+0x185/0x1b0\n   legacy_get_tree+0x27/0x40\n   vfs_get_tree+0x25/0xb0\n   path_mount+0x454/0xa20\n   __x64_sys_mount+0x103/0x140\n   do_syscall_64+0x3b/0xc0\n   entry_SYSCALL_64_after_hwframe+0x44/0xae"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:20.223Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ac011cb3ff7a76b3e0e6e77158ee4ba2f929e1fb"
        },
        {
          "url": "https://git.kernel.org/stable/c/4b74ddcc22ee6455946e80a9c4808801f8f8561e"
        },
        {
          "url": "https://git.kernel.org/stable/c/232ed9752510de4436468b653d145565669c8498"
        },
        {
          "url": "https://git.kernel.org/stable/c/7623b1035ca2d17bde0f6a086ad6844a34648df1"
        },
        {
          "url": "https://git.kernel.org/stable/c/d3a83576378b4c904f711598dde2c5e881c4295c"
        },
        {
          "url": "https://git.kernel.org/stable/c/93be0eeea14cf39235e585c8f56df3b3859deaad"
        },
        {
          "url": "https://git.kernel.org/stable/c/0e677ea5b7396f715a76b6b0ef441430e4c4b57f"
        },
        {
          "url": "https://git.kernel.org/stable/c/b15fa9224e6e1239414525d8d556d824701849fc"
        }
      ],
      "title": "ocfs2: mount fails with buffer overflow in strlen",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47458",
    "datePublished": "2024-05-22T06:19:46.675Z",
    "dateReserved": "2024-05-21T14:58:30.833Z",
    "dateUpdated": "2024-11-04T12:06:20.223Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47368

Vulnerability from cvelistv5

Published

2024-05-21 15:03

Modified

2024-11-04 12:04

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Summary

enetc: Fix illegal access when reading affinity_hint

References

▼	URL	Tags
	https://git.kernel.org/stable/c/4c4c3052911b577920353a7646e4883d5da40c28
	https://git.kernel.org/stable/c/6c3f1b741c6c2914ea120e3a5790d3e900152f7b
	https://git.kernel.org/stable/c/6f329d9da2a5ae032fcde800a99b118124ed5270
	https://git.kernel.org/stable/c/7237a494decfa17d0b9d0076e6cee3235719de90

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "4c4c3052911b",
                "status": "affected",
                "version": "d4fd0404c1c9",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "6c3f1b741c6c",
                "status": "affected",
                "version": "d4fd0404c1c9",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "6f329d9da2a5",
                "status": "affected",
                "version": "d4fd0404c1c9",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "7237a494decf",
                "status": "affected",
                "version": "d4fd0404c1c9",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "5.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "5.1",
                "status": "unaffected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.4.*",
                "status": "unaffected",
                "version": "5.4.150",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.10.*",
                "status": "unaffected",
                "version": "5.10.70",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.14.*",
                "status": "unaffected",
                "version": "5.14.9",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.15"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.1,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47368",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-05T20:50:21.709936Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-400",
                "description": "CWE-400 Uncontrolled Resource Consumption",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-05T20:50:27.716Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:08.655Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4c4c3052911b577920353a7646e4883d5da40c28"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6c3f1b741c6c2914ea120e3a5790d3e900152f7b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6f329d9da2a5ae032fcde800a99b118124ed5270"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7237a494decfa17d0b9d0076e6cee3235719de90"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/freescale/enetc/enetc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4c4c3052911b",
              "status": "affected",
              "version": "d4fd0404c1c9",
              "versionType": "git"
            },
            {
              "lessThan": "6c3f1b741c6c",
              "status": "affected",
              "version": "d4fd0404c1c9",
              "versionType": "git"
            },
            {
              "lessThan": "6f329d9da2a5",
              "status": "affected",
              "version": "d4fd0404c1c9",
              "versionType": "git"
            },
            {
              "lessThan": "7237a494decf",
              "status": "affected",
              "version": "d4fd0404c1c9",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/freescale/enetc/enetc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.1"
            },
            {
              "lessThan": "5.1",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.150",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.70",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nenetc: Fix illegal access when reading affinity_hint\n\nirq_set_affinity_hit() stores a reference to the cpumask_t\nparameter in the irq descriptor, and that reference can be\naccessed later from irq_affinity_hint_proc_show(). Since\nthe cpu_mask parameter passed to irq_set_affinity_hit() has\nonly temporary storage (it\u0027s on the stack memory), later\naccesses to it are illegal. Thus reads from the corresponding\nprocfs affinity_hint file can result in paging request oops.\n\nThe issue is fixed by the get_cpu_mask() helper, which provides\na permanent storage for the cpumask_t parameter."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:04:35.269Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4c4c3052911b577920353a7646e4883d5da40c28"
        },
        {
          "url": "https://git.kernel.org/stable/c/6c3f1b741c6c2914ea120e3a5790d3e900152f7b"
        },
        {
          "url": "https://git.kernel.org/stable/c/6f329d9da2a5ae032fcde800a99b118124ed5270"
        },
        {
          "url": "https://git.kernel.org/stable/c/7237a494decfa17d0b9d0076e6cee3235719de90"
        }
      ],
      "title": "enetc: Fix illegal access when reading affinity_hint",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47368",
    "datePublished": "2024-05-21T15:03:34.494Z",
    "dateReserved": "2024-05-21T14:58:30.810Z",
    "dateUpdated": "2024-11-04T12:04:35.269Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52751

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

smb: client: fix use-after-free in smb2_query_info_compound()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/6db94d08359c43f2c8fe372811cdee04564a41b9
	https://git.kernel.org/stable/c/93877b9afc2994c89362007aac480a7b150f386f
	https://git.kernel.org/stable/c/5c86919455c1edec99ebd3338ad213b59271a71b

