Action not permitted
Modal body text goes here.
wid-sec-w-2024-1418
Vulnerability from csaf_certbund
Published
2024-06-19 22:00
Modified
2024-07-24 22:00
Summary
Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1418 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1418.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1418 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1418"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47573 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061911-CVE-2021-47573-5c43@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47574 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061914-CVE-2021-47574-18b4@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47575 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061914-CVE-2021-47575-a011@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47576 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061914-CVE-2021-47576-5f60@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47577 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061915-CVE-2021-47577-c4c7@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47578 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061915-CVE-2021-47578-e81a@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47579 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061915-CVE-2021-47579-4f78@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47580 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061916-CVE-2021-47580-eac9@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47581 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061916-CVE-2021-47581-1d34@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47582 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061916-CVE-2021-47582-69aa@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47583 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061916-CVE-2021-47583-b02c@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47584 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061917-CVE-2021-47584-5246@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47585 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061917-CVE-2021-47585-0a6a@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47586 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061917-CVE-2021-47586-69ce@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47587 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061918-CVE-2021-47587-9146@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47588 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061918-CVE-2021-47588-7298@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47589 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061918-CVE-2021-47589-d405@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47590 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061919-CVE-2021-47590-6db0@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47591 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061919-CVE-2021-47591-955a@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47592 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061919-CVE-2021-47592-7ca6@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47593 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061919-CVE-2021-47593-a7a7@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47594 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061920-CVE-2021-47594-953e@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47595 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061920-CVE-2021-47595-e9f3@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47596 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061920-CVE-2021-47596-cd94@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47597 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061921-CVE-2021-47597-7dd2@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47598 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061921-CVE-2021-47598-3fad@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47599 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061921-CVE-2021-47599-37b9@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47600 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061922-CVE-2021-47600-5cc4@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47601 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061922-CVE-2021-47601-5e15@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47602 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061922-CVE-2021-47602-d8dc@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47603 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061922-CVE-2021-47603-ec18@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47604 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061923-CVE-2021-47604-e309@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47605 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061923-CVE-2021-47605-3d20@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47606 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061923-CVE-2021-47606-daa5@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47607 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061924-CVE-2021-47607-0fbd@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47608 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061924-CVE-2021-47608-f4eb@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47609 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061907-CVE-2021-47609-5ebf@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47610 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061907-CVE-2021-47610-ed0a@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47611 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061907-CVE-2021-47611-907d@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47612 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061908-CVE-2021-47612-1c98@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47613 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061908-CVE-2021-47613-47d5@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47614 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061908-CVE-2021-47614-6dd2@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47615 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061909-CVE-2021-47615-3c6a@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-47616 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061909-CVE-2021-47616-5ee0@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-36979 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061945-CVE-2024-36979-b4a6@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38538 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061947-CVE-2024-38538-e28a@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38539 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061947-CVE-2024-38539-5ae1@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38540 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061947-CVE-2024-38540-1d0a@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38541 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061948-CVE-2024-38541-53d0@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38542 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061948-CVE-2024-38542-2481@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38543 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061948-CVE-2024-38543-ff2e@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38544 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061949-CVE-2024-38544-601b@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38545 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061949-CVE-2024-38545-7161@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38546 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061949-CVE-2024-38546-ce19@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38547 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061950-CVE-2024-38547-176a@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38548 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061950-CVE-2024-38548-29a5@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38549 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061950-CVE-2024-38549-6ae4@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38550 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061950-CVE-2024-38550-a20b@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38551 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061951-CVE-2024-38551-babb@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38552 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061951-CVE-2024-38552-dba6@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38553 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061951-CVE-2024-38553-2e34@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38554 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061952-CVE-2024-38554-29b0@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38555 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061952-CVE-2024-38555-aefb@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38556 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061952-CVE-2024-38556-8afa@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38557 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061953-CVE-2024-38557-2cb9@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38558 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061953-CVE-2024-38558-ddfd@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38559 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061953-CVE-2024-38559-3e03@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38560 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061953-CVE-2024-38560-f0a2@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38561 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061954-CVE-2024-38561-2505@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38562 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061954-CVE-2024-38562-21d9@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38563 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061954-CVE-2024-38563-2c2e@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38564 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061955-CVE-2024-38564-b069@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38565 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061955-CVE-2024-38565-9d22@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38566 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061955-CVE-2024-38566-0ac6@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38567 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061956-CVE-2024-38567-5724@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38568 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061956-CVE-2024-38568-86e2@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38569 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061956-CVE-2024-38569-2a26@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38570 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061956-CVE-2024-38570-a8ef@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38571 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061957-CVE-2024-38571-fbe7@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38572 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061957-CVE-2024-38572-28d5@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38573 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061957-CVE-2024-38573-d4b6@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38574 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061958-CVE-2024-38574-d9a9@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38575 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061946-CVE-2024-38575-8b6b@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38576 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061946-CVE-2024-38576-a4a4@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38577 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061947-CVE-2024-38577-7369@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38578 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061947-CVE-2024-38578-6bf2@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38579 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061947-CVE-2024-38579-e96a@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38580 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061948-CVE-2024-38580-d87f@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38581 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061948-CVE-2024-38581-592d@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38582 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061948-CVE-2024-38582-6165@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38583 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061948-CVE-2024-38583-9fb7@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38584 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061949-CVE-2024-38584-6a99@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38585 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061949-CVE-2024-38585-4af2@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38586 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061949-CVE-2024-38586-70d6@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38587 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061950-CVE-2024-38587-46ec@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38588 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061950-CVE-2024-38588-f908@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38589 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061954-CVE-2024-38589-de10@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38590 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061954-CVE-2024-38590-55eb@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38591 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061954-CVE-2024-38591-a4ae@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38592 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061955-CVE-2024-38592-5b29@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38593 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061955-CVE-2024-38593-8b0e@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38594 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061955-CVE-2024-38594-75c8@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38595 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061955-CVE-2024-38595-0721@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38596 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061956-CVE-2024-38596-f660@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38597 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061956-CVE-2024-38597-ad49@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38598 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061956-CVE-2024-38598-8629@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38599 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061957-CVE-2024-38599-9b9d@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38600 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061957-CVE-2024-38600-aa7e@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38601 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061923-CVE-2024-38601-dc52@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38602 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061924-CVE-2024-38602-e098@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38603 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061924-CVE-2024-38603-e1f0@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38604 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061924-CVE-2024-38604-a738@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38605 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061925-CVE-2024-38605-3dc4@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38606 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061925-CVE-2024-38606-6148@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38607 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061925-CVE-2024-38607-089e@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38608 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061920-CVE-2024-38608-4068@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38609 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061921-CVE-2024-38609-1fad@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38610 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061921-CVE-2024-38610-21f9@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38611 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061921-CVE-2024-38611-bb0f@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38612 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061922-CVE-2024-38612-7fc1@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38613 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061922-CVE-2024-38613-abc6@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38614 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061922-CVE-2024-38614-50ce@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38615 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061922-CVE-2024-38615-0d4c@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38616 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061923-CVE-2024-38616-5632@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38617 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061923-CVE-2024-38617-5530@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38618 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024061923-CVE-2024-38618-35a9@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement vom 2024-06-19",
"url": "https://kernel.org/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38620 vom 2024-06-19",
"url": "https://lore.kernel.org/linux-cve-announce/2024062047-CVE-2024-38620-64ef@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2024-38619 vom 2024-06-19",
"url": "http://lore.kernel.org/linux-cve-announce/2024062035-CVE-2024-38619-97c7@gregkh/"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3840 vom 2024-06-27",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2360-1 vom 2024-07-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018907.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2372-1 vom 2024-07-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018901.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2362-1 vom 2024-07-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018905.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2365-1 vom 2024-07-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018897.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2381-1 vom 2024-07-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018916.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2384-1 vom 2024-07-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018921.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2394-1 vom 2024-07-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018922.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2385-1 vom 2024-07-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018920.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4533 vom 2024-07-15",
"url": "https://access.redhat.com/errata/RHSA-2024:4533"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4554 vom 2024-07-16",
"url": "https://access.redhat.com/errata/RHSA-2024:4554"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5730 vom 2024-07-16",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00141.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2493-1 vom 2024-07-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018984.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2495-1 vom 2024-07-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018982.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4583 vom 2024-07-17",
"url": "https://access.redhat.com/errata/RHSA-2024:4583"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5731 vom 2024-07-17",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00142.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2561-1 vom 2024-07-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019001.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-4583 vom 2024-07-19",
"url": "https://linux.oracle.com/errata/ELSA-2024-4583.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2571-1 vom 2024-07-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019019.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4823 vom 2024-07-24",
"url": "https://access.redhat.com/errata/RHSA-2024:4823"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4831 vom 2024-07-24",
"url": "https://access.redhat.com/errata/RHSA-2024:4831"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen erm\u00f6glichen nicht spezifizierten Angriff",
"tracking": {
"current_release_date": "2024-07-24T22:00:00.000+00:00",
"generator": {
"date": "2024-07-25T08:33:07.192+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2024-1418",
"initial_release_date": "2024-06-19T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-06-19T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-06-27T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2024-07-09T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-07-10T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-07-14T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-15T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat und Debian aufgenommen"
},
{
"date": "2024-07-16T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat und Debian aufgenommen"
},
{
"date": "2024-07-18T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
},
{
"date": "2024-07-22T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-07-24T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "10"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T035582",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47573",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47573"
},
{
"cve": "CVE-2021-47574",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47574"
},
{
"cve": "CVE-2021-47575",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47575"
},
{
"cve": "CVE-2021-47576",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47576"
},
{
"cve": "CVE-2021-47577",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47577"
},
{
"cve": "CVE-2021-47578",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47578"
},
{
"cve": "CVE-2021-47579",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47579"
},
{
"cve": "CVE-2021-47580",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47580"
},
{
"cve": "CVE-2021-47581",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47581"
},
{
"cve": "CVE-2021-47582",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47582"
},
{
"cve": "CVE-2021-47583",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47583"
},
{
"cve": "CVE-2021-47584",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47584"
},
{
"cve": "CVE-2021-47585",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47585"
},
{
"cve": "CVE-2021-47586",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47586"
},
{
"cve": "CVE-2021-47587",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47587"
},
{
"cve": "CVE-2021-47588",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47588"
},
{
"cve": "CVE-2021-47589",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47589"
},
{
"cve": "CVE-2021-47590",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47590"
},
{
"cve": "CVE-2021-47591",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47591"
},
{
"cve": "CVE-2021-47592",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47592"
},
{
"cve": "CVE-2021-47593",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47593"
},
{
"cve": "CVE-2021-47594",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47594"
},
{
"cve": "CVE-2021-47595",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47595"
},
{
"cve": "CVE-2021-47596",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47596"
},
{
"cve": "CVE-2021-47597",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47597"
},
{
"cve": "CVE-2021-47598",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47598"
},
{
"cve": "CVE-2021-47599",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47599"
},
{
"cve": "CVE-2021-47600",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47600"
},
{
"cve": "CVE-2021-47601",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47601"
},
{
"cve": "CVE-2021-47602",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47602"
},
{
"cve": "CVE-2021-47603",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47603"
},
{
"cve": "CVE-2021-47604",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47604"
},
{
"cve": "CVE-2021-47605",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47605"
},
{
"cve": "CVE-2021-47606",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47606"
},
{
"cve": "CVE-2021-47607",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47607"
},
{
"cve": "CVE-2021-47608",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47608"
},
{
"cve": "CVE-2021-47609",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47609"
},
{
"cve": "CVE-2021-47610",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47610"
},
{
"cve": "CVE-2021-47611",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47611"
},
{
"cve": "CVE-2021-47612",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47612"
},
{
"cve": "CVE-2021-47613",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47613"
},
{
"cve": "CVE-2021-47614",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47614"
},
{
"cve": "CVE-2021-47615",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47615"
},
{
"cve": "CVE-2021-47616",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47616"
},
{
"cve": "CVE-2021-47617",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47617"
},
{
"cve": "CVE-2021-47618",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47618"
},
{
"cve": "CVE-2021-47619",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47619"
},
{
"cve": "CVE-2021-47620",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2021-47620"
},
{
"cve": "CVE-2024-36979",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-36979"
},
{
"cve": "CVE-2024-38538",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38538"
},
{
"cve": "CVE-2024-38539",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38539"
},
{
"cve": "CVE-2024-38540",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38540"
},
{
"cve": "CVE-2024-38541",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38541"
},
{
"cve": "CVE-2024-38542",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38542"
},
{
"cve": "CVE-2024-38543",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38543"
},
{
"cve": "CVE-2024-38544",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38544"
},
{
"cve": "CVE-2024-38545",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38545"
},
{
"cve": "CVE-2024-38546",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38546"
},
{
"cve": "CVE-2024-38547",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38547"
},
{
"cve": "CVE-2024-38548",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38548"
},
{
"cve": "CVE-2024-38549",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38549"
},
{
"cve": "CVE-2024-38550",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38550"
},
{
"cve": "CVE-2024-38551",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38551"
},
{
"cve": "CVE-2024-38552",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38552"
},
{
"cve": "CVE-2024-38553",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38553"
},
{
"cve": "CVE-2024-38554",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38554"
},
{
"cve": "CVE-2024-38555",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38555"
},
{
"cve": "CVE-2024-38556",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38556"
},
{
"cve": "CVE-2024-38557",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38557"
},
{
"cve": "CVE-2024-38558",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38558"
},
{
"cve": "CVE-2024-38559",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38559"
},
{
"cve": "CVE-2024-38560",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38560"
},
{
"cve": "CVE-2024-38561",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38561"
},
{
"cve": "CVE-2024-38562",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38562"
},
{
"cve": "CVE-2024-38563",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38563"
},
{
"cve": "CVE-2024-38564",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38564"
},
{
"cve": "CVE-2024-38565",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38565"
},
{
"cve": "CVE-2024-38566",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38566"
},
{
"cve": "CVE-2024-38567",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38567"
},
{
"cve": "CVE-2024-38568",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38568"
},
{
"cve": "CVE-2024-38569",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38569"
},
{
"cve": "CVE-2024-38570",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38570"
},
{
"cve": "CVE-2024-38571",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38571"
},
{
"cve": "CVE-2024-38572",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38572"
},
{
"cve": "CVE-2024-38573",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38573"
},
{
"cve": "CVE-2024-38574",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38574"
},
{
"cve": "CVE-2024-38575",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38575"
},
{
"cve": "CVE-2024-38576",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38576"
},
{
"cve": "CVE-2024-38577",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38577"
},
{
"cve": "CVE-2024-38578",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38578"
},
{
"cve": "CVE-2024-38579",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38579"
},
{
"cve": "CVE-2024-38580",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38580"
},
{
"cve": "CVE-2024-38581",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38581"
},
{
"cve": "CVE-2024-38582",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38582"
},
{
"cve": "CVE-2024-38583",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38583"
},
{
"cve": "CVE-2024-38584",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38584"
},
{
"cve": "CVE-2024-38585",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38585"
},
{
"cve": "CVE-2024-38586",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38586"
},
{
"cve": "CVE-2024-38587",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38587"
},
{
"cve": "CVE-2024-38588",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38588"
},
{
"cve": "CVE-2024-38589",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38589"
},
{
"cve": "CVE-2024-38590",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38590"
},
{
"cve": "CVE-2024-38591",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38591"
},
{
"cve": "CVE-2024-38592",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38592"
},
{
"cve": "CVE-2024-38593",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38593"
},
{
"cve": "CVE-2024-38594",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38594"
},
{
"cve": "CVE-2024-38595",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38595"
},
{
"cve": "CVE-2024-38596",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38596"
},
{
"cve": "CVE-2024-38597",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38597"
},
{
"cve": "CVE-2024-38598",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38598"
},
{
"cve": "CVE-2024-38599",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38599"
},
{
"cve": "CVE-2024-38600",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38600"
},
{
"cve": "CVE-2024-38601",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38601"
},
{
"cve": "CVE-2024-38602",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38602"
},
{
"cve": "CVE-2024-38603",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38603"
},
{
"cve": "CVE-2024-38604",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38604"
},
{
"cve": "CVE-2024-38605",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38605"
},
{
"cve": "CVE-2024-38606",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38606"
},
{
"cve": "CVE-2024-38607",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38607"
},
{
"cve": "CVE-2024-38608",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38608"
},
{
"cve": "CVE-2024-38609",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38609"
},
{
"cve": "CVE-2024-38610",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38610"
},
{
"cve": "CVE-2024-38611",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38611"
},
{
"cve": "CVE-2024-38612",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38612"
},
{
"cve": "CVE-2024-38613",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38613"
},
{
"cve": "CVE-2024-38614",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38614"
},
{
"cve": "CVE-2024-38615",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38615"
},
{
"cve": "CVE-2024-38616",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38616"
},
{
"cve": "CVE-2024-38617",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38617"
},
{
"cve": "CVE-2024-38618",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38618"
},
{
"cve": "CVE-2024-38619",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38619"
},
{
"cve": "CVE-2024-38620",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T035582",
"T004914"
]
},
"release_date": "2024-06-19T22:00:00Z",
"title": "CVE-2024-38620"
}
]
}
cve-2024-38604
Vulnerability from cvelistv5
Published
2024-06-19 13:48
Modified
2024-08-02 04:12
Severity
Summary
block: refine the EOF check in blkdev_iomap_begin
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38604",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T19:44:24.833143Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T19:44:35.788Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.158Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/910717920c8c3f9386277a44c44d448058a18084"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/72c54e063c32aeb38d43a2bd897821e6e5a1757d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/10b723bcba8986537a484aa94dbfc9093fd776a1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0c12028aec837f5a002009bbf68d179d506510e8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"block/fops.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "910717920c8c",
"status": "affected",
"version": "487c607df790",
"versionType": "git"
},
{
"lessThan": "72c54e063c32",
"status": "affected",
"version": "487c607df790",
"versionType": "git"
},
{
"lessThan": "10b723bcba89",
"status": "affected",
"version": "487c607df790",
"versionType": "git"
},
{
"lessThan": "0c12028aec83",
"status": "affected",
"version": "487c607df790",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"block/fops.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.6"
},
{
"lessThan": "6.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: refine the EOF check in blkdev_iomap_begin\n\nblkdev_iomap_begin rounds down the offset to the logical block size\nbefore stashing it in iomap-\u003eoffset and checking that it still is\ninside the inode size.\n\nCheck the i_size check to the raw pos value so that we don\u0027t try a\nzero size write if iter-\u003epos is unaligned."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:54.539Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/910717920c8c3f9386277a44c44d448058a18084"
},
{
"url": "https://git.kernel.org/stable/c/72c54e063c32aeb38d43a2bd897821e6e5a1757d"
},
{
"url": "https://git.kernel.org/stable/c/10b723bcba8986537a484aa94dbfc9093fd776a1"
},
{
"url": "https://git.kernel.org/stable/c/0c12028aec837f5a002009bbf68d179d506510e8"
}
],
"title": "block: refine the EOF check in blkdev_iomap_begin",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38604",
"datePublished": "2024-06-19T13:48:15.099Z",
"dateReserved": "2024-06-18T19:36:34.933Z",
"dateUpdated": "2024-08-02T04:12:26.158Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47612
Vulnerability from cvelistv5
Published
2024-06-19 14:58
Modified
2024-08-04 05:47
Severity
Summary
nfc: fix segfault in nfc_genl_dump_devices_done
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47612",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:23:29.231566Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T13:23:59.243Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ea55b3797878752aa076b118afb727dcf79cac34"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/214af18abbe39db05beb305b2d11e87d09a6529c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6644989642844de830f9b072cd65c553cb55946c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2a8845b9603c545fddd17862282dc4c4ce0971e3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d731ecc6f2eaec68f4ad1542283bbc7d07bd0112"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c602863ad28ec86794cb4ab4edea5324f555f181"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d89e4211b51752daf063d638af50abed2fd5f96d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fd79a0cbf0b2e34bcc45b13acf962e2032a82203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/nfc/netlink.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ea55b3797878",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "214af18abbe3",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "664498964284",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "2a8845b9603c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "d731ecc6f2ea",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "c602863ad28e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "d89e4211b517",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "fd79a0cbf0b2",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/nfc/netlink.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"version": "4.4.296",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.294",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.259",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.222",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.167",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.87",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.10",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: fix segfault in nfc_genl_dump_devices_done\n\nWhen kmalloc in nfc_genl_dump_devices() fails then\nnfc_genl_dump_devices_done() segfaults as below\n\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\nCPU: 0 PID: 25 Comm: kworker/0:1 Not tainted 5.16.0-rc4-01180-g2a987e65025e-dirty #5\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-6.fc35 04/01/2014\nWorkqueue: events netlink_sock_destruct_work\nRIP: 0010:klist_iter_exit+0x26/0x80\nCall Trace:\n\u003cTASK\u003e\nclass_dev_iter_exit+0x15/0x20\nnfc_genl_dump_devices_done+0x3b/0x50\ngenl_lock_done+0x84/0xd0\nnetlink_sock_destruct+0x8f/0x270\n__sk_destruct+0x64/0x3b0\nsk_destruct+0xa8/0xd0\n__sk_free+0x2e8/0x3d0\nsk_free+0x51/0x90\nnetlink_sock_destruct_work+0x1c/0x20\nprocess_one_work+0x411/0x710\nworker_thread+0x6fd/0xa80"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:58:01.108Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ea55b3797878752aa076b118afb727dcf79cac34"
},
{
"url": "https://git.kernel.org/stable/c/214af18abbe39db05beb305b2d11e87d09a6529c"
},
{
"url": "https://git.kernel.org/stable/c/6644989642844de830f9b072cd65c553cb55946c"
},
{
"url": "https://git.kernel.org/stable/c/2a8845b9603c545fddd17862282dc4c4ce0971e3"
},
{
"url": "https://git.kernel.org/stable/c/d731ecc6f2eaec68f4ad1542283bbc7d07bd0112"
},
{
"url": "https://git.kernel.org/stable/c/c602863ad28ec86794cb4ab4edea5324f555f181"
},
{
"url": "https://git.kernel.org/stable/c/d89e4211b51752daf063d638af50abed2fd5f96d"
},
{
"url": "https://git.kernel.org/stable/c/fd79a0cbf0b2e34bcc45b13acf962e2032a82203"
}
],
"title": "nfc: fix segfault in nfc_genl_dump_devices_done",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47612",
"datePublished": "2024-06-19T14:58:01.108Z",
"dateReserved": "2024-06-19T14:55:32.795Z",
"dateUpdated": "2024-08-04T05:47:40.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38573
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
cppc_cpufreq: Fix possible null pointer dereference
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "9a185cc5a79b",
"status": "affected",
"version": "a28b2bfc099c",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "769c4f355b79",
"status": "affected",
"version": "a28b2bfc099c",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "f84b9b25d045",
"status": "affected",
"version": "a28b2bfc099c",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "b18daa4ec727",
"status": "affected",
"version": "a28b2bfc099c",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "dfec15222529",
"status": "affected",
"version": "a28b2bfc099c",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:acrn:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrn",
"vendor": "linux",
"versions": [
{
"lessThan": "cf7de25878a1",
"status": "affected",
"version": "a28b2bfc099c",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "5.11"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "5.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.16",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.2",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.7",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.9",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.10",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unaffected",
"version": "6.10-rc1"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-38573",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-27T18:10:54.548059Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-27T18:33:09.094Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9a185cc5a79ba408e1c73375706630662304f618"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/769c4f355b7962895205b86ad35617873feef9a5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f84b9b25d045e67a7eee5e73f21278c8ab06713c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b18daa4ec727c0266de5bfc78e818d168cc4aedf"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dfec15222529d22b15e5b0d63572a9e39570cab4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cf7de25878a1f4508c69dc9f6819c21ba177dbfe"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/cpufreq/cppc_cpufreq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "9a185cc5a79b",
"status": "affected",
"version": "a28b2bfc099c",
"versionType": "git"
},
{
"lessThan": "769c4f355b79",
"status": "affected",
"version": "a28b2bfc099c",
"versionType": "git"
},
{
"lessThan": "f84b9b25d045",
"status": "affected",
"version": "a28b2bfc099c",
"versionType": "git"
},
{
"lessThan": "b18daa4ec727",
"status": "affected",
"version": "a28b2bfc099c",
"versionType": "git"
},
{
"lessThan": "dfec15222529",
"status": "affected",
"version": "a28b2bfc099c",
"versionType": "git"
},
{
"lessThan": "cf7de25878a1",
"status": "affected",
"version": "a28b2bfc099c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/cpufreq/cppc_cpufreq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.11"
},
{
"lessThan": "5.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncppc_cpufreq: Fix possible null pointer dereference\n\ncppc_cpufreq_get_rate() and hisi_cppc_cpufreq_get_rate() can be called from\ndifferent places with various parameters. So cpufreq_cpu_get() can return\nnull as \u0027policy\u0027 in some circumstances.\nFix this bug by adding null return check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:20.365Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/9a185cc5a79ba408e1c73375706630662304f618"
},
{
"url": "https://git.kernel.org/stable/c/769c4f355b7962895205b86ad35617873feef9a5"
},
{
"url": "https://git.kernel.org/stable/c/f84b9b25d045e67a7eee5e73f21278c8ab06713c"
},
{
"url": "https://git.kernel.org/stable/c/b18daa4ec727c0266de5bfc78e818d168cc4aedf"
},
{
"url": "https://git.kernel.org/stable/c/dfec15222529d22b15e5b0d63572a9e39570cab4"
},
{
"url": "https://git.kernel.org/stable/c/cf7de25878a1f4508c69dc9f6819c21ba177dbfe"
}
],
"title": "cppc_cpufreq: Fix possible null pointer dereference",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38573",
"datePublished": "2024-06-19T13:35:38.334Z",
"dateReserved": "2024-06-18T19:36:34.924Z",
"dateUpdated": "2024-08-02T04:12:26.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38546
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
drm: vc4: Fix possible null pointer dereference