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.015Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6db94d08359c43f2c8fe372811cdee04564a41b9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/93877b9afc2994c89362007aac480a7b150f386f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5c86919455c1edec99ebd3338ad213b59271a71b"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52751",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:15.794672Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:32.822Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/client/cached_dir.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6db94d08359c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "93877b9afc29",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "5c86919455c1",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/client/cached_dir.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free in smb2_query_info_compound()\n\nThe following UAF was triggered when running fstests generic/072 with\nKASAN enabled against Windows Server 2022 and mount options\n\u0027multichannel,max_channels=2,vers=3.1.1,mfsymlinks,noperm\u0027\n\n  BUG: KASAN: slab-use-after-free in smb2_query_info_compound+0x423/0x6d0 [cifs]\n  Read of size 8 at addr ffff888014941048 by task xfs_io/27534\n\n  CPU: 0 PID: 27534 Comm: xfs_io Not tainted 6.6.0-rc7 #1\n  Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\n  rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014\n  Call Trace:\n   dump_stack_lvl+0x4a/0x80\n   print_report+0xcf/0x650\n   ? srso_alias_return_thunk+0x5/0x7f\n   ? srso_alias_return_thunk+0x5/0x7f\n   ? __phys_addr+0x46/0x90\n   kasan_report+0xda/0x110\n   ? smb2_query_info_compound+0x423/0x6d0 [cifs]\n   ? smb2_query_info_compound+0x423/0x6d0 [cifs]\n   smb2_query_info_compound+0x423/0x6d0 [cifs]\n   ? __pfx_smb2_query_info_compound+0x10/0x10 [cifs]\n   ? srso_alias_return_thunk+0x5/0x7f\n   ? __stack_depot_save+0x39/0x480\n   ? kasan_save_stack+0x33/0x60\n   ? kasan_set_track+0x25/0x30\n   ? ____kasan_slab_free+0x126/0x170\n   smb2_queryfs+0xc2/0x2c0 [cifs]\n   ? __pfx_smb2_queryfs+0x10/0x10 [cifs]\n   ? __pfx___lock_acquire+0x10/0x10\n   smb311_queryfs+0x210/0x220 [cifs]\n   ? __pfx_smb311_queryfs+0x10/0x10 [cifs]\n   ? srso_alias_return_thunk+0x5/0x7f\n   ? __lock_acquire+0x480/0x26c0\n   ? lock_release+0x1ed/0x640\n   ? srso_alias_return_thunk+0x5/0x7f\n   ? do_raw_spin_unlock+0x9b/0x100\n   cifs_statfs+0x18c/0x4b0 [cifs]\n   statfs_by_dentry+0x9b/0xf0\n   fd_statfs+0x4e/0xb0\n   __do_sys_fstatfs+0x7f/0xe0\n   ? __pfx___do_sys_fstatfs+0x10/0x10\n   ? srso_alias_return_thunk+0x5/0x7f\n   ? lockdep_hardirqs_on_prepare+0x136/0x200\n   ? srso_alias_return_thunk+0x5/0x7f\n   do_syscall_64+0x3f/0x90\n   entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\n  Allocated by task 27534:\n   kasan_save_stack+0x33/0x60\n   kasan_set_track+0x25/0x30\n   __kasan_kmalloc+0x8f/0xa0\n   open_cached_dir+0x71b/0x1240 [cifs]\n   smb2_query_info_compound+0x5c3/0x6d0 [cifs]\n   smb2_queryfs+0xc2/0x2c0 [cifs]\n   smb311_queryfs+0x210/0x220 [cifs]\n   cifs_statfs+0x18c/0x4b0 [cifs]\n   statfs_by_dentry+0x9b/0xf0\n   fd_statfs+0x4e/0xb0\n   __do_sys_fstatfs+0x7f/0xe0\n   do_syscall_64+0x3f/0x90\n   entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\n  Freed by task 27534:\n   kasan_save_stack+0x33/0x60\n   kasan_set_track+0x25/0x30\n   kasan_save_free_info+0x2b/0x50\n   ____kasan_slab_free+0x126/0x170\n   slab_free_freelist_hook+0xd0/0x1e0\n   __kmem_cache_free+0x9d/0x1b0\n   open_cached_dir+0xff5/0x1240 [cifs]\n   smb2_query_info_compound+0x5c3/0x6d0 [cifs]\n   smb2_queryfs+0xc2/0x2c0 [cifs]\n\nThis is a race between open_cached_dir() and cached_dir_lease_break()\nwhere the cache entry for the open directory handle receives a lease\nbreak while creating it.  And before returning from open_cached_dir(),\nwe put the last reference of the new @cfid because of\n!@cfid-\u003ehas_lease.\n\nBesides the UAF, while running xfstests a lot of missed lease breaks\nhave been noticed in tests that run several concurrent statfs(2) calls\non those cached fids\n\n  CIFS: VFS: \\\\w22-root1.gandalf.test No task to wake, unknown frame...\n  CIFS: VFS: \\\\w22-root1.gandalf.test Cmd: 18 Err: 0x0 Flags: 0x1...\n  CIFS: VFS: \\\\w22-root1.gandalf.test smb buf 00000000715bfe83 len 108\n  CIFS: VFS: Dump pending requests:\n  CIFS: VFS: \\\\w22-root1.gandalf.test No task to wake, unknown frame...\n  CIFS: VFS: \\\\w22-root1.gandalf.test Cmd: 18 Err: 0x0 Flags: 0x1...\n  CIFS: VFS: \\\\w22-root1.gandalf.test smb buf 000000005aa7316e len 108\n  ...\n\nTo fix both, in open_cached_dir() ensure that @cfid-\u003ehas_lease is set\nright before sending out compounded request so that any potential\nlease break will be get processed by demultiplex thread while we\u0027re\nstill caching @cfid.  And, if open failed for some reason, re-check\n@cfid-\u003ehas_lease to decide whether or not put lease reference."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:00.698Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6db94d08359c43f2c8fe372811cdee04564a41b9"
        },
        {
          "url": "https://git.kernel.org/stable/c/93877b9afc2994c89362007aac480a7b150f386f"
        },
        {
          "url": "https://git.kernel.org/stable/c/5c86919455c1edec99ebd3338ad213b59271a71b"
        }
      ],
      "title": "smb: client: fix use-after-free in smb2_query_info_compound()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52751",
    "datePublished": "2024-05-21T15:30:40.226Z",
    "dateReserved": "2024-05-21T15:19:24.234Z",
    "dateUpdated": "2024-11-04T14:52:00.698Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52793

Vulnerability from cvelistv5

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2024-05-24T04:35:34.485Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52793",
    "datePublished": "2024-05-21T15:31:08.299Z",
    "dateRejected": "2024-05-24T04:35:34.485Z",
    "dateReserved": "2024-05-21T15:19:24.246Z",
    "dateUpdated": "2024-05-24T04:35:34.485Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47449

Vulnerability from cvelistv5

Published

2024-05-22 06:19

Modified

2024-11-04 11:41

Severity ?

7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Summary

ice: fix locking for Tx timestamp tracking flush

References

▼	URL	Tags
	https://git.kernel.org/stable/c/61616be899975404df44c20ab902464b60882cd7
	https://git.kernel.org/stable/c/4d4a223a86afe658cd878800f09458e8bb54415d

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.359Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/61616be899975404df44c20ab902464b60882cd7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4d4a223a86afe658cd878800f09458e8bb54415d"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "5.14.14",
                "status": "affected",
                "version": "5.14.4",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.1,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47449",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T15:57:08.649980Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-129",
                "description": "CWE-129 Improper Validation of Array Index",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-08T14:17:23.557Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/ice/ice_ptp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "61616be89997",
              "status": "affected",
              "version": "46720ac66c21",
              "versionType": "git"
            },
            {
              "lessThan": "4d4a223a86af",
              "status": "affected",
              "version": "4dd0d5c33c3e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/ice/ice_ptp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5.14.14",
              "status": "affected",
              "version": "5.14.4",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix locking for Tx timestamp tracking flush\n\nCommit 4dd0d5c33c3e (\"ice: add lock around Tx timestamp tracker flush\")\nadded a lock around the Tx timestamp tracker flow which is used to\ncleanup any left over SKBs and prepare for device removal.\n\nThis lock is problematic because it is being held around a call to\nice_clear_phy_tstamp. The clear function takes a mutex to send a PHY\nwrite command to firmware. This could lead to a deadlock if the mutex\nactually sleeps, and causes the following warning on a kernel with\npreemption debugging enabled:\n\n[  715.419426] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:573\n[  715.427900] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3100, name: rmmod\n[  715.435652] INFO: lockdep is turned off.\n[  715.439591] Preemption disabled at:\n[  715.439594] [\u003c0000000000000000\u003e] 0x0\n[  715.446678] CPU: 52 PID: 3100 Comm: rmmod Tainted: G        W  OE     5.15.0-rc4+ #42 bdd7ec3018e725f159ca0d372ce8c2c0e784891c\n[  715.458058] Hardware name: Intel Corporation S2600STQ/S2600STQ, BIOS SE5C620.86B.02.01.0010.010620200716 01/06/2020\n[  715.468483] Call Trace:\n[  715.470940]  dump_stack_lvl+0x6a/0x9a\n[  715.474613]  ___might_sleep.cold+0x224/0x26a\n[  715.478895]  __mutex_lock+0xb3/0x1440\n[  715.482569]  ? stack_depot_save+0x378/0x500\n[  715.486763]  ? ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.494979]  ? kfree+0xc1/0x520\n[  715.498128]  ? mutex_lock_io_nested+0x12a0/0x12a0\n[  715.502837]  ? kasan_set_free_info+0x20/0x30\n[  715.507110]  ? __kasan_slab_free+0x10b/0x140\n[  715.511385]  ? slab_free_freelist_hook+0xc7/0x220\n[  715.516092]  ? kfree+0xc1/0x520\n[  715.519235]  ? ice_deinit_lag+0x16c/0x220 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.527359]  ? ice_remove+0x1cf/0x6a0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.535133]  ? pci_device_remove+0xab/0x1d0\n[  715.539318]  ? __device_release_driver+0x35b/0x690\n[  715.544110]  ? driver_detach+0x214/0x2f0\n[  715.548035]  ? bus_remove_driver+0x11d/0x2f0\n[  715.552309]  ? pci_unregister_driver+0x26/0x250\n[  715.556840]  ? ice_module_exit+0xc/0x2f [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.564799]  ? __do_sys_delete_module.constprop.0+0x2d8/0x4e0\n[  715.570554]  ? do_syscall_64+0x3b/0x90\n[  715.574303]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae\n[  715.579529]  ? start_flush_work+0x542/0x8f0\n[  715.583719]  ? ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.591923]  ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.599960]  ? wait_for_completion_io+0x250/0x250\n[  715.604662]  ? lock_acquire+0x196/0x200\n[  715.608504]  ? do_raw_spin_trylock+0xa5/0x160\n[  715.612864]  ice_sbq_rw_reg+0x1e6/0x2f0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.620813]  ? ice_reset+0x130/0x130 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.628497]  ? __debug_check_no_obj_freed+0x1e8/0x3c0\n[  715.633550]  ? trace_hardirqs_on+0x1c/0x130\n[  715.637748]  ice_write_phy_reg_e810+0x70/0xf0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.646220]  ? do_raw_spin_trylock+0xa5/0x160\n[  715.650581]  ? ice_ptp_release+0x910/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.658797]  ? ice_ptp_release+0x255/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.667013]  ice_clear_phy_tstamp+0x2c/0x110 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.675403]  ice_ptp_release+0x408/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.683440]  ice_remove+0x560/0x6a0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.691037]  ? _raw_spin_unlock_irqrestore+0x46/0x73\n[  715.696005]  pci_device_remove+0xab/0x1d0\n[  715.700018]  __device_release_driver+0x35b/0x690\n[  715.704637]  driver_detach+0x214/0x2f0\n[  715.708389]  bus_remove_driver+0x11d/0x2f0\n[  715.712489]  pci_unregister_driver+0x26/0x250\n[  71\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:41:30.378Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/61616be899975404df44c20ab902464b60882cd7"
        },
        {
          "url": "https://git.kernel.org/stable/c/4d4a223a86afe658cd878800f09458e8bb54415d"
        }
      ],
      "title": "ice: fix locking for Tx timestamp tracking flush",
      "x_generator": {
        "engine": "bippy-c8e10e5f6187"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47449",
    "datePublished": "2024-05-22T06:19:40.793Z",
    "dateReserved": "2024-05-21T14:58:30.832Z",
    "dateUpdated": "2024-11-04T11:41:30.378Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52821

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

drm/panel: fix a possible null pointer dereference

References

▼	URL	Tags
	https://git.kernel.org/stable/c/c7dc0aca5962fb37dbea9769dd26ec37813faae1
	https://git.kernel.org/stable/c/2381f6b628b3214f07375e0adf5ce17093c31190
	https://git.kernel.org/stable/c/79813cd59398015867d51e6d7dcc14d287d4c402
	https://git.kernel.org/stable/c/4fa930ba046d20fc1899770396ee11e905fa96e4
	https://git.kernel.org/stable/c/8a9dd36fcb4f3906982b82593393578db4479992
	https://git.kernel.org/stable/c/924e5814d1f84e6fa5cb19c6eceb69f066225229

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52821",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:23:25.064464Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:17.869Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.064Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c7dc0aca5962fb37dbea9769dd26ec37813faae1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2381f6b628b3214f07375e0adf5ce17093c31190"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/79813cd59398015867d51e6d7dcc14d287d4c402"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4fa930ba046d20fc1899770396ee11e905fa96e4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8a9dd36fcb4f3906982b82593393578db4479992"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/924e5814d1f84e6fa5cb19c6eceb69f066225229"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/panel/panel-arm-versatile.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c7dc0aca5962",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2381f6b628b3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "79813cd59398",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "4fa930ba046d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8a9dd36fcb4f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "924e5814d1f8",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/panel/panel-arm-versatile.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panel: fix a possible null pointer dereference\n\nIn versatile_panel_get_modes(), the return value of drm_mode_duplicate()\nis assigned to mode, which will lead to a NULL pointer dereference\non failure of drm_mode_duplicate(). Add a check to avoid npd."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:21.146Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c7dc0aca5962fb37dbea9769dd26ec37813faae1"
        },
        {
          "url": "https://git.kernel.org/stable/c/2381f6b628b3214f07375e0adf5ce17093c31190"
        },
        {
          "url": "https://git.kernel.org/stable/c/79813cd59398015867d51e6d7dcc14d287d4c402"
        },
        {
          "url": "https://git.kernel.org/stable/c/4fa930ba046d20fc1899770396ee11e905fa96e4"
        },
        {
          "url": "https://git.kernel.org/stable/c/8a9dd36fcb4f3906982b82593393578db4479992"
        },
        {
          "url": "https://git.kernel.org/stable/c/924e5814d1f84e6fa5cb19c6eceb69f066225229"
        }
      ],
      "title": "drm/panel: fix a possible null pointer dereference",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52821",
    "datePublished": "2024-05-21T15:31:26.888Z",
    "dateReserved": "2024-05-21T15:19:24.249Z",
    "dateUpdated": "2024-11-04T14:53:21.146Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52828

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-05 15:50

Severity ?