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2d9adecc88ab678785b581ab021f039372c324cb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6cf1874aec42058a5ad621a23b5b2f248def0e96"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/80431ea3634efb47a3004305d76486db9dd8ed49"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/42c22b63056cea259d5313bf138a834840af85a5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2a345fe928c21de6f3c3c7230ff509d715153a31"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bd7827d46d403f8cdb43d16744cb1114e4726b21"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c534b63bede6cb987c2946ed4d0b0013a52c5ba7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/vc4/vc4_hdmi.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "2d9adecc88ab",
"status": "affected",
"version": "bb7d78568814",
"versionType": "git"
},
{
"lessThan": "6cf1874aec42",
"status": "affected",
"version": "bb7d78568814",
"versionType": "git"
},
{
"lessThan": "80431ea3634e",
"status": "affected",
"version": "bb7d78568814",
"versionType": "git"
},
{
"lessThan": "42c22b63056c",
"status": "affected",
"version": "bb7d78568814",
"versionType": "git"
},
{
"lessThan": "2a345fe928c2",
"status": "affected",
"version": "bb7d78568814",
"versionType": "git"
},
{
"lessThan": "bd7827d46d40",
"status": "affected",
"version": "bb7d78568814",
"versionType": "git"
},
{
"lessThan": "c534b63bede6",
"status": "affected",
"version": "bb7d78568814",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/vc4/vc4_hdmi.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.12"
},
{
"lessThan": "4.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: vc4: Fix possible null pointer dereference\n\nIn vc4_hdmi_audio_init() of_get_address() may return\nNULL which is later dereferenced. Fix this bug by adding NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:48.252Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/2d9adecc88ab678785b581ab021f039372c324cb"
},
{
"url": "https://git.kernel.org/stable/c/6cf1874aec42058a5ad621a23b5b2f248def0e96"
},
{
"url": "https://git.kernel.org/stable/c/80431ea3634efb47a3004305d76486db9dd8ed49"
},
{
"url": "https://git.kernel.org/stable/c/42c22b63056cea259d5313bf138a834840af85a5"
},
{
"url": "https://git.kernel.org/stable/c/2a345fe928c21de6f3c3c7230ff509d715153a31"
},
{
"url": "https://git.kernel.org/stable/c/bd7827d46d403f8cdb43d16744cb1114e4726b21"
},
{
"url": "https://git.kernel.org/stable/c/c534b63bede6cb987c2946ed4d0b0013a52c5ba7"
}
],
"title": "drm: vc4: Fix possible null pointer dereference",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38546",
"datePublished": "2024-06-19T13:35:20.024Z",
"dateReserved": "2024-06-18T19:36:34.919Z",
"dateUpdated": "2024-08-02T04:12:25.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38608
Vulnerability from cvelistv5
Published
2024-06-19 13:56
Modified
2024-08-02 04:12
Severity
Summary
net/mlx5e: Fix netif state handling
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38608",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T19:44:05.361644Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T19:44:14.283Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.957Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f7e6cfb864a53af71c5cc904f1cc22215d68f5c6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3d5918477f94e4c2f064567875c475468e264644"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/en_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f7e6cfb864a5",
"status": "affected",
"version": "2c3b5beec46a",
"versionType": "git"
},
{
"lessThan": "3d5918477f94",
"status": "affected",
"version": "2c3b5beec46a",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/en_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.12"
},
{
"lessThan": "4.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix netif state handling\n\nmlx5e_suspend cleans resources only if netif_device_present() returns\ntrue. However, mlx5e_resume changes the state of netif, via\nmlx5e_nic_enable, only if reg_state == NETREG_REGISTERED.\nIn the below case, the above leads to NULL-ptr Oops[1] and memory\nleaks:\n\nmlx5e_probe\n _mlx5e_resume\n mlx5e_attach_netdev\n mlx5e_nic_enable \u003c-- netdev not reg, not calling netif_device_attach()\n register_netdev \u003c-- failed for some reason.\nERROR_FLOW:\n _mlx5e_suspend \u003c-- netif_device_present return false, resources aren\u0027t freed :(\n\nHence, clean resources in this case as well.\n\n[1]\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: 0010 [#1] SMP\nCPU: 2 PID: 9345 Comm: test-ovs-ct-gen Not tainted 6.5.0_for_upstream_min_debug_2023_09_05_16_01 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at0xffffffffffffffd6.\nRSP: 0018:ffff888178aaf758 EFLAGS: 00010246\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x60\n ? page_fault_oops+0x14c/0x3c0\n ? exc_page_fault+0x75/0x140\n ? asm_exc_page_fault+0x22/0x30\n notifier_call_chain+0x35/0xb0\n blocking_notifier_call_chain+0x3d/0x60\n mlx5_blocking_notifier_call_chain+0x22/0x30 [mlx5_core]\n mlx5_core_uplink_netdev_event_replay+0x3e/0x60 [mlx5_core]\n mlx5_mdev_netdev_track+0x53/0x60 [mlx5_ib]\n mlx5_ib_roce_init+0xc3/0x340 [mlx5_ib]\n __mlx5_ib_add+0x34/0xd0 [mlx5_ib]\n mlx5r_probe+0xe1/0x210 [mlx5_ib]\n ? auxiliary_match_id+0x6a/0x90\n auxiliary_bus_probe+0x38/0x80\n ? driver_sysfs_add+0x51/0x80\n really_probe+0xc9/0x3e0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n bus_probe_device+0x86/0xa0\n device_add+0x637/0x840\n __auxiliary_device_add+0x3b/0xa0\n add_adev+0xc9/0x140 [mlx5_core]\n mlx5_rescan_drivers_locked+0x22a/0x310 [mlx5_core]\n mlx5_register_device+0x53/0xa0 [mlx5_core]\n mlx5_init_one_devl_locked+0x5c4/0x9c0 [mlx5_core]\n mlx5_init_one+0x3b/0x60 [mlx5_core]\n probe_one+0x44c/0x730 [mlx5_core]\n local_pci_probe+0x3e/0x90\n pci_device_probe+0xbf/0x210\n ? kernfs_create_link+0x5d/0xa0\n ? sysfs_do_create_link_sd+0x60/0xc0\n really_probe+0xc9/0x3e0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n pci_bus_add_device+0x54/0x80\n pci_iov_add_virtfn+0x2e6/0x320\n sriov_enable+0x208/0x420\n mlx5_core_sriov_configure+0x9e/0x200 [mlx5_core]\n sriov_numvfs_store+0xae/0x1a0\n kernfs_fop_write_iter+0x10c/0x1a0\n vfs_write+0x291/0x3c0\n ksys_write+0x5f/0xe0\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n CR2: 0000000000000000\n ---[ end trace 0000000000000000 ]---"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:59.099Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/f7e6cfb864a53af71c5cc904f1cc22215d68f5c6"
},
{
"url": "https://git.kernel.org/stable/c/3d5918477f94e4c2f064567875c475468e264644"
}
],
"title": "net/mlx5e: Fix netif state handling",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38608",
"datePublished": "2024-06-19T13:56:10.614Z",
"dateReserved": "2024-06-18T19:36:34.941Z",
"dateUpdated": "2024-08-02T04:12:25.957Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47603
Vulnerability from cvelistv5
Published
2024-06-19 14:54
Modified
2024-08-04 05:47
Severity
Summary
audit: improve robustness of the audit queue handling
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47603",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:46:15.530530Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T13:46:23.577Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/75fdb751f84727d614deea0571a1490c3225d83a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8389f50ceb854cb437fefb9330d5024ed3c7c1f5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0d3277eabd542fb662be23696e5ec9f390d688e1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4cc6badff97f74d0fce65f9784b5df3b64e4250b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a5f4d17daf2e6cd7c1d9676b476147f6b4ac53f2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f4b3ee3c85551d2d343a3ba159304066523f730f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/audit.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "75fdb751f847",
"status": "affected",
"version": "5b52330bbfe6",
"versionType": "git"
},
{
"lessThan": "8389f50ceb85",
"status": "affected",
"version": "5b52330bbfe6",
"versionType": "git"
},
{
"lessThan": "0d3277eabd54",
"status": "affected",
"version": "5b52330bbfe6",
"versionType": "git"
},
{
"lessThan": "4cc6badff97f",
"status": "affected",
"version": "5b52330bbfe6",
"versionType": "git"
},
{
"lessThan": "a5f4d17daf2e",
"status": "affected",
"version": "5b52330bbfe6",
"versionType": "git"
},
{
"lessThan": "f4b3ee3c8555",
"status": "affected",
"version": "5b52330bbfe6",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/audit.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.11"
},
{
"lessThan": "4.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.259",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.222",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.168",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\naudit: improve robustness of the audit queue handling\n\nIf the audit daemon were ever to get stuck in a stopped state the\nkernel\u0027s kauditd_thread() could get blocked attempting to send audit\nrecords to the userspace audit daemon. With the kernel thread\nblocked it is possible that the audit queue could grow unbounded as\ncertain audit record generating events must be exempt from the queue\nlimits else the system enter a deadlock state.\n\nThis patch resolves this problem by lowering the kernel thread\u0027s\nsocket sending timeout from MAX_SCHEDULE_TIMEOUT to HZ/10 and tweaks\nthe kauditd_send_queue() function to better manage the various audit\nqueues when connection problems occur between the kernel and the\naudit daemon. With this patch, the backlog may temporarily grow\nbeyond the defined limits when the audit daemon is stopped and the\nsystem is under heavy audit pressure, but kauditd_thread() will\ncontinue to make progress and drain the queues as it would for other\nconnection problems. For example, with the audit daemon put into a\nstopped state and the system configured to audit every syscall it\nwas still possible to shutdown the system without a kernel panic,\ndeadlock, etc.; granted, the system was slow to shutdown but that is\nto be expected given the extreme pressure of recording every syscall.\n\nThe timeout value of HZ/10 was chosen primarily through\nexperimentation and this developer\u0027s \"gut feeling\". There is likely\nno one perfect value, but as this scenario is limited in scope (root\nprivileges would be needed to send SIGSTOP to the audit daemon), it\nis likely not worth exposing this as a tunable at present. This can\nalways be done at a later date if it proves necessary."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:54:02.988Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/75fdb751f84727d614deea0571a1490c3225d83a"
},
{
"url": "https://git.kernel.org/stable/c/8389f50ceb854cb437fefb9330d5024ed3c7c1f5"
},
{
"url": "https://git.kernel.org/stable/c/0d3277eabd542fb662be23696e5ec9f390d688e1"
},
{
"url": "https://git.kernel.org/stable/c/4cc6badff97f74d0fce65f9784b5df3b64e4250b"
},
{
"url": "https://git.kernel.org/stable/c/a5f4d17daf2e6cd7c1d9676b476147f6b4ac53f2"
},
{
"url": "https://git.kernel.org/stable/c/f4b3ee3c85551d2d343a3ba159304066523f730f"
}
],
"title": "audit: improve robustness of the audit queue handling",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47603",
"datePublished": "2024-06-19T14:54:02.988Z",
"dateReserved": "2024-05-24T15:11:00.736Z",
"dateUpdated": "2024-08-04T05:47:40.675Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38547
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4b68b861b514a5c09220d622ac3784c0ebac6c80"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/82c2c85aead3ea3cbceef4be077cf459c5df2272"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a1ab99dcc8604afe7e3bccb01b10da03bdd7ea35"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cc20c87b04db86c8e3e810bcdca686b406206069"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/69b27ff82f87379afeaaea4b2f339032fdd8486e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6482c433863b257b0b9b687c28ce80b89d5f89f0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3b621e9e9e148c0928ab109ac3d4b81487469acb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/staging/media/atomisp/pci/sh_css.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "4b68b861b514",
"status": "affected",
"version": "a49d25364dfb",
"versionType": "git"
},
{
"lessThan": "82c2c85aead3",
"status": "affected",
"version": "a49d25364dfb",
"versionType": "git"
},
{
"lessThan": "a1ab99dcc860",
"status": "affected",
"version": "a49d25364dfb",
"versionType": "git"
},
{
"lessThan": "cc20c87b04db",
"status": "affected",
"version": "a49d25364dfb",
"versionType": "git"
},
{
"lessThan": "69b27ff82f87",
"status": "affected",
"version": "a49d25364dfb",
"versionType": "git"
},
{
"lessThan": "6482c433863b",
"status": "affected",
"version": "a49d25364dfb",
"versionType": "git"
},
{
"lessThan": "3b621e9e9e14",
"status": "affected",
"version": "a49d25364dfb",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/staging/media/atomisp/pci/sh_css.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.12"
},
{
"lessThan": "4.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries\n\nThe allocation failure of mycs-\u003eyuv_scaler_binary in load_video_binaries()\nis followed with a dereference of mycs-\u003eyuv_scaler_binary after the\nfollowing call chain:\n\nsh_css_pipe_load_binaries()\n |-\u003e load_video_binaries(mycs-\u003eyuv_scaler_binary == NULL)\n |\n |-\u003e sh_css_pipe_unload_binaries()\n |-\u003e unload_video_binaries()\n\nIn unload_video_binaries(), it calls to ia_css_binary_unload with argument\n\u0026pipe-\u003epipe_settings.video.yuv_scaler_binary[i], which refers to the\nsame memory slot as mycs-\u003eyuv_scaler_binary. Thus, a null-pointer\ndereference is triggered."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:49.414Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/4b68b861b514a5c09220d622ac3784c0ebac6c80"
},
{
"url": "https://git.kernel.org/stable/c/82c2c85aead3ea3cbceef4be077cf459c5df2272"
},
{
"url": "https://git.kernel.org/stable/c/a1ab99dcc8604afe7e3bccb01b10da03bdd7ea35"
},
{
"url": "https://git.kernel.org/stable/c/cc20c87b04db86c8e3e810bcdca686b406206069"
},
{
"url": "https://git.kernel.org/stable/c/69b27ff82f87379afeaaea4b2f339032fdd8486e"
},
{
"url": "https://git.kernel.org/stable/c/6482c433863b257b0b9b687c28ce80b89d5f89f0"
},
{
"url": "https://git.kernel.org/stable/c/3b621e9e9e148c0928ab109ac3d4b81487469acb"
}
],
"title": "media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38547",
"datePublished": "2024-06-19T13:35:20.689Z",
"dateReserved": "2024-06-18T19:36:34.919Z",
"dateUpdated": "2024-08-02T04:12:25.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47585
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:39
Severity
Summary
btrfs: fix memory leak in __add_inode_ref()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47585",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T18:08:01.516987Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T18:08:15.557Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:39:59.778Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/005d9292b5b2e71a009f911bd85d755009b37242"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/493ff661d434d6bdf02e3a21adae04d7a0b4265d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f35838a6930296fc1988764cfa54cb3f705c0665"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/btrfs/tree-log.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "005d9292b5b2",
"status": "affected",
"version": "d3316c8233bb",
"versionType": "git"
},
{
"lessThan": "493ff661d434",
"status": "affected",
"version": "d3316c8233bb",
"versionType": "git"
},
{
"lessThan": "f35838a69302",
"status": "affected",
"version": "d3316c8233bb",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/btrfs/tree-log.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.5"
},
{
"lessThan": "5.5",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix memory leak in __add_inode_ref()\n\nLine 1169 (#3) allocates a memory chunk for victim_name by kmalloc(),\nbut when the function returns in line 1184 (#4) victim_name allocated\nby line 1169 (#3) is not freed, which will lead to a memory leak.\nThere is a similar snippet of code in this function as allocating a memory\nchunk for victim_name in line 1104 (#1) as well as releasing the memory\nin line 1116 (#2).\n\nWe should kfree() victim_name when the return value of backref_in_log()\nis less than zero and before the function returns in line 1184 (#4).\n\n1057 static inline int __add_inode_ref(struct btrfs_trans_handle *trans,\n1058 \t\t\t\t struct btrfs_root *root,\n1059 \t\t\t\t struct btrfs_path *path,\n1060 \t\t\t\t struct btrfs_root *log_root,\n1061 \t\t\t\t struct btrfs_inode *dir,\n1062 \t\t\t\t struct btrfs_inode *inode,\n1063 \t\t\t\t u64 inode_objectid, u64 parent_objectid,\n1064 \t\t\t\t u64 ref_index, char *name, int namelen,\n1065 \t\t\t\t int *search_done)\n1066 {\n\n1104 \tvictim_name = kmalloc(victim_name_len, GFP_NOFS);\n\t// #1: kmalloc (victim_name-1)\n1105 \tif (!victim_name)\n1106 \t\treturn -ENOMEM;\n\n1112\tret = backref_in_log(log_root, \u0026search_key,\n1113\t\t\tparent_objectid, victim_name,\n1114\t\t\tvictim_name_len);\n1115\tif (ret \u003c 0) {\n1116\t\tkfree(victim_name); // #2: kfree (victim_name-1)\n1117\t\treturn ret;\n1118\t} else if (!ret) {\n\n1169 \tvictim_name = kmalloc(victim_name_len, GFP_NOFS);\n\t// #3: kmalloc (victim_name-2)\n1170 \tif (!victim_name)\n1171 \t\treturn -ENOMEM;\n\n1180 \tret = backref_in_log(log_root, \u0026search_key,\n1181 \t\t\tparent_objectid, victim_name,\n1182 \t\t\tvictim_name_len);\n1183 \tif (ret \u003c 0) {\n1184 \t\treturn ret; // #4: missing kfree (victim_name-2)\n1185 \t} else if (!ret) {\n\n1241 \treturn 0;\n1242 }"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:50.780Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/005d9292b5b2e71a009f911bd85d755009b37242"
},
{
"url": "https://git.kernel.org/stable/c/493ff661d434d6bdf02e3a21adae04d7a0b4265d"
},
{
"url": "https://git.kernel.org/stable/c/f35838a6930296fc1988764cfa54cb3f705c0665"
}
],
"title": "btrfs: fix memory leak in __add_inode_ref()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47585",
"datePublished": "2024-06-19T14:53:50.780Z",
"dateReserved": "2024-05-24T15:11:00.731Z",
"dateUpdated": "2024-08-04T05:39:59.778Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38558
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
net: openvswitch: fix overwriting ct original tuple for ICMPv6
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38558",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T18:25:00.443395Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T18:25:07.878Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.358Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6a51ac92bf35d34b4996d6eb67e2fe469f573b11"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0b532f59437f688563e9c58bdc1436fefa46e3b5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5ab6aecbede080b44b8e34720ab72050bf1e6982"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/483eb70f441e2df66ade78aa7217e6e4caadfef3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9ec8b0ccadb908d92f7ee211a4eff05fd932f3f6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/78741b4caae1e880368cb2f5110635f3ce45ecfd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/431e9215576d7b728f3f53a704d237a520092120"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d73fb8bddf89503c9fae7c42e50d44c89909aad6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7c988176b6c16c516474f6fceebe0f055af5eb56"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/openvswitch/flow.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6a51ac92bf35",
"status": "affected",
"version": "9dd7f8907c37",
"versionType": "git"
},
{
"lessThan": "0b532f59437f",
"status": "affected",
"version": "9dd7f8907c37",
"versionType": "git"
},
{
"lessThan": "5ab6aecbede0",
"status": "affected",
"version": "9dd7f8907c37",
"versionType": "git"
},
{
"lessThan": "483eb70f441e",
"status": "affected",
"version": "9dd7f8907c37",
"versionType": "git"
},
{
"lessThan": "9ec8b0ccadb9",
"status": "affected",
"version": "9dd7f8907c37",
"versionType": "git"
},
{
"lessThan": "78741b4caae1",
"status": "affected",
"version": "9dd7f8907c37",
"versionType": "git"
},
{
"lessThan": "431e9215576d",
"status": "affected",
"version": "9dd7f8907c37",
"versionType": "git"
},
{
"lessThan": "d73fb8bddf89",
"status": "affected",
"version": "9dd7f8907c37",
"versionType": "git"
},
{
"lessThan": "7c988176b6c1",
"status": "affected",
"version": "9dd7f8907c37",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/openvswitch/flow.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.11"
},
{
"lessThan": "4.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix overwriting ct original tuple for ICMPv6\n\nOVS_PACKET_CMD_EXECUTE has 3 main attributes:\n - OVS_PACKET_ATTR_KEY - Packet metadata in a netlink format.\n - OVS_PACKET_ATTR_PACKET - Binary packet content.\n - OVS_PACKET_ATTR_ACTIONS - Actions to execute on the packet.\n\nOVS_PACKET_ATTR_KEY is parsed first to populate sw_flow_key structure\nwith the metadata like conntrack state, input port, recirculation id,\netc. Then the packet itself gets parsed to populate the rest of the\nkeys from the packet headers.\n\nWhenever the packet parsing code starts parsing the ICMPv6 header, it\nfirst zeroes out fields in the key corresponding to Neighbor Discovery\ninformation even if it is not an ND packet.\n\nIt is an \u0027ipv6.nd\u0027 field. However, the \u0027ipv6\u0027 is a union that shares\nthe space between \u0027nd\u0027 and \u0027ct_orig\u0027 that holds the original tuple\nconntrack metadata parsed from the OVS_PACKET_ATTR_KEY.\n\nND packets should not normally have conntrack state, so it\u0027s fine to\nshare the space, but normal ICMPv6 Echo packets or maybe other types of\nICMPv6 can have the state attached and it should not be overwritten.\n\nThe issue results in all but the last 4 bytes of the destination\naddress being wiped from the original conntrack tuple leading to\nincorrect packet matching and potentially executing wrong actions\nin case this packet recirculates within the datapath or goes back\nto userspace.\n\nND fields should not be accessed in non-ND packets, so not clearing\nthem should be fine. Executing memset() only for actual ND packets to\navoid the issue.\n\nInitializing the whole thing before parsing is needed because ND packet\nmay not contain all the options.\n\nThe issue only affects the OVS_PACKET_CMD_EXECUTE path and doesn\u0027t\naffect packets entering OVS datapath from network interfaces, because\nin this case CT metadata is populated from skb after the packet is\nalready parsed."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:02.556Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/6a51ac92bf35d34b4996d6eb67e2fe469f573b11"
},
{
"url": "https://git.kernel.org/stable/c/0b532f59437f688563e9c58bdc1436fefa46e3b5"
},
{
"url": "https://git.kernel.org/stable/c/5ab6aecbede080b44b8e34720ab72050bf1e6982"
},
{
"url": "https://git.kernel.org/stable/c/483eb70f441e2df66ade78aa7217e6e4caadfef3"
},
{
"url": "https://git.kernel.org/stable/c/9ec8b0ccadb908d92f7ee211a4eff05fd932f3f6"
},
{
"url": "https://git.kernel.org/stable/c/78741b4caae1e880368cb2f5110635f3ce45ecfd"
},
{
"url": "https://git.kernel.org/stable/c/431e9215576d7b728f3f53a704d237a520092120"
},
{
"url": "https://git.kernel.org/stable/c/d73fb8bddf89503c9fae7c42e50d44c89909aad6"
},
{
"url": "https://git.kernel.org/stable/c/7c988176b6c16c516474f6fceebe0f055af5eb56"
}
],
"title": "net: openvswitch: fix overwriting ct original tuple for ICMPv6",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38558",
"datePublished": "2024-06-19T13:35:28.226Z",
"dateReserved": "2024-06-18T19:36:34.921Z",
"dateUpdated": "2024-08-02T04:12:25.358Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38570
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
gfs2: Fix potential glock use-after-free on unmount
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.837Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0636b34b44589b142700ac137b5f69802cfe2e37"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e42e8a24d7f02d28763d16ca7ec5fc6d1f142af0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/501cd8fabf621d10bd4893e37f6ce6c20523c8ca"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d98779e687726d8f8860f1c54b5687eec5f63a73"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/gfs2/glock.c",
"fs/gfs2/glock.h",
"fs/gfs2/incore.h",
"fs/gfs2/lock_dlm.c",
"fs/gfs2/ops_fstype.c",
"fs/gfs2/super.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0636b34b4458",
"status": "affected",
"version": "fb6791d100d1",
"versionType": "git"
},
{
"lessThan": "e42e8a24d7f0",
"status": "affected",
"version": "fb6791d100d1",
"versionType": "git"
},
{
"lessThan": "501cd8fabf62",
"status": "affected",
"version": "fb6791d100d1",
"versionType": "git"
},
{
"lessThan": "d98779e68772",
"status": "affected",
"version": "fb6791d100d1",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/gfs2/glock.c",
"fs/gfs2/glock.h",
"fs/gfs2/incore.h",
"fs/gfs2/lock_dlm.c",
"fs/gfs2/ops_fstype.c",
"fs/gfs2/super.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.8"
},
{
"lessThan": "3.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix potential glock use-after-free on unmount\n\nWhen a DLM lockspace is released and there ares still locks in that\nlockspace, DLM will unlock those locks automatically. Commit\nfb6791d100d1b started exploiting this behavior to speed up filesystem\nunmount: gfs2 would simply free glocks it didn\u0027t want to unlock and then\nrelease the lockspace. This didn\u0027t take the bast callbacks for\nasynchronous lock contention notifications into account, which remain\nactive until until a lock is unlocked or its lockspace is released.\n\nTo prevent those callbacks from accessing deallocated objects, put the\nglocks that should not be unlocked on the sd_dead_glocks list, release\nthe lockspace, and only then free those glocks.\n\nAs an additional measure, ignore unexpected ast and bast callbacks if\nthe receiving glock is dead."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:16.755Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0636b34b44589b142700ac137b5f69802cfe2e37"
},
{
"url": "https://git.kernel.org/stable/c/e42e8a24d7f02d28763d16ca7ec5fc6d1f142af0"
},
{
"url": "https://git.kernel.org/stable/c/501cd8fabf621d10bd4893e37f6ce6c20523c8ca"
},
{
"url": "https://git.kernel.org/stable/c/d98779e687726d8f8860f1c54b5687eec5f63a73"
}
],
"title": "gfs2: Fix potential glock use-after-free on unmount",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38570",
"datePublished": "2024-06-19T13:35:36.274Z",
"dateReserved": "2024-06-18T19:36:34.923Z",
"dateUpdated": "2024-08-02T04:12:25.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47605
Vulnerability from cvelistv5
Published
2024-06-19 14:54
Modified
2024-08-04 05:47
Severity
Summary
vduse: fix memory corruption in vduse_dev_ioctl()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.852Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e6c67560b4341914bec32ec536e931c22062af65"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ff9f9c6e74848170fcb45c8403c80d661484c8c9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/vdpa/vdpa_user/vduse_dev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e6c67560b434",
"status": "affected",
"version": "c8a6153b6c59",
"versionType": "git"
},
{
"lessThan": "ff9f9c6e7484",
"status": "affected",
"version": "c8a6153b6c59",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/vdpa/vdpa_user/vduse_dev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.15"
},
{
"lessThan": "5.15",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvduse: fix memory corruption in vduse_dev_ioctl()\n\nThe \"config.offset\" comes from the user. There needs to a check to\nprevent it being out of bounds. The \"config.offset\" and\n\"dev-\u003econfig_size\" variables are both type u32. So if the offset if\nout of bounds then the \"dev-\u003econfig_size - config.offset\" subtraction\nresults in a very high u32 value. The out of bounds offset can result\nin memory corruption."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:54:04.323Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e6c67560b4341914bec32ec536e931c22062af65"
},
{
"url": "https://git.kernel.org/stable/c/ff9f9c6e74848170fcb45c8403c80d661484c8c9"
}
],
"title": "vduse: fix memory corruption in vduse_dev_ioctl()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47605",
"datePublished": "2024-06-19T14:54:04.323Z",
"dateReserved": "2024-05-24T15:11:00.737Z",
"dateUpdated": "2024-08-04T05:47:40.852Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47580
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:39
Severity
Summary
scsi: scsi_debug: Fix type in min_t to avoid stack OOB
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47580",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:21:00.544492Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:21:19.418Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:39:59.777Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bdb854f134b964528fa543e0351022eb45bd7346"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3085147645938eb41f0bc0e25ef9791e71f5ee4b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/36e07d7ede88a1f1ef8f0f209af5b7612324ac2c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/scsi/scsi_debug.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "bdb854f134b9",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "308514764593",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "36e07d7ede88",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/scsi/scsi_debug.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: scsi_debug: Fix type in min_t to avoid stack OOB\n\nChange min_t() to use type \"u32\" instead of type \"int\" to avoid stack out\nof bounds. With min_t() type \"int\" the values get sign extended and the\nlarger value gets used causing stack out of bounds.\n\nBUG: KASAN: stack-out-of-bounds in memcpy include/linux/fortify-string.h:191 [inline]\nBUG: KASAN: stack-out-of-bounds in sg_copy_buffer+0x1de/0x240 lib/scatterlist.c:976\nRead of size 127 at addr ffff888072607128 by task syz-executor.7/18707\n\nCPU: 1 PID: 18707 Comm: syz-executor.7 Not tainted 5.15.0-syzk #1\nHardware name: Red Hat KVM, BIOS 1.13.0-2\nCall Trace:\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x89/0xb5 lib/dump_stack.c:106\n print_address_description.constprop.9+0x28/0x160 mm/kasan/report.c:256\n __kasan_report mm/kasan/report.c:442 [inline]\n kasan_report.cold.14+0x7d/0x117 mm/kasan/report.c:459\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0x1a3/0x210 mm/kasan/generic.c:189\n memcpy+0x23/0x60 mm/kasan/shadow.c:65\n memcpy include/linux/fortify-string.h:191 [inline]\n sg_copy_buffer+0x1de/0x240 lib/scatterlist.c:976\n sg_copy_from_buffer+0x33/0x40 lib/scatterlist.c:1000\n fill_from_dev_buffer.part.34+0x82/0x130 drivers/scsi/scsi_debug.c:1162\n fill_from_dev_buffer drivers/scsi/scsi_debug.c:1888 [inline]\n resp_readcap16+0x365/0x3b0 drivers/scsi/scsi_debug.c:1887\n schedule_resp+0x4d8/0x1a70 drivers/scsi/scsi_debug.c:5478\n scsi_debug_queuecommand+0x8c9/0x1ec0 drivers/scsi/scsi_debug.c:7533\n scsi_dispatch_cmd drivers/scsi/scsi_lib.c:1520 [inline]\n scsi_queue_rq+0x16b0/0x2d40 drivers/scsi/scsi_lib.c:1699\n blk_mq_dispatch_rq_list+0xb9b/0x2700 block/blk-mq.c:1639\n __blk_mq_sched_dispatch_requests+0x28f/0x590 block/blk-mq-sched.c:325\n blk_mq_sched_dispatch_requests+0x105/0x190 block/blk-mq-sched.c:358\n __blk_mq_run_hw_queue+0xe5/0x150 block/blk-mq.c:1761\n __blk_mq_delay_run_hw_queue+0x4f8/0x5c0 block/blk-mq.c:1838\n blk_mq_run_hw_queue+0x18d/0x350 block/blk-mq.c:1891\n blk_mq_sched_insert_request+0x3db/0x4e0 block/blk-mq-sched.c:474\n blk_execute_rq_nowait+0x16b/0x1c0 block/blk-exec.c:62\n sg_common_write.isra.18+0xeb3/0x2000 drivers/scsi/sg.c:836\n sg_new_write.isra.19+0x570/0x8c0 drivers/scsi/sg.c:774\n sg_ioctl_common+0x14d6/0x2710 drivers/scsi/sg.c:939\n sg_ioctl+0xa2/0x180 drivers/scsi/sg.c:1165\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:874 [inline]\n __se_sys_ioctl fs/ioctl.c:860 [inline]\n __x64_sys_ioctl+0x19d/0x220 fs/ioctl.c:860\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3a/0x80 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:47.421Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/bdb854f134b964528fa543e0351022eb45bd7346"
},
{
"url": "https://git.kernel.org/stable/c/3085147645938eb41f0bc0e25ef9791e71f5ee4b"
},
{
"url": "https://git.kernel.org/stable/c/36e07d7ede88a1f1ef8f0f209af5b7612324ac2c"
}
],
"title": "scsi: scsi_debug: Fix type in min_t to avoid stack OOB",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47580",
"datePublished": "2024-06-19T14:53:47.421Z",
"dateReserved": "2024-05-24T15:11:00.730Z",
"dateUpdated": "2024-08-04T05:39:59.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47617
Vulnerability from cvelistv5
Published
2024-06-20 10:57
Modified
2024-08-04 05:47
Severity
Summary
PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ff27f7d0333cff89ec85c419f431aca1b38fb16a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/464da38ba827f670deac6500a1de9a4f0f44c41d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3b4c966fb156ff3e70b2526d964952ff7c1574d9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1db58c6584a72102e98af2e600ea184ddaf2b8af"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6d6f1f0dac3e3441ecdb1103d4efb11b9ed24dd5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/23584c1ed3e15a6f4bfab8dc5a88d94ab929ee12"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/pci/hotplug/pciehp_hpc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ff27f7d0333c",
"status": "affected",
"version": "a8cc52270f3d",
"versionType": "git"
},
{
"lessThan": "464da38ba827",
"status": "affected",
"version": "4667358dab9c",
"versionType": "git"
},
{
"lessThan": "3b4c966fb156",
"status": "affected",
"version": "8edf5332c393",
"versionType": "git"
},
{
"lessThan": "1db58c6584a7",
"status": "affected",
"version": "8edf5332c393",
"versionType": "git"
},
{
"lessThan": "6d6f1f0dac3e",
"status": "affected",
"version": "8edf5332c393",
"versionType": "git"
},
{
"lessThan": "23584c1ed3e1",
"status": "affected",
"version": "8edf5332c393",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/pci/hotplug/pciehp_hpc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.7"
},
{
"lessThan": "5.7",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.233",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.177",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.97",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.20",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.6",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pciehp: Fix infinite loop in IRQ handler upon power fault\n\nThe Power Fault Detected bit in the Slot Status register differs from\nall other hotplug events in that it is sticky: It can only be cleared\nafter turning off slot power. Per PCIe r5.0, sec. 6.7.1.8:\n\n If a power controller detects a main power fault on the hot-plug slot,\n it must automatically set its internal main power fault latch [...].\n The main power fault latch is cleared when software turns off power to\n the hot-plug slot.\n\nThe stickiness used to cause interrupt storms and infinite loops which\nwere fixed in 2009 by commits 5651c48cfafe (\"PCI pciehp: fix power fault\ninterrupt storm problem\") and 99f0169c17f3 (\"PCI: pciehp: enable\nsoftware notification on empty slots\").\n\nUnfortunately in 2020 the infinite loop issue was inadvertently\nreintroduced by commit 8edf5332c393 (\"PCI: pciehp: Fix MSI interrupt\nrace\"): The hardirq handler pciehp_isr() clears the PFD bit until\npciehp\u0027s power_fault_detected flag is set. That happens in the IRQ\nthread pciehp_ist(), which never learns of the event because the hardirq\nhandler is stuck in an infinite loop. Fix by setting the\npower_fault_detected flag already in the hardirq handler."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T10:57:01.508Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ff27f7d0333cff89ec85c419f431aca1b38fb16a"
},
{
"url": "https://git.kernel.org/stable/c/464da38ba827f670deac6500a1de9a4f0f44c41d"
},
{
"url": "https://git.kernel.org/stable/c/3b4c966fb156ff3e70b2526d964952ff7c1574d9"
},
{
"url": "https://git.kernel.org/stable/c/1db58c6584a72102e98af2e600ea184ddaf2b8af"
},
{
"url": "https://git.kernel.org/stable/c/6d6f1f0dac3e3441ecdb1103d4efb11b9ed24dd5"
},
{
"url": "https://git.kernel.org/stable/c/23584c1ed3e15a6f4bfab8dc5a88d94ab929ee12"
}
],
"title": "PCI: pciehp: Fix infinite loop in IRQ handler upon power fault",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47617",
"datePublished": "2024-06-20T10:57:01.508Z",
"dateReserved": "2024-06-19T14:55:32.795Z",
"dateUpdated": "2024-08-04T05:47:40.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38538
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
net: bridge: xmit: make sure we have at least eth header len bytes
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.408Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/28126b83f86ab9cc7936029c2dff845d3dcedba2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1abb371147905ba250b4cc0230c4be7e90bea4d5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f482fd4ce919836a49012b2d31b00fc36e2488f2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5b5d669f569807c7ab07546e73c0741845a2547a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8bd67ebb50c0145fd2ca8681ab65eb7e8cde1afc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/bridge/br_device.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "28126b83f86a",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "1abb37114790",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "f482fd4ce919",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "5b5d669f5698",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "8bd67ebb50c0",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/bridge/br_device.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.12"
},
{
"lessThan": "2.6.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: xmit: make sure we have at least eth header len bytes\n\nsyzbot triggered an uninit value[1] error in bridge device\u0027s xmit path\nby sending a short (less than ETH_HLEN bytes) skb. To fix it check if\nwe can actually pull that amount instead of assuming.\n\nTested with dropwatch:\n drop at: br_dev_xmit+0xb93/0x12d0 [bridge] (0xffffffffc06739b3)\n origin: software\n timestamp: Mon May 13 11:31:53 2024 778214037 nsec\n protocol: 0x88a8\n length: 2\n original length: 2\n drop reason: PKT_TOO_SMALL\n\n[1]\nBUG: KMSAN: uninit-value in br_dev_xmit+0x61d/0x1cb0 net/bridge/br_device.c:65\n br_dev_xmit+0x61d/0x1cb0 net/bridge/br_device.c:65\n __netdev_start_xmit include/linux/netdevice.h:4903 [inline]\n netdev_start_xmit include/linux/netdevice.h:4917 [inline]\n xmit_one net/core/dev.c:3531 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3547\n __dev_queue_xmit+0x34db/0x5350 net/core/dev.c:4341\n dev_queue_xmit include/linux/netdevice.h:3091 [inline]\n __bpf_tx_skb net/core/filter.c:2136 [inline]\n __bpf_redirect_common net/core/filter.c:2180 [inline]\n __bpf_redirect+0x14a6/0x1620 net/core/filter.c:2187\n ____bpf_clone_redirect net/core/filter.c:2460 [inline]\n bpf_clone_redirect+0x328/0x470 net/core/filter.c:2432\n ___bpf_prog_run+0x13fe/0xe0f0 kernel/bpf/core.c:1997\n __bpf_prog_run512+0xb5/0xe0 kernel/bpf/core.c:2238\n bpf_dispatcher_nop_func include/linux/bpf.h:1234 [inline]\n __bpf_prog_run include/linux/filter.h:657 [inline]\n bpf_prog_run include/linux/filter.h:664 [inline]\n bpf_test_run+0x499/0xc30 net/bpf/test_run.c:425\n bpf_prog_test_run_skb+0x14ea/0x1f20 net/bpf/test_run.c:1058\n bpf_prog_test_run+0x6b7/0xad0 kernel/bpf/syscall.c:4269\n __sys_bpf+0x6aa/0xd90 kernel/bpf/syscall.c:5678\n __do_sys_bpf kernel/bpf/syscall.c:5767 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5765 [inline]\n __x64_sys_bpf+0xa0/0xe0 kernel/bpf/syscall.c:5765\n x64_sys_call+0x96b/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:322\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:38.936Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/28126b83f86ab9cc7936029c2dff845d3dcedba2"
},
{
"url": "https://git.kernel.org/stable/c/1abb371147905ba250b4cc0230c4be7e90bea4d5"
},
{
"url": "https://git.kernel.org/stable/c/f482fd4ce919836a49012b2d31b00fc36e2488f2"
},
{
"url": "https://git.kernel.org/stable/c/5b5d669f569807c7ab07546e73c0741845a2547a"
},
{
"url": "https://git.kernel.org/stable/c/8bd67ebb50c0145fd2ca8681ab65eb7e8cde1afc"
}
],
"title": "net: bridge: xmit: make sure we have at least eth header len bytes",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38538",
"datePublished": "2024-06-19T13:35:13.384Z",
"dateReserved": "2024-06-18T19:36:34.918Z",
"dateUpdated": "2024-08-02T04:12:25.408Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38553
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
net: fec: remove .ndo_poll_controller to avoid deadlocks
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.028Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d38625f71950e79e254515c5fc585552dad4b33e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/accdd6b912c4219b8e056d1f1ad2e85bc66ee243"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/87bcbc9b7e0b43a69d44efa5f32f11e32d08fa6f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c2e0c58b25a0a0c37ec643255558c5af4450c9f5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/freescale/fec_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d38625f71950",
"status": "affected",
"version": "7f5c6addcdc0",
"versionType": "git"
},
{
"lessThan": "accdd6b912c4",
"status": "affected",
"version": "7f5c6addcdc0",
"versionType": "git"
},
{
"lessThan": "87bcbc9b7e0b",
"status": "affected",
"version": "7f5c6addcdc0",
"versionType": "git"
},
{
"lessThan": "c2e0c58b25a0",
"status": "affected",
"version": "7f5c6addcdc0",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/freescale/fec_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.2"
},
{
"lessThan": "3.2",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: remove .ndo_poll_controller to avoid deadlocks\n\nThere is a deadlock issue found in sungem driver, please refer to the\ncommit ac0a230f719b (\"eth: sungem: remove .ndo_poll_controller to avoid\ndeadlocks\"). The root cause of the issue is that netpoll is in atomic\ncontext and disable_irq() is called by .ndo_poll_controller interface\nof sungem driver, however, disable_irq() might sleep. After analyzing\nthe implementation of fec_poll_controller(), the fec driver should have\nthe same issue. Due to the fec driver uses NAPI for TX completions, the\n.ndo_poll_controller is unnecessary to be implemented in the fec driver,\nso fec_poll_controller() can be safely removed."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:56.340Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d38625f71950e79e254515c5fc585552dad4b33e"
},
{
"url": "https://git.kernel.org/stable/c/accdd6b912c4219b8e056d1f1ad2e85bc66ee243"
},
{
"url": "https://git.kernel.org/stable/c/87bcbc9b7e0b43a69d44efa5f32f11e32d08fa6f"
},
{
"url": "https://git.kernel.org/stable/c/c2e0c58b25a0a0c37ec643255558c5af4450c9f5"
}
],
"title": "net: fec: remove .ndo_poll_controller to avoid deadlocks",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38553",
"datePublished": "2024-06-19T13:35:24.743Z",
"dateReserved": "2024-06-18T19:36:34.920Z",
"dateUpdated": "2024-08-02T04:12:26.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47619
Vulnerability from cvelistv5
Published
2024-06-20 11:08
Modified
2024-08-04 05:47
Severity
Summary
i40e: Fix queues reservation for XDP
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.459Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d46fa4ea9756ef6cbcf9752d0832cc66e2d7121b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/be6998f232b8e4ca8225029e305b8329d89bfd59"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/768eb705e6381f0c70ca29d4e66f19790d5d19a1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/00eddb0e4ea115154581d1049507a996acfc2d3e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4b3aa858268b7b9aeef02e5f9c4cd8f8fac101c8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/92947844b8beee988c0ce17082b705c2f75f0742"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/intel/i40e/i40e_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d46fa4ea9756",
"status": "affected",
"version": "41c445ff0f48",
"versionType": "git"
},
{
"lessThan": "be6998f232b8",
"status": "affected",
"version": "41c445ff0f48",
"versionType": "git"
},
{
"lessThan": "768eb705e638",
"status": "affected",
"version": "41c445ff0f48",
"versionType": "git"
},
{
"lessThan": "00eddb0e4ea1",
"status": "affected",
"version": "41c445ff0f48",
"versionType": "git"
},
{
"lessThan": "4b3aa858268b",
"status": "affected",
"version": "41c445ff0f48",
"versionType": "git"
},
{
"lessThan": "92947844b8be",
"status": "affected",
"version": "41c445ff0f48",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/intel/i40e/i40e_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.12"
},
{
"lessThan": "3.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.176",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix queues reservation for XDP\n\nWhen XDP was configured on a system with large number of CPUs\nand X722 NIC there was a call trace with NULL pointer dereference.\n\ni40e 0000:87:00.0: failed to get tracking for 256 queues for VSI 0 err -12\ni40e 0000:87:00.0: setup of MAIN VSI failed\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nRIP: 0010:i40e_xdp+0xea/0x1b0 [i40e]\nCall Trace:\n? i40e_reconfig_rss_queues+0x130/0x130 [i40e]\ndev_xdp_install+0x61/0xe0\ndev_xdp_attach+0x18a/0x4c0\ndev_change_xdp_fd+0x1e6/0x220\ndo_setlink+0x616/0x1030\n? ahci_port_stop+0x80/0x80\n? ata_qc_issue+0x107/0x1e0\n? lock_timer_base+0x61/0x80\n? __mod_timer+0x202/0x380\nrtnl_setlink+0xe5/0x170\n? bpf_lsm_binder_transaction+0x10/0x10\n? security_capable+0x36/0x50\nrtnetlink_rcv_msg+0x121/0x350\n? rtnl_calcit.isra.0+0x100/0x100\nnetlink_rcv_skb+0x50/0xf0\nnetlink_unicast+0x1d3/0x2a0\nnetlink_sendmsg+0x22a/0x440\nsock_sendmsg+0x5e/0x60\n__sys_sendto+0xf0/0x160\n? __sys_getsockname+0x7e/0xc0\n? _copy_from_user+0x3c/0x80\n? __sys_setsockopt+0xc8/0x1a0\n__x64_sys_sendto+0x20/0x30\ndo_syscall_64+0x33/0x40\nentry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f83fa7a39e0\n\nThis was caused by PF queue pile fragmentation due to\nflow director VSI queue being placed right after main VSI.\nBecause of this main VSI was not able to resize its\nqueue allocation for XDP resulting in no queues allocated\nfor main VSI when XDP was turned on.\n\nFix this by always allocating last queue in PF queue pile\nfor a flow director VSI."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:08:08.647Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d46fa4ea9756ef6cbcf9752d0832cc66e2d7121b"
},
{
"url": "https://git.kernel.org/stable/c/be6998f232b8e4ca8225029e305b8329d89bfd59"
},
{
"url": "https://git.kernel.org/stable/c/768eb705e6381f0c70ca29d4e66f19790d5d19a1"
},
{
"url": "https://git.kernel.org/stable/c/00eddb0e4ea115154581d1049507a996acfc2d3e"
},
{
"url": "https://git.kernel.org/stable/c/4b3aa858268b7b9aeef02e5f9c4cd8f8fac101c8"
},
{
"url": "https://git.kernel.org/stable/c/92947844b8beee988c0ce17082b705c2f75f0742"
}
],
"title": "i40e: Fix queues reservation for XDP",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47619",
"datePublished": "2024-06-20T11:08:08.647Z",
"dateReserved": "2024-06-20T11:03:43.235Z",
"dateUpdated": "2024-08-04T05:47:40.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38616
Vulnerability from cvelistv5
Published
2024-06-19 13:56
Modified
2024-08-02 04:12
Severity
Summary
wifi: carl9170: re-fix fortified-memset warning
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "13857683126e",
"status": "affected",
"version": "fb5f6a0e8063",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "875864670982",
"status": "affected",
"version": "fb5f6a0e8063",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "0c38c9c460bb",
"status": "affected",
"version": "fb5f6a0e8063",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "042a39bb8e08",
"status": "affected",
"version": "fb5f6a0e8063",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "066afafc10c9",
"status": "affected",
"version": "fb5f6a0e8063",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "5.17"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "5.17",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.2",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.7",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.9",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.10",
"status": "unaffected",
"version": "6.9.3 t",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unaffected",
"version": "6.10_rc1"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-38616",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:37:04.448058Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:06:00.634Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.016Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/13857683126e8a6492af73c74d702835f7a2175b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/87586467098281f04fa93e59fe3a516b954bddc4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0c38c9c460bb8ce8d6f6cf316e0d71a70983ec83"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/042a39bb8e0812466327a5102606e88a5a4f8c02"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/066afafc10c9476ee36c47c9062527a17e763901"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/ath/carl9170/tx.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "13857683126e",
"status": "affected",
"version": "fb5f6a0e8063",
"versionType": "git"
},
{
"lessThan": "875864670982",
"status": "affected",
"version": "fb5f6a0e8063",
"versionType": "git"
},
{
"lessThan": "0c38c9c460bb",
"status": "affected",
"version": "fb5f6a0e8063",
"versionType": "git"
},
{
"lessThan": "042a39bb8e08",
"status": "affected",
"version": "fb5f6a0e8063",
"versionType": "git"
},
{
"lessThan": "066afafc10c9",
"status": "affected",
"version": "fb5f6a0e8063",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/ath/carl9170/tx.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.17"
},
{
"lessThan": "5.17",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: carl9170: re-fix fortified-memset warning\n\nThe carl9170_tx_release() function sometimes triggers a fortified-memset\nwarning in my randconfig builds:\n\nIn file included from include/linux/string.h:254,\n from drivers/net/wireless/ath/carl9170/tx.c:40:\nIn function \u0027fortify_memset_chk\u0027,\n inlined from \u0027carl9170_tx_release\u0027 at drivers/net/wireless/ath/carl9170/tx.c:283:2,\n inlined from \u0027kref_put\u0027 at include/linux/kref.h:65:3,\n inlined from \u0027carl9170_tx_put_skb\u0027 at drivers/net/wireless/ath/carl9170/tx.c:342:9:\ninclude/linux/fortify-string.h:493:25: error: call to \u0027__write_overflow_field\u0027 declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]\n 493 | __write_overflow_field(p_size_field, size);\n\nKees previously tried to avoid this by using memset_after(), but it seems\nthis does not fully address the problem. I noticed that the memset_after()\nhere is done on a different part of the union (status) than the original\ncast was from (rate_driver_data), which may confuse the compiler.\n\nUnfortunately, the memset_after() trick does not work on driver_rates[]\nbecause that is part of an anonymous struct, and I could not get\nstruct_group() to do this either. Using two separate memset() calls\non the two members does address the warning though."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:08.905Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/13857683126e8a6492af73c74d702835f7a2175b"
},
{
"url": "https://git.kernel.org/stable/c/87586467098281f04fa93e59fe3a516b954bddc4"
},
{
"url": "https://git.kernel.org/stable/c/0c38c9c460bb8ce8d6f6cf316e0d71a70983ec83"
},
{
"url": "https://git.kernel.org/stable/c/042a39bb8e0812466327a5102606e88a5a4f8c02"
},
{
"url": "https://git.kernel.org/stable/c/066afafc10c9476ee36c47c9062527a17e763901"
}
],
"title": "wifi: carl9170: re-fix fortified-memset warning",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38616",
"datePublished": "2024-06-19T13:56:16.086Z",
"dateReserved": "2024-06-18T19:36:34.944Z",
"dateUpdated": "2024-08-02T04:12:26.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38590
Vulnerability from cvelistv5
Published
2024-06-19 13:45
Modified
2024-08-02 04:12
Severity
Summary
RDMA/hns: Modify the print level of CQE error
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38590",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:39:58.504819Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:40:07.688Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.931Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/45b31be4dd22827903df15c548b97b416790139b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cc699b7eb2bc963c12ffcd37f80f45330d2924bd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/17f3741c65c4a042ae8ba094068b07a4b77e213c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6f541a89ced8305da459e3ab0006e7528cf7da7b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/817a10a6df9354e67561922d2b7fce48dfbebc55"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/06cf121346bbd3d83a5eea05bb87666c6b279990"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/349e859952285ab9689779fb46de163f13f18f43"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/hns/hns_roce_hw_v2.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "45b31be4dd22",
"status": "affected",
"version": "7c044adca272",
"versionType": "git"
},
{
"lessThan": "cc699b7eb2bc",
"status": "affected",
"version": "7c044adca272",
"versionType": "git"
},
{
"lessThan": "17f3741c65c4",
"status": "affected",
"version": "7c044adca272",
"versionType": "git"
},
{
"lessThan": "6f541a89ced8",
"status": "affected",
"version": "7c044adca272",
"versionType": "git"
},
{
"lessThan": "817a10a6df93",
"status": "affected",
"version": "7c044adca272",
"versionType": "git"
},
{
"lessThan": "06cf121346bb",
"status": "affected",
"version": "7c044adca272",
"versionType": "git"
},
{
"lessThan": "349e85995228",
"status": "affected",
"version": "7c044adca272",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/hns/hns_roce_hw_v2.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.8"
},
{
"lessThan": "5.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Modify the print level of CQE error\n\nToo much print may lead to a panic in kernel. Change ibdev_err() to\nibdev_err_ratelimited(), and change the printing level of cqe dump\nto debug level."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:37.886Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/45b31be4dd22827903df15c548b97b416790139b"
},
{
"url": "https://git.kernel.org/stable/c/cc699b7eb2bc963c12ffcd37f80f45330d2924bd"
},
{
"url": "https://git.kernel.org/stable/c/17f3741c65c4a042ae8ba094068b07a4b77e213c"
},
{
"url": "https://git.kernel.org/stable/c/6f541a89ced8305da459e3ab0006e7528cf7da7b"
},
{
"url": "https://git.kernel.org/stable/c/817a10a6df9354e67561922d2b7fce48dfbebc55"
},
{
"url": "https://git.kernel.org/stable/c/06cf121346bbd3d83a5eea05bb87666c6b279990"
},
{
"url": "https://git.kernel.org/stable/c/349e859952285ab9689779fb46de163f13f18f43"
}
],
"title": "RDMA/hns: Modify the print level of CQE error",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38590",
"datePublished": "2024-06-19T13:45:41.928Z",
"dateReserved": "2024-06-18T19:36:34.930Z",
"dateUpdated": "2024-08-02T04:12:25.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38577
Vulnerability from cvelistv5
Published
2024-06-19 13:37
Modified
2024-08-02 04:12
Severity
Summary
rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.688Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/08186d0c5fb64a1cc4b43e009314ee6b173ed222"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/32d988f48ed287e676a29a15ac30701c35849aec"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6593d857ce5b5b802fb73d8091ac9c84b92c1697"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1a240e138071b25944ded0f5b3e357aa99fabcb7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cc5645fddb0ce28492b15520306d092730dffa48"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/rcu/tasks.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "08186d0c5fb6",
"status": "affected",
"version": "edf3775f0ad6",
"versionType": "git"
},
{
"lessThan": "32d988f48ed2",
"status": "affected",
"version": "edf3775f0ad6",
"versionType": "git"
},
{
"lessThan": "6593d857ce5b",
"status": "affected",
"version": "edf3775f0ad6",
"versionType": "git"
},
{
"lessThan": "1a240e138071",
"status": "affected",
"version": "edf3775f0ad6",
"versionType": "git"
},
{
"lessThan": "cc5645fddb0c",
"status": "affected",
"version": "edf3775f0ad6",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/rcu/tasks.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.8"
},
{
"lessThan": "5.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow\n\nThere is a possibility of buffer overflow in\nshow_rcu_tasks_trace_gp_kthread() if counters, passed\nto sprintf() are huge. Counter numbers, needed for this\nare unrealistically high, but buffer overflow is still\npossible.\n\nUse snprintf() with buffer size instead of sprintf().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:24.938Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/08186d0c5fb64a1cc4b43e009314ee6b173ed222"
},
{
"url": "https://git.kernel.org/stable/c/32d988f48ed287e676a29a15ac30701c35849aec"
},
{
"url": "https://git.kernel.org/stable/c/6593d857ce5b5b802fb73d8091ac9c84b92c1697"
},
{
"url": "https://git.kernel.org/stable/c/1a240e138071b25944ded0f5b3e357aa99fabcb7"
},
{
"url": "https://git.kernel.org/stable/c/cc5645fddb0ce28492b15520306d092730dffa48"
}
],
"title": "rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38577",
"datePublished": "2024-06-19T13:37:35.797Z",
"dateReserved": "2024-06-18T19:36:34.926Z",
"dateUpdated": "2024-08-02T04:12:25.688Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47589
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:39
Severity
Summary
igbvf: fix double free in `igbvf_probe`
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47589",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T17:58:29.700241Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T17:58:40.103Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:39:59.864Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ffe1695b678729edec04037e691007900a2b2beb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/79d9b092035dcdbe636b70433149df9cc6db1e49"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8d0c927a9fb2b4065230936b77b54f857a3754fc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cc9b655bb84f1be283293dfea94dff9a31b106ac"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8addba6cab94ce01686ea2e80ed1530f9dc33a9a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/74a16e062b23332d8db017ff4a41e16279c44411"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/944b8be08131f5faf2cd2440aa1c24a39a163a54"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b6d335a60dc624c0d279333b22c737faa765b028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/intel/igbvf/netdev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ffe1695b6787",
"status": "affected",
"version": "d4e0fe01a38a",
"versionType": "git"
},
{
"lessThan": "79d9b092035d",
"status": "affected",
"version": "d4e0fe01a38a",
"versionType": "git"
},
{
"lessThan": "8d0c927a9fb2",
"status": "affected",
"version": "d4e0fe01a38a",
"versionType": "git"
},
{
"lessThan": "cc9b655bb84f",
"status": "affected",
"version": "d4e0fe01a38a",
"versionType": "git"
},
{
"lessThan": "8addba6cab94",
"status": "affected",
"version": "d4e0fe01a38a",
"versionType": "git"
},
{
"lessThan": "74a16e062b23",
"status": "affected",
"version": "d4e0fe01a38a",
"versionType": "git"
},
{
"lessThan": "944b8be08131",
"status": "affected",
"version": "d4e0fe01a38a",
"versionType": "git"
},
{
"lessThan": "b6d335a60dc6",
"status": "affected",
"version": "d4e0fe01a38a",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/intel/igbvf/netdev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.30"
},
{
"lessThan": "2.6.30",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"version": "4.4.296",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.294",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.259",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.222",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.168",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nigbvf: fix double free in `igbvf_probe`\n\nIn `igbvf_probe`, if register_netdev() fails, the program will go to\nlabel err_hw_init, and then to label err_ioremap. In free_netdev() which\nis just below label err_ioremap, there is `list_for_each_entry_safe` and\n`netif_napi_del` which aims to delete all entries in `dev-\u003enapi_list`.\nThe program has added an entry `adapter-\u003erx_ring-\u003enapi` which is added by\n`netif_napi_add` in igbvf_alloc_queues(). However, adapter-\u003erx_ring has\nbeen freed below label err_hw_init. So this a UAF.\n\nIn terms of how to patch the problem, we can refer to igbvf_remove() and\ndelete the entry before `adapter-\u003erx_ring`.\n\nThe KASAN logs are as follows:\n\n[ 35.126075] BUG: KASAN: use-after-free in free_netdev+0x1fd/0x450\n[ 35.127170] Read of size 8 at addr ffff88810126d990 by task modprobe/366\n[ 35.128360]\n[ 35.128643] CPU: 1 PID: 366 Comm: modprobe Not tainted 5.15.0-rc2+ #14\n[ 35.129789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014\n[ 35.131749] Call Trace:\n[ 35.132199] dump_stack_lvl+0x59/0x7b\n[ 35.132865] print_address_description+0x7c/0x3b0\n[ 35.133707] ? free_netdev+0x1fd/0x450\n[ 35.134378] __kasan_report+0x160/0x1c0\n[ 35.135063] ? free_netdev+0x1fd/0x450\n[ 35.135738] kasan_report+0x4b/0x70\n[ 35.136367] free_netdev+0x1fd/0x450\n[ 35.137006] igbvf_probe+0x121d/0x1a10 [igbvf]\n[ 35.137808] ? igbvf_vlan_rx_add_vid+0x100/0x100 [igbvf]\n[ 35.138751] local_pci_probe+0x13c/0x1f0\n[ 35.139461] pci_device_probe+0x37e/0x6c0\n[ 35.165526]\n[ 35.165806] Allocated by task 366:\n[ 35.166414] ____kasan_kmalloc+0xc4/0xf0\n[ 35.167117] foo_kmem_cache_alloc_trace+0x3c/0x50 [igbvf]\n[ 35.168078] igbvf_probe+0x9c5/0x1a10 [igbvf]\n[ 35.168866] local_pci_probe+0x13c/0x1f0\n[ 35.169565] pci_device_probe+0x37e/0x6c0\n[ 35.179713]\n[ 35.179993] Freed by task 366:\n[ 35.180539] kasan_set_track+0x4c/0x80\n[ 35.181211] kasan_set_free_info+0x1f/0x40\n[ 35.181942] ____kasan_slab_free+0x103/0x140\n[ 35.182703] kfree+0xe3/0x250\n[ 35.183239] igbvf_probe+0x1173/0x1a10 [igbvf]\n[ 35.184040] local_pci_probe+0x13c/0x1f0"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:53.565Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ffe1695b678729edec04037e691007900a2b2beb"
},
{
"url": "https://git.kernel.org/stable/c/79d9b092035dcdbe636b70433149df9cc6db1e49"
},
{
"url": "https://git.kernel.org/stable/c/8d0c927a9fb2b4065230936b77b54f857a3754fc"
},
{
"url": "https://git.kernel.org/stable/c/cc9b655bb84f1be283293dfea94dff9a31b106ac"
},
{
"url": "https://git.kernel.org/stable/c/8addba6cab94ce01686ea2e80ed1530f9dc33a9a"
},
{
"url": "https://git.kernel.org/stable/c/74a16e062b23332d8db017ff4a41e16279c44411"
},
{
"url": "https://git.kernel.org/stable/c/944b8be08131f5faf2cd2440aa1c24a39a163a54"
},
{
"url": "https://git.kernel.org/stable/c/b6d335a60dc624c0d279333b22c737faa765b028"
}
],
"title": "igbvf: fix double free in `igbvf_probe`",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47589",
"datePublished": "2024-06-19T14:53:53.565Z",
"dateReserved": "2024-05-24T15:11:00.732Z",
"dateUpdated": "2024-08-04T05:39:59.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47607
Vulnerability from cvelistv5
Published
2024-06-19 14:54
Modified
2024-08-04 05:47
Severity
Summary
bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.815Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f87a6c160ecc8c7b417d25f508d3f076fe346136"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a82fe085f344ef20b452cd5f481010ff96b5c4cd"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/bpf/verifier.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f87a6c160ecc",
"status": "affected",
"version": "5ffa25502b5a",
"versionType": "git"
},
{
"lessThan": "a82fe085f344",
"status": "affected",
"version": "5ffa25502b5a",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/bpf/verifier.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.12"
},
{
"lessThan": "5.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix kernel address leakage in atomic cmpxchg\u0027s r0 aux reg\n\nThe implementation of BPF_CMPXCHG on a high level has the following parameters:\n\n .-[old-val] .-[new-val]\n BPF_R0 = cmpxchg{32,64}(DST_REG + insn-\u003eoff, BPF_R0, SRC_REG)\n `-[mem-loc] `-[old-val]\n\nGiven a BPF insn can only have two registers (dst, src), the R0 is fixed and\nused as an auxilliary register for input (old value) as well as output (returning\nold value from memory location). While the verifier performs a number of safety\nchecks, it misses to reject unprivileged programs where R0 contains a pointer as\nold value.\n\nThrough brute-forcing it takes about ~16sec on my machine to leak a kernel pointer\nwith BPF_CMPXCHG. The PoC is basically probing for kernel addresses by storing the\nguessed address into the map slot as a scalar, and using the map value pointer as\nR0 while SRC_REG has a canary value to detect a matching address.\n\nFix it by checking R0 for pointers, and reject if that\u0027s the case for unprivileged\nprograms."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:54:05.700Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/f87a6c160ecc8c7b417d25f508d3f076fe346136"
},
{
"url": "https://git.kernel.org/stable/c/a82fe085f344ef20b452cd5f481010ff96b5c4cd"
}
],
"title": "bpf: Fix kernel address leakage in atomic cmpxchg\u0027s r0 aux reg",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47607",
"datePublished": "2024-06-19T14:54:05.700Z",
"dateReserved": "2024-05-24T15:11:00.737Z",
"dateUpdated": "2024-08-04T05:47:40.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38549
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
drm/mediatek: Add 0 size check to mtk_drm_gem_obj
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.182Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/79078880795478d551a05acc41f957700030d364"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/be34a1b351ea7faeb15dde8c44fe89de3980ae67"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d17b75ee9c2e44d3a3682c4ea5ab713ea6073350"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0e3b6f9123726858cac299e1654e3d20424cabe4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/13562c2d48c9ee330de1077d00146742be368f05"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/af26ea99019caee1500bf7e60c861136c0bf8594"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9489951e3ae505534c4013db4e76b1b5a3151ac7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fb4aabdb1b48c25d9e1ee28f89440fd2ce556405"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1e4350095e8ab2577ee05f8c3b044e661b5af9a0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/mediatek/mtk_drm_gem.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "790788807954",
"status": "affected",
"version": "119f5173628a",
"versionType": "git"
},
{
"lessThan": "be34a1b351ea",
"status": "affected",
"version": "119f5173628a",
"versionType": "git"
},
{
"lessThan": "d17b75ee9c2e",
"status": "affected",
"version": "119f5173628a",
"versionType": "git"
},
{
"lessThan": "0e3b6f912372",
"status": "affected",
"version": "119f5173628a",
"versionType": "git"
},
{
"lessThan": "13562c2d48c9",
"status": "affected",
"version": "119f5173628a",
"versionType": "git"
},
{
"lessThan": "af26ea99019c",
"status": "affected",
"version": "119f5173628a",
"versionType": "git"
},
{
"lessThan": "9489951e3ae5",
"status": "affected",
"version": "119f5173628a",
"versionType": "git"
},
{
"lessThan": "fb4aabdb1b48",
"status": "affected",
"version": "119f5173628a",
"versionType": "git"
},
{
"lessThan": "1e4350095e8a",
"status": "affected",
"version": "119f5173628a",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/mediatek/mtk_drm_gem.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.7"
},
{
"lessThan": "4.7",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: Add 0 size check to mtk_drm_gem_obj\n\nAdd a check to mtk_drm_gem_init if we attempt to allocate a GEM object\nof 0 bytes. Currently, no such check exists and the kernel will panic if\na userspace application attempts to allocate a 0x0 GBM buffer.\n\nTested by attempting to allocate a 0x0 GBM buffer on an MT8188 and\nverifying that we now return EINVAL."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:51.717Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/79078880795478d551a05acc41f957700030d364"
},
{
"url": "https://git.kernel.org/stable/c/be34a1b351ea7faeb15dde8c44fe89de3980ae67"
},
{
"url": "https://git.kernel.org/stable/c/d17b75ee9c2e44d3a3682c4ea5ab713ea6073350"
},
{
"url": "https://git.kernel.org/stable/c/0e3b6f9123726858cac299e1654e3d20424cabe4"
},
{
"url": "https://git.kernel.org/stable/c/13562c2d48c9ee330de1077d00146742be368f05"
},
{
"url": "https://git.kernel.org/stable/c/af26ea99019caee1500bf7e60c861136c0bf8594"
},
{
"url": "https://git.kernel.org/stable/c/9489951e3ae505534c4013db4e76b1b5a3151ac7"
},
{
"url": "https://git.kernel.org/stable/c/fb4aabdb1b48c25d9e1ee28f89440fd2ce556405"
},
{
"url": "https://git.kernel.org/stable/c/1e4350095e8ab2577ee05f8c3b044e661b5af9a0"
}
],
"title": "drm/mediatek: Add 0 size check to mtk_drm_gem_obj",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38549",
"datePublished": "2024-06-19T13:35:22.042Z",
"dateReserved": "2024-06-18T19:36:34.920Z",
"dateUpdated": "2024-08-02T04:12:25.182Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38575
Vulnerability from cvelistv5
Published
2024-06-19 13:37
Modified
2024-08-02 04:12
Severity
Summary
wifi: brcmfmac: pcie: handle randbuf allocation failure
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38575",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T14:58:36.238292Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T14:58:48.031Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0eb2c0528e232b3c32cde9d5e1c9f80ba2996e49"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c37466406f075476c2702ecc01917928af871f3b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7c15eb344b0d4d3468c9b2a7591ad2b859b29b88"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3729ca9e48d19a03ae049e2bde510e161c2f3720"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/316f790ebcf94bdf59f794b7cdea4068dc676d4c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/broadcom/brcm80211/brcmfmac/pcie.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0eb2c0528e23",
"status": "affected",
"version": "c35105f375b5",
"versionType": "git"
},
{
"lessThan": "c37466406f07",
"status": "affected",
"version": "91918ce88d9f",
"versionType": "git"
},
{
"lessThan": "7c15eb344b0d",
"status": "affected",
"version": "91918ce88d9f",
"versionType": "git"
},
{
"lessThan": "3729ca9e48d1",
"status": "affected",
"version": "91918ce88d9f",
"versionType": "git"
},
{
"lessThan": "316f790ebcf9",
"status": "affected",
"version": "91918ce88d9f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/broadcom/brcm80211/brcmfmac/pcie.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"lessThan": "6.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: pcie: handle randbuf allocation failure\n\nThe kzalloc() in brcmf_pcie_download_fw_nvram() will return null\nif the physical memory has run out. As a result, if we use\nget_random_bytes() to generate random bytes in the randbuf, the\nnull pointer dereference bug will happen.\n\nIn order to prevent allocation failure, this patch adds a separate\nfunction using buffer on kernel stack to generate random bytes in\nthe randbuf, which could prevent the kernel stack from overflow."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:22.645Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0eb2c0528e232b3c32cde9d5e1c9f80ba2996e49"
},
{
"url": "https://git.kernel.org/stable/c/c37466406f075476c2702ecc01917928af871f3b"
},
{
"url": "https://git.kernel.org/stable/c/7c15eb344b0d4d3468c9b2a7591ad2b859b29b88"
},
{
"url": "https://git.kernel.org/stable/c/3729ca9e48d19a03ae049e2bde510e161c2f3720"
},
{
"url": "https://git.kernel.org/stable/c/316f790ebcf94bdf59f794b7cdea4068dc676d4c"
}
],
"title": "wifi: brcmfmac: pcie: handle randbuf allocation failure",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38575",
"datePublished": "2024-06-19T13:37:34.476Z",
"dateReserved": "2024-06-18T19:36:34.924Z",
"dateUpdated": "2024-08-02T04:12:25.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38615
Vulnerability from cvelistv5
Published
2024-06-19 13:56
Modified
2024-08-02 04:12
Severity
Summary
cpufreq: exit() callback is optional
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38615",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T18:14:33.990176Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T18:14:41.733Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2d730b465e377396d2a09a53524b96b111f7ccb6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dfc56ff5ec9904c008e9376d90a6d7e2d2bec4d3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/35db5e76d5e9f752476df5fa0b9018a2398b0378"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8bc9546805e572ad101681437a49939f28777273"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3e99f060cfd2e36504d62c9132b453ade5027e1c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ae37ebca325097d773d7bb6ec069123b30772872"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a8204d1b6ff762d2171d365c2c8560285d0a233d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b8f85833c05730d631576008daaa34096bc7f3ce"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/cpufreq/cpufreq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "2d730b465e37",
"status": "affected",
"version": "91a12e91dc39",
"versionType": "git"
},
{
"lessThan": "dfc56ff5ec99",
"status": "affected",
"version": "91a12e91dc39",
"versionType": "git"
},
{
"lessThan": "35db5e76d5e9",
"status": "affected",
"version": "91a12e91dc39",
"versionType": "git"
},
{
"lessThan": "8bc9546805e5",
"status": "affected",
"version": "91a12e91dc39",
"versionType": "git"
},
{
"lessThan": "3e99f060cfd2",
"status": "affected",
"version": "91a12e91dc39",
"versionType": "git"
},
{
"lessThan": "ae37ebca3250",
"status": "affected",
"version": "91a12e91dc39",
"versionType": "git"
},
{
"lessThan": "a8204d1b6ff7",
"status": "affected",
"version": "91a12e91dc39",
"versionType": "git"
},
{
"lessThan": "b8f85833c057",
"status": "affected",
"version": "91a12e91dc39",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/cpufreq/cpufreq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.1"
},
{
"lessThan": "5.1",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: exit() callback is optional\n\nThe exit() callback is optional and shouldn\u0027t be called without checking\na valid pointer first.\n\nAlso, we must clear freq_table pointer even if the exit() callback isn\u0027t\npresent."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:07.630Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/2d730b465e377396d2a09a53524b96b111f7ccb6"
},
{
"url": "https://git.kernel.org/stable/c/dfc56ff5ec9904c008e9376d90a6d7e2d2bec4d3"
},
{
"url": "https://git.kernel.org/stable/c/35db5e76d5e9f752476df5fa0b9018a2398b0378"
},
{
"url": "https://git.kernel.org/stable/c/8bc9546805e572ad101681437a49939f28777273"
},
{
"url": "https://git.kernel.org/stable/c/3e99f060cfd2e36504d62c9132b453ade5027e1c"
},
{
"url": "https://git.kernel.org/stable/c/ae37ebca325097d773d7bb6ec069123b30772872"
},
{
"url": "https://git.kernel.org/stable/c/a8204d1b6ff762d2171d365c2c8560285d0a233d"
},
{
"url": "https://git.kernel.org/stable/c/b8f85833c05730d631576008daaa34096bc7f3ce"
}
],
"title": "cpufreq: exit() callback is optional",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38615",
"datePublished": "2024-06-19T13:56:15.422Z",
"dateReserved": "2024-06-18T19:36:34.944Z",
"dateUpdated": "2024-08-02T04:12:26.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47584
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:39
Severity
Summary
iocost: Fix divide-by-zero on donation from low hweight cgroup
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47584",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T19:43:49.047356Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T19:43:55.927Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:39:59.857Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a7c80674538f15f85d68138240aae440b8039519"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3a1a4eb574178c21241a6200f4785572e661c472"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/edaa26334c117a584add6053f48d63a988d25a6e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"block/blk-iocost.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a7c80674538f",
"status": "affected",
"version": "f1de2439ec43",
"versionType": "git"
},
{
"lessThan": "3a1a4eb57417",
"status": "affected",
"version": "f1de2439ec43",
"versionType": "git"
},
{
"lessThan": "edaa26334c11",
"status": "affected",
"version": "f1de2439ec43",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"block/blk-iocost.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.10"
},
{
"lessThan": "5.10",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niocost: Fix divide-by-zero on donation from low hweight cgroup\n\nThe donation calculation logic assumes that the donor has non-zero\nafter-donation hweight, so the lowest active hweight a donating cgroup can\nhave is 2 so that it can donate 1 while keeping the other 1 for itself.\nEarlier, we only donated from cgroups with sizable surpluses so this\ncondition was always true. However, with the precise donation algorithm\nimplemented, f1de2439ec43 (\"blk-iocost: revamp donation amount\ndetermination\") made the donation amount calculation exact enabling even low\nhweight cgroups to donate.\n\nThis means that in rare occasions, a cgroup with active hweight of 1 can\nenter donation calculation triggering the following warning and then a\ndivide-by-zero oops.\n\n WARNING: CPU: 4 PID: 0 at block/blk-iocost.c:1928 transfer_surpluses.cold+0x0/0x53 [884/94867]\n ...\n RIP: 0010:transfer_surpluses.cold+0x0/0x53\n Code: 92 ff 48 c7 c7 28 d1 ab b5 65 48 8b 34 25 00 ae 01 00 48 81 c6 90 06 00 00 e8 8b 3f fe ff 48 c7 c0 ea ff ff ff e9 95 ff 92 ff \u003c0f\u003e 0b 48 c7 c7 30 da ab b5 e8 71 3f fe ff 4c 89 e8 4d 85 ed 74 0\n4\n ...\n Call Trace:\n \u003cIRQ\u003e\n ioc_timer_fn+0x1043/0x1390\n call_timer_fn+0xa1/0x2c0\n __run_timers.part.0+0x1ec/0x2e0\n run_timer_softirq+0x35/0x70\n ...\n iocg: invalid donation weights in /a/b: active=1 donating=1 after=0\n\nFix it by excluding cgroups w/ active hweight \u003c 2 from donating. Excluding\nthese extreme low hweight donations shouldn\u0027t affect work conservation in\nany meaningful way."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:50.119Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a7c80674538f15f85d68138240aae440b8039519"
},
{
"url": "https://git.kernel.org/stable/c/3a1a4eb574178c21241a6200f4785572e661c472"
},
{
"url": "https://git.kernel.org/stable/c/edaa26334c117a584add6053f48d63a988d25a6e"
}
],
"title": "iocost: Fix divide-by-zero on donation from low hweight cgroup",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47584",
"datePublished": "2024-06-19T14:53:50.119Z",
"dateReserved": "2024-05-24T15:11:00.731Z",
"dateUpdated": "2024-08-04T05:39:59.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47615
Vulnerability from cvelistv5
Published
2024-06-19 14:58
Modified
2024-08-04 05:47
Severity
Summary
RDMA/mlx5: Fix releasing unallocated memory in dereg MR flow
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.760Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e3bc4d4b50cae7db08e50dbe43f771c906e97701"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c44979ace49b4aede3cc7cb5542316e53a4005c9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f0ae4afe3d35e67db042c58a52909e06262b740f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/mlx5/mlx5_ib.h",
"drivers/infiniband/hw/mlx5/mr.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e3bc4d4b50ca",
"status": "affected",
"version": "f18ec4223117",
"versionType": "git"
},
{
"lessThan": "c44979ace49b",
"status": "affected",
"version": "f18ec4223117",
"versionType": "git"
},
{
"lessThan": "f0ae4afe3d35",
"status": "affected",
"version": "f18ec4223117",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/mlx5/mlx5_ib.h",
"drivers/infiniband/hw/mlx5/mr.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.13"
},
{
"lessThan": "5.13",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.10",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.14",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix releasing unallocated memory in dereg MR flow\n\nFor the case of IB_MR_TYPE_DM the mr does doesn\u0027t have a umem, even though\nit is a user MR. This causes function mlx5_free_priv_descs() to think that\nit is a kernel MR, leading to wrongly accessing mr-\u003edescs that will get\nwrong values in the union which leads to attempt to release resources that\nwere not allocated in the first place.\n\nFor example:\n DMA-API: mlx5_core 0000:08:00.1: device driver tries to free DMA memory it has not allocated [device address=0x0000000000000000] [size=0 bytes]\n WARNING: CPU: 8 PID: 1021 at kernel/dma/debug.c:961 check_unmap+0x54f/0x8b0\n RIP: 0010:check_unmap+0x54f/0x8b0\n Call Trace:\n debug_dma_unmap_page+0x57/0x60\n mlx5_free_priv_descs+0x57/0x70 [mlx5_ib]\n mlx5_ib_dereg_mr+0x1fb/0x3d0 [mlx5_ib]\n ib_dereg_mr_user+0x60/0x140 [ib_core]\n uverbs_destroy_uobject+0x59/0x210 [ib_uverbs]\n uobj_destroy+0x3f/0x80 [ib_uverbs]\n ib_uverbs_cmd_verbs+0x435/0xd10 [ib_uverbs]\n ? uverbs_finalize_object+0x50/0x50 [ib_uverbs]\n ? lock_acquire+0xc4/0x2e0\n ? lock_acquired+0x12/0x380\n ? lock_acquire+0xc4/0x2e0\n ? lock_acquire+0xc4/0x2e0\n ? ib_uverbs_ioctl+0x7c/0x140 [ib_uverbs]\n ? lock_release+0x28a/0x400\n ib_uverbs_ioctl+0xc0/0x140 [ib_uverbs]\n ? ib_uverbs_ioctl+0x7c/0x140 [ib_uverbs]\n __x64_sys_ioctl+0x7f/0xb0\n do_syscall_64+0x38/0x90\n\nFix it by reorganizing the dereg flow and mlx5_ib_mr structure:\n - Move the ib_umem field into the user MRs structure in the union as it\u0027s\n applicable only there.\n - Function mlx5_ib_dereg_mr() will now call mlx5_free_priv_descs() only\n in case there isn\u0027t udata, which indicates that this isn\u0027t a user MR."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:58:03.142Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e3bc4d4b50cae7db08e50dbe43f771c906e97701"
},
{
"url": "https://git.kernel.org/stable/c/c44979ace49b4aede3cc7cb5542316e53a4005c9"
},
{
"url": "https://git.kernel.org/stable/c/f0ae4afe3d35e67db042c58a52909e06262b740f"
}
],
"title": "RDMA/mlx5: Fix releasing unallocated memory in dereg MR flow",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47615",
"datePublished": "2024-06-19T14:58:03.142Z",
"dateReserved": "2024-06-19T14:55:32.795Z",
"dateUpdated": "2024-08-04T05:47:40.760Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38561
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
kunit: Fix kthread reference
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38561",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T14:52:44.997515Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T14:52:55.895Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.645Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1f2ebd3758e1cef6a1f998a1f7ea73310dcb1699"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1ec7ccb4cd4b6f72c2998b07880fa7aaf8dfe1d4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8f5c841a559ccb700c8d27a3ca645b7a5f59b4f5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b0b755cb5a5e0d7168c3ab1b3814b0d3cad9f017"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f8aa1b98ce40184521ed95ec26cc115a255183b2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"lib/kunit/try-catch.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "1f2ebd3758e1",
"status": "affected",
"version": "adf505457032",
"versionType": "git"
},
{
"lessThan": "1ec7ccb4cd4b",
"status": "affected",
"version": "adf505457032",
"versionType": "git"
},
{
"lessThan": "8f5c841a559c",
"status": "affected",
"version": "adf505457032",
"versionType": "git"
},
{
"lessThan": "b0b755cb5a5e",
"status": "affected",
"version": "adf505457032",
"versionType": "git"
},
{
"lessThan": "f8aa1b98ce40",
"status": "affected",
"version": "adf505457032",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"lib/kunit/try-catch.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.18"
},
{
"lessThan": "5.18",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkunit: Fix kthread reference\n\nThere is a race condition when a kthread finishes after the deadline and\nbefore the call to kthread_stop(), which may lead to use after free."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:06.245Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/1f2ebd3758e1cef6a1f998a1f7ea73310dcb1699"
},
{
"url": "https://git.kernel.org/stable/c/1ec7ccb4cd4b6f72c2998b07880fa7aaf8dfe1d4"
},
{
"url": "https://git.kernel.org/stable/c/8f5c841a559ccb700c8d27a3ca645b7a5f59b4f5"
},
{
"url": "https://git.kernel.org/stable/c/b0b755cb5a5e0d7168c3ab1b3814b0d3cad9f017"
},
{
"url": "https://git.kernel.org/stable/c/f8aa1b98ce40184521ed95ec26cc115a255183b2"
}
],
"title": "kunit: Fix kthread reference",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38561",
"datePublished": "2024-06-19T13:35:30.227Z",
"dateReserved": "2024-06-18T19:36:34.922Z",
"dateUpdated": "2024-08-02T04:12:25.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38557
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
net/mlx5: Reload only IB representors upon lag disable/enable
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38557",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T14:38:10.487920Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T14:39:10.077Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.994Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e93fc8d959e56092e2eca1e5511c2d2f0ad6807a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f03c714a0fdd1f93101a929d0e727c28a66383fc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0f320f28f54b1b269a755be2e3fb3695e0b80b07"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0f06228d4a2dcc1fca5b3ddb0eefa09c05b102c4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/eswitch.h",
"drivers/net/ethernet/mellanox/mlx5/core/eswitch_offloads.c",
"drivers/net/ethernet/mellanox/mlx5/core/lag/lag.c",
"drivers/net/ethernet/mellanox/mlx5/core/lag/mpesw.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e93fc8d959e5",
"status": "affected",
"version": "598fe77df855",
"versionType": "git"
},
{
"lessThan": "f03c714a0fdd",
"status": "affected",
"version": "598fe77df855",
"versionType": "git"
},
{
"lessThan": "0f320f28f54b",
"status": "affected",
"version": "598fe77df855",
"versionType": "git"
},
{
"lessThan": "0f06228d4a2d",
"status": "affected",
"version": "598fe77df855",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/eswitch.h",
"drivers/net/ethernet/mellanox/mlx5/core/eswitch_offloads.c",
"drivers/net/ethernet/mellanox/mlx5/core/lag/lag.c",
"drivers/net/ethernet/mellanox/mlx5/core/lag/mpesw.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.15"
},
{
"lessThan": "5.15",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Reload only IB representors upon lag disable/enable\n\nOn lag disable, the bond IB device along with all of its\nrepresentors are destroyed, and then the slaves\u0027 representors get reloaded.\n\nIn case the slave IB representor load fails, the eswitch error flow\nunloads all representors, including ethernet representors, where the\nnetdevs get detached and removed from lag bond. Such flow is inaccurate\nas the lag driver is not responsible for loading/unloading ethernet\nrepresentors. Furthermore, the flow described above begins by holding\nlag lock to prevent bond changes during disable flow. However, when\nreaching the ethernet representors detachment from lag, the lag lock is\nrequired again, triggering the following deadlock:\n\nCall trace:\n__switch_to+0xf4/0x148\n__schedule+0x2c8/0x7d0\nschedule+0x50/0xe0\nschedule_preempt_disabled+0x18/0x28\n__mutex_lock.isra.13+0x2b8/0x570\n__mutex_lock_slowpath+0x1c/0x28\nmutex_lock+0x4c/0x68\nmlx5_lag_remove_netdev+0x3c/0x1a0 [mlx5_core]\nmlx5e_uplink_rep_disable+0x70/0xa0 [mlx5_core]\nmlx5e_detach_netdev+0x6c/0xb0 [mlx5_core]\nmlx5e_netdev_change_profile+0x44/0x138 [mlx5_core]\nmlx5e_netdev_attach_nic_profile+0x28/0x38 [mlx5_core]\nmlx5e_vport_rep_unload+0x184/0x1b8 [mlx5_core]\nmlx5_esw_offloads_rep_load+0xd8/0xe0 [mlx5_core]\nmlx5_eswitch_reload_reps+0x74/0xd0 [mlx5_core]\nmlx5_disable_lag+0x130/0x138 [mlx5_core]\nmlx5_lag_disable_change+0x6c/0x70 [mlx5_core] // hold ldev-\u003elock\nmlx5_devlink_eswitch_mode_set+0xc0/0x410 [mlx5_core]\ndevlink_nl_cmd_eswitch_set_doit+0xdc/0x180\ngenl_family_rcv_msg_doit.isra.17+0xe8/0x138\ngenl_rcv_msg+0xe4/0x220\nnetlink_rcv_skb+0x44/0x108\ngenl_rcv+0x40/0x58\nnetlink_unicast+0x198/0x268\nnetlink_sendmsg+0x1d4/0x418\nsock_sendmsg+0x54/0x60\n__sys_sendto+0xf4/0x120\n__arm64_sys_sendto+0x30/0x40\nel0_svc_common+0x8c/0x120\ndo_el0_svc+0x30/0xa0\nel0_svc+0x20/0x30\nel0_sync_handler+0x90/0xb8\nel0_sync+0x160/0x180\n\nThus, upon lag enable/disable, load and unload only the IB representors\nof the slaves preventing the deadlock mentioned above.\n\nWhile at it, refactor the mlx5_esw_offloads_rep_load() function to have\na static helper method for its internal logic, in symmetry with the\nrepresentor unload design."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:01.195Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e93fc8d959e56092e2eca1e5511c2d2f0ad6807a"
},
{
"url": "https://git.kernel.org/stable/c/f03c714a0fdd1f93101a929d0e727c28a66383fc"
},
{