6.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

Summary

bpf: Detect IP == ksym.end as part of BPF program

References

▼	URL	Tags
	https://git.kernel.org/stable/c/6058e4829696412457729a00734969acc6fd1d18
	https://git.kernel.org/stable/c/cf353904a82873e952633fcac4385c2fcd3a46e1
	https://git.kernel.org/stable/c/aa42a7cb92647786719fe9608685da345883878f
	https://git.kernel.org/stable/c/327b92e8cb527ae097961ffd1610c720481947f5
	https://git.kernel.org/stable/c/821a7e4143af115b840ec199eb179537e18af922
	https://git.kernel.org/stable/c/66d9111f3517f85ef2af0337ece02683ce0faf21

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "LOW",
              "baseScore": 6.6,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "LOW",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52828",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T17:18:00.561172Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-05T15:50:04.124Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.966Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6058e4829696412457729a00734969acc6fd1d18"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cf353904a82873e952633fcac4385c2fcd3a46e1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/aa42a7cb92647786719fe9608685da345883878f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/327b92e8cb527ae097961ffd1610c720481947f5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/821a7e4143af115b840ec199eb179537e18af922"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/66d9111f3517f85ef2af0337ece02683ce0faf21"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/bpf/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6058e4829696",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "cf353904a828",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "aa42a7cb9264",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "327b92e8cb52",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "821a7e4143af",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "66d9111f3517",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/bpf/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Detect IP == ksym.end as part of BPF program\n\nNow that bpf_throw kfunc is the first such call instruction that has\nnoreturn semantics within the verifier, this also kicks in dead code\nelimination in unprecedented ways. For one, any instruction following\na bpf_throw call will never be marked as seen. Moreover, if a callchain\nends up throwing, any instructions after the call instruction to the\neventually throwing subprog in callers will also never be marked as\nseen.\n\nThe tempting way to fix this would be to emit extra \u0027int3\u0027 instructions\nwhich bump the jited_len of a program, and ensure that during runtime\nwhen a program throws, we can discover its boundaries even if the call\ninstruction to bpf_throw (or to subprogs that always throw) is emitted\nas the final instruction in the program.\n\nAn example of such a program would be this:\n\ndo_something():\n\t...\n\tr0 = 0\n\texit\n\nfoo():\n\tr1 = 0\n\tcall bpf_throw\n\tr0 = 0\n\texit\n\nbar(cond):\n\tif r1 != 0 goto pc+2\n\tcall do_something\n\texit\n\tcall foo\n\tr0 = 0  // Never seen by verifier\n\texit\t//\n\nmain(ctx):\n\tr1 = ...\n\tcall bar\n\tr0 = 0\n\texit\n\nHere, if we do end up throwing, the stacktrace would be the following:\n\nbpf_throw\nfoo\nbar\nmain\n\nIn bar, the final instruction emitted will be the call to foo, as such,\nthe return address will be the subsequent instruction (which the JIT\nemits as int3 on x86). This will end up lying outside the jited_len of\nthe program, thus, when unwinding, we will fail to discover the return\naddress as belonging to any program and end up in a panic due to the\nunreliable stack unwinding of BPF programs that we never expect.\n\nTo remedy this case, make bpf_prog_ksym_find treat IP == ksym.end as\npart of the BPF program, so that is_bpf_text_address returns true when\nsuch a case occurs, and we are able to unwind reliably when the final\ninstruction ends up being a call instruction."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:25.737Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6058e4829696412457729a00734969acc6fd1d18"
        },
        {
          "url": "https://git.kernel.org/stable/c/cf353904a82873e952633fcac4385c2fcd3a46e1"
        },
        {
          "url": "https://git.kernel.org/stable/c/aa42a7cb92647786719fe9608685da345883878f"
        },
        {
          "url": "https://git.kernel.org/stable/c/327b92e8cb527ae097961ffd1610c720481947f5"
        },
        {
          "url": "https://git.kernel.org/stable/c/821a7e4143af115b840ec199eb179537e18af922"
        },
        {
          "url": "https://git.kernel.org/stable/c/66d9111f3517f85ef2af0337ece02683ce0faf21"
        }
      ],
      "title": "bpf: Detect IP == ksym.end as part of BPF program",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52828",
    "datePublished": "2024-05-21T15:31:31.501Z",
    "dateReserved": "2024-05-21T15:19:24.251Z",
    "dateUpdated": "2024-11-05T15:50:04.124Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47478

Vulnerability from cvelistv5

Published

2024-05-22 08:19

Modified

2024-11-07 15:12

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

isofs: Fix out of bound access for corrupted isofs image

References

▼	URL	Tags
	https://git.kernel.org/stable/c/156ce5bb6cc43a80a743810199defb1dc3f55b7f
	https://git.kernel.org/stable/c/9ec33a9b8790c212cc926a88c5e2105f97f3f57e
	https://git.kernel.org/stable/c/afbd40f425227e661d991757e11cc4db024e761f
	https://git.kernel.org/stable/c/b0ddff8d68f2e43857a84dce54c3deab181c8ae1
	https://git.kernel.org/stable/c/6e80e9314f8bb52d9eabe1907698718ff01120f5
	https://git.kernel.org/stable/c/86d4aedcbc69c0f84551fb70f953c24e396de2d7
	https://git.kernel.org/stable/c/b2fa1f52d22c5455217b294629346ad23a744945
	https://git.kernel.org/stable/c/e7fb722586a2936b37bdff096c095c30ca06404d
	https://git.kernel.org/stable/c/e96a1866b40570b5950cda8602c2819189c62a48

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47478",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T18:36:21.366364Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T15:12:42.793Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.618Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/156ce5bb6cc43a80a743810199defb1dc3f55b7f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9ec33a9b8790c212cc926a88c5e2105f97f3f57e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/afbd40f425227e661d991757e11cc4db024e761f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b0ddff8d68f2e43857a84dce54c3deab181c8ae1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6e80e9314f8bb52d9eabe1907698718ff01120f5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/86d4aedcbc69c0f84551fb70f953c24e396de2d7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b2fa1f52d22c5455217b294629346ad23a744945"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e7fb722586a2936b37bdff096c095c30ca06404d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e96a1866b40570b5950cda8602c2819189c62a48"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/isofs/inode.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "156ce5bb6cc4",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "9ec33a9b8790",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "afbd40f42522",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "b0ddff8d68f2",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6e80e9314f8b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "86d4aedcbc69",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "b2fa1f52d22c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e7fb722586a2",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e96a1866b405",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/isofs/inode.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.292",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.255",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.217",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.159",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.79",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Fix out of bound access for corrupted isofs image\n\nWhen isofs image is suitably corrupted isofs_read_inode() can read data\nbeyond the end of buffer. Sanity-check the directory entry length before\nusing it."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:42.521Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/156ce5bb6cc43a80a743810199defb1dc3f55b7f"
        },
        {
          "url": "https://git.kernel.org/stable/c/9ec33a9b8790c212cc926a88c5e2105f97f3f57e"
        },
        {
          "url": "https://git.kernel.org/stable/c/afbd40f425227e661d991757e11cc4db024e761f"
        },
        {
          "url": "https://git.kernel.org/stable/c/b0ddff8d68f2e43857a84dce54c3deab181c8ae1"
        },
        {
          "url": "https://git.kernel.org/stable/c/6e80e9314f8bb52d9eabe1907698718ff01120f5"
        },
        {
          "url": "https://git.kernel.org/stable/c/86d4aedcbc69c0f84551fb70f953c24e396de2d7"
        },
        {
          "url": "https://git.kernel.org/stable/c/b2fa1f52d22c5455217b294629346ad23a744945"
        },
        {
          "url": "https://git.kernel.org/stable/c/e7fb722586a2936b37bdff096c095c30ca06404d"
        },
        {
          "url": "https://git.kernel.org/stable/c/e96a1866b40570b5950cda8602c2819189c62a48"
        }
      ],
      "title": "isofs: Fix out of bound access for corrupted isofs image",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47478",
    "datePublished": "2024-05-22T08:19:31.521Z",
    "dateReserved": "2024-05-22T06:20:56.200Z",
    "dateUpdated": "2024-11-07T15:12:42.793Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52757