"url": "https://git.kernel.org/stable/c/0f320f28f54b1b269a755be2e3fb3695e0b80b07"
},
{
"url": "https://git.kernel.org/stable/c/0f06228d4a2dcc1fca5b3ddb0eefa09c05b102c4"
}
],
"title": "net/mlx5: Reload only IB representors upon lag disable/enable",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38557",
"datePublished": "2024-06-19T13:35:27.426Z",
"dateReserved": "2024-06-18T19:36:34.921Z",
"dateUpdated": "2024-08-02T04:12:25.994Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38572
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
wifi: ath12k: fix out-of-bound access of qmi_invoke_handler()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/95575de7dede7b1ed3b9718dab9dda97914ea775"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b48d40f5840c505b7af700594aa8379eec28e925"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a1abdb63628b04855a929850772de97435ed1555"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e1bdff48a1bb4a4ac660c19c55a820968c48b3f2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/ath/ath12k/qmi.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "95575de7dede",
"status": "affected",
"version": "d889913205cf",
"versionType": "git"
},
{
"lessThan": "b48d40f5840c",
"status": "affected",
"version": "d889913205cf",
"versionType": "git"
},
{
"lessThan": "a1abdb63628b",
"status": "affected",
"version": "d889913205cf",
"versionType": "git"
},
{
"lessThan": "e1bdff48a1bb",
"status": "affected",
"version": "d889913205cf",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/ath/ath12k/qmi.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.3"
},
{
"lessThan": "6.3",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix out-of-bound access of qmi_invoke_handler()\n\nCurrently, there is no terminator entry for ath12k_qmi_msg_handlers hence\nfacing below KASAN warning,\n\n ==================================================================\n BUG: KASAN: global-out-of-bounds in qmi_invoke_handler+0xa4/0x148\n Read of size 8 at addr ffffffd00a6428d8 by task kworker/u8:2/1273\n\n CPU: 0 PID: 1273 Comm: kworker/u8:2 Not tainted 5.4.213 #0\n Workqueue: qmi_msg_handler qmi_data_ready_work\n Call trace:\n dump_backtrace+0x0/0x20c\n show_stack+0x14/0x1c\n dump_stack+0xe0/0x138\n print_address_description.isra.5+0x30/0x330\n __kasan_report+0x16c/0x1bc\n kasan_report+0xc/0x14\n __asan_load8+0xa8/0xb0\n qmi_invoke_handler+0xa4/0x148\n qmi_handle_message+0x18c/0x1bc\n qmi_data_ready_work+0x4ec/0x528\n process_one_work+0x2c0/0x440\n worker_thread+0x324/0x4b8\n kthread+0x210/0x228\n ret_from_fork+0x10/0x18\n\n The address belongs to the variable:\n ath12k_mac_mon_status_filter_default+0x4bd8/0xfffffffffffe2300 [ath12k]\n [...]\n ==================================================================\n\nAdd a dummy terminator entry at the end to assist the qmi_invoke_handler()\nin traversing up to the terminator entry without accessing an\nout-of-boundary index.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0.1-00029-QCAHKSWPL_SILICONZ-1"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:19.082Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/95575de7dede7b1ed3b9718dab9dda97914ea775"
},
{
"url": "https://git.kernel.org/stable/c/b48d40f5840c505b7af700594aa8379eec28e925"
},
{
"url": "https://git.kernel.org/stable/c/a1abdb63628b04855a929850772de97435ed1555"
},
{
"url": "https://git.kernel.org/stable/c/e1bdff48a1bb4a4ac660c19c55a820968c48b3f2"
}
],
"title": "wifi: ath12k: fix out-of-bound access of qmi_invoke_handler()",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38572",
"datePublished": "2024-06-19T13:35:37.666Z",
"dateReserved": "2024-06-18T19:36:34.924Z",
"dateUpdated": "2024-08-02T04:12:25.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38579
Vulnerability from cvelistv5
Published
2024-06-19 13:37
Modified
2024-08-02 04:12
Severity
Summary
crypto: bcm - Fix pointer arithmetic
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c256b616067bfd6d274c679c06986b78d2402434"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e719c8991c161977a67197775067ab456b518c7b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ebed0d666fa709bae9e8cafa8ec6e7ebd1d318c6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c69a1e4b419c2c466dd8c5602bdebadc353973dd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/49833a8da6407e7e9b532cc4054fdbcaf78f5fdd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d0f14ae223c2421b334c1f1a9e48f1e809aee3a0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c0082ee420639a97e40cae66778b02b341b005e5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3b7a40740f04e2f27114dfd6225c5e721dda9d57"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2b3460cbf454c6b03d7429e9ffc4fe09322eb1a9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/crypto/bcm/spu2.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "c256b616067b",
"status": "affected",
"version": "9d12ba86f818",
"versionType": "git"
},
{
"lessThan": "e719c8991c16",
"status": "affected",
"version": "9d12ba86f818",
"versionType": "git"
},
{
"lessThan": "ebed0d666fa7",
"status": "affected",
"version": "9d12ba86f818",
"versionType": "git"
},
{
"lessThan": "c69a1e4b419c",
"status": "affected",
"version": "9d12ba86f818",
"versionType": "git"
},
{
"lessThan": "49833a8da640",
"status": "affected",
"version": "9d12ba86f818",
"versionType": "git"
},
{
"lessThan": "d0f14ae223c2",
"status": "affected",
"version": "9d12ba86f818",
"versionType": "git"
},
{
"lessThan": "c0082ee42063",
"status": "affected",
"version": "9d12ba86f818",
"versionType": "git"
},
{
"lessThan": "3b7a40740f04",
"status": "affected",
"version": "9d12ba86f818",
"versionType": "git"
},
{
"lessThan": "2b3460cbf454",
"status": "affected",
"version": "9d12ba86f818",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/crypto/bcm/spu2.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.11"
},
{
"lessThan": "4.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: bcm - Fix pointer arithmetic\n\nIn spu2_dump_omd() value of ptr is increased by ciph_key_len\ninstead of hash_iv_len which could lead to going beyond the\nbuffer boundaries.\nFix this bug by changing ciph_key_len to hash_iv_len.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:27.254Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/c256b616067bfd6d274c679c06986b78d2402434"
},
{
"url": "https://git.kernel.org/stable/c/e719c8991c161977a67197775067ab456b518c7b"
},
{
"url": "https://git.kernel.org/stable/c/ebed0d666fa709bae9e8cafa8ec6e7ebd1d318c6"
},
{
"url": "https://git.kernel.org/stable/c/c69a1e4b419c2c466dd8c5602bdebadc353973dd"
},
{
"url": "https://git.kernel.org/stable/c/49833a8da6407e7e9b532cc4054fdbcaf78f5fdd"
},
{
"url": "https://git.kernel.org/stable/c/d0f14ae223c2421b334c1f1a9e48f1e809aee3a0"
},
{
"url": "https://git.kernel.org/stable/c/c0082ee420639a97e40cae66778b02b341b005e5"
},
{
"url": "https://git.kernel.org/stable/c/3b7a40740f04e2f27114dfd6225c5e721dda9d57"
},
{
"url": "https://git.kernel.org/stable/c/2b3460cbf454c6b03d7429e9ffc4fe09322eb1a9"
}
],
"title": "crypto: bcm - Fix pointer arithmetic",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38579",
"datePublished": "2024-06-19T13:37:37.154Z",
"dateReserved": "2024-06-18T19:36:34.926Z",
"dateUpdated": "2024-08-02T04:12:25.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-36979
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 03:43
Severity
Summary
net: bridge: mst: fix vlan use-after-free
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36979",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T15:36:13.939816Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T15:36:22.198Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8ca9a750fc711911ef616ceb627d07357b04545e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4488617e5e995a09abe4d81add5fb165674edb59"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a2b01e65d9ba8af2bb086d3b7288ca53a07249ac"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e43dd2b1ec746e105b7db5f9ad6ef14685a615a4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3a7c1661ae1383364cd6092d851f5e5da64d476b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/bridge/br_mst.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8ca9a750fc71",
"status": "affected",
"version": "ec7328b59176",
"versionType": "git"
},
{
"lessThan": "4488617e5e99",
"status": "affected",
"version": "ec7328b59176",
"versionType": "git"
},
{
"lessThan": "a2b01e65d9ba",
"status": "affected",
"version": "ec7328b59176",
"versionType": "git"
},
{
"lessThan": "e43dd2b1ec74",
"status": "affected",
"version": "ec7328b59176",
"versionType": "git"
},
{
"lessThan": "3a7c1661ae13",
"status": "affected",
"version": "ec7328b59176",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/bridge/br_mst.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.18"
},
{
"lessThan": "5.18",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: mst: fix vlan use-after-free\n\nsyzbot reported a suspicious rcu usage[1] in bridge\u0027s mst code. While\nfixing it I noticed that nothing prevents a vlan to be freed while\nwalking the list from the same path (br forward delay timer). Fix the rcu\nusage and also make sure we are not accessing freed memory by making\nbr_mst_vlan_set_state use rcu read lock.\n\n[1]\n WARNING: suspicious RCU usage\n 6.9.0-rc6-syzkaller #0 Not tainted\n -----------------------------\n net/bridge/br_private.h:1599 suspicious rcu_dereference_protected() usage!\n ...\n stack backtrace:\n CPU: 1 PID: 8017 Comm: syz-executor.1 Not tainted 6.9.0-rc6-syzkaller #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\n Call Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n lockdep_rcu_suspicious+0x221/0x340 kernel/locking/lockdep.c:6712\n nbp_vlan_group net/bridge/br_private.h:1599 [inline]\n br_mst_set_state+0x1ea/0x650 net/bridge/br_mst.c:105\n br_set_state+0x28a/0x7b0 net/bridge/br_stp.c:47\n br_forward_delay_timer_expired+0x176/0x440 net/bridge/br_stp_timer.c:88\n call_timer_fn+0x18e/0x650 kernel/time/timer.c:1793\n expire_timers kernel/time/timer.c:1844 [inline]\n __run_timers kernel/time/timer.c:2418 [inline]\n __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2429\n run_timer_base kernel/time/timer.c:2438 [inline]\n run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2448\n __do_softirq+0x2c6/0x980 kernel/softirq.c:554\n invoke_softirq kernel/softirq.c:428 [inline]\n __irq_exit_rcu+0xf2/0x1c0 kernel/softirq.c:633\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:645\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1043\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702\n RIP: 0010:lock_acquire+0x264/0x550 kernel/locking/lockdep.c:5758\n Code: 2b 00 74 08 4c 89 f7 e8 ba d1 84 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 \u003c4b\u003e c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25\n RSP: 0018:ffffc90013657100 EFLAGS: 00000206\n RAX: 0000000000000001 RBX: 1ffff920026cae2c RCX: 0000000000000001\n RDX: dffffc0000000000 RSI: ffffffff8bcaca00 RDI: ffffffff8c1eaa60\n RBP: ffffc90013657260 R08: ffffffff92efe507 R09: 1ffffffff25dfca0\n R10: dffffc0000000000 R11: fffffbfff25dfca1 R12: 1ffff920026cae28\n R13: dffffc0000000000 R14: ffffc90013657160 R15: 0000000000000246"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:23.521Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8ca9a750fc711911ef616ceb627d07357b04545e"
},
{
"url": "https://git.kernel.org/stable/c/4488617e5e995a09abe4d81add5fb165674edb59"
},
{
"url": "https://git.kernel.org/stable/c/a2b01e65d9ba8af2bb086d3b7288ca53a07249ac"
},
{
"url": "https://git.kernel.org/stable/c/e43dd2b1ec746e105b7db5f9ad6ef14685a615a4"
},
{
"url": "https://git.kernel.org/stable/c/3a7c1661ae1383364cd6092d851f5e5da64d476b"
}
],
"title": "net: bridge: mst: fix vlan use-after-free",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-36979",
"datePublished": "2024-06-19T13:35:12.708Z",
"dateReserved": "2024-05-30T15:25:07.082Z",
"dateUpdated": "2024-08-02T03:43:50.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38556
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
net/mlx5: Add a timeout to acquire the command queue semaphore
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38556",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T14:39:36.786296Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T14:40:06.541Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.318Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4baae687a20ef2b82fde12de3c04461e6f2521d6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f9caccdd42e999b74303c9b0643300073ed5d319"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2d0962d05c93de391ce85f6e764df895f47c8918"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/94024332a129c6e4275569d85c0c1bfb2ae2d71b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/485d65e1357123a697c591a5aeb773994b247ad7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/cmd.c",
"include/linux/mlx5/driver.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "4baae687a20e",
"status": "affected",
"version": "8e715cd613a1",
"versionType": "git"
},
{
"lessThan": "f9caccdd42e9",
"status": "affected",
"version": "8e715cd613a1",
"versionType": "git"
},
{
"lessThan": "2d0962d05c93",
"status": "affected",
"version": "8e715cd613a1",
"versionType": "git"
},
{
"lessThan": "94024332a129",
"status": "affected",
"version": "8e715cd613a1",
"versionType": "git"
},
{
"lessThan": "485d65e13571",
"status": "affected",
"version": "8e715cd613a1",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/cmd.c",
"include/linux/mlx5/driver.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.17"
},
{
"lessThan": "5.17",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Add a timeout to acquire the command queue semaphore\n\nPrevent forced completion handling on an entry that has not yet been\nassigned an index, causing an out of bounds access on idx = -22.\nInstead of waiting indefinitely for the sem, blocking flow now waits for\nindex to be allocated or a sem acquisition timeout before beginning the\ntimer for FW completion.\n\nKernel log example:\nmlx5_core 0000:06:00.0: wait_func_handle_exec_timeout:1128:(pid 185911): cmd[-22]: CREATE_UCTX(0xa04) No done completion"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:59.871Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/4baae687a20ef2b82fde12de3c04461e6f2521d6"
},
{
"url": "https://git.kernel.org/stable/c/f9caccdd42e999b74303c9b0643300073ed5d319"
},
{
"url": "https://git.kernel.org/stable/c/2d0962d05c93de391ce85f6e764df895f47c8918"
},
{
"url": "https://git.kernel.org/stable/c/94024332a129c6e4275569d85c0c1bfb2ae2d71b"
},
{
"url": "https://git.kernel.org/stable/c/485d65e1357123a697c591a5aeb773994b247ad7"
}
],
"title": "net/mlx5: Add a timeout to acquire the command queue semaphore",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38556",
"datePublished": "2024-06-19T13:35:26.753Z",
"dateReserved": "2024-06-18T19:36:34.921Z",
"dateUpdated": "2024-08-02T04:12:25.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38555
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
net/mlx5: Discard command completions in internal error
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.241Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f6fbb8535e990f844371086ab2c1221f71f993d3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3cb92b0ad73d3f1734e812054e698d655e9581b0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bf8aaf0ae01c27ae3c06aa8610caf91e50393396"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1337ec94bc5a9eed250e33f5f5c89a28a6bfabdb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1d5dce5e92a70274de67a59e1e674c3267f94cd7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7ac4c69c34240c6de820492c0a28a0bd1494265a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/db9b31aa9bc56ff0d15b78f7e827d61c4a096e40"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/cmd.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f6fbb8535e99",
"status": "affected",
"version": "27c79b3a9212",
"versionType": "git"
},
{
"lessThan": "3cb92b0ad73d",
"status": "affected",
"version": "51d138c2610a",
"versionType": "git"
},
{
"lessThan": "bf8aaf0ae01c",
"status": "affected",
"version": "51d138c2610a",
"versionType": "git"
},
{
"lessThan": "1337ec94bc5a",
"status": "affected",
"version": "51d138c2610a",
"versionType": "git"
},
{
"lessThan": "1d5dce5e92a7",
"status": "affected",
"version": "51d138c2610a",
"versionType": "git"
},
{
"lessThan": "7ac4c69c3424",
"status": "affected",
"version": "51d138c2610a",
"versionType": "git"
},
{
"lessThan": "db9b31aa9bc5",
"status": "affected",
"version": "51d138c2610a",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/cmd.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.12"
},
{
"lessThan": "5.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Discard command completions in internal error\n\nFix use after free when FW completion arrives while device is in\ninternal error state. Avoid calling completion handler in this case,\nsince the device will flush the command interface and trigger all\ncompletions manually.\n\nKernel log:\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\n...\nRIP: 0010:refcount_warn_saturate+0xd8/0xe0\n...\nCall Trace:\n\u003cIRQ\u003e\n? __warn+0x79/0x120\n? refcount_warn_saturate+0xd8/0xe0\n? report_bug+0x17c/0x190\n? handle_bug+0x3c/0x60\n? exc_invalid_op+0x14/0x70\n? asm_exc_invalid_op+0x16/0x20\n? refcount_warn_saturate+0xd8/0xe0\ncmd_ent_put+0x13b/0x160 [mlx5_core]\nmlx5_cmd_comp_handler+0x5f9/0x670 [mlx5_core]\ncmd_comp_notifier+0x1f/0x30 [mlx5_core]\nnotifier_call_chain+0x35/0xb0\natomic_notifier_call_chain+0x16/0x20\nmlx5_eq_async_int+0xf6/0x290 [mlx5_core]\nnotifier_call_chain+0x35/0xb0\natomic_notifier_call_chain+0x16/0x20\nirq_int_handler+0x19/0x30 [mlx5_core]\n__handle_irq_event_percpu+0x4b/0x160\nhandle_irq_event+0x2e/0x80\nhandle_edge_irq+0x98/0x230\n__common_interrupt+0x3b/0xa0\ncommon_interrupt+0x7b/0xa0\n\u003c/IRQ\u003e\n\u003cTASK\u003e\nasm_common_interrupt+0x22/0x40"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:58.669Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/f6fbb8535e990f844371086ab2c1221f71f993d3"
},
{
"url": "https://git.kernel.org/stable/c/3cb92b0ad73d3f1734e812054e698d655e9581b0"
},
{
"url": "https://git.kernel.org/stable/c/bf8aaf0ae01c27ae3c06aa8610caf91e50393396"
},
{
"url": "https://git.kernel.org/stable/c/1337ec94bc5a9eed250e33f5f5c89a28a6bfabdb"
},
{
"url": "https://git.kernel.org/stable/c/1d5dce5e92a70274de67a59e1e674c3267f94cd7"
},
{
"url": "https://git.kernel.org/stable/c/7ac4c69c34240c6de820492c0a28a0bd1494265a"
},
{
"url": "https://git.kernel.org/stable/c/db9b31aa9bc56ff0d15b78f7e827d61c4a096e40"
}
],
"title": "net/mlx5: Discard command completions in internal error",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38555",
"datePublished": "2024-06-19T13:35:26.059Z",
"dateReserved": "2024-06-18T19:36:34.920Z",
"dateUpdated": "2024-08-02T04:12:25.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38551
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
ASoC: mediatek: Assign dummy when codec not specified for a DAI link
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.242Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/87b8dca6e06f9b1681bc52bf7bfa85c663a11158"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cbbcabc7f0979f6542372cf88d7a9da7143a4226"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0c052b1c11d8119f3048b1f7b3c39a90500cacf9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5f39231888c63f0a7708abc86b51b847476379d8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"sound/soc/mediatek/common/mtk-soundcard-driver.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "87b8dca6e06f",
"status": "affected",
"version": "4302187d955f",
"versionType": "git"
},
{
"lessThan": "cbbcabc7f097",
"status": "affected",
"version": "4302187d955f",
"versionType": "git"
},
{
"lessThan": "0c052b1c11d8",
"status": "affected",
"version": "4302187d955f",
"versionType": "git"
},
{
"lessThan": "5f39231888c6",
"status": "affected",
"version": "4302187d955f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"sound/soc/mediatek/common/mtk-soundcard-driver.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.3"
},
{
"lessThan": "6.3",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: mediatek: Assign dummy when codec not specified for a DAI link\n\nMediaTek sound card drivers are checking whether a DAI link is present\nand used on a board to assign the correct parameters and this is done\nby checking the codec DAI names at probe time.\n\nIf no real codec is present, assign the dummy codec to the DAI link\nto avoid NULL pointer during string comparison."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:54.024Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/87b8dca6e06f9b1681bc52bf7bfa85c663a11158"
},
{
"url": "https://git.kernel.org/stable/c/cbbcabc7f0979f6542372cf88d7a9da7143a4226"
},
{
"url": "https://git.kernel.org/stable/c/0c052b1c11d8119f3048b1f7b3c39a90500cacf9"
},
{
"url": "https://git.kernel.org/stable/c/5f39231888c63f0a7708abc86b51b847476379d8"
}
],
"title": "ASoC: mediatek: Assign dummy when codec not specified for a DAI link",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38551",
"datePublished": "2024-06-19T13:35:23.364Z",
"dateReserved": "2024-06-18T19:36:34.920Z",
"dateUpdated": "2024-08-02T04:12:25.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38567
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
wifi: carl9170: add a proper sanity check for endpoints
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.875Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/eb0f2fc3ff5806cc572cd9055ce7c52a01e97645"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ac3ed46a8741d464bc70ebdf7433c1d786cf329d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8650725bb0a48b206d5a8ddad3a7488f9a5985b7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6a9892bf24c906b4d6b587f8759ca38bff672582"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/265c3cda471c26e0f25d0c755da94e1eb15d7a0c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/62eb07923f3693d55b0c2d9a5a4f1ad72cb6b8fd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/03ddc74bdfd71b84a55c9f2185d8787f258422cd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0fa08a55201ab9be72bacb8ea93cf752d338184f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b6dd09b3dac89b45d1ea3e3bd035a3859c0369a0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/ath/carl9170/usb.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "eb0f2fc3ff58",
"status": "affected",
"version": "a84fab3cbfdc",
"versionType": "git"
},
{
"lessThan": "ac3ed46a8741",
"status": "affected",
"version": "a84fab3cbfdc",
"versionType": "git"
},
{
"lessThan": "8650725bb0a4",
"status": "affected",
"version": "a84fab3cbfdc",
"versionType": "git"
},
{
"lessThan": "6a9892bf24c9",
"status": "affected",
"version": "a84fab3cbfdc",
"versionType": "git"
},
{
"lessThan": "265c3cda471c",
"status": "affected",
"version": "a84fab3cbfdc",
"versionType": "git"
},
{
"lessThan": "62eb07923f36",
"status": "affected",
"version": "a84fab3cbfdc",
"versionType": "git"
},
{
"lessThan": "03ddc74bdfd7",
"status": "affected",
"version": "a84fab3cbfdc",
"versionType": "git"
},
{
"lessThan": "0fa08a55201a",
"status": "affected",
"version": "a84fab3cbfdc",
"versionType": "git"
},
{
"lessThan": "b6dd09b3dac8",
"status": "affected",
"version": "a84fab3cbfdc",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/ath/carl9170/usb.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.37"
},
{
"lessThan": "2.6.37",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: carl9170: add a proper sanity check for endpoints\n\nSyzkaller reports [1] hitting a warning which is caused by presence\nof a wrong endpoint type at the URB sumbitting stage. While there\nwas a check for a specific 4th endpoint, since it can switch types\nbetween bulk and interrupt, other endpoints are trusted implicitly.\nSimilar warning is triggered in a couple of other syzbot issues [2].\n\nFix the issue by doing a comprehensive check of all endpoints\ntaking into account difference between high- and full-speed\nconfiguration.\n\n[1] Syzkaller report:\n...\nWARNING: CPU: 0 PID: 4721 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504\n...\nCall Trace:\n \u003cTASK\u003e\n carl9170_usb_send_rx_irq_urb+0x273/0x340 drivers/net/wireless/ath/carl9170/usb.c:504\n carl9170_usb_init_device drivers/net/wireless/ath/carl9170/usb.c:939 [inline]\n carl9170_usb_firmware_finish drivers/net/wireless/ath/carl9170/usb.c:999 [inline]\n carl9170_usb_firmware_step2+0x175/0x240 drivers/net/wireless/ath/carl9170/usb.c:1028\n request_firmware_work_func+0x130/0x240 drivers/base/firmware_loader/main.c:1107\n process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289\n worker_thread+0x669/0x1090 kernel/workqueue.c:2436\n kthread+0x2e8/0x3a0 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308\n \u003c/TASK\u003e\n\n[2] Related syzkaller crashes:"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:13.189Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/eb0f2fc3ff5806cc572cd9055ce7c52a01e97645"
},
{
"url": "https://git.kernel.org/stable/c/ac3ed46a8741d464bc70ebdf7433c1d786cf329d"
},
{
"url": "https://git.kernel.org/stable/c/8650725bb0a48b206d5a8ddad3a7488f9a5985b7"
},
{
"url": "https://git.kernel.org/stable/c/6a9892bf24c906b4d6b587f8759ca38bff672582"
},
{
"url": "https://git.kernel.org/stable/c/265c3cda471c26e0f25d0c755da94e1eb15d7a0c"
},
{
"url": "https://git.kernel.org/stable/c/62eb07923f3693d55b0c2d9a5a4f1ad72cb6b8fd"
},
{
"url": "https://git.kernel.org/stable/c/03ddc74bdfd71b84a55c9f2185d8787f258422cd"
},
{
"url": "https://git.kernel.org/stable/c/0fa08a55201ab9be72bacb8ea93cf752d338184f"
},
{
"url": "https://git.kernel.org/stable/c/b6dd09b3dac89b45d1ea3e3bd035a3859c0369a0"
}
],
"title": "wifi: carl9170: add a proper sanity check for endpoints",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38567",
"datePublished": "2024-06-19T13:35:34.254Z",
"dateReserved": "2024-06-18T19:36:34.923Z",
"dateUpdated": "2024-08-02T04:12:25.875Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38587
Vulnerability from cvelistv5
Published
2024-06-19 13:37
Modified
2024-08-02 04:12
Severity
Summary
speakup: Fix sizeof() vs ARRAY_SIZE() bug
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38587",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T14:49:14.118323Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T14:49:22.989Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/42f0a3f67158ed6b2908d2b9ffbf7e96d23fd358"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cd7f3978c2ec741aedd1d860b2adb227314cf996"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/07ef95cc7a579731198c93beed281e3a79a0e586"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/504178fb7d9f6cdb0496d5491efb05f45597e535"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3726f75a1ccc16cd335c0ccfad1d92ee08ecba5e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c6e1650cf5df1bd6638eeee231a683ef30c7d4eb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/eb1ea64328d4cc7d7a912c563f8523d5259716ef"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d52c04474feac8e305814a5228e622afe481b2ef"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/008ab3c53bc4f0b2f20013c8f6c204a3203d0b8b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/accessibility/speakup/main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "42f0a3f67158",
"status": "affected",
"version": "756c5cb7c09e",
"versionType": "git"
},
{
"lessThan": "cd7f3978c2ec",
"status": "affected",
"version": "8f6b62125bef",
"versionType": "git"
},
{
"lessThan": "07ef95cc7a57",
"status": "affected",
"version": "6401038acfa2",
"versionType": "git"
},
{
"lessThan": "504178fb7d9f",
"status": "affected",
"version": "0d130158db29",
"versionType": "git"
},
{
"lessThan": "3726f75a1ccc",
"status": "affected",
"version": "89af25bd4b4b",
"versionType": "git"
},
{
"lessThan": "c6e1650cf5df",
"status": "affected",
"version": "8defb1d22ba0",
"versionType": "git"
},
{
"lessThan": "eb1ea64328d4",
"status": "affected",
"version": "0efb15c14c49",
"versionType": "git"
},
{
"lessThan": "d52c04474fea",
"status": "affected",
"version": "c8d2f34ea96e",
"versionType": "git"
},
{
"lessThan": "008ab3c53bc4",
"status": "affected",
"version": "c8d2f34ea96e",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/accessibility/speakup/main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.9"
},
{
"lessThan": "6.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspeakup: Fix sizeof() vs ARRAY_SIZE() bug\n\nThe \"buf\" pointer is an array of u16 values. This code should be\nusing ARRAY_SIZE() (which is 256) instead of sizeof() (which is 512),\notherwise it can the still got out of bounds."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:34.273Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/42f0a3f67158ed6b2908d2b9ffbf7e96d23fd358"
},
{
"url": "https://git.kernel.org/stable/c/cd7f3978c2ec741aedd1d860b2adb227314cf996"
},
{
"url": "https://git.kernel.org/stable/c/07ef95cc7a579731198c93beed281e3a79a0e586"
},
{
"url": "https://git.kernel.org/stable/c/504178fb7d9f6cdb0496d5491efb05f45597e535"
},
{
"url": "https://git.kernel.org/stable/c/3726f75a1ccc16cd335c0ccfad1d92ee08ecba5e"
},
{
"url": "https://git.kernel.org/stable/c/c6e1650cf5df1bd6638eeee231a683ef30c7d4eb"
},
{
"url": "https://git.kernel.org/stable/c/eb1ea64328d4cc7d7a912c563f8523d5259716ef"
},
{
"url": "https://git.kernel.org/stable/c/d52c04474feac8e305814a5228e622afe481b2ef"
},
{
"url": "https://git.kernel.org/stable/c/008ab3c53bc4f0b2f20013c8f6c204a3203d0b8b"
}
],
"title": "speakup: Fix sizeof() vs ARRAY_SIZE() bug",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38587",
"datePublished": "2024-06-19T13:37:42.537Z",
"dateReserved": "2024-06-18T19:36:34.929Z",
"dateUpdated": "2024-08-02T04:12:25.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47606
Vulnerability from cvelistv5
Published
2024-06-19 14:54
Modified
2024-08-04 05:47
Severity
Summary
net: netlink: af_netlink: Prevent empty skb by adding a check on len.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c54a60c8fbaa774f828e26df79f66229a8a0e010"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/40cf2e058832d9cfaae98dfd77334926275598b6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/54e785f7d5c197bc06dbb8053700df7e2a093ced"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ff3f517bf7138e01a17369042908a3f345c0ee41"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c0315e93552e0d840e9edc6abd71c7db82ec8f51"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dadce61247c6230489527cc5e343b6002d1114c5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4c986072a8c9249b9398c7a18f216dc26a9f0e35"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f123cffdd8fe8ea6c7fded4b88516a42798797d0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/netlink/af_netlink.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "c54a60c8fbaa",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "40cf2e058832",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "54e785f7d5c1",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "ff3f517bf713",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "c0315e93552e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "dadce61247c6",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "4c986072a8c9",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "f123cffdd8fe",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/netlink/af_netlink.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"version": "4.4.296",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.294",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.259",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.222",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.167",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.87",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.10",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: netlink: af_netlink: Prevent empty skb by adding a check on len.\n\nAdding a check on len parameter to avoid empty skb. This prevents a\ndivision error in netem_enqueue function which is caused when skb-\u003elen=0\nand skb-\u003edata_len=0 in the randomized corruption step as shown below.\n\nskb-\u003edata[prandom_u32() % skb_headlen(skb)] ^= 1\u003c\u003c(prandom_u32() % 8);\n\nCrash Report:\n[ 343.170349] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family\n0 port 6081 - 0\n[ 343.216110] netem: version 1.3\n[ 343.235841] divide error: 0000 [#1] PREEMPT SMP KASAN NOPTI\n[ 343.236680] CPU: 3 PID: 4288 Comm: reproducer Not tainted 5.16.0-rc1+\n[ 343.237569] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),\nBIOS 1.11.0-2.el7 04/01/2014\n[ 343.238707] RIP: 0010:netem_enqueue+0x1590/0x33c0 [sch_netem]\n[ 343.239499] Code: 89 85 58 ff ff ff e8 5f 5d e9 d3 48 8b b5 48 ff ff\nff 8b 8d 50 ff ff ff 8b 85 58 ff ff ff 48 8b bd 70 ff ff ff 31 d2 2b 4f\n74 \u003cf7\u003e f1 48 b8 00 00 00 00 00 fc ff df 49 01 d5 4c 89 e9 48 c1 e9 03\n[ 343.241883] RSP: 0018:ffff88800bcd7368 EFLAGS: 00010246\n[ 343.242589] RAX: 00000000ba7c0a9c RBX: 0000000000000001 RCX:\n0000000000000000\n[ 343.243542] RDX: 0000000000000000 RSI: ffff88800f8edb10 RDI:\nffff88800f8eda40\n[ 343.244474] RBP: ffff88800bcd7458 R08: 0000000000000000 R09:\nffffffff94fb8445\n[ 343.245403] R10: ffffffff94fb8336 R11: ffffffff94fb8445 R12:\n0000000000000000\n[ 343.246355] R13: ffff88800a5a7000 R14: ffff88800a5b5800 R15:\n0000000000000020\n[ 343.247291] FS: 00007fdde2bd7700(0000) GS:ffff888109780000(0000)\nknlGS:0000000000000000\n[ 343.248350] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 343.249120] CR2: 00000000200000c0 CR3: 000000000ef4c000 CR4:\n00000000000006e0\n[ 343.250076] Call Trace:\n[ 343.250423] \u003cTASK\u003e\n[ 343.250713] ? memcpy+0x4d/0x60\n[ 343.251162] ? netem_init+0xa0/0xa0 [sch_netem]\n[ 343.251795] ? __sanitizer_cov_trace_pc+0x21/0x60\n[ 343.252443] netem_enqueue+0xe28/0x33c0 [sch_netem]\n[ 343.253102] ? stack_trace_save+0x87/0xb0\n[ 343.253655] ? filter_irq_stacks+0xb0/0xb0\n[ 343.254220] ? netem_init+0xa0/0xa0 [sch_netem]\n[ 343.254837] ? __kasan_check_write+0x14/0x20\n[ 343.255418] ? _raw_spin_lock+0x88/0xd6\n[ 343.255953] dev_qdisc_enqueue+0x50/0x180\n[ 343.256508] __dev_queue_xmit+0x1a7e/0x3090\n[ 343.257083] ? netdev_core_pick_tx+0x300/0x300\n[ 343.257690] ? check_kcov_mode+0x10/0x40\n[ 343.258219] ? _raw_spin_unlock_irqrestore+0x29/0x40\n[ 343.258899] ? __kasan_init_slab_obj+0x24/0x30\n[ 343.259529] ? setup_object.isra.71+0x23/0x90\n[ 343.260121] ? new_slab+0x26e/0x4b0\n[ 343.260609] ? kasan_poison+0x3a/0x50\n[ 343.261118] ? kasan_unpoison+0x28/0x50\n[ 343.261637] ? __kasan_slab_alloc+0x71/0x90\n[ 343.262214] ? memcpy+0x4d/0x60\n[ 343.262674] ? write_comp_data+0x2f/0x90\n[ 343.263209] ? __kasan_check_write+0x14/0x20\n[ 343.263802] ? __skb_clone+0x5d6/0x840\n[ 343.264329] ? __sanitizer_cov_trace_pc+0x21/0x60\n[ 343.264958] dev_queue_xmit+0x1c/0x20\n[ 343.265470] netlink_deliver_tap+0x652/0x9c0\n[ 343.266067] netlink_unicast+0x5a0/0x7f0\n[ 343.266608] ? netlink_attachskb+0x860/0x860\n[ 343.267183] ? __sanitizer_cov_trace_pc+0x21/0x60\n[ 343.267820] ? write_comp_data+0x2f/0x90\n[ 343.268367] netlink_sendmsg+0x922/0xe80\n[ 343.268899] ? netlink_unicast+0x7f0/0x7f0\n[ 343.269472] ? __sanitizer_cov_trace_pc+0x21/0x60\n[ 343.270099] ? write_comp_data+0x2f/0x90\n[ 343.270644] ? netlink_unicast+0x7f0/0x7f0\n[ 343.271210] sock_sendmsg+0x155/0x190\n[ 343.271721] ____sys_sendmsg+0x75f/0x8f0\n[ 343.272262] ? kernel_sendmsg+0x60/0x60\n[ 343.272788] ? write_comp_data+0x2f/0x90\n[ 343.273332] ? write_comp_data+0x2f/0x90\n[ 343.273869] ___sys_sendmsg+0x10f/0x190\n[ 343.274405] ? sendmsg_copy_msghdr+0x80/0x80\n[ 343.274984] ? slab_post_alloc_hook+0x70/0x230\n[ 343.275597] ? futex_wait_setup+0x240/0x240\n[ 343.276175] ? security_file_alloc+0x3e/0x170\n[ 343.276779] ? write_comp_d\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:54:05.025Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/c54a60c8fbaa774f828e26df79f66229a8a0e010"
},
{
"url": "https://git.kernel.org/stable/c/40cf2e058832d9cfaae98dfd77334926275598b6"
},
{
"url": "https://git.kernel.org/stable/c/54e785f7d5c197bc06dbb8053700df7e2a093ced"
},
{
"url": "https://git.kernel.org/stable/c/ff3f517bf7138e01a17369042908a3f345c0ee41"
},
{
"url": "https://git.kernel.org/stable/c/c0315e93552e0d840e9edc6abd71c7db82ec8f51"
},
{
"url": "https://git.kernel.org/stable/c/dadce61247c6230489527cc5e343b6002d1114c5"
},
{
"url": "https://git.kernel.org/stable/c/4c986072a8c9249b9398c7a18f216dc26a9f0e35"
},
{
"url": "https://git.kernel.org/stable/c/f123cffdd8fe8ea6c7fded4b88516a42798797d0"
}
],
"title": "net: netlink: af_netlink: Prevent empty skb by adding a check on len.",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47606",
"datePublished": "2024-06-19T14:54:05.025Z",
"dateReserved": "2024-05-24T15:11:00.737Z",
"dateUpdated": "2024-08-04T05:47:40.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38542
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
RDMA/mana_ib: boundary check before installing cq callbacks
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38542",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:44:47.071270Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:44:58.554Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.624Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f12afddfb142587d786df9e3cc4862190d3e2ec8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/168f6fbde0eabd71d1f4133df7d001a950b96977"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f79edef79b6a2161f4124112f9b0c46891bb0b74"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/mana/cq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f12afddfb142",
"status": "affected",
"version": "cf9cc859d6ff",
"versionType": "git"
},
{
"lessThan": "168f6fbde0ea",
"status": "affected",
"version": "2a31c5a7e0d8",
"versionType": "git"
},
{
"lessThan": "f79edef79b6a",
"status": "affected",
"version": "2a31c5a7e0d8",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/mana/cq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.9"
},
{
"lessThan": "6.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mana_ib: boundary check before installing cq callbacks\n\nAdd a boundary check inside mana_ib_install_cq_cb to prevent index overflow."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:43.605Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/f12afddfb142587d786df9e3cc4862190d3e2ec8"
},
{
"url": "https://git.kernel.org/stable/c/168f6fbde0eabd71d1f4133df7d001a950b96977"
},
{
"url": "https://git.kernel.org/stable/c/f79edef79b6a2161f4124112f9b0c46891bb0b74"
}
],
"title": "RDMA/mana_ib: boundary check before installing cq callbacks",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38542",
"datePublished": "2024-06-19T13:35:17.310Z",
"dateReserved": "2024-06-18T19:36:34.919Z",
"dateUpdated": "2024-08-02T04:12:25.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47608
Vulnerability from cvelistv5
Published
2024-06-19 14:54
Modified
2024-08-04 05:47
Severity
Summary
bpf: Fix kernel address leakage in atomic fetch
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/423628125a484538111c2c6d9bb1588eb086053b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7d3baf0afa3aa9102d6a521a8e4c41888bb79882"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/bpf/verifier.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "423628125a48",
"status": "affected",
"version": "37086bfdc737",
"versionType": "git"
},
{
"lessThan": "7d3baf0afa3a",
"status": "affected",
"version": "37086bfdc737",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/bpf/verifier.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.12"
},
{
"lessThan": "5.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix kernel address leakage in atomic fetch\n\nThe change in commit 37086bfdc737 (\"bpf: Propagate stack bounds to registers\nin atomics w/ BPF_FETCH\") around check_mem_access() handling is buggy since\nthis would allow for unprivileged users to leak kernel pointers. For example,\nan atomic fetch/and with -1 on a stack destination which holds a spilled\npointer will migrate the spilled register type into a scalar, which can then\nbe exported out of the program (since scalar != pointer) by dumping it into\na map value.\n\nThe original implementation of XADD was preventing this situation by using\na double call to check_mem_access() one with BPF_READ and a subsequent one\nwith BPF_WRITE, in both cases passing -1 as a placeholder value instead of\nregister as per XADD semantics since it didn\u0027t contain a value fetch. The\nBPF_READ also included a check in check_stack_read_fixed_off() which rejects\nthe program if the stack slot is of __is_pointer_value() if dst_regno \u003c 0.\nThe latter is to distinguish whether we\u0027re dealing with a regular stack spill/\nfill or some arithmetical operation which is disallowed on non-scalars, see\nalso 6e7e63cbb023 (\"bpf: Forbid XADD on spilled pointers for unprivileged\nusers\") for more context on check_mem_access() and its handling of placeholder\nvalue -1.\n\nOne minimally intrusive option to fix the leak is for the BPF_FETCH case to\ninitially check the BPF_READ case via check_mem_access() with -1 as register,\nfollowed by the actual load case with non-negative load_reg to propagate\nstack bounds to registers."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:54:06.388Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/423628125a484538111c2c6d9bb1588eb086053b"
},
{
"url": "https://git.kernel.org/stable/c/7d3baf0afa3aa9102d6a521a8e4c41888bb79882"
}
],
"title": "bpf: Fix kernel address leakage in atomic fetch",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47608",
"datePublished": "2024-06-19T14:54:06.388Z",
"dateReserved": "2024-05-24T15:11:00.737Z",
"dateUpdated": "2024-08-04T05:47:40.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47588
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:39
Severity
Summary
sit: do not call ipip6_dev_free() from sit_init_net()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:39:59.772Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4e1797914d8f223726ff6ae5ece4f97d73f21bab"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e56b65c1e74d7f706d74b51baba15187be2fb4b5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ad0ed314d6167b212939e3839428ba0c8bb16adb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6f46c59e60b64620d5d386c8ee2eaa11ebe3b595"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/44a6c846bc3a7efe7d394bab8b2ae3b7f580e190"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e28587cc491ef0f3c51258fdc87fbc386b1d4c59"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/ipv6/sit.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "4e1797914d8f",
"status": "affected",
"version": "cf124db566e6",
"versionType": "git"
},
{
"lessThan": "e56b65c1e74d",
"status": "affected",
"version": "cf124db566e6",
"versionType": "git"
},
{
"lessThan": "ad0ed314d616",
"status": "affected",
"version": "cf124db566e6",
"versionType": "git"
},
{
"lessThan": "6f46c59e60b6",
"status": "affected",
"version": "cf124db566e6",
"versionType": "git"
},
{
"lessThan": "44a6c846bc3a",
"status": "affected",
"version": "cf124db566e6",
"versionType": "git"
},
{
"lessThan": "e28587cc491e",
"status": "affected",
"version": "cf124db566e6",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/ipv6/sit.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.12"
},
{
"lessThan": "4.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.259",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.222",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.168",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsit: do not call ipip6_dev_free() from sit_init_net()\n\nipip6_dev_free is sit dev-\u003epriv_destructor, already called\nby register_netdevice() if something goes wrong.\n\nAlternative would be to make ipip6_dev_free() robust against\nmultiple invocations, but other drivers do not implement this\nstrategy.\n\nsyzbot reported:\n\ndst_release underflow\nWARNING: CPU: 0 PID: 5059 at net/core/dst.c:173 dst_release+0xd8/0xe0 net/core/dst.c:173\nModules linked in:\nCPU: 1 PID: 5059 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:dst_release+0xd8/0xe0 net/core/dst.c:173\nCode: 4c 89 f2 89 d9 31 c0 5b 41 5e 5d e9 da d5 44 f9 e8 1d 90 5f f9 c6 05 87 48 c6 05 01 48 c7 c7 80 44 99 8b 31 c0 e8 e8 67 29 f9 \u003c0f\u003e 0b eb 85 0f 1f 40 00 53 48 89 fb e8 f7 8f 5f f9 48 83 c3 a8 48\nRSP: 0018:ffffc9000aa5faa0 EFLAGS: 00010246\nRAX: d6894a925dd15a00 RBX: 00000000ffffffff RCX: 0000000000040000\nRDX: ffffc90005e19000 RSI: 000000000003ffff RDI: 0000000000040000\nRBP: 0000000000000000 R08: ffffffff816a1f42 R09: ffffed1017344f2c\nR10: ffffed1017344f2c R11: 0000000000000000 R12: 0000607f462b1358\nR13: 1ffffffff1bfd305 R14: ffffe8ffffcb1358 R15: dffffc0000000000\nFS: 00007f66c71a2700(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f88aaed5058 CR3: 0000000023e0f000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n dst_cache_destroy+0x107/0x1e0 net/core/dst_cache.c:160\n ipip6_dev_free net/ipv6/sit.c:1414 [inline]\n sit_init_net+0x229/0x550 net/ipv6/sit.c:1936\n ops_init+0x313/0x430 net/core/net_namespace.c:140\n setup_net+0x35b/0x9d0 net/core/net_namespace.c:326\n copy_net_ns+0x359/0x5c0 net/core/net_namespace.c:470\n create_new_namespaces+0x4ce/0xa00 kernel/nsproxy.c:110\n unshare_nsproxy_namespaces+0x11e/0x180 kernel/nsproxy.c:226\n ksys_unshare+0x57d/0xb50 kernel/fork.c:3075\n __do_sys_unshare kernel/fork.c:3146 [inline]\n __se_sys_unshare kernel/fork.c:3144 [inline]\n __x64_sys_unshare+0x34/0x40 kernel/fork.c:3144\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f66c882ce99\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f66c71a2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000110\nRAX: ffffffffffffffda RBX: 00007f66c893ff60 RCX: 00007f66c882ce99\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000048040200\nRBP: 00007f66c8886ff1 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fff6634832f R14: 00007f66c71a2300 R15: 0000000000022000\n \u003c/TASK\u003e"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:52.909Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/4e1797914d8f223726ff6ae5ece4f97d73f21bab"