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

smb: client: fix potential deadlock when releasing mids

References

▼	URL	Tags
	https://git.kernel.org/stable/c/9eb44db68c5b7f5aa22b8fc7de74a3e2e08d1f29
	https://git.kernel.org/stable/c/b9bb9607b1fc12fca51f5632da25b36975f599bf
	https://git.kernel.org/stable/c/c1a5962f1462b64fe7b69f20a4b6af8067bc2d26
	https://git.kernel.org/stable/c/e6322fd177c6885a21dd4609dc5e5c973d1a2eb7

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.824Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9eb44db68c5b7f5aa22b8fc7de74a3e2e08d1f29"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b9bb9607b1fc12fca51f5632da25b36975f599bf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c1a5962f1462b64fe7b69f20a4b6af8067bc2d26"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e6322fd177c6885a21dd4609dc5e5c973d1a2eb7"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52757",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:37:12.677779Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:56.199Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/client/cifsproto.h",
            "fs/smb/client/smb2misc.c",
            "fs/smb/client/transport.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9eb44db68c5b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "b9bb9607b1fc",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c1a5962f1462",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e6322fd177c6",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/client/cifsproto.h",
            "fs/smb/client/smb2misc.c",
            "fs/smb/client/transport.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential deadlock when releasing mids\n\nAll release_mid() callers seem to hold a reference of @mid so there is\nno need to call kref_put(\u0026mid-\u003erefcount, __release_mid) under\n@server-\u003emid_lock spinlock.  If they don\u0027t, then an use-after-free bug\nwould have occurred anyways.\n\nBy getting rid of such spinlock also fixes a potential deadlock as\nshown below\n\nCPU 0                                CPU 1\n------------------------------------------------------------------\ncifs_demultiplex_thread()            cifs_debug_data_proc_show()\n release_mid()\n  spin_lock(\u0026server-\u003emid_lock);\n                                     spin_lock(\u0026cifs_tcp_ses_lock)\n\t\t\t\t      spin_lock(\u0026server-\u003emid_lock)\n  __release_mid()\n   smb2_find_smb_tcon()\n    spin_lock(\u0026cifs_tcp_ses_lock) *deadlock*"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:06.995Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9eb44db68c5b7f5aa22b8fc7de74a3e2e08d1f29"
        },
        {
          "url": "https://git.kernel.org/stable/c/b9bb9607b1fc12fca51f5632da25b36975f599bf"
        },
        {
          "url": "https://git.kernel.org/stable/c/c1a5962f1462b64fe7b69f20a4b6af8067bc2d26"
        },
        {
          "url": "https://git.kernel.org/stable/c/e6322fd177c6885a21dd4609dc5e5c973d1a2eb7"
        }
      ],
      "title": "smb: client: fix potential deadlock when releasing mids",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52757",
    "datePublished": "2024-05-21T15:30:44.248Z",
    "dateReserved": "2024-05-21T15:19:24.237Z",
    "dateUpdated": "2024-11-04T14:52:06.995Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52774

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

s390/dasd: protect device queue against concurrent access

References

▼	URL	Tags
	https://git.kernel.org/stable/c/ebdc569a07a3e8dbe66b4184922ad6f88ac0b96f
	https://git.kernel.org/stable/c/f75617cc8df4155374132f0b500b0b3ebb967458
	https://git.kernel.org/stable/c/f1ac7789406e2ca9ac51c41ad2daa597f47bdd4d
	https://git.kernel.org/stable/c/c841de6247e94e07566d57163d3c0d8b29278f7a
	https://git.kernel.org/stable/c/6062c527d0403cef27c54b91ac8390c3a497b250
	https://git.kernel.org/stable/c/dc96fde8fcb2b896fd6c64802a7f4ece2e69b0be
	https://git.kernel.org/stable/c/9372aab5d0ff621ea203c8c603e7e5f75e888240
	https://git.kernel.org/stable/c/db46cd1e0426f52999d50fa72cfa97fa39952885

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.549Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ebdc569a07a3e8dbe66b4184922ad6f88ac0b96f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f75617cc8df4155374132f0b500b0b3ebb967458"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f1ac7789406e2ca9ac51c41ad2daa597f47bdd4d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c841de6247e94e07566d57163d3c0d8b29278f7a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6062c527d0403cef27c54b91ac8390c3a497b250"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dc96fde8fcb2b896fd6c64802a7f4ece2e69b0be"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9372aab5d0ff621ea203c8c603e7e5f75e888240"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/db46cd1e0426f52999d50fa72cfa97fa39952885"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52774",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:56.558292Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:55.198Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/s390/block/dasd.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ebdc569a07a3",
              "status": "affected",
              "version": "4fa52aa7a82f",
              "versionType": "git"
            },
            {
              "lessThan": "f75617cc8df4",
              "status": "affected",
              "version": "4fa52aa7a82f",
              "versionType": "git"
            },
            {
              "lessThan": "f1ac7789406e",
              "status": "affected",
              "version": "4fa52aa7a82f",
              "versionType": "git"
            },
            {
              "lessThan": "c841de6247e9",
              "status": "affected",
              "version": "4fa52aa7a82f",
              "versionType": "git"
            },
            {
              "lessThan": "6062c527d040",
              "status": "affected",
              "version": "4fa52aa7a82f",
              "versionType": "git"
            },
            {
              "lessThan": "dc96fde8fcb2",
              "status": "affected",
              "version": "4fa52aa7a82f",
              "versionType": "git"
            },
            {
              "lessThan": "9372aab5d0ff",
              "status": "affected",
              "version": "4fa52aa7a82f",
              "versionType": "git"
            },
            {
              "lessThan": "db46cd1e0426",
              "status": "affected",
              "version": "4fa52aa7a82f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/s390/block/dasd.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.1"
            },
            {
              "lessThan": "3.1",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.332",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.301",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.263",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.203",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.141",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.65",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: protect device queue against concurrent access\n\nIn dasd_profile_start() the amount of requests on the device queue are\ncounted. The access to the device queue is unprotected against\nconcurrent access. With a lot of parallel I/O, especially with alias\ndevices enabled, the device queue can change while dasd_profile_start()\nis accessing the queue. In the worst case this leads to a kernel panic\ndue to incorrect pointer accesses.\n\nFix this by taking the device lock before accessing the queue and\ncounting the requests. Additionally the check for a valid profile data\npointer can be done earlier to avoid unnecessary locking in a hot path."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:26.896Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ebdc569a07a3e8dbe66b4184922ad6f88ac0b96f"
        },
        {
          "url": "https://git.kernel.org/stable/c/f75617cc8df4155374132f0b500b0b3ebb967458"
        },
        {
          "url": "https://git.kernel.org/stable/c/f1ac7789406e2ca9ac51c41ad2daa597f47bdd4d"
        },
        {
          "url": "https://git.kernel.org/stable/c/c841de6247e94e07566d57163d3c0d8b29278f7a"
        },
        {
          "url": "https://git.kernel.org/stable/c/6062c527d0403cef27c54b91ac8390c3a497b250"
        },
        {
          "url": "https://git.kernel.org/stable/c/dc96fde8fcb2b896fd6c64802a7f4ece2e69b0be"
        },
        {
          "url": "https://git.kernel.org/stable/c/9372aab5d0ff621ea203c8c603e7e5f75e888240"
        },
        {
          "url": "https://git.kernel.org/stable/c/db46cd1e0426f52999d50fa72cfa97fa39952885"
        }
      ],
      "title": "s390/dasd: protect device queue against concurrent access",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52774",
    "datePublished": "2024-05-21T15:30:55.593Z",
    "dateReserved": "2024-05-21T15:19:24.239Z",
    "dateUpdated": "2024-11-04T14:52:26.896Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52775