},
{
"url": "https://git.kernel.org/stable/c/e56b65c1e74d7f706d74b51baba15187be2fb4b5"
},
{
"url": "https://git.kernel.org/stable/c/ad0ed314d6167b212939e3839428ba0c8bb16adb"
},
{
"url": "https://git.kernel.org/stable/c/6f46c59e60b64620d5d386c8ee2eaa11ebe3b595"
},
{
"url": "https://git.kernel.org/stable/c/44a6c846bc3a7efe7d394bab8b2ae3b7f580e190"
},
{
"url": "https://git.kernel.org/stable/c/e28587cc491ef0f3c51258fdc87fbc386b1d4c59"
}
],
"title": "sit: do not call ipip6_dev_free() from sit_init_net()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47588",
"datePublished": "2024-06-19T14:53:52.909Z",
"dateReserved": "2024-05-24T15:11:00.732Z",
"dateUpdated": "2024-08-04T05:39:59.772Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38578
Vulnerability from cvelistv5
Published
2024-06-19 13:37
Modified
2024-08-02 04:12
Severity
Summary
ecryptfs: Fix buffer size for tag 66 packet
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1c125b9287e58f364d82174efb167414b92b11f1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/235b85981051cd68fc215fd32a81c6f116bfc4df"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/edbfc42ab080e78c6907d40a42c9d10b69e445c1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/12db25a54ce6bb22b0af28010fff53ef9cb3fe93"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0d0f8ba042af16519f1ef7dd10463a33b21b677c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2ed750b7ae1b5dc72896d7dd114c419afd3d1910"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a20f09452e2f58f761d11ad7b96b5c894c91030e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f6008487f1eeb8693f8d2a36a89c87d9122ddf74"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/85a6a1aff08ec9f5b929d345d066e2830e8818e5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/ecryptfs/keystore.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "1c125b9287e5",
"status": "affected",
"version": "dddfa461fc89",
"versionType": "git"
},
{
"lessThan": "235b85981051",
"status": "affected",
"version": "dddfa461fc89",
"versionType": "git"
},
{
"lessThan": "edbfc42ab080",
"status": "affected",
"version": "dddfa461fc89",
"versionType": "git"
},
{
"lessThan": "12db25a54ce6",
"status": "affected",
"version": "dddfa461fc89",
"versionType": "git"
},
{
"lessThan": "0d0f8ba042af",
"status": "affected",
"version": "dddfa461fc89",
"versionType": "git"
},
{
"lessThan": "2ed750b7ae1b",
"status": "affected",
"version": "dddfa461fc89",
"versionType": "git"
},
{
"lessThan": "a20f09452e2f",
"status": "affected",
"version": "dddfa461fc89",
"versionType": "git"
},
{
"lessThan": "f6008487f1ee",
"status": "affected",
"version": "dddfa461fc89",
"versionType": "git"
},
{
"lessThan": "85a6a1aff08e",
"status": "affected",
"version": "dddfa461fc89",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/ecryptfs/keystore.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.21"
},
{
"lessThan": "2.6.21",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\necryptfs: Fix buffer size for tag 66 packet\n\nThe \u0027TAG 66 Packet Format\u0027 description is missing the cipher code and\nchecksum fields that are packed into the message packet. As a result,\nthe buffer allocated for the packet is 3 bytes too small and\nwrite_tag_66_packet() will write up to 3 bytes past the end of the\nbuffer.\n\nFix this by increasing the size of the allocation so the whole packet\nwill always fit in the buffer.\n\nThis fixes the below kasan slab-out-of-bounds bug:\n\n BUG: KASAN: slab-out-of-bounds in ecryptfs_generate_key_packet_set+0x7d6/0xde0\n Write of size 1 at addr ffff88800afbb2a5 by task touch/181\n\n CPU: 0 PID: 181 Comm: touch Not tainted 6.6.13-gnu #1 4c9534092be820851bb687b82d1f92a426598dc6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2/GNU Guix 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x4c/0x70\n print_report+0xc5/0x610\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n ? kasan_complete_mode_report_info+0x44/0x210\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n kasan_report+0xc2/0x110\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n __asan_store1+0x62/0x80\n ecryptfs_generate_key_packet_set+0x7d6/0xde0\n ? __pfx_ecryptfs_generate_key_packet_set+0x10/0x10\n ? __alloc_pages+0x2e2/0x540\n ? __pfx_ovl_open+0x10/0x10 [overlay 30837f11141636a8e1793533a02e6e2e885dad1d]\n ? dentry_open+0x8f/0xd0\n ecryptfs_write_metadata+0x30a/0x550\n ? __pfx_ecryptfs_write_metadata+0x10/0x10\n ? ecryptfs_get_lower_file+0x6b/0x190\n ecryptfs_initialize_file+0x77/0x150\n ecryptfs_create+0x1c2/0x2f0\n path_openat+0x17cf/0x1ba0\n ? __pfx_path_openat+0x10/0x10\n do_filp_open+0x15e/0x290\n ? __pfx_do_filp_open+0x10/0x10\n ? __kasan_check_write+0x18/0x30\n ? _raw_spin_lock+0x86/0xf0\n ? __pfx__raw_spin_lock+0x10/0x10\n ? __kasan_check_write+0x18/0x30\n ? alloc_fd+0xf4/0x330\n do_sys_openat2+0x122/0x160\n ? __pfx_do_sys_openat2+0x10/0x10\n __x64_sys_openat+0xef/0x170\n ? __pfx___x64_sys_openat+0x10/0x10\n do_syscall_64+0x60/0xd0\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n RIP: 0033:0x7f00a703fd67\n Code: 25 00 00 41 00 3d 00 00 41 00 74 37 64 8b 04 25 18 00 00 00 85 c0 75 5b 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 0f 87 85 00 00 00 48 83 c4 68 5d 41 5c c3 0f 1f\n RSP: 002b:00007ffc088e30b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101\n RAX: ffffffffffffffda RBX: 00007ffc088e3368 RCX: 00007f00a703fd67\n RDX: 0000000000000941 RSI: 00007ffc088e48d7 RDI: 00000000ffffff9c\n RBP: 00007ffc088e48d7 R08: 0000000000000001 R09: 0000000000000000\n R10: 00000000000001b6 R11: 0000000000000246 R12: 0000000000000941\n R13: 0000000000000000 R14: 00007ffc088e48d7 R15: 00007f00a7180040\n \u003c/TASK\u003e\n\n Allocated by task 181:\n kasan_save_stack+0x2f/0x60\n kasan_set_track+0x29/0x40\n kasan_save_alloc_info+0x25/0x40\n __kasan_kmalloc+0xc5/0xd0\n __kmalloc+0x66/0x160\n ecryptfs_generate_key_packet_set+0x6d2/0xde0\n ecryptfs_write_metadata+0x30a/0x550\n ecryptfs_initialize_file+0x77/0x150\n ecryptfs_create+0x1c2/0x2f0\n path_openat+0x17cf/0x1ba0\n do_filp_open+0x15e/0x290\n do_sys_openat2+0x122/0x160\n __x64_sys_openat+0xef/0x170\n do_syscall_64+0x60/0xd0\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:26.077Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/1c125b9287e58f364d82174efb167414b92b11f1"
},
{
"url": "https://git.kernel.org/stable/c/235b85981051cd68fc215fd32a81c6f116bfc4df"
},
{
"url": "https://git.kernel.org/stable/c/edbfc42ab080e78c6907d40a42c9d10b69e445c1"
},
{
"url": "https://git.kernel.org/stable/c/12db25a54ce6bb22b0af28010fff53ef9cb3fe93"
},
{
"url": "https://git.kernel.org/stable/c/0d0f8ba042af16519f1ef7dd10463a33b21b677c"
},
{
"url": "https://git.kernel.org/stable/c/2ed750b7ae1b5dc72896d7dd114c419afd3d1910"
},
{
"url": "https://git.kernel.org/stable/c/a20f09452e2f58f761d11ad7b96b5c894c91030e"
},
{
"url": "https://git.kernel.org/stable/c/f6008487f1eeb8693f8d2a36a89c87d9122ddf74"
},
{
"url": "https://git.kernel.org/stable/c/85a6a1aff08ec9f5b929d345d066e2830e8818e5"
}
],
"title": "ecryptfs: Fix buffer size for tag 66 packet",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38578",
"datePublished": "2024-06-19T13:37:36.487Z",
"dateReserved": "2024-06-18T19:36:34.926Z",
"dateUpdated": "2024-08-02T04:12:25.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38574
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
libbpf: Prevent null-pointer dereference when prog to load has no BTF
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.946Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ef80b59acfa4dee4b5eaccb15572b69248831104"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1fd91360a75833b7110af9834ae26c977e1273e0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9bf48fa19a4b1d186e08b20bf7e5de26a15644fb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"tools/lib/bpf/libbpf.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ef80b59acfa4",
"status": "affected",
"version": "df7c3f7d3a3d",
"versionType": "git"
},
{
"lessThan": "1fd91360a758",
"status": "affected",
"version": "df7c3f7d3a3d",
"versionType": "git"
},
{
"lessThan": "9bf48fa19a4b",
"status": "affected",
"version": "df7c3f7d3a3d",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"tools/lib/bpf/libbpf.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibbpf: Prevent null-pointer dereference when prog to load has no BTF\n\nIn bpf_objec_load_prog(), there\u0027s no guarantee that obj-\u003ebtf is non-NULL\nwhen passing it to btf__fd(), and this function does not perform any\ncheck before dereferencing its argument (as bpf_object__btf_fd() used to\ndo). As a consequence, we get segmentation fault errors in bpftool (for\nexample) when trying to load programs that come without BTF information.\n\nv2: Keep btf__fd() in the fix instead of reverting to bpf_object__btf_fd()."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:21.512Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ef80b59acfa4dee4b5eaccb15572b69248831104"
},
{
"url": "https://git.kernel.org/stable/c/1fd91360a75833b7110af9834ae26c977e1273e0"
},
{
"url": "https://git.kernel.org/stable/c/9bf48fa19a4b1d186e08b20bf7e5de26a15644fb"
}
],
"title": "libbpf: Prevent null-pointer dereference when prog to load has no BTF",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38574",
"datePublished": "2024-06-19T13:35:39.015Z",
"dateReserved": "2024-06-18T19:36:34.924Z",
"dateUpdated": "2024-08-02T04:12:25.946Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47614
Vulnerability from cvelistv5
Published
2024-06-19 14:58
Modified
2024-08-04 05:47
Severity
Summary
RDMA/irdma: Fix a user-after-free in add_pble_prm
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.790Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/11eebcf63e98fcf047a876a51d76afdabc3b8b9b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1e11a39a82e95ce86f849f40dda0d9c0498cebd9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/irdma/pble.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "11eebcf63e98",
"status": "affected",
"version": "e8c4dbc2fcac",
"versionType": "git"
},
{
"lessThan": "1e11a39a82e9",
"status": "affected",
"version": "e8c4dbc2fcac",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/irdma/pble.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.14"
},
{
"lessThan": "5.14",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.10",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix a user-after-free in add_pble_prm\n\nWhen irdma_hmc_sd_one fails, \u0027chunk\u0027 is freed while its still on the PBLE\ninfo list.\n\nAdd the chunk entry to the PBLE info list only after successful setting of\nthe SD in irdma_hmc_sd_one."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:58:02.467Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/11eebcf63e98fcf047a876a51d76afdabc3b8b9b"
},
{
"url": "https://git.kernel.org/stable/c/1e11a39a82e95ce86f849f40dda0d9c0498cebd9"
}
],
"title": "RDMA/irdma: Fix a user-after-free in add_pble_prm",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47614",
"datePublished": "2024-06-19T14:58:02.467Z",
"dateReserved": "2024-06-19T14:55:32.795Z",
"dateUpdated": "2024-08-04T05:47:40.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47609
Vulnerability from cvelistv5
Published
2024-06-19 14:57
Modified
2024-08-04 05:47
Severity
Summary
firmware: arm_scpi: Fix string overflow in SCPI genpd driver
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.258Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/639901b9429a3195e0fead981ed74b51f5f31538"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4694b1ec425a2d20d6f8ca3db594829fdf5f2672"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7e8645ca2c0046f7cd2f0f7d569fc036c8abaedb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/802a1a8501563714a5fe8824f4ed27fec04a0719"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f0f484714f35d24ffa0ecb4afe3df1c5b225411d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/976389cbb16cee46847e5d06250a3a0b5506781e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/865ed67ab955428b9aa771d8b4f1e4fb7fd08945"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/firmware/scpi_pm_domain.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "639901b9429a",
"status": "affected",
"version": "8bec4337ad40",
"versionType": "git"
},
{
"lessThan": "4694b1ec425a",
"status": "affected",
"version": "8bec4337ad40",
"versionType": "git"
},
{
"lessThan": "7e8645ca2c00",
"status": "affected",
"version": "8bec4337ad40",
"versionType": "git"
},
{
"lessThan": "802a1a850156",
"status": "affected",
"version": "8bec4337ad40",
"versionType": "git"
},
{
"lessThan": "f0f484714f35",
"status": "affected",
"version": "8bec4337ad40",
"versionType": "git"
},
{
"lessThan": "976389cbb16c",
"status": "affected",
"version": "8bec4337ad40",
"versionType": "git"
},
{
"lessThan": "865ed67ab955",
"status": "affected",
"version": "8bec4337ad40",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/firmware/scpi_pm_domain.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.8"
},
{
"lessThan": "4.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.294",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.259",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.222",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.168",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scpi: Fix string overflow in SCPI genpd driver\n\nWithout the bound checks for scpi_pd-\u003ename, it could result in the buffer\noverflow when copying the SCPI device name from the corresponding device\ntree node as the name string is set at maximum size of 30.\n\nLet us fix it by using devm_kasprintf so that the string buffer is\nallocated dynamically."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:57:59.001Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/639901b9429a3195e0fead981ed74b51f5f31538"
},
{
"url": "https://git.kernel.org/stable/c/4694b1ec425a2d20d6f8ca3db594829fdf5f2672"
},
{
"url": "https://git.kernel.org/stable/c/7e8645ca2c0046f7cd2f0f7d569fc036c8abaedb"
},
{
"url": "https://git.kernel.org/stable/c/802a1a8501563714a5fe8824f4ed27fec04a0719"
},
{
"url": "https://git.kernel.org/stable/c/f0f484714f35d24ffa0ecb4afe3df1c5b225411d"
},
{
"url": "https://git.kernel.org/stable/c/976389cbb16cee46847e5d06250a3a0b5506781e"
},
{
"url": "https://git.kernel.org/stable/c/865ed67ab955428b9aa771d8b4f1e4fb7fd08945"
}
],
"title": "firmware: arm_scpi: Fix string overflow in SCPI genpd driver",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47609",
"datePublished": "2024-06-19T14:57:59.001Z",
"dateReserved": "2024-06-19T14:55:32.794Z",
"dateUpdated": "2024-08-04T05:47:40.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38586
Vulnerability from cvelistv5
Published
2024-06-19 13:37
Modified
2024-08-02 04:12
Severity
Summary
r8169: Fix possible ring buffer corruption on fragmented Tx packets.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/61c1c98e2607120ce9c3fa1bf75e6da909712b27"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b6d21cf40de103d63ae78551098a7c06af8c98dd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0c48185a95309556725f818b82120bb74e9c627d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/68222d7b4b72aa321135cd453dac37f00ec41fd1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/078d5b7500d70af2de6b38e226b03f0b932026a6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/54e7a0d111240c92c0f02ceba6eb8f26bf6d6479"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c71e3a5cffd5309d7f84444df03d5b72600cc417"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/realtek/r8169_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "61c1c98e2607",
"status": "affected",
"version": "9020845fb5d6",
"versionType": "git"
},
{
"lessThan": "b6d21cf40de1",
"status": "affected",
"version": "9020845fb5d6",
"versionType": "git"
},
{
"lessThan": "0c48185a9530",
"status": "affected",
"version": "9020845fb5d6",
"versionType": "git"
},
{
"lessThan": "68222d7b4b72",
"status": "affected",
"version": "9020845fb5d6",
"versionType": "git"
},
{
"lessThan": "078d5b7500d7",
"status": "affected",
"version": "9020845fb5d6",
"versionType": "git"
},
{
"lessThan": "54e7a0d11124",
"status": "affected",
"version": "9020845fb5d6",
"versionType": "git"
},
{
"lessThan": "c71e3a5cffd5",
"status": "affected",
"version": "9020845fb5d6",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/realtek/r8169_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.7"
},
{
"lessThan": "5.7",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.221",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nr8169: Fix possible ring buffer corruption on fragmented Tx packets.\n\nAn issue was found on the RTL8125b when transmitting small fragmented\npackets, whereby invalid entries were inserted into the transmit ring\nbuffer, subsequently leading to calls to dma_unmap_single() with a null\naddress.\n\nThis was caused by rtl8169_start_xmit() not noticing changes to nr_frags\nwhich may occur when small packets are padded (to work around hardware\nquirks) in rtl8169_tso_csum_v2().\n\nTo fix this, postpone inspecting nr_frags until after any padding has been\napplied."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:33.105Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/61c1c98e2607120ce9c3fa1bf75e6da909712b27"
},
{
"url": "https://git.kernel.org/stable/c/b6d21cf40de103d63ae78551098a7c06af8c98dd"
},
{
"url": "https://git.kernel.org/stable/c/0c48185a95309556725f818b82120bb74e9c627d"
},
{
"url": "https://git.kernel.org/stable/c/68222d7b4b72aa321135cd453dac37f00ec41fd1"
},
{
"url": "https://git.kernel.org/stable/c/078d5b7500d70af2de6b38e226b03f0b932026a6"
},
{
"url": "https://git.kernel.org/stable/c/54e7a0d111240c92c0f02ceba6eb8f26bf6d6479"
},
{
"url": "https://git.kernel.org/stable/c/c71e3a5cffd5309d7f84444df03d5b72600cc417"
}
],
"title": "r8169: Fix possible ring buffer corruption on fragmented Tx packets.",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38586",
"datePublished": "2024-06-19T13:37:41.879Z",
"dateReserved": "2024-06-18T19:36:34.929Z",
"dateUpdated": "2024-08-02T04:12:25.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38609
Vulnerability from cvelistv5
Published
2024-06-19 13:56
Modified
2024-08-02 04:12
Severity
Summary
wifi: mt76: connac: check for null before dereferencing
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e469218765b2781fb968778bd13595acec181a0e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cb47c7be0e93dd5acda078163799401ac3a78e10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/mediatek/mt76/mt76_connac_mcu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e469218765b2",
"status": "affected",
"version": "098428c400ff",
"versionType": "git"
},
{
"lessThan": "cb47c7be0e93",
"status": "affected",
"version": "098428c400ff",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/mediatek/mt76/mt76_connac_mcu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.9"
},
{
"lessThan": "6.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: connac: check for null before dereferencing\n\nThe wcid can be NULL. It should be checked for validity before\ndereferencing it to avoid crash."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:00.431Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e469218765b2781fb968778bd13595acec181a0e"
},
{
"url": "https://git.kernel.org/stable/c/cb47c7be0e93dd5acda078163799401ac3a78e10"
}
],
"title": "wifi: mt76: connac: check for null before dereferencing",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38609",
"datePublished": "2024-06-19T13:56:11.416Z",
"dateReserved": "2024-06-18T19:36:34.942Z",
"dateUpdated": "2024-08-02T04:12:26.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38580
Vulnerability from cvelistv5
Published
2024-06-19 13:37
Modified
2024-08-02 04:12
Severity
Summary
epoll: be better about file lifetimes
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cbfd1088e24ec4c1199756a37cb8e4cd0a4b016e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/559214eb4e5c3d05e69428af2fae2691ba1eb784"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4f65f4defe4e23659275ce5153541cd4f76ce2d2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/16e3182f6322575eb7c12e728ad3c7986a189d5d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4efaa5acf0a1d2b5947f98abb3acf8bfd966422b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/eventpoll.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "cbfd1088e24e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "559214eb4e5c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "4f65f4defe4e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "16e3182f6322",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "4efaa5acf0a1",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/eventpoll.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nepoll: be better about file lifetimes\n\nepoll can call out to vfs_poll() with a file pointer that may race with\nthe last \u0027fput()\u0027. That would make f_count go down to zero, and while\nthe ep-\u003emtx locking means that the resulting file pointer tear-down will\nbe blocked until the poll returns, it means that f_count is already\ndead, and any use of it won\u0027t actually get a reference to the file any\nmore: it\u0027s dead regardless.\n\nMake sure we have a valid ref on the file pointer before we call down to\nvfs_poll() from the epoll routines."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T13:37:37.840Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/cbfd1088e24ec4c1199756a37cb8e4cd0a4b016e"
},
{
"url": "https://git.kernel.org/stable/c/559214eb4e5c3d05e69428af2fae2691ba1eb784"
},
{
"url": "https://git.kernel.org/stable/c/4f65f4defe4e23659275ce5153541cd4f76ce2d2"
},
{
"url": "https://git.kernel.org/stable/c/16e3182f6322575eb7c12e728ad3c7986a189d5d"
},
{
"url": "https://git.kernel.org/stable/c/4efaa5acf0a1d2b5947f98abb3acf8bfd966422b"
}
],
"title": "epoll: be better about file lifetimes",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38580",
"datePublished": "2024-06-19T13:37:37.840Z",
"dateReserved": "2024-06-18T19:36:34.927Z",
"dateUpdated": "2024-08-02T04:12:25.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38582
Vulnerability from cvelistv5
Published
2024-06-19 13:37
Modified
2024-08-02 04:12
Severity
Summary
nilfs2: fix potential hang in nilfs_detach_log_writer()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38582",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T14:52:09.028015Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T14:52:16.337Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.658Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/911d38be151921a5d152bb55e81fd752384c6830"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bc9cee50a4a4ca23bdc49f75ea8242d8a2193b3b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/eff7cdf890b02596b8d73e910bdbdd489175dbdb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/06afce714d87c7cd1dcfccbcd800c5c5d2cf1cfd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1c3844c5f4eac043954ebf6403fa9fd1f0e9c1c0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a8799662fed1f8747edae87a1937549288baca6a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6e5c8e8e024e147b834f56f2115aad241433679b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c516db6ab9eabbedbc430b4f93b0d8728e9b427f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/eb85dace897c5986bc2f36b3c783c6abb8a4292e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/nilfs2/segment.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "911d38be1519",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "bc9cee50a4a4",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "eff7cdf890b0",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "06afce714d87",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "1c3844c5f4ea",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "a8799662fed1",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "6e5c8e8e024e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "c516db6ab9ea",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "eb85dace897c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/nilfs2/segment.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential hang in nilfs_detach_log_writer()\n\nSyzbot has reported a potential hang in nilfs_detach_log_writer() called\nduring nilfs2 unmount.\n\nAnalysis revealed that this is because nilfs_segctor_sync(), which\nsynchronizes with the log writer thread, can be called after\nnilfs_segctor_destroy() terminates that thread, as shown in the call trace\nbelow:\n\nnilfs_detach_log_writer\n nilfs_segctor_destroy\n nilfs_segctor_kill_thread --\u003e Shut down log writer thread\n flush_work\n nilfs_iput_work_func\n nilfs_dispose_list\n iput\n nilfs_evict_inode\n nilfs_transaction_commit\n nilfs_construct_segment (if inode needs sync)\n nilfs_segctor_sync --\u003e Attempt to synchronize with\n log writer thread\n *** DEADLOCK ***\n\nFix this issue by changing nilfs_segctor_sync() so that the log writer\nthread returns normally without synchronizing after it terminates, and by\nforcing tasks that are already waiting to complete once after the thread\nterminates.\n\nThe skipped inode metadata flushout will then be processed together in the\nsubsequent cleanup work in nilfs_segctor_destroy()."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:28.414Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/911d38be151921a5d152bb55e81fd752384c6830"
},
{
"url": "https://git.kernel.org/stable/c/bc9cee50a4a4ca23bdc49f75ea8242d8a2193b3b"
},
{
"url": "https://git.kernel.org/stable/c/eff7cdf890b02596b8d73e910bdbdd489175dbdb"
},
{
"url": "https://git.kernel.org/stable/c/06afce714d87c7cd1dcfccbcd800c5c5d2cf1cfd"
},
{
"url": "https://git.kernel.org/stable/c/1c3844c5f4eac043954ebf6403fa9fd1f0e9c1c0"
},
{
"url": "https://git.kernel.org/stable/c/a8799662fed1f8747edae87a1937549288baca6a"
},
{
"url": "https://git.kernel.org/stable/c/6e5c8e8e024e147b834f56f2115aad241433679b"
},
{
"url": "https://git.kernel.org/stable/c/c516db6ab9eabbedbc430b4f93b0d8728e9b427f"
},
{
"url": "https://git.kernel.org/stable/c/eb85dace897c5986bc2f36b3c783c6abb8a4292e"
}
],
"title": "nilfs2: fix potential hang in nilfs_detach_log_writer()",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38582",
"datePublished": "2024-06-19T13:37:39.163Z",
"dateReserved": "2024-06-18T19:36:34.928Z",
"dateUpdated": "2024-08-02T04:12:25.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47578
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:39
Severity
Summary
scsi: scsi_debug: Don't call kcalloc() if size arg is zero
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:39:59.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/aa1f912712a109b6306746133de7e5343f016b26"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/47d11d35203b0aa13533634e270fe2c3610e531b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3344b58b53a76199dae48faa396e9fc37bf86992"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/scsi/scsi_debug.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "aa1f912712a1",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "47d11d35203b",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "3344b58b53a7",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/scsi/scsi_debug.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: scsi_debug: Don\u0027t call kcalloc() if size arg is zero\n\nIf the size arg to kcalloc() is zero, it returns ZERO_SIZE_PTR. Because of\nthat, for a following NULL pointer check to work on the returned pointer,\nkcalloc() must not be called with the size arg equal to zero. Return early\nwithout error before the kcalloc() call if size arg is zero.\n\nBUG: KASAN: null-ptr-deref in memcpy include/linux/fortify-string.h:191 [inline]\nBUG: KASAN: null-ptr-deref in sg_copy_buffer+0x138/0x240 lib/scatterlist.c:974\nWrite of size 4 at addr 0000000000000010 by task syz-executor.1/22789\n\nCPU: 1 PID: 22789 Comm: syz-executor.1 Not tainted 5.15.0-syzk #1\nHardware name: Red Hat KVM, BIOS 1.13.0-2\nCall Trace:\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x89/0xb5 lib/dump_stack.c:106\n __kasan_report mm/kasan/report.c:446 [inline]\n kasan_report.cold.14+0x112/0x117 mm/kasan/report.c:459\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0x1a3/0x210 mm/kasan/generic.c:189\n memcpy+0x3b/0x60 mm/kasan/shadow.c:66\n memcpy include/linux/fortify-string.h:191 [inline]\n sg_copy_buffer+0x138/0x240 lib/scatterlist.c:974\n do_dout_fetch drivers/scsi/scsi_debug.c:2954 [inline]\n do_dout_fetch drivers/scsi/scsi_debug.c:2946 [inline]\n resp_verify+0x49e/0x930 drivers/scsi/scsi_debug.c:4276\n schedule_resp+0x4d8/0x1a70 drivers/scsi/scsi_debug.c:5478\n scsi_debug_queuecommand+0x8c9/0x1ec0 drivers/scsi/scsi_debug.c:7533\n scsi_dispatch_cmd drivers/scsi/scsi_lib.c:1520 [inline]\n scsi_queue_rq+0x16b0/0x2d40 drivers/scsi/scsi_lib.c:1699\n blk_mq_dispatch_rq_list+0xb9b/0x2700 block/blk-mq.c:1639\n __blk_mq_sched_dispatch_requests+0x28f/0x590 block/blk-mq-sched.c:325\n blk_mq_sched_dispatch_requests+0x105/0x190 block/blk-mq-sched.c:358\n __blk_mq_run_hw_queue+0xe5/0x150 block/blk-mq.c:1761\n __blk_mq_delay_run_hw_queue+0x4f8/0x5c0 block/blk-mq.c:1838\n blk_mq_run_hw_queue+0x18d/0x350 block/blk-mq.c:1891\n blk_mq_sched_insert_request+0x3db/0x4e0 block/blk-mq-sched.c:474\n blk_execute_rq_nowait+0x16b/0x1c0 block/blk-exec.c:62\n blk_execute_rq+0xdb/0x360 block/blk-exec.c:102\n sg_scsi_ioctl drivers/scsi/scsi_ioctl.c:621 [inline]\n scsi_ioctl+0x8bb/0x15c0 drivers/scsi/scsi_ioctl.c:930\n sg_ioctl_common+0x172d/0x2710 drivers/scsi/sg.c:1112\n sg_ioctl+0xa2/0x180 drivers/scsi/sg.c:1165\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:874 [inline]\n __se_sys_ioctl fs/ioctl.c:860 [inline]\n __x64_sys_ioctl+0x19d/0x220 fs/ioctl.c:860\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3a/0x80 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:46.061Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/aa1f912712a109b6306746133de7e5343f016b26"
},
{
"url": "https://git.kernel.org/stable/c/47d11d35203b0aa13533634e270fe2c3610e531b"
},
{
"url": "https://git.kernel.org/stable/c/3344b58b53a76199dae48faa396e9fc37bf86992"
}
],
"title": "scsi: scsi_debug: Don\u0027t call kcalloc() if size arg is zero",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47578",
"datePublished": "2024-06-19T14:53:46.061Z",
"dateReserved": "2024-05-24T15:11:00.730Z",
"dateUpdated": "2024-08-04T05:39:59.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38548
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38548",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:43:16.376326Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:43:46.018Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/85d1a27402f81f2e04b0e67d20f749c2a14edbb3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/89788cd9824c28ffcdea40232c458233353d1896"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ca53b7efd4ba6ae92fd2b3085cb099c745e96965"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dcf53e6103b26e7458be71491d0641f49fbd5840"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/32fb2ef124c3301656ac6c789a2ef35ef69a66da"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/47889711da20be9b43e1e136e5cb68df37cbcc79"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/935a92a1c400285545198ca2800a4c6c519c650a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/bridge/cadence/cdns-mhdp8546-core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "85d1a27402f8",
"status": "affected",
"version": "fb43aa0acdfd",
"versionType": "git"
},
{
"lessThan": "89788cd9824c",
"status": "affected",
"version": "fb43aa0acdfd",
"versionType": "git"
},
{
"lessThan": "ca53b7efd4ba",
"status": "affected",
"version": "fb43aa0acdfd",
"versionType": "git"
},
{
"lessThan": "dcf53e6103b2",
"status": "affected",
"version": "fb43aa0acdfd",
"versionType": "git"
},
{
"lessThan": "32fb2ef124c3",
"status": "affected",
"version": "fb43aa0acdfd",
"versionType": "git"
},
{
"lessThan": "47889711da20",
"status": "affected",
"version": "fb43aa0acdfd",
"versionType": "git"
},
{
"lessThan": "935a92a1c400",
"status": "affected",
"version": "fb43aa0acdfd",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/bridge/cadence/cdns-mhdp8546-core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.10"
},
{
"lessThan": "5.10",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: bridge: cdns-mhdp8546: Fix possible null pointer dereference\n\nIn cdns_mhdp_atomic_enable(), the return value of drm_mode_duplicate() is\nassigned to mhdp_state-\u003ecurrent_mode, and there is a dereference of it in\ndrm_mode_set_name(), which will lead to a NULL pointer dereference on\nfailure of drm_mode_duplicate().\n\nFix this bug add a check of mhdp_state-\u003ecurrent_mode."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:50.558Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/85d1a27402f81f2e04b0e67d20f749c2a14edbb3"
},
{
"url": "https://git.kernel.org/stable/c/89788cd9824c28ffcdea40232c458233353d1896"
},
{
"url": "https://git.kernel.org/stable/c/ca53b7efd4ba6ae92fd2b3085cb099c745e96965"
},
{
"url": "https://git.kernel.org/stable/c/dcf53e6103b26e7458be71491d0641f49fbd5840"
},
{
"url": "https://git.kernel.org/stable/c/32fb2ef124c3301656ac6c789a2ef35ef69a66da"
},
{
"url": "https://git.kernel.org/stable/c/47889711da20be9b43e1e136e5cb68df37cbcc79"
},
{
"url": "https://git.kernel.org/stable/c/935a92a1c400285545198ca2800a4c6c519c650a"
}
],
"title": "drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38548",
"datePublished": "2024-06-19T13:35:21.349Z",
"dateReserved": "2024-06-18T19:36:34.920Z",
"dateUpdated": "2024-08-02T04:12:25.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47618
Vulnerability from cvelistv5
Published
2024-06-20 10:57
Modified
2024-08-04 05:47
Severity
Summary
ARM: 9170/1: fix panic when kasan and kprobe are enabled
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47618",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:27:36.536880Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T13:27:44.311Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1515e72aae803fc6b466adf918e71c4e4c9d5b3d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ba1863be105b06e10d0e2f6b1b8a0570801cfc71"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8b59b0a53c840921b625378f137e88adfa87647e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/arm/probes/kprobes/Makefile"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "1515e72aae80",
"status": "affected",
"version": "35aa1df43283",
"versionType": "git"
},
{
"lessThan": "ba1863be105b",
"status": "affected",
"version": "35aa1df43283",
"versionType": "git"
},
{
"lessThan": "8b59b0a53c84",
"status": "affected",
"version": "35aa1df43283",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/arm/probes/kprobes/Makefile"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.25"
},
{
"lessThan": "2.6.25",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: 9170/1: fix panic when kasan and kprobe are enabled\n\narm32 uses software to simulate the instruction replaced\nby kprobe. some instructions may be simulated by constructing\nassembly functions. therefore, before executing instruction\nsimulation, it is necessary to construct assembly function\nexecution environment in C language through binding registers.\nafter kasan is enabled, the register binding relationship will\nbe destroyed, resulting in instruction simulation errors and\ncausing kernel panic.\n\nthe kprobe emulate instruction function is distributed in three\nfiles: actions-common.c actions-arm.c actions-thumb.c, so disable\nKASAN when compiling these files.\n\nfor example, use kprobe insert on cap_capable+20 after kasan\nenabled, the cap_capable assembly code is as follows:\n\u003ccap_capable\u003e:\ne92d47f0\tpush\t{r4, r5, r6, r7, r8, r9, sl, lr}\ne1a05000\tmov\tr5, r0\ne280006c\tadd\tr0, r0, #108 ; 0x6c\ne1a04001\tmov\tr4, r1\ne1a06002\tmov\tr6, r2\ne59fa090\tldr\tsl, [pc, #144] ;\nebfc7bf8\tbl\tc03aa4b4 \u003c__asan_load4\u003e\ne595706c\tldr\tr7, [r5, #108] ; 0x6c\ne2859014\tadd\tr9, r5, #20\n......\nThe emulate_ldr assembly code after enabling kasan is as follows:\nc06f1384 \u003cemulate_ldr\u003e:\ne92d47f0\tpush\t{r4, r5, r6, r7, r8, r9, sl, lr}\ne282803c\tadd\tr8, r2, #60 ; 0x3c\ne1a05000\tmov\tr5, r0\ne7e37855\tubfx\tr7, r5, #16, #4\ne1a00008\tmov\tr0, r8\ne1a09001\tmov\tr9, r1\ne1a04002\tmov\tr4, r2\nebf35462\tbl\tc03c6530 \u003c__asan_load4\u003e\ne357000f\tcmp\tr7, #15\ne7e36655\tubfx\tr6, r5, #12, #4\ne205a00f\tand\tsl, r5, #15\n0a000001\tbeq\tc06f13bc \u003cemulate_ldr+0x38\u003e\ne0840107\tadd\tr0, r4, r7, lsl #2\nebf3545c\tbl\tc03c6530 \u003c__asan_load4\u003e\ne084010a\tadd\tr0, r4, sl, lsl #2\nebf3545a\tbl\tc03c6530 \u003c__asan_load4\u003e\ne2890010\tadd\tr0, r9, #16\nebf35458\tbl\tc03c6530 \u003c__asan_load4\u003e\ne5990010\tldr\tr0, [r9, #16]\ne12fff30\tblx\tr0\ne356000f\tcm\tr6, #15\n1a000014\tbne\tc06f1430 \u003cemulate_ldr+0xac\u003e\ne1a06000\tmov\tr6, r0\ne2840040\tadd\tr0, r4, #64 ; 0x40\n......\n\nwhen running in emulate_ldr to simulate the ldr instruction, panic\noccurred, and the log is as follows:\nUnable to handle kernel NULL pointer dereference at virtual address\n00000090\npgd = ecb46400\n[00000090] *pgd=2e0fa003, *pmd=00000000\nInternal error: Oops: 206 [#1] SMP ARM\nPC is at cap_capable+0x14/0xb0\nLR is at emulate_ldr+0x50/0xc0\npsr: 600d0293 sp : ecd63af8 ip : 00000004 fp : c0a7c30c\nr10: 00000000 r9 : c30897f4 r8 : ecd63cd4\nr7 : 0000000f r6 : 0000000a r5 : e59fa090 r4 : ecd63c98\nr3 : c06ae294 r2 : 00000000 r1 : b7611300 r0 : bf4ec008\nFlags: nZCv IRQs off FIQs on Mode SVC_32 ISA ARM Segment user\nControl: 32c5387d Table: 2d546400 DAC: 55555555\nProcess bash (pid: 1643, stack limit = 0xecd60190)\n(cap_capable) from (kprobe_handler+0x218/0x340)\n(kprobe_handler) from (kprobe_trap_handler+0x24/0x48)\n(kprobe_trap_handler) from (do_undefinstr+0x13c/0x364)\n(do_undefinstr) from (__und_svc_finish+0x0/0x30)\n(__und_svc_finish) from (cap_capable+0x18/0xb0)\n(cap_capable) from (cap_vm_enough_memory+0x38/0x48)\n(cap_vm_enough_memory) from\n(security_vm_enough_memory_mm+0x48/0x6c)\n(security_vm_enough_memory_mm) from\n(copy_process.constprop.5+0x16b4/0x25c8)\n(copy_process.constprop.5) from (_do_fork+0xe8/0x55c)\n(_do_fork) from (SyS_clone+0x1c/0x24)\n(SyS_clone) from (__sys_trace_return+0x0/0x10)\nCode: 0050a0e1 6c0080e2 0140a0e1 0260a0e1 (f801f0e7)"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T10:57:02.190Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/1515e72aae803fc6b466adf918e71c4e4c9d5b3d"
},
{
"url": "https://git.kernel.org/stable/c/ba1863be105b06e10d0e2f6b1b8a0570801cfc71"
},
{
"url": "https://git.kernel.org/stable/c/8b59b0a53c840921b625378f137e88adfa87647e"
}
],
"title": "ARM: 9170/1: fix panic when kasan and kprobe are enabled",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47618",
"datePublished": "2024-06-20T10:57:02.190Z",
"dateReserved": "2024-06-19T14:55:32.795Z",
"dateUpdated": "2024-08-04T05:47:40.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38583
Vulnerability from cvelistv5
Published
2024-06-19 13:37
Modified
2024-08-02 04:12
Severity
Summary
nilfs2: fix use-after-free of timer for log writer thread
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.825Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/822ae5a8eac30478578a75f7e064f0584931bf2d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/82933c84f188dcfe89eb26b0b48ab5d1ca99d164"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/67fa90d4a2ccd9ebb0e1e168c7d0b5d0cf3c7148"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e65ccf3a4de4f0c763d94789615b83e11f204438"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/86a30d6302deddb9fb97ba6fc4b04d0e870b582a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f9186bba4ea282b07293c1c892441df3a5441cb0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2f12b2c03c5dae1a0de0a9e5853177e3d6eee3c6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/68e738be5c518fc3c4e9146b66f67c8fee0135fb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f5d4e04634c9cf68bdf23de08ada0bb92e8befe7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/nilfs2/segment.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "822ae5a8eac3",
"status": "affected",
"version": "fdce895ea5dd",
"versionType": "git"
},
{
"lessThan": "82933c84f188",
"status": "affected",
"version": "fdce895ea5dd",
"versionType": "git"
},
{
"lessThan": "67fa90d4a2cc",
"status": "affected",
"version": "fdce895ea5dd",
"versionType": "git"
},
{
"lessThan": "e65ccf3a4de4",
"status": "affected",
"version": "fdce895ea5dd",
"versionType": "git"
},
{
"lessThan": "86a30d6302de",
"status": "affected",
"version": "fdce895ea5dd",
"versionType": "git"
},
{
"lessThan": "f9186bba4ea2",
"status": "affected",
"version": "fdce895ea5dd",
"versionType": "git"
},
{
"lessThan": "2f12b2c03c5d",
"status": "affected",
"version": "fdce895ea5dd",
"versionType": "git"
},
{
"lessThan": "68e738be5c51",
"status": "affected",
"version": "fdce895ea5dd",
"versionType": "git"
},
{
"lessThan": "f5d4e04634c9",
"status": "affected",
"version": "fdce895ea5dd",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/nilfs2/segment.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.35"
},
{
"lessThan": "2.6.35",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.94",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix use-after-free of timer for log writer thread\n\nPatch series \"nilfs2: fix log writer related issues\".\n\nThis bug fix series covers three nilfs2 log writer-related issues,\nincluding a timer use-after-free issue and potential deadlock issue on\nunmount, and a potential freeze issue in event synchronization found\nduring their analysis. Details are described in each commit log.\n\n\nThis patch (of 3):\n\nA use-after-free issue has been reported regarding the timer sc_timer on\nthe nilfs_sc_info structure.\n\nThe problem is that even though it is used to wake up a sleeping log\nwriter thread, sc_timer is not shut down until the nilfs_sc_info structure\nis about to be freed, and is used regardless of the thread\u0027s lifetime.\n\nFix this issue by limiting the use of sc_timer only while the log writer\nthread is alive."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:29.609Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/822ae5a8eac30478578a75f7e064f0584931bf2d"
},
{
"url": "https://git.kernel.org/stable/c/82933c84f188dcfe89eb26b0b48ab5d1ca99d164"
},
{
"url": "https://git.kernel.org/stable/c/67fa90d4a2ccd9ebb0e1e168c7d0b5d0cf3c7148"
},
{
"url": "https://git.kernel.org/stable/c/e65ccf3a4de4f0c763d94789615b83e11f204438"
},
{
"url": "https://git.kernel.org/stable/c/86a30d6302deddb9fb97ba6fc4b04d0e870b582a"
},
{
"url": "https://git.kernel.org/stable/c/f9186bba4ea282b07293c1c892441df3a5441cb0"
},
{
"url": "https://git.kernel.org/stable/c/2f12b2c03c5dae1a0de0a9e5853177e3d6eee3c6"
},
{
"url": "https://git.kernel.org/stable/c/68e738be5c518fc3c4e9146b66f67c8fee0135fb"
},
{
"url": "https://git.kernel.org/stable/c/f5d4e04634c9cf68bdf23de08ada0bb92e8befe7"
}
],
"title": "nilfs2: fix use-after-free of timer for log writer thread",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38583",
"datePublished": "2024-06-19T13:37:39.858Z",
"dateReserved": "2024-06-18T19:36:34.928Z",
"dateUpdated": "2024-08-02T04:12:25.825Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38599
Vulnerability from cvelistv5
Published
2024-06-19 13:45
Modified
2024-08-02 04:12
Severity
Summary
jffs2: prevent xattr node from overflowing the eraseblock
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2904e1d9b64f72d291095e3cbb31634f08788b11"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/526235dffcac74c7823ed504dfac4f88d84ba5df"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f0eea095ce8c959b86e1e57fe36ca4fea5ae54f8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a1d21bcd78cf4a4353e1e835789429c6b76aca8b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f06969df2e40ab1dc8f4364a5de967830c74a098"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/af82d8d2179b7277ad627c39e7e0778f1c86ccdb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8d431391320c5c5398ff966fb3a95e68a7def275"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/978a12c91b38bf1a213e567f3c20e2beef215f07"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c6854e5a267c28300ff045480b5a7ee7f6f1d913"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/jffs2/xattr.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "2904e1d9b64f",