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-04 14:52

Severity ?

Summary

net/smc: avoid data corruption caused by decline

References

▼	URL	Tags
	https://git.kernel.org/stable/c/5ada292b5c504720a0acef8cae9acc62a694d19c
	https://git.kernel.org/stable/c/90072af9efe8c7bd7d086709014ddd44cebd5e7c
	https://git.kernel.org/stable/c/94a0ae698b4d5d5bb598e23228002a1491c50add
	https://git.kernel.org/stable/c/7234d2b5dffa5af77fd4e0deaebab509e130c6b1
	https://git.kernel.org/stable/c/e6d71b437abc2f249e3b6a1ae1a7228e09c6e563

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52775",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:24:43.628155Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:47.888Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.820Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5ada292b5c504720a0acef8cae9acc62a694d19c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/90072af9efe8c7bd7d086709014ddd44cebd5e7c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/94a0ae698b4d5d5bb598e23228002a1491c50add"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7234d2b5dffa5af77fd4e0deaebab509e130c6b1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e6d71b437abc2f249e3b6a1ae1a7228e09c6e563"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/smc/af_smc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5ada292b5c50",
              "status": "affected",
              "version": "0fb0b02bd6fd",
              "versionType": "git"
            },
            {
              "lessThan": "90072af9efe8",
              "status": "affected",
              "version": "0fb0b02bd6fd",
              "versionType": "git"
            },
            {
              "lessThan": "94a0ae698b4d",
              "status": "affected",
              "version": "0fb0b02bd6fd",
              "versionType": "git"
            },
            {
              "lessThan": "7234d2b5dffa",
              "status": "affected",
              "version": "0fb0b02bd6fd",
              "versionType": "git"
            },
            {
              "lessThan": "e6d71b437abc",
              "status": "affected",
              "version": "0fb0b02bd6fd",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/smc/af_smc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            },
            {
              "lessThan": "5.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.203",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.141",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.65",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: avoid data corruption caused by decline\n\nWe found a data corruption issue during testing of SMC-R on Redis\napplications.\n\nThe benchmark has a low probability of reporting a strange error as\nshown below.\n\n\"Error: Protocol error, got \"\\xe2\" as reply type byte\"\n\nFinally, we found that the retrieved error data was as follows:\n\n0xE2 0xD4 0xC3 0xD9 0x04 0x00 0x2C 0x20 0xA6 0x56 0x00 0x16 0x3E 0x0C\n0xCB 0x04 0x02 0x01 0x00 0x00 0x20 0x00 0x00 0x00 0x00 0x00 0x00 0x00\n0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0xE2\n\nIt is quite obvious that this is a SMC DECLINE message, which means that\nthe applications received SMC protocol message.\nWe found that this was caused by the following situations:\n\nclient                  server\n        \u00a6  clc proposal\n        -------------\u003e\n        \u00a6  clc accept\n        \u003c-------------\n        \u00a6  clc confirm\n        -------------\u003e\nwait llc confirm\n\t\t\tsend llc confirm\n        \u00a6failed llc confirm\n        \u00a6   x------\n(after 2s)timeout\n                        wait llc confirm rsp\n\nwait decline\n\n(after 1s) timeout\n                        (after 2s) timeout\n        \u00a6   decline\n        --------------\u003e\n        \u00a6   decline\n        \u003c--------------\n\nAs a result, a decline message was sent in the implementation, and this\nmessage was read from TCP by the already-fallback connection.\n\nThis patch double the client timeout as 2x of the server value,\nWith this simple change, the Decline messages should never cross or\ncollide (during Confirm link timeout).\n\nThis issue requires an immediate solution, since the protocol updates\ninvolve a more long-term solution."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:28.255Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/5ada292b5c504720a0acef8cae9acc62a694d19c"
        },
        {
          "url": "https://git.kernel.org/stable/c/90072af9efe8c7bd7d086709014ddd44cebd5e7c"
        },
        {
          "url": "https://git.kernel.org/stable/c/94a0ae698b4d5d5bb598e23228002a1491c50add"
        },
        {
          "url": "https://git.kernel.org/stable/c/7234d2b5dffa5af77fd4e0deaebab509e130c6b1"
        },
        {
          "url": "https://git.kernel.org/stable/c/e6d71b437abc2f249e3b6a1ae1a7228e09c6e563"
        }
      ],
      "title": "net/smc: avoid data corruption caused by decline",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52775",
    "datePublished": "2024-05-21T15:30:56.247Z",
    "dateReserved": "2024-05-21T15:19:24.239Z",
    "dateUpdated": "2024-11-04T14:52:28.255Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52847

Vulnerability from cvelistv5

Published

2024-05-21 15:31

Modified

2024-11-04 14:53

Severity ?

Summary

media: bttv: fix use after free error due to btv->timeout timer

References

▼	URL	Tags
	https://git.kernel.org/stable/c/bbc3b8dd2cb7817e703f112d988e4f4728f0f2a9
	https://git.kernel.org/stable/c/b35fdade92c5058a5e727e233fe263b828de2c9a
	https://git.kernel.org/stable/c/2f3d9198cdae1cb079ec8652f4defacd481eab2b
	https://git.kernel.org/stable/c/51c94256a83fe4e17406c66ff3e1ad7d242d8574
	https://git.kernel.org/stable/c/20568d06f6069cb835e05eed432edf962645d226
	https://git.kernel.org/stable/c/1871014d6ef4812ad11ef7d838d73ce09d632267
	https://git.kernel.org/stable/c/847599fffa528b2cdec4e21b6bf7586dad982132
	https://git.kernel.org/stable/c/bd5b50b329e850d467e7bcc07b2b6bde3752fbda

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52847",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-10T19:17:00.085705Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-18T19:41:06.842Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.080Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bbc3b8dd2cb7817e703f112d988e4f4728f0f2a9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b35fdade92c5058a5e727e233fe263b828de2c9a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2f3d9198cdae1cb079ec8652f4defacd481eab2b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/51c94256a83fe4e17406c66ff3e1ad7d242d8574"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/20568d06f6069cb835e05eed432edf962645d226"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1871014d6ef4812ad11ef7d838d73ce09d632267"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/847599fffa528b2cdec4e21b6bf7586dad982132"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bd5b50b329e850d467e7bcc07b2b6bde3752fbda"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/pci/bt8xx/bttv-driver.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "bbc3b8dd2cb7",
              "status": "affected",
              "version": "162e6376ac58",
              "versionType": "git"
            },
            {
              "lessThan": "b35fdade92c5",
              "status": "affected",
              "version": "162e6376ac58",
              "versionType": "git"
            },
            {
              "lessThan": "2f3d9198cdae",
              "status": "affected",
              "version": "162e6376ac58",
              "versionType": "git"
            },
            {
              "lessThan": "51c94256a83f",
              "status": "affected",
              "version": "162e6376ac58",
              "versionType": "git"
            },
            {
              "lessThan": "20568d06f606",
              "status": "affected",
              "version": "162e6376ac58",
              "versionType": "git"
            },
            {
              "lessThan": "1871014d6ef4",
              "status": "affected",
              "version": "162e6376ac58",
              "versionType": "git"
            },
            {
              "lessThan": "847599fffa52",
              "status": "affected",
              "version": "162e6376ac58",
              "versionType": "git"
            },
            {
              "lessThan": "bd5b50b329e8",
              "status": "affected",
              "version": "162e6376ac58",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/pci/bt8xx/bttv-driver.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.15"
            },
            {
              "lessThan": "4.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.299",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.261",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: bttv: fix use after free error due to btv-\u003etimeout timer\n\nThere may be some a race condition between timer function\nbttv_irq_timeout and bttv_remove. The timer is setup in\nprobe and there is no timer_delete operation in remove\nfunction. When it hit kfree btv, the function might still be\ninvoked, which will cause use after free bug.\n\nThis bug is found by static analysis, it may be false positive.\n\nFix it by adding del_timer_sync invoking to the remove function.\n\ncpu0                cpu1\n                  bttv_probe\n                    -\u003etimer_setup\n                      -\u003ebttv_set_dma\n                        -\u003emod_timer;\nbttv_remove\n  -\u003ekfree(btv);\n                  -\u003ebttv_irq_timeout\n                    -\u003eUSE btv"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:47.046Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/bbc3b8dd2cb7817e703f112d988e4f4728f0f2a9"
        },
        {
          "url": "https://git.kernel.org/stable/c/b35fdade92c5058a5e727e233fe263b828de2c9a"
        },
        {
          "url": "https://git.kernel.org/stable/c/2f3d9198cdae1cb079ec8652f4defacd481eab2b"
        },
        {
          "url": "https://git.kernel.org/stable/c/51c94256a83fe4e17406c66ff3e1ad7d242d8574"
        },
        {
          "url": "https://git.kernel.org/stable/c/20568d06f6069cb835e05eed432edf962645d226"
        },
        {
          "url": "https://git.kernel.org/stable/c/1871014d6ef4812ad11ef7d838d73ce09d632267"
        },
        {
          "url": "https://git.kernel.org/stable/c/847599fffa528b2cdec4e21b6bf7586dad982132"
        },
        {
          "url": "https://git.kernel.org/stable/c/bd5b50b329e850d467e7bcc07b2b6bde3752fbda"
        }
      ],
      "title": "media: bttv: fix use after free error due to btv-\u003etimeout timer",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52847",
    "datePublished": "2024-05-21T15:31:44.513Z",
    "dateReserved": "2024-05-21T15:19:24.255Z",
    "dateUpdated": "2024-11-04T14:53:47.046Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52873

Vulnerability from cvelistv5

Published

2024-05-21 15:32

Modified

2024-11-04 14:54

Severity ?

Summary

clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data

References

▼	URL	Tags
	https://git.kernel.org/stable/c/fbe466f06d4ea18745da0d57540539b7b36936ae
	https://git.kernel.org/stable/c/3994387ba3564976731179c4d4a6d7850ddda71a
	https://git.kernel.org/stable/c/ca6d565a2319d69d9766e6ecbb5af827fc4afb2b
	https://git.kernel.org/stable/c/df1c4a9efa3f5b6fb5e0ae63890230dbe2190b7e
	https://git.kernel.org/stable/c/a90239551abc181687f8c0ba60b276f7d75c141e
	https://git.kernel.org/stable/c/f6a7c51cf07a399ec067d39f0a22f1817c5c7d2b
	https://git.kernel.org/stable/c/1f57f78fbacf630430bf954e5a84caafdfea30c0

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52873",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:20:52.471859Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:59.912Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.108Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fbe466f06d4ea18745da0d57540539b7b36936ae"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3994387ba3564976731179c4d4a6d7850ddda71a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ca6d565a2319d69d9766e6ecbb5af827fc4afb2b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/df1c4a9efa3f5b6fb5e0ae63890230dbe2190b7e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a90239551abc181687f8c0ba60b276f7d75c141e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f6a7c51cf07a399ec067d39f0a22f1817c5c7d2b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1f57f78fbacf630430bf954e5a84caafdfea30c0"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/clk/mediatek/clk-mt6779.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "fbe466f06d4e",
              "status": "affected",
              "version": "710774e04861",
              "versionType": "git"
            },
            {
              "lessThan": "3994387ba356",
              "status": "affected",
              "version": "710774e04861",
              "versionType": "git"
            },
            {
              "lessThan": "ca6d565a2319",
              "status": "affected",
              "version": "710774e04861",
              "versionType": "git"
            },
            {
              "lessThan": "df1c4a9efa3f",
              "status": "affected",
              "version": "710774e04861",
              "versionType": "git"
            },
            {
              "lessThan": "a90239551abc",
              "status": "affected",
              "version": "710774e04861",
              "versionType": "git"
            },
            {
              "lessThan": "f6a7c51cf07a",
              "status": "affected",
              "version": "710774e04861",
              "versionType": "git"
            },
            {
              "lessThan": "1f57f78fbacf",
              "status": "affected",
              "version": "710774e04861",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/clk/mediatek/clk-mt6779.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.4"
            },
            {
              "lessThan": "5.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.261",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:54:19.573Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/fbe466f06d4ea18745da0d57540539b7b36936ae"
        },
        {
          "url": "https://git.kernel.org/stable/c/3994387ba3564976731179c4d4a6d7850ddda71a"
        },
        {
          "url": "https://git.kernel.org/stable/c/ca6d565a2319d69d9766e6ecbb5af827fc4afb2b"
        },
        {
          "url": "https://git.kernel.org/stable/c/df1c4a9efa3f5b6fb5e0ae63890230dbe2190b7e"
        },
        {
          "url": "https://git.kernel.org/stable/c/a90239551abc181687f8c0ba60b276f7d75c141e"
        },
        {
          "url": "https://git.kernel.org/stable/c/f6a7c51cf07a399ec067d39f0a22f1817c5c7d2b"
        },
        {
          "url": "https://git.kernel.org/stable/c/1f57f78fbacf630430bf954e5a84caafdfea30c0"
        }
      ],
      "title": "clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52873",
    "datePublished": "2024-05-21T15:32:07.253Z",
    "dateReserved": "2024-05-21T15:19:24.264Z",
    "dateUpdated": "2024-11-04T14:54:19.573Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52771