"status": "affected",
"version": "aa98d7cf59b5",
"versionType": "git"
},
{
"lessThan": "526235dffcac",
"status": "affected",
"version": "aa98d7cf59b5",
"versionType": "git"
},
{
"lessThan": "f0eea095ce8c",
"status": "affected",
"version": "aa98d7cf59b5",
"versionType": "git"
},
{
"lessThan": "a1d21bcd78cf",
"status": "affected",
"version": "aa98d7cf59b5",
"versionType": "git"
},
{
"lessThan": "f06969df2e40",
"status": "affected",
"version": "aa98d7cf59b5",
"versionType": "git"
},
{
"lessThan": "af82d8d2179b",
"status": "affected",
"version": "aa98d7cf59b5",
"versionType": "git"
},
{
"lessThan": "8d431391320c",
"status": "affected",
"version": "aa98d7cf59b5",
"versionType": "git"
},
{
"lessThan": "978a12c91b38",
"status": "affected",
"version": "aa98d7cf59b5",
"versionType": "git"
},
{
"lessThan": "c6854e5a267c",
"status": "affected",
"version": "aa98d7cf59b5",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/jffs2/xattr.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.18"
},
{
"lessThan": "2.6.18",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\njffs2: prevent xattr node from overflowing the eraseblock\n\nAdd a check to make sure that the requested xattr node size is no larger\nthan the eraseblock minus the cleanmarker.\n\nUnlike the usual inode nodes, the xattr nodes aren\u0027t split into parts\nand spread across multiple eraseblocks, which means that a xattr node\nmust not occupy more than one eraseblock. If the requested xattr value is\ntoo large, the xattr node can spill onto the next eraseblock, overwriting\nthe nodes and causing errors such as:\n\njffs2: argh. node added in wrong place at 0x0000b050(2)\njffs2: nextblock 0x0000a000, expected at 0000b00c\njffs2: error: (823) do_verify_xattr_datum: node CRC failed at 0x01e050,\nread=0xfc892c93, calc=0x000000\njffs2: notice: (823) jffs2_get_inode_nodes: Node header CRC failed\nat 0x01e00c. {848f,2fc4,0fef511f,59a3d171}\njffs2: Node at 0x0000000c with length 0x00001044 would run over the\nend of the erase block\njffs2: Perhaps the file system was created with the wrong erase size?\njffs2: jffs2_scan_eraseblock(): Magic bitmask 0x1985 not found\nat 0x00000010: 0x1044 instead\n\nThis breaks the filesystem and can lead to KASAN crashes such as:\n\nBUG: KASAN: slab-out-of-bounds in jffs2_sum_add_kvec+0x125e/0x15d0\nRead of size 4 at addr ffff88802c31e914 by task repro/830\nCPU: 0 PID: 830 Comm: repro Not tainted 6.9.0-rc3+ #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996),\nBIOS Arch Linux 1.16.3-1-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc6/0x120\n print_report+0xc4/0x620\n ? __virt_addr_valid+0x308/0x5b0\n kasan_report+0xc1/0xf0\n ? jffs2_sum_add_kvec+0x125e/0x15d0\n ? jffs2_sum_add_kvec+0x125e/0x15d0\n jffs2_sum_add_kvec+0x125e/0x15d0\n jffs2_flash_direct_writev+0xa8/0xd0\n jffs2_flash_writev+0x9c9/0xef0\n ? __x64_sys_setxattr+0xc4/0x160\n ? do_syscall_64+0x69/0x140\n ? entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [...]\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:48.607Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/2904e1d9b64f72d291095e3cbb31634f08788b11"
},
{
"url": "https://git.kernel.org/stable/c/526235dffcac74c7823ed504dfac4f88d84ba5df"
},
{
"url": "https://git.kernel.org/stable/c/f0eea095ce8c959b86e1e57fe36ca4fea5ae54f8"
},
{
"url": "https://git.kernel.org/stable/c/a1d21bcd78cf4a4353e1e835789429c6b76aca8b"
},
{
"url": "https://git.kernel.org/stable/c/f06969df2e40ab1dc8f4364a5de967830c74a098"
},
{
"url": "https://git.kernel.org/stable/c/af82d8d2179b7277ad627c39e7e0778f1c86ccdb"
},
{
"url": "https://git.kernel.org/stable/c/8d431391320c5c5398ff966fb3a95e68a7def275"
},
{
"url": "https://git.kernel.org/stable/c/978a12c91b38bf1a213e567f3c20e2beef215f07"
},
{
"url": "https://git.kernel.org/stable/c/c6854e5a267c28300ff045480b5a7ee7f6f1d913"
}
],
"title": "jffs2: prevent xattr node from overflowing the eraseblock",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38599",
"datePublished": "2024-06-19T13:45:47.968Z",
"dateReserved": "2024-06-18T19:36:34.932Z",
"dateUpdated": "2024-08-02T04:12:25.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38565
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
wifi: ar5523: enable proper endpoint verification
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38565",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T15:24:16.719538Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T15:24:28.723Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.651Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/79ddf5f2020fd593d50f1363bb5131283d74f78f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/68a5a00c5d38978a3f8460c6f182f7beec8688ff"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ee25389df80138907bc9dcdf4a2be2067cde9a81"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b4c24de37a6bb383394a6fef2b85a6db41d426f5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/34f7ebff1b9699e0b89fa58b693bc098c2f5ec72"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b33a81e4ecfb022b028cae37d1c1ce28ac1b359d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/beeed260b92af158592f5e8d2dab65dae45c6f70"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7bbf76c9bb2c58375e183074e44f9712483f0603"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e120b6388d7d88635d67dcae6483f39c37111850"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/ath/ar5523/ar5523.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "79ddf5f2020f",
"status": "affected",
"version": "b7d572e1871d",
"versionType": "git"
},
{
"lessThan": "68a5a00c5d38",
"status": "affected",
"version": "b7d572e1871d",
"versionType": "git"
},
{
"lessThan": "ee25389df801",
"status": "affected",
"version": "b7d572e1871d",
"versionType": "git"
},
{
"lessThan": "b4c24de37a6b",
"status": "affected",
"version": "b7d572e1871d",
"versionType": "git"
},
{
"lessThan": "34f7ebff1b96",
"status": "affected",
"version": "b7d572e1871d",
"versionType": "git"
},
{
"lessThan": "b33a81e4ecfb",
"status": "affected",
"version": "b7d572e1871d",
"versionType": "git"
},
{
"lessThan": "beeed260b92a",
"status": "affected",
"version": "b7d572e1871d",
"versionType": "git"
},
{
"lessThan": "7bbf76c9bb2c",
"status": "affected",
"version": "b7d572e1871d",
"versionType": "git"
},
{
"lessThan": "e120b6388d7d",
"status": "affected",
"version": "b7d572e1871d",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/ath/ar5523/ar5523.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.8"
},
{
"lessThan": "3.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ar5523: enable proper endpoint verification\n\nSyzkaller reports [1] hitting a warning about an endpoint in use\nnot having an expected type to it.\n\nFix the issue by checking for the existence of all proper\nendpoints with their according types intact.\n\nSadly, this patch has not been tested on real hardware.\n\n[1] Syzkaller report:\n------------[ cut here ]------------\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 0 PID: 3643 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504\n...\nCall Trace:\n \u003cTASK\u003e\n ar5523_cmd+0x41b/0x780 drivers/net/wireless/ath/ar5523/ar5523.c:275\n ar5523_cmd_read drivers/net/wireless/ath/ar5523/ar5523.c:302 [inline]\n ar5523_host_available drivers/net/wireless/ath/ar5523/ar5523.c:1376 [inline]\n ar5523_probe+0x14b0/0x1d10 drivers/net/wireless/ath/ar5523/ar5523.c:1655\n usb_probe_interface+0x30f/0x7f0 drivers/usb/core/driver.c:396\n call_driver_probe drivers/base/dd.c:560 [inline]\n really_probe+0x249/0xb90 drivers/base/dd.c:639\n __driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:778\n driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:808\n __device_attach_driver+0x1d4/0x2e0 drivers/base/dd.c:936\n bus_for_each_drv+0x163/0x1e0 drivers/base/bus.c:427\n __device_attach+0x1e4/0x530 drivers/base/dd.c:1008\n bus_probe_device+0x1e8/0x2a0 drivers/base/bus.c:487\n device_add+0xbd9/0x1e90 drivers/base/core.c:3517\n usb_set_configuration+0x101d/0x1900 drivers/usb/core/message.c:2170\n usb_generic_driver_probe+0xbe/0x100 drivers/usb/core/generic.c:238\n usb_probe_device+0xd8/0x2c0 drivers/usb/core/driver.c:293\n call_driver_probe drivers/base/dd.c:560 [inline]\n really_probe+0x249/0xb90 drivers/base/dd.c:639\n __driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:778\n driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:808\n __device_attach_driver+0x1d4/0x2e0 drivers/base/dd.c:936\n bus_for_each_drv+0x163/0x1e0 drivers/base/bus.c:427\n __device_attach+0x1e4/0x530 drivers/base/dd.c:1008\n bus_probe_device+0x1e8/0x2a0 drivers/base/bus.c:487\n device_add+0xbd9/0x1e90 drivers/base/core.c:3517\n usb_new_device.cold+0x685/0x10ad drivers/usb/core/hub.c:2573\n hub_port_connect drivers/usb/core/hub.c:5353 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5497 [inline]\n port_event drivers/usb/core/hub.c:5653 [inline]\n hub_event+0x26cb/0x45d0 drivers/usb/core/hub.c:5735\n process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289\n worker_thread+0x669/0x1090 kernel/workqueue.c:2436\n kthread+0x2e8/0x3a0 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306\n \u003c/TASK\u003e"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:10.895Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/79ddf5f2020fd593d50f1363bb5131283d74f78f"
},
{
"url": "https://git.kernel.org/stable/c/68a5a00c5d38978a3f8460c6f182f7beec8688ff"
},
{
"url": "https://git.kernel.org/stable/c/ee25389df80138907bc9dcdf4a2be2067cde9a81"
},
{
"url": "https://git.kernel.org/stable/c/b4c24de37a6bb383394a6fef2b85a6db41d426f5"
},
{
"url": "https://git.kernel.org/stable/c/34f7ebff1b9699e0b89fa58b693bc098c2f5ec72"
},
{
"url": "https://git.kernel.org/stable/c/b33a81e4ecfb022b028cae37d1c1ce28ac1b359d"
},
{
"url": "https://git.kernel.org/stable/c/beeed260b92af158592f5e8d2dab65dae45c6f70"
},
{
"url": "https://git.kernel.org/stable/c/7bbf76c9bb2c58375e183074e44f9712483f0603"
},
{
"url": "https://git.kernel.org/stable/c/e120b6388d7d88635d67dcae6483f39c37111850"
}
],
"title": "wifi: ar5523: enable proper endpoint verification",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38565",
"datePublished": "2024-06-19T13:35:32.920Z",
"dateReserved": "2024-06-18T19:36:34.923Z",
"dateUpdated": "2024-08-02T04:12:25.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38594
Vulnerability from cvelistv5
Published
2024-06-19 13:45
Modified
2024-08-02 04:12
Severity
Summary
net: stmmac: move the EST lock to struct stmmac_priv
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/487f9030b1ef34bab123f2df2a4ccbe01ba84416"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6f476aff2d8da1a189621c4c16a76a6c534e4312"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/36ac9e7f2e5786bd37c5cd91132e1f39c29b8197"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/stmicro/stmmac/stmmac.h",
"drivers/net/ethernet/stmicro/stmmac/stmmac_ptp.c",
"drivers/net/ethernet/stmicro/stmmac/stmmac_tc.c",
"include/linux/stmmac.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "487f9030b1ef",
"status": "affected",
"version": "b2aae654a479",
"versionType": "git"
},
{
"lessThan": "6f476aff2d8d",
"status": "affected",
"version": "b2aae654a479",
"versionType": "git"
},
{
"lessThan": "36ac9e7f2e57",
"status": "affected",
"version": "b2aae654a479",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/stmicro/stmmac/stmmac.h",
"drivers/net/ethernet/stmicro/stmmac/stmmac_ptp.c",
"drivers/net/ethernet/stmicro/stmmac/stmmac_tc.c",
"include/linux/stmmac.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.14"
},
{
"lessThan": "5.14",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: move the EST lock to struct stmmac_priv\n\nReinitialize the whole EST structure would also reset the mutex\nlock which is embedded in the EST structure, and then trigger\nthe following warning. To address this, move the lock to struct\nstmmac_priv. We also need to reacquire the mutex lock when doing\nthis initialization.\n\nDEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\nWARNING: CPU: 3 PID: 505 at kernel/locking/mutex.c:587 __mutex_lock+0xd84/0x1068\n Modules linked in:\n CPU: 3 PID: 505 Comm: tc Not tainted 6.9.0-rc6-00053-g0106679839f7-dirty #29\n Hardware name: NXP i.MX8MPlus EVK board (DT)\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : __mutex_lock+0xd84/0x1068\n lr : __mutex_lock+0xd84/0x1068\n sp : ffffffc0864e3570\n x29: ffffffc0864e3570 x28: ffffffc0817bdc78 x27: 0000000000000003\n x26: ffffff80c54f1808 x25: ffffff80c9164080 x24: ffffffc080d723ac\n x23: 0000000000000000 x22: 0000000000000002 x21: 0000000000000000\n x20: 0000000000000000 x19: ffffffc083bc3000 x18: ffffffffffffffff\n x17: ffffffc08117b080 x16: 0000000000000002 x15: ffffff80d2d40000\n x14: 00000000000002da x13: ffffff80d2d404b8 x12: ffffffc082b5a5c8\n x11: ffffffc082bca680 x10: ffffffc082bb2640 x9 : ffffffc082bb2698\n x8 : 0000000000017fe8 x7 : c0000000ffffefff x6 : 0000000000000001\n x5 : ffffff8178fe0d48 x4 : 0000000000000000 x3 : 0000000000000027\n x2 : ffffff8178fe0d50 x1 : 0000000000000000 x0 : 0000000000000000\n Call trace:\n __mutex_lock+0xd84/0x1068\n mutex_lock_nested+0x28/0x34\n tc_setup_taprio+0x118/0x68c\n stmmac_setup_tc+0x50/0xf0\n taprio_change+0x868/0xc9c"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:42.556Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/487f9030b1ef34bab123f2df2a4ccbe01ba84416"
},
{
"url": "https://git.kernel.org/stable/c/6f476aff2d8da1a189621c4c16a76a6c534e4312"
},
{
"url": "https://git.kernel.org/stable/c/36ac9e7f2e5786bd37c5cd91132e1f39c29b8197"
}
],
"title": "net: stmmac: move the EST lock to struct stmmac_priv",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38594",
"datePublished": "2024-06-19T13:45:44.671Z",
"dateReserved": "2024-06-18T19:36:34.931Z",
"dateUpdated": "2024-08-02T04:12:25.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38597
Vulnerability from cvelistv5
Published
2024-06-19 13:45
Modified
2024-08-02 04:12
Severity
Summary
eth: sungem: remove .ndo_poll_controller to avoid deadlocks
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e22b23f5888a065d084e87db1eec639c445e677f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fbeeb55dbb33d562149c57e794f06b7414e44289"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/476adb3bbbd7886e8251d3b9ce2d3c3e680f35d6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5de5aeb98f9a000adb0db184e32765e4815d860b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/faf94f1eb8a34b2c31b2042051ef36f63420ecce"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6400d205fbbcbcf9b8510157e1f379c1d7e2e937"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ac0a230f719b02432d8c7eba7615ebd691da86f4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/sun/sungem.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e22b23f5888a",
"status": "affected",
"version": "fe09bb619096",
"versionType": "git"
},
{
"lessThan": "fbeeb55dbb33",
"status": "affected",
"version": "fe09bb619096",
"versionType": "git"
},
{
"lessThan": "476adb3bbbd7",
"status": "affected",
"version": "fe09bb619096",
"versionType": "git"
},
{
"lessThan": "5de5aeb98f9a",
"status": "affected",
"version": "fe09bb619096",
"versionType": "git"
},
{
"lessThan": "faf94f1eb8a3",
"status": "affected",
"version": "fe09bb619096",
"versionType": "git"
},
{
"lessThan": "6400d205fbbc",
"status": "affected",
"version": "fe09bb619096",
"versionType": "git"
},
{
"lessThan": "ac0a230f719b",
"status": "affected",
"version": "fe09bb619096",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/sun/sungem.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.1"
},
{
"lessThan": "3.1",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: sungem: remove .ndo_poll_controller to avoid deadlocks\n\nErhard reports netpoll warnings from sungem:\n\n netpoll_send_skb_on_dev(): eth0 enabled interrupts in poll (gem_start_xmit+0x0/0x398)\n WARNING: CPU: 1 PID: 1 at net/core/netpoll.c:370 netpoll_send_skb+0x1fc/0x20c\n\ngem_poll_controller() disables interrupts, which may sleep.\nWe can\u0027t sleep in netpoll, it has interrupts disabled completely.\nStrangely, gem_poll_controller() doesn\u0027t even poll the completions,\nand instead acts as if an interrupt has fired so it just schedules\nNAPI and exits. None of this has been necessary for years, since\nnetpoll invokes NAPI directly."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:46.182Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e22b23f5888a065d084e87db1eec639c445e677f"
},
{
"url": "https://git.kernel.org/stable/c/fbeeb55dbb33d562149c57e794f06b7414e44289"
},
{
"url": "https://git.kernel.org/stable/c/476adb3bbbd7886e8251d3b9ce2d3c3e680f35d6"
},
{
"url": "https://git.kernel.org/stable/c/5de5aeb98f9a000adb0db184e32765e4815d860b"
},
{
"url": "https://git.kernel.org/stable/c/faf94f1eb8a34b2c31b2042051ef36f63420ecce"
},
{
"url": "https://git.kernel.org/stable/c/6400d205fbbcbcf9b8510157e1f379c1d7e2e937"
},
{
"url": "https://git.kernel.org/stable/c/ac0a230f719b02432d8c7eba7615ebd691da86f4"
}
],
"title": "eth: sungem: remove .ndo_poll_controller to avoid deadlocks",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38597",
"datePublished": "2024-06-19T13:45:46.642Z",
"dateReserved": "2024-06-18T19:36:34.932Z",
"dateUpdated": "2024-08-02T04:12:25.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47600
Vulnerability from cvelistv5
Published
2024-06-19 14:54
Modified
2024-08-04 05:47
Severity
Summary
dm btree remove: fix use after free in rebalance_children()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47600",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T17:58:48.172185Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T18:07:48.062Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a48f6a2bf33734ec5669ee03067dfb6c5b4818d6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/66ea642af6fd4eacb5d0271a922130fcf8700424"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b03abd0aa09c05099f537cb05b8460c4298f0861"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/293f957be5e39720778fb1851ced7f5fba6d51c3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/501ecd90efdc9b2edc6c28852ecd098a4adf8f00"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0e21e6cd5eebfc929ac5fa3b97ca2d4ace3cb6a3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/607beb420b3fe23b948a9bf447d993521a02fbbb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1b8d2789dad0005fd5e7d35dab26a8e1203fb6da"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/md/persistent-data/dm-btree-remove.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a48f6a2bf337",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "66ea642af6fd",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "b03abd0aa09c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "293f957be5e3",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "501ecd90efdc",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "0e21e6cd5eeb",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "607beb420b3f",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "1b8d2789dad0",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/md/persistent-data/dm-btree-remove.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"version": "4.4.296",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.294",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.259",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.222",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.168",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm btree remove: fix use after free in rebalance_children()\n\nMove dm_tm_unlock() after dm_tm_dec()."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:54:00.981Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a48f6a2bf33734ec5669ee03067dfb6c5b4818d6"
},
{
"url": "https://git.kernel.org/stable/c/66ea642af6fd4eacb5d0271a922130fcf8700424"
},
{
"url": "https://git.kernel.org/stable/c/b03abd0aa09c05099f537cb05b8460c4298f0861"
},
{
"url": "https://git.kernel.org/stable/c/293f957be5e39720778fb1851ced7f5fba6d51c3"
},
{
"url": "https://git.kernel.org/stable/c/501ecd90efdc9b2edc6c28852ecd098a4adf8f00"
},
{
"url": "https://git.kernel.org/stable/c/0e21e6cd5eebfc929ac5fa3b97ca2d4ace3cb6a3"
},
{
"url": "https://git.kernel.org/stable/c/607beb420b3fe23b948a9bf447d993521a02fbbb"
},
{
"url": "https://git.kernel.org/stable/c/1b8d2789dad0005fd5e7d35dab26a8e1203fb6da"
}
],
"title": "dm btree remove: fix use after free in rebalance_children()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47600",
"datePublished": "2024-06-19T14:54:00.981Z",
"dateReserved": "2024-05-24T15:11:00.736Z",
"dateUpdated": "2024-08-04T05:47:40.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47587
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:39
Severity
Summary
net: systemport: Add global locking for descriptor lifecycle
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:39:59.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8ed2f5d08d6e59f8c78b2869bfb95d0be32c094c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/de57f62f76450b934de8203711bdc4f7953c3421"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f3fde37d3f0d429f0fcce214cb52588a9e21260e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/595a684fa6f23b21958379a18cfa83862c73c2e1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c675256a7f131f5ba3f331efb715e8f31ea0e392"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6e1011cd183faae8daff275c72444edcdfe0d473"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/eb4687c7442942e115420a30185f8d83faf37696"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8b8e6e782456f1ce02a7ae914bbd5b1053f0b034"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/broadcom/bcmsysport.c",
"drivers/net/ethernet/broadcom/bcmsysport.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8ed2f5d08d6e",
"status": "affected",
"version": "80105befdb4b",
"versionType": "git"
},
{
"lessThan": "de57f62f7645",
"status": "affected",
"version": "80105befdb4b",
"versionType": "git"
},
{
"lessThan": "f3fde37d3f0d",
"status": "affected",
"version": "80105befdb4b",
"versionType": "git"
},
{
"lessThan": "595a684fa6f2",
"status": "affected",
"version": "80105befdb4b",
"versionType": "git"
},
{
"lessThan": "c675256a7f13",
"status": "affected",
"version": "80105befdb4b",
"versionType": "git"
},
{
"lessThan": "6e1011cd183f",
"status": "affected",
"version": "80105befdb4b",
"versionType": "git"
},
{
"lessThan": "eb4687c74429",
"status": "affected",
"version": "80105befdb4b",
"versionType": "git"
},
{
"lessThan": "8b8e6e782456",
"status": "affected",
"version": "80105befdb4b",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/broadcom/bcmsysport.c",
"drivers/net/ethernet/broadcom/bcmsysport.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.16"
},
{
"lessThan": "3.16",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"version": "4.4.296",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.294",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.259",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.222",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.168",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: systemport: Add global locking for descriptor lifecycle\n\nThe descriptor list is a shared resource across all of the transmit queues, and\nthe locking mechanism used today only protects concurrency across a given\ntransmit queue between the transmit and reclaiming. This creates an opportunity\nfor the SYSTEMPORT hardware to work on corrupted descriptors if we have\nmultiple producers at once which is the case when using multiple transmit\nqueues.\n\nThis was particularly noticeable when using multiple flows/transmit queues and\nit showed up in interesting ways in that UDP packets would get a correct UDP\nheader checksum being calculated over an incorrect packet length. Similarly TCP\npackets would get an equally correct checksum computed by the hardware over an\nincorrect packet length.\n\nThe SYSTEMPORT hardware maintains an internal descriptor list that it re-arranges\nwhen the driver produces a new descriptor anytime it writes to the\nWRITE_PORT_{HI,LO} registers, there is however some delay in the hardware to\nre-organize its descriptors and it is possible that concurrent TX queues\neventually break this internal allocation scheme to the point where the\nlength/status part of the descriptor gets used for an incorrect data buffer.\n\nThe fix is to impose a global serialization for all TX queues in the short\nsection where we are writing to the WRITE_PORT_{HI,LO} registers which solves\nthe corruption even with multiple concurrent TX queues being used."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:52.133Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8ed2f5d08d6e59f8c78b2869bfb95d0be32c094c"
},
{
"url": "https://git.kernel.org/stable/c/de57f62f76450b934de8203711bdc4f7953c3421"
},
{
"url": "https://git.kernel.org/stable/c/f3fde37d3f0d429f0fcce214cb52588a9e21260e"
},
{
"url": "https://git.kernel.org/stable/c/595a684fa6f23b21958379a18cfa83862c73c2e1"
},
{
"url": "https://git.kernel.org/stable/c/c675256a7f131f5ba3f331efb715e8f31ea0e392"
},
{
"url": "https://git.kernel.org/stable/c/6e1011cd183faae8daff275c72444edcdfe0d473"
},
{
"url": "https://git.kernel.org/stable/c/eb4687c7442942e115420a30185f8d83faf37696"
},
{
"url": "https://git.kernel.org/stable/c/8b8e6e782456f1ce02a7ae914bbd5b1053f0b034"
}
],
"title": "net: systemport: Add global locking for descriptor lifecycle",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47587",
"datePublished": "2024-06-19T14:53:52.133Z",
"dateReserved": "2024-05-24T15:11:00.732Z",
"dateUpdated": "2024-08-04T05:39:59.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47586
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:39
Severity
Summary
net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47586",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:19:59.553139Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:20:22.550Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:39:59.913Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0b4a5d1e15ce72f69be48f38dc0401dab890ae0f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0546b224cc7717cc8a2db076b0bb069a9c430794"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/stmicro/stmmac/dwmac-rk.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0b4a5d1e15ce",
"status": "affected",
"version": "3bb3d6b1c195",
"versionType": "git"
},
{
"lessThan": "0546b224cc77",
"status": "affected",
"version": "3bb3d6b1c195",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/stmicro/stmmac/dwmac-rk.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.14"
},
{
"lessThan": "5.14",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: dwmac-rk: fix oob read in rk_gmac_setup\n\nKASAN reports an out-of-bounds read in rk_gmac_setup on the line:\n\n\twhile (ops-\u003eregs[i]) {\n\nThis happens for most platforms since the regs flexible array member is\nempty, so the memory after the ops structure is being read here. It\nseems that mostly this happens to contain zero anyway, so we get lucky\nand everything still works.\n\nTo avoid adding redundant data to nearly all the ops structures, add a\nnew flag to indicate whether the regs field is valid and avoid this loop\nwhen it is not."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:51.445Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0b4a5d1e15ce72f69be48f38dc0401dab890ae0f"
},
{
"url": "https://git.kernel.org/stable/c/0546b224cc7717cc8a2db076b0bb069a9c430794"
}
],
"title": "net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47586",
"datePublished": "2024-06-19T14:53:51.445Z",
"dateReserved": "2024-05-24T15:11:00.731Z",
"dateUpdated": "2024-08-04T05:39:59.913Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47573
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2024-06-20T08:25:44.581Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"rejectedReasons": [
{
"lang": "en",
"value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47573",
"datePublished": "2024-06-19T14:53:42.445Z",
"dateRejected": "2024-06-20T08:25:44.581Z",
"dateReserved": "2024-05-24T15:11:00.729Z",
"dateUpdated": "2024-06-20T08:25:44.581Z",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38566
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
bpf: Fix verifier assumptions about socket->sk
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.820Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/39f8a29330f433000e716eefc4b9abda05b71a82"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6f5ae91172a93abac9720ba94edf3ec8f4d7f24f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c58ccdd2483a1d990748cdaf94206b5d5986a001"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0db63c0b86e981a1e97d2596d64ceceba1a5470e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/bpf/verifier.c",
"tools/testing/selftests/bpf/progs/bench_local_storage_create.c",
"tools/testing/selftests/bpf/progs/local_storage.c",
"tools/testing/selftests/bpf/progs/lsm_cgroup.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "39f8a29330f4",
"status": "affected",
"version": "6fcd486b3a0a",
"versionType": "git"
},
{
"lessThan": "6f5ae91172a9",
"status": "affected",
"version": "6fcd486b3a0a",
"versionType": "git"
},
{
"lessThan": "c58ccdd2483a",
"status": "affected",
"version": "6fcd486b3a0a",
"versionType": "git"
},
{
"lessThan": "0db63c0b86e9",
"status": "affected",
"version": "6fcd486b3a0a",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/bpf/verifier.c",
"tools/testing/selftests/bpf/progs/bench_local_storage_create.c",
"tools/testing/selftests/bpf/progs/local_storage.c",
"tools/testing/selftests/bpf/progs/lsm_cgroup.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"lessThan": "6.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix verifier assumptions about socket-\u003esk\n\nThe verifier assumes that \u0027sk\u0027 field in \u0027struct socket\u0027 is valid\nand non-NULL when \u0027socket\u0027 pointer itself is trusted and non-NULL.\nThat may not be the case when socket was just created and\npassed to LSM socket_accept hook.\nFix this verifier assumption and adjust tests."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:12.031Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/39f8a29330f433000e716eefc4b9abda05b71a82"
},
{
"url": "https://git.kernel.org/stable/c/6f5ae91172a93abac9720ba94edf3ec8f4d7f24f"
},
{
"url": "https://git.kernel.org/stable/c/c58ccdd2483a1d990748cdaf94206b5d5986a001"
},
{
"url": "https://git.kernel.org/stable/c/0db63c0b86e981a1e97d2596d64ceceba1a5470e"
}
],
"title": "bpf: Fix verifier assumptions about socket-\u003esk",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38566",
"datePublished": "2024-06-19T13:35:33.587Z",
"dateReserved": "2024-06-18T19:36:34.923Z",
"dateUpdated": "2024-08-02T04:12:25.820Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47577
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:39
Severity
Summary
io-wq: check for wq exit after adding new worker task_work
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47577",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T14:05:50.192086Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T14:06:00.767Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:39:59.773Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4b4e5bbf9386d4ec21d91c0cb0fd60b9bba778ec"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/71a85387546e50b1a37b0fa45dadcae3bfb35cf6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/io-wq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "4b4e5bbf9386",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "71a85387546e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/io-wq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio-wq: check for wq exit after adding new worker task_work\n\nWe check IO_WQ_BIT_EXIT before attempting to create a new worker, and\nwq exit cancels pending work if we have any. But it\u0027s possible to have\na race between the two, where creation checks exit finding it not set,\nbut we\u0027re in the process of exiting. The exit side will cancel pending\ncreation task_work, but there\u0027s a gap where we add task_work after we\u0027ve\ncanceled existing creations at exit time.\n\nFix this by checking the EXIT bit post adding the creation task_work.\nIf it\u0027s set, run the same cancelation that exit does."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:45.393Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/4b4e5bbf9386d4ec21d91c0cb0fd60b9bba778ec"
},
{
"url": "https://git.kernel.org/stable/c/71a85387546e50b1a37b0fa45dadcae3bfb35cf6"
}
],
"title": "io-wq: check for wq exit after adding new worker task_work",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47577",
"datePublished": "2024-06-19T14:53:45.393Z",
"dateReserved": "2024-05-24T15:11:00.730Z",
"dateUpdated": "2024-08-04T05:39:59.773Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38585
Vulnerability from cvelistv5
Published
2024-06-19 13:37
Modified
2024-08-02 04:12
Severity
Summary
tools/nolibc/stdlib: fix memory error in realloc()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.876Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5996b2b2dac739f2a27da13de8eee5b85b2550b3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f678c3c336559cf3255a32153e9a17c1be4e7c15"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8019d3dd921f39a237a9fab6d2ce716bfac0f983"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4e6f225aefeb712cdb870176b6621f02cf235b8c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/791f4641142e2aced85de082e5783b4fb0b977c2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"tools/include/nolibc/stdlib.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5996b2b2dac7",
"status": "affected",
"version": "0e0ff638400b",
"versionType": "git"
},
{
"lessThan": "f678c3c33655",
"status": "affected",
"version": "0e0ff638400b",
"versionType": "git"
},
{
"lessThan": "8019d3dd921f",
"status": "affected",
"version": "0e0ff638400b",
"versionType": "git"
},
{
"lessThan": "4e6f225aefeb",
"status": "affected",
"version": "0e0ff638400b",
"versionType": "git"
},
{
"lessThan": "791f4641142e",
"status": "affected",
"version": "0e0ff638400b",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"tools/include/nolibc/stdlib.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.19"
},
{
"lessThan": "5.19",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntools/nolibc/stdlib: fix memory error in realloc()\n\nPass user_p_len to memcpy() instead of heap-\u003elen to prevent realloc()\nfrom copying an extra sizeof(heap) bytes from beyond the allocated\nregion."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:31.941Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/5996b2b2dac739f2a27da13de8eee5b85b2550b3"
},
{
"url": "https://git.kernel.org/stable/c/f678c3c336559cf3255a32153e9a17c1be4e7c15"
},
{
"url": "https://git.kernel.org/stable/c/8019d3dd921f39a237a9fab6d2ce716bfac0f983"
},
{
"url": "https://git.kernel.org/stable/c/4e6f225aefeb712cdb870176b6621f02cf235b8c"
},
{
"url": "https://git.kernel.org/stable/c/791f4641142e2aced85de082e5783b4fb0b977c2"
}
],
"title": "tools/nolibc/stdlib: fix memory error in realloc()",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38585",
"datePublished": "2024-06-19T13:37:41.170Z",
"dateReserved": "2024-06-18T19:36:34.929Z",
"dateUpdated": "2024-08-02T04:12:25.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47590
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:39
Severity
Summary
mptcp: fix deadlock in __mptcp_push_pending()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:39:59.776Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/23311b92755ffa9087332d1bb8c71c0f6a10cc08"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3d79e3756ca90f7a6087b77b62c1d9c0801e0820"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/mptcp/protocol.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "23311b92755f",
"status": "affected",
"version": "1b3e7ede1365",
"versionType": "git"
},
{
"lessThan": "3d79e3756ca9",
"status": "affected",
"version": "1b3e7ede1365",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/mptcp/protocol.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.13"
},
{
"lessThan": "5.13",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix deadlock in __mptcp_push_pending()\n\n__mptcp_push_pending() may call mptcp_flush_join_list() with subflow\nsocket lock held. If such call hits mptcp_sockopt_sync_all() then\nsubsequently __mptcp_sockopt_sync() could try to lock the subflow\nsocket for itself, causing a deadlock.\n\nsysrq: Show Blocked State\ntask:ss-server state:D stack: 0 pid: 938 ppid: 1 flags:0x00000000\nCall Trace:\n \u003cTASK\u003e\n __schedule+0x2d6/0x10c0\n ? __mod_memcg_state+0x4d/0x70\n ? csum_partial+0xd/0x20\n ? _raw_spin_lock_irqsave+0x26/0x50\n schedule+0x4e/0xc0\n __lock_sock+0x69/0x90\n ? do_wait_intr_irq+0xa0/0xa0\n __lock_sock_fast+0x35/0x50\n mptcp_sockopt_sync_all+0x38/0xc0\n __mptcp_push_pending+0x105/0x200\n mptcp_sendmsg+0x466/0x490\n sock_sendmsg+0x57/0x60\n __sys_sendto+0xf0/0x160\n ? do_wait_intr_irq+0xa0/0xa0\n ? fpregs_restore_userregs+0x12/0xd0\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x38/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f9ba546c2d0\nRSP: 002b:00007ffdc3b762d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 00007f9ba56c8060 RCX: 00007f9ba546c2d0\nRDX: 000000000000077a RSI: 0000000000e5e180 RDI: 0000000000000234\nRBP: 0000000000cc57f0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007f9ba56c8060\nR13: 0000000000b6ba60 R14: 0000000000cc7840 R15: 41d8685b1d7901b8\n \u003c/TASK\u003e\n\nFix the issue by using __mptcp_flush_join_list() instead of plain\nmptcp_flush_join_list() inside __mptcp_push_pending(), as suggested by\nFlorian. The sockopt sync will be deferred to the workqueue."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:54.244Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/23311b92755ffa9087332d1bb8c71c0f6a10cc08"
},
{
"url": "https://git.kernel.org/stable/c/3d79e3756ca90f7a6087b77b62c1d9c0801e0820"
}
],
"title": "mptcp: fix deadlock in __mptcp_push_pending()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47590",
"datePublished": "2024-06-19T14:53:54.244Z",
"dateReserved": "2024-05-24T15:11:00.733Z",
"dateUpdated": "2024-08-04T05:39:59.776Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47591
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:39
Severity
Summary
mptcp: remove tcp ulp setsockopt support
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:39:59.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3de0c86d42f841d1d64f316cd949e65c566f0734"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/404cd9a22150f24acf23a8df2ad0c094ba379f57"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/mptcp/sockopt.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3de0c86d42f8",
"status": "affected",
"version": "d9e4c1291810",
"versionType": "git"
},
{
"lessThan": "404cd9a22150",
"status": "affected",
"version": "d9e4c1291810",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/mptcp/sockopt.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.13"
},
{
"lessThan": "5.13",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: remove tcp ulp setsockopt support\n\nTCP_ULP setsockopt cannot be used for mptcp because its already\nused internally to plumb subflow (tcp) sockets to the mptcp layer.\n\nsyzbot managed to trigger a crash for mptcp connections that are\nin fallback mode:\n\nKASAN: null-ptr-deref in range [0x0000000000000020-0x0000000000000027]\nCPU: 1 PID: 1083 Comm: syz-executor.3 Not tainted 5.16.0-rc2-syzkaller #0\nRIP: 0010:tls_build_proto net/tls/tls_main.c:776 [inline]\n[..]\n __tcp_set_ulp net/ipv4/tcp_ulp.c:139 [inline]\n tcp_set_ulp+0x428/0x4c0 net/ipv4/tcp_ulp.c:160\n do_tcp_setsockopt+0x455/0x37c0 net/ipv4/tcp.c:3391\n mptcp_setsockopt+0x1b47/0x2400 net/mptcp/sockopt.c:638\n\nRemove support for TCP_ULP setsockopt."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:54.918Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3de0c86d42f841d1d64f316cd949e65c566f0734"
},
{
"url": "https://git.kernel.org/stable/c/404cd9a22150f24acf23a8df2ad0c094ba379f57"
}
],
"title": "mptcp: remove tcp ulp setsockopt support",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47591",
"datePublished": "2024-06-19T14:53:54.918Z",
"dateReserved": "2024-05-24T15:11:00.733Z",
"dateUpdated": "2024-08-04T05:39:59.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38564
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38564",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T14:57:28.333210Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T14:57:37.182Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.836Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6675c541f540a29487a802d3135280b69b9f568d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/67929e973f5a347f05fef064fea4ae79e7cdb5fd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b34bbc76651065a5eafad8ddff1eb8d1f8473172"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/543576ec15b17c0c93301ac8297333c7b6e84ac7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/bpf/syscall.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6675c541f540",
"status": "affected",
"version": "4a1e7c0c63e0",
"versionType": "git"
},
{
"lessThan": "67929e973f5a",
"status": "affected",
"version": "4a1e7c0c63e0",
"versionType": "git"
},
{
"lessThan": "b34bbc766510",
"status": "affected",
"version": "4a1e7c0c63e0",
"versionType": "git"
},
{
"lessThan": "543576ec15b1",
"status": "affected",
"version": "4a1e7c0c63e0",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/bpf/syscall.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.10"
},
{
"lessThan": "5.10",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE\n\nbpf_prog_attach uses attach_type_to_prog_type to enforce proper\nattach type for BPF_PROG_TYPE_CGROUP_SKB. link_create uses\nbpf_prog_get and relies on bpf_prog_attach_check_attach_type\nto properly verify prog_type \u003c\u003e attach_type association.\n\nAdd missing attach_type enforcement for the link_create case.\nOtherwise, it\u0027s currently possible to attach cgroup_skb prog\ntypes to other cgroup hooks."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:09.746Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/6675c541f540a29487a802d3135280b69b9f568d"
},
{
"url": "https://git.kernel.org/stable/c/67929e973f5a347f05fef064fea4ae79e7cdb5fd"
},
{
"url": "https://git.kernel.org/stable/c/b34bbc76651065a5eafad8ddff1eb8d1f8473172"
},
{
"url": "https://git.kernel.org/stable/c/543576ec15b17c0c93301ac8297333c7b6e84ac7"
}
],
"title": "bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38564",
"datePublished": "2024-06-19T13:35:32.222Z",
"dateReserved": "2024-06-18T19:36:34.922Z",
"dateUpdated": "2024-08-02T04:12:25.836Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47611
Vulnerability from cvelistv5
Published
2024-06-19 14:58
Modified
2024-08-04 05:47
Severity
Summary
mac80211: validate extended element ID is present
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47611",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:48:17.643512Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T13:48:23.836Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.575Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/03029bb044ccee60adbc93e70713f3ae58abc3a1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a19cf6844b509d44ecbd536f33d314d91ecdd2b5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7fd214fc7f2ee3a89f91e717e3cfad55f5a27045"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c62b16f98688ae7bc0ab23a6490481f4ce9b3a49"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/768c0b19b50665e337c96858aa2b7928d6dcf756"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/mac80211/util.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "03029bb044cc",
"status": "affected",
"version": "41cbb0f5a295",
"versionType": "git"
},
{
"lessThan": "a19cf6844b50",
"status": "affected",
"version": "41cbb0f5a295",
"versionType": "git"
},
{
"lessThan": "7fd214fc7f2e",
"status": "affected",
"version": "41cbb0f5a295",
"versionType": "git"
},
{
"lessThan": "c62b16f98688",
"status": "affected",
"version": "41cbb0f5a295",
"versionType": "git"
},
{
"lessThan": "768c0b19b506",
"status": "affected",
"version": "41cbb0f5a295",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/mac80211/util.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.19"
},
{
"lessThan": "4.19",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.222",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.168",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac80211: validate extended element ID is present\n\nBefore attempting to parse an extended element, verify that\nthe extended element ID is present."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:58:00.362Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/03029bb044ccee60adbc93e70713f3ae58abc3a1"
},
{
"url": "https://git.kernel.org/stable/c/a19cf6844b509d44ecbd536f33d314d91ecdd2b5"
},
{
"url": "https://git.kernel.org/stable/c/7fd214fc7f2ee3a89f91e717e3cfad55f5a27045"
},
{
"url": "https://git.kernel.org/stable/c/c62b16f98688ae7bc0ab23a6490481f4ce9b3a49"
},
{
"url": "https://git.kernel.org/stable/c/768c0b19b50665e337c96858aa2b7928d6dcf756"
}
],
"title": "mac80211: validate extended element ID is present",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47611",
"datePublished": "2024-06-19T14:58:00.362Z",
"dateReserved": "2024-06-19T14:55:32.795Z",
"dateUpdated": "2024-08-04T05:47:40.575Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38576
Vulnerability from cvelistv5
Published
2024-06-19 13:37
Modified
2024-08-02 04:12
Severity
Summary
rcu: Fix buffer overflow in print_cpu_stall_info()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38576",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:40:30.043568Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:40:46.220Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.929Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e2228ed3fe7aa838fba87c79a76fb1ad9ea47138"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/afb39909bfb5c08111f99e21bf5be7505f59ff1c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9351e1338539cb7f319ffc1210fa9b2aa27384b5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4c3e2ef4d8ddd313c8ce3ac30505940bea8d6257"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3758f7d9917bd7ef0482c4184c0ad673b4c4e069"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/rcu/tree_stall.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e2228ed3fe7a",
"status": "affected",
"version": "245a62982502",
"versionType": "git"
},
{
"lessThan": "afb39909bfb5",
"status": "affected",
"version": "245a62982502",
"versionType": "git"
},
{
"lessThan": "9351e1338539",
"status": "affected",
"version": "245a62982502",
"versionType": "git"
},
{
"lessThan": "4c3e2ef4d8dd",
"status": "affected",
"version": "245a62982502",
"versionType": "git"
},
{
"lessThan": "3758f7d9917b",
"status": "affected",
"version": "245a62982502",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/rcu/tree_stall.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"lessThan": "6.0",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu: Fix buffer overflow in print_cpu_stall_info()\n\nThe rcuc-starvation output from print_cpu_stall_info() might overflow the\nbuffer if there is a huge difference in jiffies difference. The situation\nmight seem improbable, but computers sometimes get very confused about\ntime, which can result in full-sized integers, and, in this case,\nbuffer overflow.\n\nAlso, the unsigned jiffies difference is printed using %ld, which is\nnormally for signed integers. This is intentional for debugging purposes,\nbut it is not obvious from the code.\n\nThis commit therefore changes sprintf() to snprintf() and adds a\nclarifying comment about intention of %ld format.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:23.795Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e2228ed3fe7aa838fba87c79a76fb1ad9ea47138"
},
{
"url": "https://git.kernel.org/stable/c/afb39909bfb5c08111f99e21bf5be7505f59ff1c"
},
{
"url": "https://git.kernel.org/stable/c/9351e1338539cb7f319ffc1210fa9b2aa27384b5"
},
{
"url": "https://git.kernel.org/stable/c/4c3e2ef4d8ddd313c8ce3ac30505940bea8d6257"
},
{
"url": "https://git.kernel.org/stable/c/3758f7d9917bd7ef0482c4184c0ad673b4c4e069"
}
],
"title": "rcu: Fix buffer overflow in print_cpu_stall_info()",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38576",
"datePublished": "2024-06-19T13:37:35.142Z",
"dateReserved": "2024-06-18T19:36:34.924Z",
"dateUpdated": "2024-08-02T04:12:25.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38560
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
scsi: bfa: Ensure the copied buf is NUL terminated
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.822Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/481fc0c8617304a67649027c4a44723a139a0462"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/595a6b98deec01b6dbb20139f71edcd5fb760ec2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/00b425ff0891283207d7bad607a2412225274d7a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1708e3cf2488788cba5489e4f913d227de757baf"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7d3e694c4fe30f3aba9cd5ae86fb947a54c3db5c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/204714e68015d6946279719fd464ecaf57240f35"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7510fab46b1cbd1680e2a096e779aec3334b4143"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ecb76200f5557a2886888aaa53702da1ab9e6cdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/13d0cecb4626fae67c00c84d3c7851f6b62f7df3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/scsi/bfa/bfad_debugfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "481fc0c86173",
"status": "affected",
"version": "9f30b674759b",
"versionType": "git"
},
{
"lessThan": "595a6b98deec",
"status": "affected",
"version": "9f30b674759b",
"versionType": "git"
},
{
"lessThan": "00b425ff0891",
"status": "affected",
"version": "9f30b674759b",
"versionType": "git"
},
{
"lessThan": "1708e3cf2488",
"status": "affected",
"version": "9f30b674759b",
"versionType": "git"
},
{
"lessThan": "7d3e694c4fe3",
"status": "affected",
"version": "9f30b674759b",
"versionType": "git"
},
{
"lessThan": "204714e68015",
"status": "affected",
"version": "9f30b674759b",
"versionType": "git"
},
{
"lessThan": "7510fab46b1c",
"status": "affected",
"version": "9f30b674759b",
"versionType": "git"
},
{
"lessThan": "ecb76200f555",
"status": "affected",
"version": "9f30b674759b",
"versionType": "git"
},
{
"lessThan": "13d0cecb4626",
"status": "affected",
"version": "9f30b674759b",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/scsi/bfa/bfad_debugfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.19"
},
{
"lessThan": "3.19",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bfa: Ensure the copied buf is NUL terminated\n\nCurrently, we allocate a nbytes-sized kernel buffer and copy nbytes from\nuserspace to that buffer. Later, we use sscanf on this buffer but we don\u0027t\nensure that the string is terminated inside the buffer, this can lead to\nOOB read when using sscanf. Fix this issue by using memdup_user_nul instead\nof memdup_user."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:05.067Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/481fc0c8617304a67649027c4a44723a139a0462"
},
{
"url": "https://git.kernel.org/stable/c/595a6b98deec01b6dbb20139f71edcd5fb760ec2"
},
{
"url": "https://git.kernel.org/stable/c/00b425ff0891283207d7bad607a2412225274d7a"
},
{
"url": "https://git.kernel.org/stable/c/1708e3cf2488788cba5489e4f913d227de757baf"
},
{
"url": "https://git.kernel.org/stable/c/7d3e694c4fe30f3aba9cd5ae86fb947a54c3db5c"
},
{
"url": "https://git.kernel.org/stable/c/204714e68015d6946279719fd464ecaf57240f35"
},
{
"url": "https://git.kernel.org/stable/c/7510fab46b1cbd1680e2a096e779aec3334b4143"
},
{
"url": "https://git.kernel.org/stable/c/ecb76200f5557a2886888aaa53702da1ab9e6cdf"
},
{
"url": "https://git.kernel.org/stable/c/13d0cecb4626fae67c00c84d3c7851f6b62f7df3"
}
],
"title": "scsi: bfa: Ensure the copied buf is NUL terminated",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38560",
"datePublished": "2024-06-19T13:35:29.555Z",
"dateReserved": "2024-06-18T19:36:34.922Z",
"dateUpdated": "2024-08-02T04:12:25.822Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38611
Vulnerability from cvelistv5
Published
2024-06-19 13:56
Modified
2024-08-02 04:12
Severity
Summary
media: i2c: et8ek8: Don't strip remove function when driver is builtin
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.122Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c1a3803e5bb91c13e9ad582003e4288f67f06cd9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/43fff07e4b1956d0e5cf23717507e438278ea3d9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/904db2ba44ae60641b6378c5013254d09acf5e80"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/545b215736c5c4b354e182d99c578a472ac9bfce"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/media/i2c/et8ek8/et8ek8_driver.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "c1a3803e5bb9",
"status": "affected",
"version": "c5254e72b8ed",
"versionType": "git"
},
{
"lessThan": "43fff07e4b19",
"status": "affected",
"version": "c5254e72b8ed",
"versionType": "git"
},
{
"lessThan": "904db2ba44ae",
"status": "affected",
"version": "c5254e72b8ed",
"versionType": "git"
},
{
"lessThan": "545b215736c5",
"status": "affected",
"version": "c5254e72b8ed",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/media/i2c/et8ek8/et8ek8_driver.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.11"
},
{
"lessThan": "4.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: i2c: et8ek8: Don\u0027t strip remove function when driver is builtin\n\nUsing __exit for the remove function results in the remove callback\nbeing discarded with CONFIG_VIDEO_ET8EK8=y. When such a device gets\nunbound (e.g. using sysfs or hotplug), the driver is just removed\nwithout the cleanup being performed. This results in resource leaks. Fix\nit by compiling in the remove callback unconditionally.\n\nThis also fixes a W=1 modpost warning:\n\n\tWARNING: modpost: drivers/media/i2c/et8ek8/et8ek8: section mismatch in reference: et8ek8_i2c_driver+0x10 (section: .data) -\u003e et8ek8_remove (section: .exit.text)"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:02.797Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/c1a3803e5bb91c13e9ad582003e4288f67f06cd9"
},
{
"url": "https://git.kernel.org/stable/c/43fff07e4b1956d0e5cf23717507e438278ea3d9"
},
{
"url": "https://git.kernel.org/stable/c/904db2ba44ae60641b6378c5013254d09acf5e80"
},
{
"url": "https://git.kernel.org/stable/c/545b215736c5c4b354e182d99c578a472ac9bfce"
}
],
"title": "media: i2c: et8ek8: Don\u0027t strip remove function when driver is builtin",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38611",
"datePublished": "2024-06-19T13:56:12.742Z",
"dateReserved": "2024-06-18T19:36:34.942Z",
"dateUpdated": "2024-08-02T04:12:26.122Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47592
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:47
Severity
Summary
net: stmmac: fix tc flower deletion for VLAN priority Rx steering
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47592",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:19:38.436561Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:19:44.877Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:39.480Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/97cb5c82aa1dd85a39b1bd021c8b5f18af623779"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/aeb7c75cb77478fdbf821628e9c95c4baa9adc63"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/stmicro/stmmac/stmmac.h",
"drivers/net/ethernet/stmicro/stmmac/stmmac_tc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "97cb5c82aa1d",
"status": "affected",
"version": "0e039f5cf86c",
"versionType": "git"
},
{
"lessThan": "aeb7c75cb774",
"status": "affected",
"version": "0e039f5cf86c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/stmicro/stmmac/stmmac.h",
"drivers/net/ethernet/stmicro/stmmac/stmmac_tc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.13"
},
{
"lessThan": "5.13",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix tc flower deletion for VLAN priority Rx steering\n\nTo replicate the issue:-\n\n1) Add 1 flower filter for VLAN Priority based frame steering:-\n$ IFDEVNAME=eth0\n$ tc qdisc add dev $IFDEVNAME ingress\n$ tc qdisc add dev $IFDEVNAME root mqprio num_tc 8 \\\n map 0 1 2 3 4 5 6 7 0 0 0 0 0 0 0 0 \\\n queues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 hw 0\n$ tc filter add dev $IFDEVNAME parent ffff: protocol 802.1Q \\\n flower vlan_prio 0 hw_tc 0\n\n2) Get the \u0027pref\u0027 id\n$ tc filter show dev $IFDEVNAME ingress\n\n3) Delete a specific tc flower record (say pref 49151)\n$ tc filter del dev $IFDEVNAME parent ffff: pref 49151\n\nFrom dmesg, we will observe kernel NULL pointer ooops\n\n[ 197.170464] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 197.171367] #PF: supervisor read access in kernel mode\n[ 197.171367] #PF: error_code(0x0000) - not-present page\n[ 197.171367] PGD 0 P4D 0\n[ 197.171367] Oops: 0000 [#1] PREEMPT SMP NOPTI\n\n\u003csnip\u003e\n\n[ 197.171367] RIP: 0010:tc_setup_cls+0x20b/0x4a0 [stmmac]\n\n\u003csnip\u003e\n\n[ 197.171367] Call Trace:\n[ 197.171367] \u003cTASK\u003e\n[ 197.171367] ? __stmmac_disable_all_queues+0xa8/0xe0 [stmmac]\n[ 197.171367] stmmac_setup_tc_block_cb+0x70/0x110 [stmmac]\n[ 197.171367] tc_setup_cb_destroy+0xb3/0x180\n[ 197.171367] fl_hw_destroy_filter+0x94/0xc0 [cls_flower]\n\nThe above issue is due to previous incorrect implementation of\ntc_del_vlan_flow(), shown below, that uses flow_cls_offload_flow_rule()\nto get struct flow_rule *rule which is no longer valid for tc filter\ndelete operation.\n\n struct flow_rule *rule = flow_cls_offload_flow_rule(cls);\n struct flow_dissector *dissector = rule-\u003ematch.dissector;\n\nSo, to ensure tc_del_vlan_flow() deletes the right VLAN cls record for\nearlier configured RX queue (configured by hw_tc) in tc_add_vlan_flow(),\nthis patch introduces stmmac_rfs_entry as driver-side flow_cls_offload\nrecord for \u0027RX frame steering\u0027 tc flower, currently used for VLAN\npriority. The implementation has taken consideration for future extension\nto include other type RX frame steering such as EtherType based.\n\nv2:\n - Clean up overly extensive backtrace and rewrite git message to better\n explain the kernel NULL pointer issue."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:55.574Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/97cb5c82aa1dd85a39b1bd021c8b5f18af623779"
},
{
"url": "https://git.kernel.org/stable/c/aeb7c75cb77478fdbf821628e9c95c4baa9adc63"
}
],
"title": "net: stmmac: fix tc flower deletion for VLAN priority Rx steering",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47592",
"datePublished": "2024-06-19T14:53:55.574Z",
"dateReserved": "2024-05-24T15:11:00.733Z",
"dateUpdated": "2024-08-04T05:47:39.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47620
Vulnerability from cvelistv5
Published
2024-06-20 11:08
Modified
2024-08-04 05:47
Severity
Summary
Bluetooth: refactor malicious adv data check
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47620",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:36:51.279922Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T13:36:59.452Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/305e92f525450f3e1b5f5c9dc7eadb152d66a082"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7889b38a7f21ed19314f83194622b195d328465c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5a539c08d743d9910631448da78af5e961664c0e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8819f93cd4a443dfe547aa622b21f723757df3fb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/835d3706852537bf92eb23eb8635b8dee0c0aa67"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/83d5196b65d1b29e27d7dd16a3b9b439fb1d2dba"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bcea886771c3f22a590c8c8b9139a107bd7f1e1c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5c968affa804ba98c3c603f37ffea6fba618025e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/899663be5e75dc0174dc8bda0b5e6826edf0b29a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/bluetooth/hci_event.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "305e92f52545",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "7889b38a7f21",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "5a539c08d743",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "8819f93cd4a4",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "835d37068525",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "83d5196b65d1",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "bcea886771c3",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "5c968affa804",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "899663be5e75",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/bluetooth/hci_event.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"version": "4.4.302",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.300",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.265",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.176",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: refactor malicious adv data check\n\nCheck for out-of-bound read was being performed at the end of while\nnum_reports loop, and would fill journal with false positives. Added\ncheck to beginning of loop processing so that it doesn\u0027t get checked\nafter ptr has been advanced."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:08:09.320Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/305e92f525450f3e1b5f5c9dc7eadb152d66a082"
},
{
"url": "https://git.kernel.org/stable/c/7889b38a7f21ed19314f83194622b195d328465c"
},
{
"url": "https://git.kernel.org/stable/c/5a539c08d743d9910631448da78af5e961664c0e"
},
{
"url": "https://git.kernel.org/stable/c/8819f93cd4a443dfe547aa622b21f723757df3fb"
},
{
"url": "https://git.kernel.org/stable/c/835d3706852537bf92eb23eb8635b8dee0c0aa67"
},
{
"url": "https://git.kernel.org/stable/c/83d5196b65d1b29e27d7dd16a3b9b439fb1d2dba"
},
{
"url": "https://git.kernel.org/stable/c/bcea886771c3f22a590c8c8b9139a107bd7f1e1c"
},
{
"url": "https://git.kernel.org/stable/c/5c968affa804ba98c3c603f37ffea6fba618025e"
},
{
"url": "https://git.kernel.org/stable/c/899663be5e75dc0174dc8bda0b5e6826edf0b29a"
}
],
"title": "Bluetooth: refactor malicious adv data check",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47620",
"datePublished": "2024-06-20T11:08:09.320Z",
"dateReserved": "2024-06-20T11:03:43.235Z",
"dateUpdated": "2024-08-04T05:47:40.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47599
Vulnerability from cvelistv5
Published
2024-06-19 14:54
Modified
2024-08-04 05:47
Severity
Summary
btrfs: use latest_dev in btrfs_show_devname
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:39.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e342c2558016ead462f376b6c6c2ac5efc17f3b1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6605fd2f394bba0a0059df2b6cfc87b0b6d393a2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/btrfs/super.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e342c2558016",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "6605fd2f394b",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/btrfs/super.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: use latest_dev in btrfs_show_devname\n\nThe test case btrfs/238 reports the warning below:\n\n WARNING: CPU: 3 PID: 481 at fs/btrfs/super.c:2509 btrfs_show_devname+0x104/0x1e8 [btrfs]\n CPU: 2 PID: 1 Comm: systemd Tainted: G W O 5.14.0-rc1-custom #72\n Hardware name: QEMU QEMU Virtual Machine, BIOS 0.0.0 02/06/2015\n Call trace:\n btrfs_show_devname+0x108/0x1b4 [btrfs]\n show_mountinfo+0x234/0x2c4\n m_show+0x28/0x34\n seq_read_iter+0x12c/0x3c4\n vfs_read+0x29c/0x2c8\n ksys_read+0x80/0xec\n __arm64_sys_read+0x28/0x34\n invoke_syscall+0x50/0xf8\n do_el0_svc+0x88/0x138\n el0_svc+0x2c/0x8c\n el0t_64_sync_handler+0x84/0xe4\n el0t_64_sync+0x198/0x19c\n\nReason:\nWhile btrfs_prepare_sprout() moves the fs_devices::devices into\nfs_devices::seed_list, the btrfs_show_devname() searches for the devices\nand found none, leading to the warning as in above.\n\nFix:\nlatest_dev is updated according to the changes to the device list.\nThat means we could use the latest_dev-\u003ename to show the device name in\n/proc/self/mounts, the pointer will be always valid as it\u0027s assigned\nbefore the device is deleted from the list in remove or replace.\nThe RCU protection is sufficient as the device structure is freed after\nsynchronization."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:54:00.272Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e342c2558016ead462f376b6c6c2ac5efc17f3b1"
},
{
"url": "https://git.kernel.org/stable/c/6605fd2f394bba0a0059df2b6cfc87b0b6d393a2"
}
],
"title": "btrfs: use latest_dev in btrfs_show_devname",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47599",
"datePublished": "2024-06-19T14:54:00.272Z",
"dateReserved": "2024-05-24T15:11:00.735Z",
"dateUpdated": "2024-08-04T05:47:39.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38602
Vulnerability from cvelistv5
Published
2024-06-19 13:48
Modified
2024-08-02 04:12
Severity
Summary
ax25: Fix reference count leak issues of ax25_dev
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.063Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ae467750a3765dd1092eb29f58247950a2f9b60c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/38eb01edfdaa1562fa00429be2e33f45383b1b3a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/81d8240b0a243b3ddd8fa8aa172f1acc2f7cc8f3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1ea02699c7557eeb35ccff2bd822de1b3e09d868"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b505e0319852b08a3a716b64620168eab21f4ced"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/ax25/ax25_dev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ae467750a376",
"status": "affected",
"version": "d01ffb9eee4a",
"versionType": "git"
},
{
"lessThan": "38eb01edfdaa",
"status": "affected",
"version": "d01ffb9eee4a",
"versionType": "git"
},
{
"lessThan": "81d8240b0a24",
"status": "affected",
"version": "d01ffb9eee4a",
"versionType": "git"
},
{
"lessThan": "1ea02699c755",
"status": "affected",
"version": "d01ffb9eee4a",
"versionType": "git"
},
{
"lessThan": "b505e0319852",
"status": "affected",
"version": "d01ffb9eee4a",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/ax25/ax25_dev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.17"
},
{
"lessThan": "5.17",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Fix reference count leak issues of ax25_dev\n\nThe ax25_addr_ax25dev() and ax25_dev_device_down() exist a reference\ncount leak issue of the object \"ax25_dev\".\n\nMemory leak issue in ax25_addr_ax25dev():\n\nThe reference count of the object \"ax25_dev\" can be increased multiple\ntimes in ax25_addr_ax25dev(). This will cause a memory leak.\n\nMemory leak issues in ax25_dev_device_down():\n\nThe reference count of ax25_dev is set to 1 in ax25_dev_device_up() and\nthen increase the reference count when ax25_dev is added to ax25_dev_list.\nAs a result, the reference count of ax25_dev is 2. But when the device is\nshutting down. The ax25_dev_device_down() drops the reference count once\nor twice depending on if we goto unlock_put or not, which will cause\nmemory leak.\n\nAs for the issue of ax25_addr_ax25dev(), it is impossible for one pointer\nto be on a list twice. So add a break in ax25_addr_ax25dev(). As for the\nissue of ax25_dev_device_down(), increase the reference count of ax25_dev\nonce in ax25_dev_device_up() and decrease the reference count of ax25_dev\nafter it is removed from the ax25_dev_list."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:52.244Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ae467750a3765dd1092eb29f58247950a2f9b60c"
},
{
"url": "https://git.kernel.org/stable/c/38eb01edfdaa1562fa00429be2e33f45383b1b3a"
},
{
"url": "https://git.kernel.org/stable/c/81d8240b0a243b3ddd8fa8aa172f1acc2f7cc8f3"
},
{
"url": "https://git.kernel.org/stable/c/1ea02699c7557eeb35ccff2bd822de1b3e09d868"
},
{
"url": "https://git.kernel.org/stable/c/b505e0319852b08a3a716b64620168eab21f4ced"
}
],
"title": "ax25: Fix reference count leak issues of ax25_dev",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38602",
"datePublished": "2024-06-19T13:48:13.768Z",
"dateReserved": "2024-06-18T19:36:34.933Z",
"dateUpdated": "2024-08-02T04:12:26.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38592
Vulnerability from cvelistv5
Published
2024-06-19 13:45
Modified
2024-08-02 04:12
Severity
Summary
drm/mediatek: Init `ddp_comp` with devm_kcalloc()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38592",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T19:44:50.300653Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T19:44:58.390Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cf69d0af7db917b82aceaa44b7b1b9376609da22"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9fe2cc3fa44f7ad7ba5f29c1a68b2b924c17b9b1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/01a2c5123e27b3c4685bf2fc4c2e879f6e0c7b33"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/mediatek/mtk_drm_crtc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "cf69d0af7db9",
"status": "affected",
"version": "01389b324c97",
"versionType": "git"
},
{
"lessThan": "9fe2cc3fa44f",
"status": "affected",
"version": "01389b324c97",
"versionType": "git"
},
{
"lessThan": "01a2c5123e27",
"status": "affected",
"version": "01389b324c97",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/mediatek/mtk_drm_crtc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.7"
},
{
"lessThan": "6.7",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: Init `ddp_comp` with devm_kcalloc()\n\nIn the case where `conn_routes` is true we allocate an extra slot in\nthe `ddp_comp` array but mtk_drm_crtc_create() never seemed to\ninitialize it in the test case I ran. For me, this caused a later\ncrash when we looped through the array in mtk_drm_crtc_mode_valid().\nThis showed up for me when I booted with `slub_debug=FZPUA` which\npoisons the memory initially. Without `slub_debug` I couldn\u0027t\nreproduce, presumably because the later code handles the value being\nNULL and in most cases (not guaranteed in all cases) the memory the\nallocator returned started out as 0.\n\nIt really doesn\u0027t hurt to initialize the array with devm_kcalloc()\nsince the array is small and the overhead of initting a handful of\nelements to 0 is small. In general initting memory to zero is a safer\npractice and usually it\u0027s suggested to only use the non-initting alloc\nfunctions if you really need to.\n\nLet\u0027s switch the function to use an allocation function that zeros the\nmemory. For me, this avoids the crash."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:40.195Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/cf69d0af7db917b82aceaa44b7b1b9376609da22"
},
{
"url": "https://git.kernel.org/stable/c/9fe2cc3fa44f7ad7ba5f29c1a68b2b924c17b9b1"
},
{
"url": "https://git.kernel.org/stable/c/01a2c5123e27b3c4685bf2fc4c2e879f6e0c7b33"
}
],
"title": "drm/mediatek: Init `ddp_comp` with devm_kcalloc()",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38592",
"datePublished": "2024-06-19T13:45:43.367Z",
"dateReserved": "2024-06-18T19:36:34.930Z",
"dateUpdated": "2024-08-02T04:12:25.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38581
Vulnerability from cvelistv5
Published
2024-06-19 13:37
Modified
2024-08-02 04:12
Severity
Summary
drm/amdgpu/mes: fix use-after-free issue
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38581",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T14:58:15.450879Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T14:58:23.883Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.835Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/70b1bf6d9edc8692d241f59a65f073aec6d501de"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/39cfce75168c11421d70b8c0c65f6133edccb82a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0f98c144c15c8fc0f3176c994bd4e727ef718a5c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/948255282074d9367e01908b3f5dcf8c10fc9c3d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/amdgpu/amdgpu_mes.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "70b1bf6d9edc",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "39cfce75168c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "0f98c144c15c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "948255282074",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/amdgpu/amdgpu_mes.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/mes: fix use-after-free issue\n\nDelete fence fallback timer to fix the ramdom\nuse-after-free issue.\n\nv2: move to amdgpu_mes.c"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T13:37:38.509Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/70b1bf6d9edc8692d241f59a65f073aec6d501de"
},
{
"url": "https://git.kernel.org/stable/c/39cfce75168c11421d70b8c0c65f6133edccb82a"
},
{
"url": "https://git.kernel.org/stable/c/0f98c144c15c8fc0f3176c994bd4e727ef718a5c"
},
{
"url": "https://git.kernel.org/stable/c/948255282074d9367e01908b3f5dcf8c10fc9c3d"
}
],
"title": "drm/amdgpu/mes: fix use-after-free issue",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38581",
"datePublished": "2024-06-19T13:37:38.509Z",
"dateReserved": "2024-06-18T19:36:34.927Z",
"dateUpdated": "2024-08-02T04:12:25.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38550
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
ASoC: kirkwood: Fix potential NULL dereference
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38550",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:41:30.404959Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:41:49.191Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.668Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d48d0c5fd733bd6d8d3ddb2ed553777ab4724169"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/de9987cec6fde1dd41dfcb971433e05945852489"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1a7254525ca7a6f3e37d7882d7f7ad97f6235f7c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5bf5154739cd676b6d0958079070557c8d96afb6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/802b49e39da669b54bd9b77dc3c649999a446bf6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ea60ab95723f5738e7737b56dda95e6feefa5b50"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"sound/soc/kirkwood/kirkwood-dma.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d48d0c5fd733",
"status": "affected",
"version": "bb6a40fc5a83",
"versionType": "git"
},
{
"lessThan": "de9987cec6fd",
"status": "affected",
"version": "bb6a40fc5a83",
"versionType": "git"
},
{
"lessThan": "1a7254525ca7",
"status": "affected",
"version": "bb6a40fc5a83",
"versionType": "git"
},
{
"lessThan": "5bf5154739cd",
"status": "affected",
"version": "bb6a40fc5a83",
"versionType": "git"
},
{
"lessThan": "802b49e39da6",
"status": "affected",
"version": "bb6a40fc5a83",
"versionType": "git"
},
{
"lessThan": "ea60ab95723f",
"status": "affected",
"version": "bb6a40fc5a83",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"sound/soc/kirkwood/kirkwood-dma.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.14"
},
{
"lessThan": "5.14",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: kirkwood: Fix potential NULL dereference\n\nIn kirkwood_dma_hw_params() mv_mbus_dram_info() returns NULL if\nCONFIG_PLAT_ORION macro is not defined.\nFix this bug by adding NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:52.867Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d48d0c5fd733bd6d8d3ddb2ed553777ab4724169"
},
{
"url": "https://git.kernel.org/stable/c/de9987cec6fde1dd41dfcb971433e05945852489"
},
{
"url": "https://git.kernel.org/stable/c/1a7254525ca7a6f3e37d7882d7f7ad97f6235f7c"
},
{
"url": "https://git.kernel.org/stable/c/5bf5154739cd676b6d0958079070557c8d96afb6"
},
{
"url": "https://git.kernel.org/stable/c/802b49e39da669b54bd9b77dc3c649999a446bf6"
},
{
"url": "https://git.kernel.org/stable/c/ea60ab95723f5738e7737b56dda95e6feefa5b50"
}
],
"title": "ASoC: kirkwood: Fix potential NULL dereference",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38550",
"datePublished": "2024-06-19T13:35:22.716Z",
"dateReserved": "2024-06-18T19:36:34.920Z",
"dateUpdated": "2024-08-02T04:12:25.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38544
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38544",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:44:10.125327Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:44:19.324Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:24.974Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/faa8d0ecf6c9c7c2ace3ca3e552180ada6f75e19"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/21b4c6d4d89030fd4657a8e7c8110fd941049794"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bbad88f111a1829f366c189aa48e7e58e57553fc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/30df4bef8b8e183333e9b6e9d4509d552c7da6eb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2b23b6097303ed0ba5f4bc036a1c07b6027af5c6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/sw/rxe/rxe_comp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "faa8d0ecf6c9",
"status": "affected",
"version": "0b1e5b99a48b",
"versionType": "git"
},
{
"lessThan": "21b4c6d4d890",
"status": "affected",
"version": "0b1e5b99a48b",
"versionType": "git"
},
{
"lessThan": "bbad88f111a1",
"status": "affected",
"version": "0b1e5b99a48b",
"versionType": "git"
},
{
"lessThan": "30df4bef8b8e",
"status": "affected",
"version": "0b1e5b99a48b",
"versionType": "git"
},
{
"lessThan": "2b23b6097303",
"status": "affected",
"version": "0b1e5b99a48b",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/sw/rxe/rxe_comp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.12"
},
{
"lessThan": "4.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix seg fault in rxe_comp_queue_pkt\n\nIn rxe_comp_queue_pkt() an incoming response packet skb is enqueued to the\nresp_pkts queue and then a decision is made whether to run the completer\ntask inline or schedule it. Finally the skb is dereferenced to bump a \u0027hw\u0027\nperformance counter. This is wrong because if the completer task is\nalready running in a separate thread it may have already processed the skb\nand freed it which can cause a seg fault. This has been observed\ninfrequently in testing at high scale.\n\nThis patch fixes this by changing the order of enqueuing the packet until\nafter the counter is accessed."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:45.920Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/faa8d0ecf6c9c7c2ace3ca3e552180ada6f75e19"
},
{
"url": "https://git.kernel.org/stable/c/21b4c6d4d89030fd4657a8e7c8110fd941049794"
},
{
"url": "https://git.kernel.org/stable/c/bbad88f111a1829f366c189aa48e7e58e57553fc"
},
{
"url": "https://git.kernel.org/stable/c/30df4bef8b8e183333e9b6e9d4509d552c7da6eb"
},
{
"url": "https://git.kernel.org/stable/c/2b23b6097303ed0ba5f4bc036a1c07b6027af5c6"
}
],
"title": "RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38544",
"datePublished": "2024-06-19T13:35:18.676Z",
"dateReserved": "2024-06-18T19:36:34.919Z",
"dateUpdated": "2024-08-02T04:12:24.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38593
Vulnerability from cvelistv5
Published
2024-06-19 13:45
Modified
2024-08-02 04:12
Severity
Summary
net: micrel: Fix receiving the timestamp in the frame for lan8841
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38593",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:38:26.160801Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:38:34.534Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3ddf170e4a604f5d4d9459a36993f5e92b53e8b0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3fd4282d5f25c3c97fef3ef0b89b82ef4e2bc975"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/64a47cf634ae44e92be24ebc982410841093bd7b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/aea27a92a41dae14843f92c79e9e42d8f570105c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/phy/micrel.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3ddf170e4a60",
"status": "affected",
"version": "cc7554954848",
"versionType": "git"
},
{
"lessThan": "3fd4282d5f25",
"status": "affected",
"version": "cc7554954848",
"versionType": "git"
},
{
"lessThan": "64a47cf634ae",
"status": "affected",
"version": "cc7554954848",
"versionType": "git"
},
{
"lessThan": "aea27a92a41d",
"status": "affected",
"version": "cc7554954848",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/phy/micrel.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.5"
},
{
"lessThan": "6.5",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: micrel: Fix receiving the timestamp in the frame for lan8841\n\nThe blamed commit started to use the ptp workqueue to get the second\npart of the timestamp. And when the port was set down, then this\nworkqueue is stopped. But if the config option NETWORK_PHY_TIMESTAMPING\nis not enabled, then the ptp_clock is not initialized so then it would\ncrash when it would try to access the delayed work.\nSo then basically by setting up and then down the port, it would crash.\nThe fix consists in checking if the ptp_clock is initialized and only\nthen cancel the delayed work."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:41.349Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3ddf170e4a604f5d4d9459a36993f5e92b53e8b0"
},
{
"url": "https://git.kernel.org/stable/c/3fd4282d5f25c3c97fef3ef0b89b82ef4e2bc975"
},
{
"url": "https://git.kernel.org/stable/c/64a47cf634ae44e92be24ebc982410841093bd7b"
},
{
"url": "https://git.kernel.org/stable/c/aea27a92a41dae14843f92c79e9e42d8f570105c"
}
],
"title": "net: micrel: Fix receiving the timestamp in the frame for lan8841",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38593",
"datePublished": "2024-06-19T13:45:44.031Z",
"dateReserved": "2024-06-18T19:36:34.931Z",
"dateUpdated": "2024-08-02T04:12:25.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38612
Vulnerability from cvelistv5
Published
2024-06-19 13:56
Modified
2024-08-02 04:12
Severity
Summary
ipv6: sr: fix invalid unregister error path
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "0610575a3ac",
"status": "affected",
"version": "46738b1317e1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "646cd236c55e",
"status": "affected",
"version": "46738b1317e1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "00e6335329f2",
"status": "affected",
"version": "46738b1317e1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "1a63730fb315",
"status": "affected",
"version": "46738b1317e1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "e77a3ec7ada8",
"status": "affected",
"version": "46738b1317e1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "3398a40dccb8",
"status": "affected",
"version": "46738b1317e1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "85a70ff1e572",
"status": "affected",
"version": "46738b1317e1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "c04d6a914e89",
"status": "affected",
"version": "46738b1317e1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "160e9d275218",
"status": "affected",
"version": "46738b1317e1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "4.10"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "4.10",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "4.20",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.5",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:acrn:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrn",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.11",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.16",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.2",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.7",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.9",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.10",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unaffected",
"version": "6.10-rc1"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-38612",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T14:07:52.263547Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T14:37:58.950Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.031Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/10610575a3ac2a702bf5c57aa931beaf847949c7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/646cd236c55e2cb5f146fc41bbe4034c4af5b2a4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/00e6335329f23ac6cf3105931691674e28bc598c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1a63730fb315bb1bab97edd69ff58ad45e04bb01"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e77a3ec7ada84543e75722a1283785a6544de925"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3398a40dccb88d3a7eef378247a023a78472db66"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/85a70ff1e572160f1eeb096ed48d09a1c9d4d89a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c04d6a914e890ccea4a9d11233009a2ee7978bf4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/160e9d2752181fcf18c662e74022d77d3164cd45"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/ipv6/seg6.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "10610575a3ac",
"status": "affected",
"version": "46738b1317e1",
"versionType": "git"
},
{
"lessThan": "646cd236c55e",
"status": "affected",
"version": "46738b1317e1",
"versionType": "git"
},
{
"lessThan": "00e6335329f2",
"status": "affected",
"version": "46738b1317e1",
"versionType": "git"
},
{
"lessThan": "1a63730fb315",
"status": "affected",
"version": "46738b1317e1",
"versionType": "git"
},
{
"lessThan": "e77a3ec7ada8",
"status": "affected",
"version": "46738b1317e1",
"versionType": "git"
},
{
"lessThan": "3398a40dccb8",
"status": "affected",
"version": "46738b1317e1",
"versionType": "git"
},
{
"lessThan": "85a70ff1e572",
"status": "affected",
"version": "46738b1317e1",
"versionType": "git"
},
{
"lessThan": "c04d6a914e89",
"status": "affected",
"version": "46738b1317e1",
"versionType": "git"
},
{
"lessThan": "160e9d275218",
"status": "affected",
"version": "46738b1317e1",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/ipv6/seg6.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.10"
},
{
"lessThan": "4.10",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: fix invalid unregister error path\n\nThe error path of seg6_init() is wrong in case CONFIG_IPV6_SEG6_LWTUNNEL\nis not defined. In that case if seg6_hmac_init() fails, the\ngenl_unregister_family() isn\u0027t called.\n\nThis issue exist since commit 46738b1317e1 (\"ipv6: sr: add option to control\nlwtunnel support\"), and commit 5559cea2d5aa (\"ipv6: sr: fix possible\nuse-after-free and null-ptr-deref\") replaced unregister_pernet_subsys()\nwith genl_unregister_family() in this error path."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:04.007Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/10610575a3ac2a702bf5c57aa931beaf847949c7"
},
{
"url": "https://git.kernel.org/stable/c/646cd236c55e2cb5f146fc41bbe4034c4af5b2a4"
},
{
"url": "https://git.kernel.org/stable/c/00e6335329f23ac6cf3105931691674e28bc598c"
},
{
"url": "https://git.kernel.org/stable/c/1a63730fb315bb1bab97edd69ff58ad45e04bb01"
},
{
"url": "https://git.kernel.org/stable/c/e77a3ec7ada84543e75722a1283785a6544de925"
},
{
"url": "https://git.kernel.org/stable/c/3398a40dccb88d3a7eef378247a023a78472db66"
},
{
"url": "https://git.kernel.org/stable/c/85a70ff1e572160f1eeb096ed48d09a1c9d4d89a"
},
{
"url": "https://git.kernel.org/stable/c/c04d6a914e890ccea4a9d11233009a2ee7978bf4"
},
{
"url": "https://git.kernel.org/stable/c/160e9d2752181fcf18c662e74022d77d3164cd45"
}
],
"title": "ipv6: sr: fix invalid unregister error path",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38612",
"datePublished": "2024-06-19T13:56:13.415Z",
"dateReserved": "2024-06-18T19:36:34.944Z",
"dateUpdated": "2024-08-02T04:12:26.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47583
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:39
Severity
Summary
media: mxl111sf: change mutex_init() location
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47583",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T18:10:30.676527Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T18:10:38.381Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:39:59.828Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4b2d9600b31f9ba7adbc9f3c54a068615d27b390"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/96f182c9f48b984447741f054ec301fdc8517035"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b99bdf127af91d53919e96292c05f737c45ea59a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8c6fdf62bfe1bc72bfceeaf832ef7499c7ed09ba"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/44870a9e7a3c24acbb3f888b2a7cc22c9bdf7e7f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/media/usb/dvb-usb-v2/mxl111sf.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "4b2d9600b31f",
"status": "affected",
"version": "8572211842af",
"versionType": "git"
},
{
"lessThan": "96f182c9f48b",
"status": "affected",
"version": "8572211842af",
"versionType": "git"
},
{
"lessThan": "b99bdf127af9",
"status": "affected",
"version": "8572211842af",
"versionType": "git"
},
{
"lessThan": "8c6fdf62bfe1",
"status": "affected",
"version": "8572211842af",
"versionType": "git"
},
{
"lessThan": "44870a9e7a3c",
"status": "affected",
"version": "8572211842af",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/media/usb/dvb-usb-v2/mxl111sf.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.7"
},
{