Vulnerability from cvelistv5

Published

2024-05-21 15:30

Modified

2024-11-05 21:33

Severity ?

4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Summary

cxl/port: Fix delete_endpoint() vs parent unregistration race

References

▼	URL	Tags
	https://git.kernel.org/stable/c/37179fcc916bce8c3cc7b36d67ef814cce55142b
	https://git.kernel.org/stable/c/6b2e428e673b3f55965674a426c40922e91388aa
	https://git.kernel.org/stable/c/8d2ad999ca3c64cb08cf6a58d227b9d9e746d708

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 4.4,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52771",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T18:49:27.742644Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-05T21:33:44.767Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:35.152Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/37179fcc916bce8c3cc7b36d67ef814cce55142b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6b2e428e673b3f55965674a426c40922e91388aa"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8d2ad999ca3c64cb08cf6a58d227b9d9e746d708"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/cxl/core/port.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "37179fcc916b",
              "status": "affected",
              "version": "8dd2bc0f8e02",
              "versionType": "git"
            },
            {
              "lessThan": "6b2e428e673b",
              "status": "affected",
              "version": "8dd2bc0f8e02",
              "versionType": "git"
            },
            {
              "lessThan": "8d2ad999ca3c",
              "status": "affected",
              "version": "8dd2bc0f8e02",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/cxl/core/port.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.18"
            },
            {
              "lessThan": "5.18",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/port: Fix delete_endpoint() vs parent unregistration race\n\nThe CXL subsystem, at cxl_mem -\u003eprobe() time, establishes a lineage of\nports (struct cxl_port objects) between an endpoint and the root of a\nCXL topology. Each port including the endpoint port is attached to the\ncxl_port driver.\n\nGiven that setup, it follows that when either any port in that lineage\ngoes through a cxl_port -\u003eremove() event, or the memdev goes through a\ncxl_mem -\u003eremove() event. The hierarchy below the removed port, or the\nentire hierarchy if the memdev is removed needs to come down.\n\nThe delete_endpoint() callback is careful to check whether it is being\ncalled to tear down the hierarchy, or if it is only being called to\nteardown the memdev because an ancestor port is going through\n-\u003eremove().\n\nThat care needs to take the device_lock() of the endpoint\u0027s parent.\nWhich requires 2 bugs to be fixed:\n\n1/ A reference on the parent is needed to prevent use-after-free\n   scenarios like this signature:\n\n    BUG: spinlock bad magic on CPU#0, kworker/u56:0/11\n    Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS edk2-20230524-3.fc38 05/24/2023\n    Workqueue: cxl_port detach_memdev [cxl_core]\n    RIP: 0010:spin_bug+0x65/0xa0\n    Call Trace:\n      do_raw_spin_lock+0x69/0xa0\n     __mutex_lock+0x695/0xb80\n     delete_endpoint+0xad/0x150 [cxl_core]\n     devres_release_all+0xb8/0x110\n     device_unbind_cleanup+0xe/0x70\n     device_release_driver_internal+0x1d2/0x210\n     detach_memdev+0x15/0x20 [cxl_core]\n     process_one_work+0x1e3/0x4c0\n     worker_thread+0x1dd/0x3d0\n\n2/ In the case of RCH topologies, the parent device that needs to be\n   locked is not always @port-\u003edev as returned by cxl_mem_find_port(), use\n   endpoint-\u003edev.parent instead."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:52:23.113Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/37179fcc916bce8c3cc7b36d67ef814cce55142b"
        },
        {
          "url": "https://git.kernel.org/stable/c/6b2e428e673b3f55965674a426c40922e91388aa"
        },
        {
          "url": "https://git.kernel.org/stable/c/8d2ad999ca3c64cb08cf6a58d227b9d9e746d708"
        }
      ],
      "title": "cxl/port: Fix delete_endpoint() vs parent unregistration race",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52771",
    "datePublished": "2024-05-21T15:30:53.629Z",
    "dateReserved": "2024-05-21T15:19:24.239Z",
    "dateUpdated": "2024-11-05T21:33:44.767Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47467

Vulnerability from cvelistv5

Published

2024-05-22 06:23

Modified

2024-11-05 15:29

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

kunit: fix reference count leak in kfree_at_end

References

▼	URL	Tags
	https://git.kernel.org/stable/c/bbdd158b40b66a9403391a517f24ef6613573446
	https://git.kernel.org/stable/c/f62314b1ced25c58b86e044fc951cd6a1ea234cf

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47467",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T15:53:40.956714Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-05T15:29:17.938Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.605Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bbdd158b40b66a9403391a517f24ef6613573446"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f62314b1ced25c58b86e044fc951cd6a1ea234cf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "lib/kunit/executor_test.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "bbdd158b40b6",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "f62314b1ced2",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "lib/kunit/executor_test.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkunit: fix reference count leak in kfree_at_end\n\nThe reference counting issue happens in the normal path of\nkfree_at_end(). When kunit_alloc_and_get_resource() is invoked, the\nfunction forgets to handle the returned resource object, whose refcount\nincreased inside, causing a refcount leak.\n\nFix this issue by calling kunit_alloc_resource() instead of\nkunit_alloc_and_get_resource().\n\nFixed the following when applying:\nShuah Khan \u003cskhan@linuxfoundation.org\u003e\n\nCHECK: Alignment should match open parenthesis\n+\tkunit_alloc_resource(test, NULL, kfree_res_free, GFP_KERNEL,\n \t\t\t\t     (void *)to_free);"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:06:30.762Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/bbdd158b40b66a9403391a517f24ef6613573446"
        },
        {
          "url": "https://git.kernel.org/stable/c/f62314b1ced25c58b86e044fc951cd6a1ea234cf"
        }
      ],
      "title": "kunit: fix reference count leak in kfree_at_end",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47467",
    "datePublished": "2024-05-22T06:23:26.324Z",
    "dateReserved": "2024-05-22T06:20:56.198Z",
    "dateUpdated": "2024-11-05T15:29:17.938Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from csaf_certbund

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5