"lessThan": "3.7",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.222",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.168",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mxl111sf: change mutex_init() location\n\nSyzbot reported, that mxl111sf_ctrl_msg() uses uninitialized\nmutex. The problem was in wrong mutex_init() location.\n\nPrevious mutex_init(\u0026state-\u003emsg_lock) call was in -\u003einit() function, but\ndvb_usbv2_init() has this order of calls:\n\n\tdvb_usbv2_init()\n\t dvb_usbv2_adapter_init()\n\t dvb_usbv2_adapter_frontend_init()\n\t props-\u003efrontend_attach()\n\n\t props-\u003einit()\n\nSince mxl111sf_* devices call mxl111sf_ctrl_msg() in -\u003efrontend_attach()\ninternally we need to initialize state-\u003emsg_lock before\nfrontend_attach(). To achieve it, -\u003eprobe() call added to all mxl111sf_*\ndevices, which will simply initiaize mutex."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:49.459Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/4b2d9600b31f9ba7adbc9f3c54a068615d27b390"
},
{
"url": "https://git.kernel.org/stable/c/96f182c9f48b984447741f054ec301fdc8517035"
},
{
"url": "https://git.kernel.org/stable/c/b99bdf127af91d53919e96292c05f737c45ea59a"
},
{
"url": "https://git.kernel.org/stable/c/8c6fdf62bfe1bc72bfceeaf832ef7499c7ed09ba"
},
{
"url": "https://git.kernel.org/stable/c/44870a9e7a3c24acbb3f888b2a7cc22c9bdf7e7f"
}
],
"title": "media: mxl111sf: change mutex_init() location",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47583",
"datePublished": "2024-06-19T14:53:49.459Z",
"dateReserved": "2024-05-24T15:11:00.731Z",
"dateUpdated": "2024-08-04T05:39:59.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38588
Vulnerability from cvelistv5
Published
2024-06-19 13:37
Modified
2024-08-02 04:12
Severity
Summary
ftrace: Fix possible use-after-free issue in ftrace_location()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38588",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T19:45:27.583238Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T19:45:36.573Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.894Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8ea8ef5e42173560ac510e92a1cc797ffeea8831"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dbff5f0bfb2416b8b55c105ddbcd4f885e98fada"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7b4881da5b19f65709f5c18c1a4d8caa2e496461"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/66df065b3106964e667b37bf8f7e55ec69d0c1f6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/31310e373f4c8c74e029d4326b283e757edabc0b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e60b613df8b6253def41215402f72986fee3fc8d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/trace/ftrace.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8ea8ef5e4217",
"status": "affected",
"version": "ae6aa16fdc16",
"versionType": "git"
},
{
"lessThan": "dbff5f0bfb24",
"status": "affected",
"version": "ae6aa16fdc16",
"versionType": "git"
},
{
"lessThan": "7b4881da5b19",
"status": "affected",
"version": "ae6aa16fdc16",
"versionType": "git"
},
{
"lessThan": "66df065b3106",
"status": "affected",
"version": "ae6aa16fdc16",
"versionType": "git"
},
{
"lessThan": "31310e373f4c",
"status": "affected",
"version": "ae6aa16fdc16",
"versionType": "git"
},
{
"lessThan": "e60b613df8b6",
"status": "affected",
"version": "ae6aa16fdc16",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/trace/ftrace.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.7"
},
{
"lessThan": "3.7",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.162",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Fix possible use-after-free issue in ftrace_location()\n\nKASAN reports a bug:\n\n BUG: KASAN: use-after-free in ftrace_location+0x90/0x120\n Read of size 8 at addr ffff888141d40010 by task insmod/424\n CPU: 8 PID: 424 Comm: insmod Tainted: G W 6.9.0-rc2+\n [...]\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x68/0xa0\n print_report+0xcf/0x610\n kasan_report+0xb5/0xe0\n ftrace_location+0x90/0x120\n register_kprobe+0x14b/0xa40\n kprobe_init+0x2d/0xff0 [kprobe_example]\n do_one_initcall+0x8f/0x2d0\n do_init_module+0x13a/0x3c0\n load_module+0x3082/0x33d0\n init_module_from_file+0xd2/0x130\n __x64_sys_finit_module+0x306/0x440\n do_syscall_64+0x68/0x140\n entry_SYSCALL_64_after_hwframe+0x71/0x79\n\nThe root cause is that, in lookup_rec(), ftrace record of some address\nis being searched in ftrace pages of some module, but those ftrace pages\nat the same time is being freed in ftrace_release_mod() as the\ncorresponding module is being deleted:\n\n CPU1 | CPU2\n register_kprobes() { | delete_module() {\n check_kprobe_address_safe() { |\n arch_check_ftrace_location() { |\n ftrace_location() { |\n lookup_rec() // USE! | ftrace_release_mod() // Free!\n\nTo fix this issue:\n 1. Hold rcu lock as accessing ftrace pages in ftrace_location_range();\n 2. Use ftrace_location_range() instead of lookup_rec() in\n ftrace_location();\n 3. Call synchronize_rcu() before freeing any ftrace pages both in\n ftrace_process_locs()/ftrace_release_mod()/ftrace_free_mem()."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:35.428Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8ea8ef5e42173560ac510e92a1cc797ffeea8831"
},
{
"url": "https://git.kernel.org/stable/c/dbff5f0bfb2416b8b55c105ddbcd4f885e98fada"
},
{
"url": "https://git.kernel.org/stable/c/7b4881da5b19f65709f5c18c1a4d8caa2e496461"
},
{
"url": "https://git.kernel.org/stable/c/66df065b3106964e667b37bf8f7e55ec69d0c1f6"
},
{
"url": "https://git.kernel.org/stable/c/31310e373f4c8c74e029d4326b283e757edabc0b"
},
{
"url": "https://git.kernel.org/stable/c/e60b613df8b6253def41215402f72986fee3fc8d"
}
],
"title": "ftrace: Fix possible use-after-free issue in ftrace_location()",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38588",
"datePublished": "2024-06-19T13:37:43.262Z",
"dateReserved": "2024-06-18T19:36:34.929Z",
"dateUpdated": "2024-08-02T04:12:25.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38589
Vulnerability from cvelistv5
Published
2024-06-19 13:45
Modified
2024-08-02 04:12
Severity
Summary
netrom: fix possible dead-lock in nr_rt_ioctl()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.739Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b9d663fbf74290cb68fbc66ae4367bd56837ad1d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1fbfb483c1a290dce3f41f52d45cc46dd88b7691"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b117e5b4f27c2c9076561b6be450a9619f0b79de"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/421c50fa81836775bf0fd6ce0e57a6eb27af24d5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3db2fc45d1d2a6457f06ebdfd45b9820e5b5c2b7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f28bdc2ee5d9300cc77bd3d97b5b3cdd14960fd8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5fb7e2a4335fc67d6952ad2a6613c46e0b05f7c5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5bc50a705cfac8f64ce51c95611c3dd0554ef9c3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e03e7f20ebf7e1611d40d1fdc1bde900fd3335f6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/netrom/nr_route.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b9d663fbf742",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "1fbfb483c1a2",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "b117e5b4f27c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "421c50fa8183",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "3db2fc45d1d2",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "f28bdc2ee5d9",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "5fb7e2a4335f",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "5bc50a705cfa",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "e03e7f20ebf7",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/netrom/nr_route.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.12"
},
{
"lessThan": "2.6.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetrom: fix possible dead-lock in nr_rt_ioctl()\n\nsyzbot loves netrom, and found a possible deadlock in nr_rt_ioctl [1]\n\nMake sure we always acquire nr_node_list_lock before nr_node_lock(nr_node)\n\n[1]\nWARNING: possible circular locking dependency detected\n6.9.0-rc7-syzkaller-02147-g654de42f3fc6 #0 Not tainted\n------------------------------------------------------\nsyz-executor350/5129 is trying to acquire lock:\n ffff8880186e2070 (\u0026nr_node-\u003enode_lock){+...}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline]\n ffff8880186e2070 (\u0026nr_node-\u003enode_lock){+...}-{2:2}, at: nr_node_lock include/net/netrom.h:152 [inline]\n ffff8880186e2070 (\u0026nr_node-\u003enode_lock){+...}-{2:2}, at: nr_dec_obs net/netrom/nr_route.c:464 [inline]\n ffff8880186e2070 (\u0026nr_node-\u003enode_lock){+...}-{2:2}, at: nr_rt_ioctl+0x1bb/0x1090 net/netrom/nr_route.c:697\n\nbut task is already holding lock:\n ffffffff8f7053b8 (nr_node_list_lock){+...}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline]\n ffffffff8f7053b8 (nr_node_list_lock){+...}-{2:2}, at: nr_dec_obs net/netrom/nr_route.c:462 [inline]\n ffffffff8f7053b8 (nr_node_list_lock){+...}-{2:2}, at: nr_rt_ioctl+0x10a/0x1090 net/netrom/nr_route.c:697\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #1 (nr_node_list_lock){+...}-{2:2}:\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5754\n __raw_spin_lock_bh include/linux/spinlock_api_smp.h:126 [inline]\n _raw_spin_lock_bh+0x35/0x50 kernel/locking/spinlock.c:178\n spin_lock_bh include/linux/spinlock.h:356 [inline]\n nr_remove_node net/netrom/nr_route.c:299 [inline]\n nr_del_node+0x4b4/0x820 net/netrom/nr_route.c:355\n nr_rt_ioctl+0xa95/0x1090 net/netrom/nr_route.c:683\n sock_do_ioctl+0x158/0x460 net/socket.c:1222\n sock_ioctl+0x629/0x8e0 net/socket.c:1341\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:904 [inline]\n __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:890\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n-\u003e #0 (\u0026nr_node-\u003enode_lock){+...}-{2:2}:\n check_prev_add kernel/locking/lockdep.c:3134 [inline]\n check_prevs_add kernel/locking/lockdep.c:3253 [inline]\n validate_chain+0x18cb/0x58e0 kernel/locking/lockdep.c:3869\n __lock_acquire+0x1346/0x1fd0 kernel/locking/lockdep.c:5137\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5754\n __raw_spin_lock_bh include/linux/spinlock_api_smp.h:126 [inline]\n _raw_spin_lock_bh+0x35/0x50 kernel/locking/spinlock.c:178\n spin_lock_bh include/linux/spinlock.h:356 [inline]\n nr_node_lock include/net/netrom.h:152 [inline]\n nr_dec_obs net/netrom/nr_route.c:464 [inline]\n nr_rt_ioctl+0x1bb/0x1090 net/netrom/nr_route.c:697\n sock_do_ioctl+0x158/0x460 net/socket.c:1222\n sock_ioctl+0x629/0x8e0 net/socket.c:1341\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:904 [inline]\n __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:890\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nother info that might help us debug this:\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(nr_node_list_lock);\n lock(\u0026nr_node-\u003enode_lock);\n lock(nr_node_list_lock);\n lock(\u0026nr_node-\u003enode_lock);\n\n *** DEADLOCK ***\n\n1 lock held by syz-executor350/5129:\n #0: ffffffff8f7053b8 (nr_node_list_lock){+...}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline]\n #0: ffffffff8f7053b8 (nr_node_list_lock){+...}-{2:2}, at: nr_dec_obs net/netrom/nr_route.c:462 [inline]\n #0: ffffffff8f70\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:36.690Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b9d663fbf74290cb68fbc66ae4367bd56837ad1d"
},
{
"url": "https://git.kernel.org/stable/c/1fbfb483c1a290dce3f41f52d45cc46dd88b7691"
},
{
"url": "https://git.kernel.org/stable/c/b117e5b4f27c2c9076561b6be450a9619f0b79de"
},
{
"url": "https://git.kernel.org/stable/c/421c50fa81836775bf0fd6ce0e57a6eb27af24d5"
},
{
"url": "https://git.kernel.org/stable/c/3db2fc45d1d2a6457f06ebdfd45b9820e5b5c2b7"
},
{
"url": "https://git.kernel.org/stable/c/f28bdc2ee5d9300cc77bd3d97b5b3cdd14960fd8"
},
{
"url": "https://git.kernel.org/stable/c/5fb7e2a4335fc67d6952ad2a6613c46e0b05f7c5"
},
{
"url": "https://git.kernel.org/stable/c/5bc50a705cfac8f64ce51c95611c3dd0554ef9c3"
},
{
"url": "https://git.kernel.org/stable/c/e03e7f20ebf7e1611d40d1fdc1bde900fd3335f6"
}
],
"title": "netrom: fix possible dead-lock in nr_rt_ioctl()",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38589",
"datePublished": "2024-06-19T13:45:41.258Z",
"dateReserved": "2024-06-18T19:36:34.930Z",
"dateUpdated": "2024-08-02T04:12:25.739Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38595
Vulnerability from cvelistv5
Published
2024-06-19 13:45
Modified
2024-08-02 04:12
Severity
Summary
net/mlx5: Fix peer devlink set for SF representor devlink port
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a0501201751034ebe7a22bd9483ed28fea1cd213"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/05d9d7b66836d87c914f8fdd4b062b78e373458d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3c453e8cc672de1f9c662948dba43176bc68d7f0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/main.c",
"drivers/net/ethernet/mellanox/mlx5/core/sf/dev/driver.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a05012017510",
"status": "affected",
"version": "967caa3d37c0",
"versionType": "git"
},
{
"lessThan": "05d9d7b66836",
"status": "affected",
"version": "bf729988303a",
"versionType": "git"
},
{
"lessThan": "3c453e8cc672",
"status": "affected",
"version": "bf729988303a",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/main.c",
"drivers/net/ethernet/mellanox/mlx5/core/sf/dev/driver.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.9"
},
{
"lessThan": "6.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix peer devlink set for SF representor devlink port\n\nThe cited patch change register devlink flow, and neglect to reflect\nthe changes for peer devlink set logic. Peer devlink set is\ntriggering a call trace if done after devl_register.[1]\n\nHence, align peer devlink set logic with register devlink flow.\n\n[1]\nWARNING: CPU: 4 PID: 3394 at net/devlink/core.c:155 devlink_rel_nested_in_add+0x177/0x180\nCPU: 4 PID: 3394 Comm: kworker/u40:1 Not tainted 6.9.0-rc4_for_linust_min_debug_2024_04_16_14_08 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nWorkqueue: mlx5_vhca_event0 mlx5_vhca_state_work_handler [mlx5_core]\nRIP: 0010:devlink_rel_nested_in_add+0x177/0x180\nCall Trace:\n \u003cTASK\u003e\n ? __warn+0x78/0x120\n ? devlink_rel_nested_in_add+0x177/0x180\n ? report_bug+0x16d/0x180\n ? handle_bug+0x3c/0x60\n ? exc_invalid_op+0x14/0x70\n ? asm_exc_invalid_op+0x16/0x20\n ? devlink_port_init+0x30/0x30\n ? devlink_port_type_clear+0x50/0x50\n ? devlink_rel_nested_in_add+0x177/0x180\n ? devlink_rel_nested_in_add+0xdd/0x180\n mlx5_sf_mdev_event+0x74/0xb0 [mlx5_core]\n notifier_call_chain+0x35/0xb0\n blocking_notifier_call_chain+0x3d/0x60\n mlx5_blocking_notifier_call_chain+0x22/0x30 [mlx5_core]\n mlx5_sf_dev_probe+0x185/0x3e0 [mlx5_core]\n auxiliary_bus_probe+0x38/0x80\n ? driver_sysfs_add+0x51/0x80\n really_probe+0xc5/0x3a0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n bus_probe_device+0x86/0xa0\n device_add+0x64f/0x860\n __auxiliary_device_add+0x3b/0xa0\n mlx5_sf_dev_add+0x139/0x330 [mlx5_core]\n mlx5_sf_dev_state_change_handler+0x1e4/0x250 [mlx5_core]\n notifier_call_chain+0x35/0xb0\n blocking_notifier_call_chain+0x3d/0x60\n mlx5_vhca_state_work_handler+0x151/0x200 [mlx5_core]\n process_one_work+0x13f/0x2e0\n worker_thread+0x2bd/0x3c0\n ? rescuer_thread+0x410/0x410\n kthread+0xc4/0xf0\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x2d/0x50\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:43.767Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a0501201751034ebe7a22bd9483ed28fea1cd213"
},
{
"url": "https://git.kernel.org/stable/c/05d9d7b66836d87c914f8fdd4b062b78e373458d"
},
{
"url": "https://git.kernel.org/stable/c/3c453e8cc672de1f9c662948dba43176bc68d7f0"
}
],
"title": "net/mlx5: Fix peer devlink set for SF representor devlink port",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38595",
"datePublished": "2024-06-19T13:45:45.336Z",
"dateReserved": "2024-06-18T19:36:34.931Z",
"dateUpdated": "2024-08-02T04:12:25.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38613
Vulnerability from cvelistv5
Published
2024-06-19 13:56
Modified
2024-08-02 04:12
Severity
Summary
m68k: Fix spinlock race in kernel thread creation
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2a8d1d95302c7d52c6ac8fa5cb4a6948ae0d3a14"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5213cc01d0464c011fdc09f318705603ed3a746b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4eeffecc8e3cce25bb559502c2fd94a948bcde82"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/77b2b67a0f8bce260c53907e5749d61466d90c87"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0d9ae1253535f6e85a016e09c25ecbe6f7f59ef0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f3baf0f4f92af32943ebf27b960e0552c6c082fd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f1d4274a84c069be0f6098ab10c3443fc1f7134c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/95f00caf767b5968c2c51083957b38be4748a78a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/da89ce46f02470ef08f0f580755d14d547da59ed"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/m68k/kernel/entry.S"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "2a8d1d95302c",
"status": "affected",
"version": "533e6903bea0",
"versionType": "git"
},
{
"lessThan": "5213cc01d046",
"status": "affected",
"version": "533e6903bea0",
"versionType": "git"
},
{
"lessThan": "4eeffecc8e3c",
"status": "affected",
"version": "533e6903bea0",
"versionType": "git"
},
{
"lessThan": "77b2b67a0f8b",
"status": "affected",
"version": "533e6903bea0",
"versionType": "git"
},
{
"lessThan": "0d9ae1253535",
"status": "affected",
"version": "533e6903bea0",
"versionType": "git"
},
{
"lessThan": "f3baf0f4f92a",
"status": "affected",
"version": "533e6903bea0",
"versionType": "git"
},
{
"lessThan": "f1d4274a84c0",
"status": "affected",
"version": "533e6903bea0",
"versionType": "git"
},
{
"lessThan": "95f00caf767b",
"status": "affected",
"version": "533e6903bea0",
"versionType": "git"
},
{
"lessThan": "da89ce46f024",
"status": "affected",
"version": "533e6903bea0",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/m68k/kernel/entry.S"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.7"
},
{
"lessThan": "3.7",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nm68k: Fix spinlock race in kernel thread creation\n\nContext switching does take care to retain the correct lock owner across\nthe switch from \u0027prev\u0027 to \u0027next\u0027 tasks. This does rely on interrupts\nremaining disabled for the entire duration of the switch.\n\nThis condition is guaranteed for normal process creation and context\nswitching between already running processes, because both \u0027prev\u0027 and\n\u0027next\u0027 already have interrupts disabled in their saved copies of the\nstatus register.\n\nThe situation is different for newly created kernel threads. The status\nregister is set to PS_S in copy_thread(), which does leave the IPL at 0.\nUpon restoring the \u0027next\u0027 thread\u0027s status register in switch_to() aka\nresume(), interrupts then become enabled prematurely. resume() then\nreturns via ret_from_kernel_thread() and schedule_tail() where run queue\nlock is released (see finish_task_switch() and finish_lock_switch()).\n\nA timer interrupt calling scheduler_tick() before the lock is released\nin finish_task_switch() will find the lock already taken, with the\ncurrent task as lock owner. This causes a spinlock recursion warning as\nreported by Guenter Roeck.\n\nAs far as I can ascertain, this race has been opened in commit\n533e6903bea0 (\"m68k: split ret_from_fork(), simplify kernel_thread()\")\nbut I haven\u0027t done a detailed study of kernel history so it may well\npredate that commit.\n\nInterrupts cannot be disabled in the saved status register copy for\nkernel threads (init will complain about interrupts disabled when\nfinally starting user space). Disable interrupts temporarily when\nswitching the tasks\u0027 register sets in resume().\n\nNote that a simple oriw 0x700,%sr after restoring sr is not enough here\n- this leaves enough of a race for the \u0027spinlock recursion\u0027 warning to\nstill be observed.\n\nTested on ARAnyM and qemu (Quadra 800 emulation)."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:05.216Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/2a8d1d95302c7d52c6ac8fa5cb4a6948ae0d3a14"
},
{
"url": "https://git.kernel.org/stable/c/5213cc01d0464c011fdc09f318705603ed3a746b"
},
{
"url": "https://git.kernel.org/stable/c/4eeffecc8e3cce25bb559502c2fd94a948bcde82"
},
{
"url": "https://git.kernel.org/stable/c/77b2b67a0f8bce260c53907e5749d61466d90c87"
},
{
"url": "https://git.kernel.org/stable/c/0d9ae1253535f6e85a016e09c25ecbe6f7f59ef0"
},
{
"url": "https://git.kernel.org/stable/c/f3baf0f4f92af32943ebf27b960e0552c6c082fd"
},
{
"url": "https://git.kernel.org/stable/c/f1d4274a84c069be0f6098ab10c3443fc1f7134c"
},
{
"url": "https://git.kernel.org/stable/c/95f00caf767b5968c2c51083957b38be4748a78a"
},
{
"url": "https://git.kernel.org/stable/c/da89ce46f02470ef08f0f580755d14d547da59ed"
}
],
"title": "m68k: Fix spinlock race in kernel thread creation",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38613",
"datePublished": "2024-06-19T13:56:14.083Z",
"dateReserved": "2024-06-18T19:36:34.944Z",
"dateUpdated": "2024-08-02T04:12:26.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38554
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
ax25: Fix reference count leak issue of net_device
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3ec437f9bbae68e9b38115c4c91de995f73f6bad"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/965d940fb7414b310a22666503d2af69459c981b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8bad3a20a27be8d935f2aae08d3c6e743754944a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/eef95df9b752699bddecefa851f64858247246e9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/36e56b1b002bb26440403053f19f9e1a8bc075b2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/ax25/ax25_dev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3ec437f9bbae",
"status": "affected",
"version": "d01ffb9eee4a",
"versionType": "git"
},
{
"lessThan": "965d940fb741",
"status": "affected",
"version": "d01ffb9eee4a",
"versionType": "git"
},
{
"lessThan": "8bad3a20a27b",
"status": "affected",
"version": "d01ffb9eee4a",
"versionType": "git"
},
{
"lessThan": "eef95df9b752",
"status": "affected",
"version": "d01ffb9eee4a",
"versionType": "git"
},
{
"lessThan": "36e56b1b002b",
"status": "affected",
"version": "d01ffb9eee4a",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/ax25/ax25_dev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.17"
},
{
"lessThan": "5.17",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Fix reference count leak issue of net_device\n\nThere is a reference count leak issue of the object \"net_device\" in\nax25_dev_device_down(). When the ax25 device is shutting down, the\nax25_dev_device_down() drops the reference count of net_device one\nor zero times depending on if we goto unlock_put or not, which will\ncause memory leak.\n\nIn order to solve the above issue, decrease the reference count of\nnet_device after dev-\u003eax25_ptr is set to null."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:57.504Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3ec437f9bbae68e9b38115c4c91de995f73f6bad"
},
{
"url": "https://git.kernel.org/stable/c/965d940fb7414b310a22666503d2af69459c981b"
},
{
"url": "https://git.kernel.org/stable/c/8bad3a20a27be8d935f2aae08d3c6e743754944a"
},
{
"url": "https://git.kernel.org/stable/c/eef95df9b752699bddecefa851f64858247246e9"
},
{
"url": "https://git.kernel.org/stable/c/36e56b1b002bb26440403053f19f9e1a8bc075b2"
}
],
"title": "ax25: Fix reference count leak issue of net_device",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38554",
"datePublished": "2024-06-19T13:35:25.406Z",
"dateReserved": "2024-06-18T19:36:34.920Z",
"dateUpdated": "2024-08-02T04:12:25.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38552
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
drm/amd/display: Fix potential index out of bounds in color transformation function
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.628Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/604c506ca43fce52bb882cff9c1fdf2ec3b4029c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e280ab978c81443103d7c61bdd1d8d708cf6ed6d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/04bc4d1090c343025d69149ca669a27c5b9c34a7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ced9c4e2289a786b8fa684d8893b7045ea53ef7e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/98b8a6bfd30d07a19cfacdf82b50f84bf3360869"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4e8c8b37ee84b3b19c448d2b8e4c916d2f5b9c86"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/123edbae64f4d21984359b99c6e79fcde31c6123"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7226ddf3311c5e5a7726ad7d4e7b079bb3cfbb29"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/63ae548f1054a0b71678d0349c7dc9628ddd42ca"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/dc/dcn10/dcn10_cm_common.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "604c506ca43f",
"status": "affected",
"version": "b629596072e5",
"versionType": "git"
},
{
"lessThan": "e280ab978c81",
"status": "affected",
"version": "b629596072e5",
"versionType": "git"
},
{
"lessThan": "04bc4d1090c3",
"status": "affected",
"version": "b629596072e5",
"versionType": "git"
},
{
"lessThan": "ced9c4e2289a",
"status": "affected",
"version": "b629596072e5",
"versionType": "git"
},
{
"lessThan": "98b8a6bfd30d",
"status": "affected",
"version": "b629596072e5",
"versionType": "git"
},
{
"lessThan": "4e8c8b37ee84",
"status": "affected",
"version": "b629596072e5",
"versionType": "git"
},
{
"lessThan": "123edbae64f4",
"status": "affected",
"version": "b629596072e5",
"versionType": "git"
},
{
"lessThan": "7226ddf3311c",
"status": "affected",
"version": "b629596072e5",
"versionType": "git"
},
{
"lessThan": "63ae548f1054",
"status": "affected",
"version": "b629596072e5",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/dc/dcn10/dcn10_cm_common.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.16"
},
{
"lessThan": "4.16",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix potential index out of bounds in color transformation function\n\nFixes index out of bounds issue in the color transformation function.\nThe issue could occur when the index \u0027i\u0027 exceeds the number of transfer\nfunction points (TRANSFER_FUNC_POINTS).\n\nThe fix adds a check to ensure \u0027i\u0027 is within bounds before accessing the\ntransfer function points. If \u0027i\u0027 is out of bounds, an error message is\nlogged and the function returns false to indicate an error.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:405 cm_helper_translate_curve_to_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.red\u0027 1025 \u003c= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:406 cm_helper_translate_curve_to_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.green\u0027 1025 \u003c= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:407 cm_helper_translate_curve_to_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.blue\u0027 1025 \u003c= s32max"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:55.195Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/604c506ca43fce52bb882cff9c1fdf2ec3b4029c"
},
{
"url": "https://git.kernel.org/stable/c/e280ab978c81443103d7c61bdd1d8d708cf6ed6d"
},
{
"url": "https://git.kernel.org/stable/c/04bc4d1090c343025d69149ca669a27c5b9c34a7"
},
{
"url": "https://git.kernel.org/stable/c/ced9c4e2289a786b8fa684d8893b7045ea53ef7e"
},
{
"url": "https://git.kernel.org/stable/c/98b8a6bfd30d07a19cfacdf82b50f84bf3360869"
},
{
"url": "https://git.kernel.org/stable/c/4e8c8b37ee84b3b19c448d2b8e4c916d2f5b9c86"
},
{
"url": "https://git.kernel.org/stable/c/123edbae64f4d21984359b99c6e79fcde31c6123"
},
{
"url": "https://git.kernel.org/stable/c/7226ddf3311c5e5a7726ad7d4e7b079bb3cfbb29"
},
{
"url": "https://git.kernel.org/stable/c/63ae548f1054a0b71678d0349c7dc9628ddd42ca"
}
],
"title": "drm/amd/display: Fix potential index out of bounds in color transformation function",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38552",
"datePublished": "2024-06-19T13:35:24.067Z",
"dateReserved": "2024-06-18T19:36:34.920Z",
"dateUpdated": "2024-08-02T04:12:25.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47596
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:47
Severity
Summary
net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:39.492Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/12512bc8f25b8ba9795dfbae0e9ca57ff13fd542"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4f4a353f6fe033807cd026a5de81c67469ff19b0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/27cbf64a766e86f068ce6214f04c00ceb4db1af4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_mbx.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "12512bc8f25b",
"status": "affected",
"version": "d8355240cf8f",
"versionType": "git"
},
{
"lessThan": "4f4a353f6fe0",
"status": "affected",
"version": "d8355240cf8f",
"versionType": "git"
},
{
"lessThan": "27cbf64a766e",
"status": "affected",
"version": "d8355240cf8f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_mbx.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.8"
},
{
"lessThan": "5.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix use-after-free bug in hclgevf_send_mbx_msg\n\nCurrently, the hns3_remove function firstly uninstall client instance,\nand then uninstall acceletion engine device. The netdevice is freed in\nclient instance uninstall process, but acceletion engine device uninstall\nprocess still use it to trace runtime information. This causes a use after\nfree problem.\n\nSo fixes it by check the instance register state to avoid use after free."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:58.243Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/12512bc8f25b8ba9795dfbae0e9ca57ff13fd542"
},
{
"url": "https://git.kernel.org/stable/c/4f4a353f6fe033807cd026a5de81c67469ff19b0"
},
{
"url": "https://git.kernel.org/stable/c/27cbf64a766e86f068ce6214f04c00ceb4db1af4"
}
],
"title": "net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47596",
"datePublished": "2024-06-19T14:53:58.243Z",
"dateReserved": "2024-05-24T15:11:00.733Z",
"dateUpdated": "2024-08-04T05:47:39.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38619
Vulnerability from cvelistv5
Published
2024-06-20 06:47
Modified
2024-08-02 04:12
Severity
Summary
usb-storage: alauda: Check whether the media is initialized
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e0aab7b07a9375337847c9d74a5ec044071e01c8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/51fe16c058acb22f847e69bc598066ed0bcd5c15"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f68820f1256b21466ff094dd97f243b7e708f9c1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3eee13ab67f65606faa66e0c3c729e4f514838fd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e0e2eec76920a133dd49a4fbe4656d83596a1361"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2cc32639ec347e3365075b130f9953ef16cb13f1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/24bff7f714bdff97c2a75a0ff6a368cdf8ad5af4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/16637fea001ab3c8df528a8995b3211906165a30"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/usb/storage/alauda.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e0aab7b07a93",
"status": "affected",
"version": "e80b0fade09e",
"versionType": "git"
},
{
"lessThan": "51fe16c058ac",
"status": "affected",
"version": "e80b0fade09e",
"versionType": "git"
},
{
"lessThan": "f68820f1256b",
"status": "affected",
"version": "e80b0fade09e",
"versionType": "git"
},
{
"lessThan": "3eee13ab67f6",
"status": "affected",
"version": "e80b0fade09e",
"versionType": "git"
},
{
"lessThan": "e0e2eec76920",
"status": "affected",
"version": "e80b0fade09e",
"versionType": "git"
},
{
"lessThan": "2cc32639ec34",
"status": "affected",
"version": "e80b0fade09e",
"versionType": "git"
},
{
"lessThan": "24bff7f714bd",
"status": "affected",
"version": "e80b0fade09e",
"versionType": "git"
},
{
"lessThan": "16637fea001a",
"status": "affected",
"version": "e80b0fade09e",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/usb/storage/alauda.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.16"
},
{
"lessThan": "2.6.16",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.317",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.279",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.221",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.162",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.95",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.35",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.6",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb-storage: alauda: Check whether the media is initialized\n\nThe member \"uzonesize\" of struct alauda_info will remain 0\nif alauda_init_media() fails, potentially causing divide errors\nin alauda_read_data() and alauda_write_lba().\n- Add a member \"media_initialized\" to struct alauda_info.\n- Change a condition in alauda_check_media() to ensure the\n first initialization.\n- Add an error check for the return value of alauda_init_media()."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:12.457Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e0aab7b07a9375337847c9d74a5ec044071e01c8"
},
{
"url": "https://git.kernel.org/stable/c/51fe16c058acb22f847e69bc598066ed0bcd5c15"
},
{
"url": "https://git.kernel.org/stable/c/f68820f1256b21466ff094dd97f243b7e708f9c1"
},
{
"url": "https://git.kernel.org/stable/c/3eee13ab67f65606faa66e0c3c729e4f514838fd"
},
{
"url": "https://git.kernel.org/stable/c/e0e2eec76920a133dd49a4fbe4656d83596a1361"
},
{
"url": "https://git.kernel.org/stable/c/2cc32639ec347e3365075b130f9953ef16cb13f1"
},
{
"url": "https://git.kernel.org/stable/c/24bff7f714bdff97c2a75a0ff6a368cdf8ad5af4"
},
{
"url": "https://git.kernel.org/stable/c/16637fea001ab3c8df528a8995b3211906165a30"
}
],
"title": "usb-storage: alauda: Check whether the media is initialized",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38619",
"datePublished": "2024-06-20T06:47:32.444Z",
"dateReserved": "2024-06-18T19:36:34.945Z",
"dateUpdated": "2024-08-02T04:12:26.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38545
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
RDMA/hns: Fix UAF for cq async event
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/763780ef0336a973e933e40e919339381732dcaf"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/63da190eeb5c9d849b71f457b15b308c94cbaf08"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/39d26cf46306bdc7ae809ecfdbfeff5aa1098911"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/37a7559dc1358a8d300437e99ed8ecdab0671507"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a942ec2745ca864cd8512142100e4027dc306a42"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/hns/hns_roce_cq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "763780ef0336",
"status": "affected",
"version": "9a4435375cd1",
"versionType": "git"
},
{
"lessThan": "63da190eeb5c",
"status": "affected",
"version": "9a4435375cd1",
"versionType": "git"
},
{
"lessThan": "39d26cf46306",
"status": "affected",
"version": "9a4435375cd1",
"versionType": "git"
},
{
"lessThan": "37a7559dc135",
"status": "affected",
"version": "9a4435375cd1",
"versionType": "git"
},
{
"lessThan": "a942ec2745ca",
"status": "affected",
"version": "9a4435375cd1",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/hns/hns_roce_cq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.9"
},
{
"lessThan": "4.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix UAF for cq async event\n\nThe refcount of CQ is not protected by locks. When CQ asynchronous\nevents and CQ destruction are concurrent, CQ may have been released,\nwhich will cause UAF.\n\nUse the xa_lock() to protect the CQ refcount."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:47.081Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/763780ef0336a973e933e40e919339381732dcaf"
},
{
"url": "https://git.kernel.org/stable/c/63da190eeb5c9d849b71f457b15b308c94cbaf08"
},
{
"url": "https://git.kernel.org/stable/c/39d26cf46306bdc7ae809ecfdbfeff5aa1098911"
},
{
"url": "https://git.kernel.org/stable/c/37a7559dc1358a8d300437e99ed8ecdab0671507"
},
{
"url": "https://git.kernel.org/stable/c/a942ec2745ca864cd8512142100e4027dc306a42"
}
],
"title": "RDMA/hns: Fix UAF for cq async event",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38545",
"datePublished": "2024-06-19T13:35:19.336Z",
"dateReserved": "2024-06-18T19:36:34.919Z",
"dateUpdated": "2024-08-02T04:12:25.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38600
Vulnerability from cvelistv5
Published
2024-06-19 13:45
Modified
2024-08-02 04:12
Severity
Summary
ALSA: Fix deadlocks with kctl removals at disconnection
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.017Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ff80185e7b7b547a0911fcfc8aefc61c3e8304d7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c2fb439f4f1425a961d20bec818fed2c2d9ef70a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2f103287ef7960854808930499d1181bd0145d68"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/88ce3fe255d58a93624b467af036dc3519f309c7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6b55e879e7bd023a03888fc6c8339edf82f576f4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/87988a534d8e12f2e6fc01fe63e6c1925dc5307c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"sound/core/init.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ff80185e7b7b",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "c2fb439f4f14",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "2f103287ef79",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "88ce3fe255d5",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "6b55e879e7bd",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "87988a534d8e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"sound/core/init.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: Fix deadlocks with kctl removals at disconnection\n\nIn snd_card_disconnect(), we set card-\u003eshutdown flag at the beginning,\ncall callbacks and do sync for card-\u003epower_ref_sleep waiters at the\nend. The callback may delete a kctl element, and this can lead to a\ndeadlock when the device was in the suspended state. Namely:\n\n* A process waits for the power up at snd_power_ref_and_wait() in\n snd_ctl_info() or read/write() inside card-\u003econtrols_rwsem.\n\n* The system gets disconnected meanwhile, and the driver tries to\n delete a kctl via snd_ctl_remove*(); it tries to take\n card-\u003econtrols_rwsem again, but this is already locked by the\n above. Since the sleeper isn\u0027t woken up, this deadlocks.\n\nAn easy fix is to wake up sleepers before processing the driver\ndisconnect callbacks but right after setting the card-\u003eshutdown flag.\nThen all sleepers will abort immediately, and the code flows again.\n\nSo, basically this patch moves the wait_event() call at the right\ntiming. While we\u0027re at it, just to be sure, call wait_event_all()\ninstead of wait_event(), although we don\u0027t use exclusive events on\nthis queue for now."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:49.911Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ff80185e7b7b547a0911fcfc8aefc61c3e8304d7"
},
{
"url": "https://git.kernel.org/stable/c/c2fb439f4f1425a961d20bec818fed2c2d9ef70a"
},
{
"url": "https://git.kernel.org/stable/c/2f103287ef7960854808930499d1181bd0145d68"
},
{
"url": "https://git.kernel.org/stable/c/88ce3fe255d58a93624b467af036dc3519f309c7"
},
{
"url": "https://git.kernel.org/stable/c/6b55e879e7bd023a03888fc6c8339edf82f576f4"
},
{
"url": "https://git.kernel.org/stable/c/87988a534d8e12f2e6fc01fe63e6c1925dc5307c"
}
],
"title": "ALSA: Fix deadlocks with kctl removals at disconnection",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38600",
"datePublished": "2024-06-19T13:45:48.635Z",
"dateReserved": "2024-06-18T19:36:34.932Z",
"dateUpdated": "2024-08-02T04:12:26.017Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38601
Vulnerability from cvelistv5
Published
2024-06-19 13:48
Modified
2024-08-02 04:12
Severity
Summary
ring-buffer: Fix a race between readers and resize checks
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b50932ea673b5a089a4bb570a8a868d95c72854e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c68b7a442ee61d04ca58b2b5cb5ea7cb8230f84a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1e160196042cac946798ac192a0bc3398f1aa66b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/595363182f28786d641666a09e674b852c83b4bb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/54c64967ba5f8658ae7da76005024ebd3d9d8f6e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/af3274905b3143ea23142bbf77bd9b610c54e533"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5ef9e330406d3fb4f4b2c8bca2c6b8a93bae32d1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/79b52013429a42b8efdb0cda8bb0041386abab87"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c2274b908db05529980ec056359fae916939fdaa"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/trace/ring_buffer.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b50932ea673b",
"status": "affected",
"version": "659f451ff213",
"versionType": "git"
},
{
"lessThan": "c68b7a442ee6",
"status": "affected",
"version": "659f451ff213",
"versionType": "git"
},
{
"lessThan": "1e160196042c",
"status": "affected",
"version": "659f451ff213",
"versionType": "git"
},
{
"lessThan": "595363182f28",
"status": "affected",
"version": "659f451ff213",
"versionType": "git"
},
{
"lessThan": "54c64967ba5f",
"status": "affected",
"version": "659f451ff213",
"versionType": "git"
},
{
"lessThan": "af3274905b31",
"status": "affected",
"version": "659f451ff213",
"versionType": "git"
},
{
"lessThan": "5ef9e330406d",
"status": "affected",
"version": "659f451ff213",
"versionType": "git"
},
{
"lessThan": "79b52013429a",
"status": "affected",
"version": "659f451ff213",
"versionType": "git"
},
{
"lessThan": "c2274b908db0",
"status": "affected",
"version": "659f451ff213",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/trace/ring_buffer.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.5"
},
{
"lessThan": "3.5",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Fix a race between readers and resize checks\n\nThe reader code in rb_get_reader_page() swaps a new reader page into the\nring buffer by doing cmpxchg on old-\u003elist.prev-\u003enext to point it to the\nnew page. Following that, if the operation is successful,\nold-\u003elist.next-\u003eprev gets updated too. This means the underlying\ndoubly-linked list is temporarily inconsistent, page-\u003eprev-\u003enext or\npage-\u003enext-\u003eprev might not be equal back to page for some page in the\nring buffer.\n\nThe resize operation in ring_buffer_resize() can be invoked in parallel.\nIt calls rb_check_pages() which can detect the described inconsistency\nand stop further tracing:\n\n[ 190.271762] ------------[ cut here ]------------\n[ 190.271771] WARNING: CPU: 1 PID: 6186 at kernel/trace/ring_buffer.c:1467 rb_check_pages.isra.0+0x6a/0xa0\n[ 190.271789] Modules linked in: [...]\n[ 190.271991] Unloaded tainted modules: intel_uncore_frequency(E):1 skx_edac(E):1\n[ 190.272002] CPU: 1 PID: 6186 Comm: cmd.sh Kdump: loaded Tainted: G E 6.9.0-rc6-default #5 158d3e1e6d0b091c34c3b96bfd99a1c58306d79f\n[ 190.272011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.0-0-gd239552c-rebuilt.opensuse.org 04/01/2014\n[ 190.272015] RIP: 0010:rb_check_pages.isra.0+0x6a/0xa0\n[ 190.272023] Code: [...]\n[ 190.272028] RSP: 0018:ffff9c37463abb70 EFLAGS: 00010206\n[ 190.272034] RAX: ffff8eba04b6cb80 RBX: 0000000000000007 RCX: ffff8eba01f13d80\n[ 190.272038] RDX: ffff8eba01f130c0 RSI: ffff8eba04b6cd00 RDI: ffff8eba0004c700\n[ 190.272042] RBP: ffff8eba0004c700 R08: 0000000000010002 R09: 0000000000000000\n[ 190.272045] R10: 00000000ffff7f52 R11: ffff8eba7f600000 R12: ffff8eba0004c720\n[ 190.272049] R13: ffff8eba00223a00 R14: 0000000000000008 R15: ffff8eba067a8000\n[ 190.272053] FS: 00007f1bd64752c0(0000) GS:ffff8eba7f680000(0000) knlGS:0000000000000000\n[ 190.272057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 190.272061] CR2: 00007f1bd6662590 CR3: 000000010291e001 CR4: 0000000000370ef0\n[ 190.272070] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 190.272073] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 190.272077] Call Trace:\n[ 190.272098] \u003cTASK\u003e\n[ 190.272189] ring_buffer_resize+0x2ab/0x460\n[ 190.272199] __tracing_resize_ring_buffer.part.0+0x23/0xa0\n[ 190.272206] tracing_resize_ring_buffer+0x65/0x90\n[ 190.272216] tracing_entries_write+0x74/0xc0\n[ 190.272225] vfs_write+0xf5/0x420\n[ 190.272248] ksys_write+0x67/0xe0\n[ 190.272256] do_syscall_64+0x82/0x170\n[ 190.272363] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 190.272373] RIP: 0033:0x7f1bd657d263\n[ 190.272381] Code: [...]\n[ 190.272385] RSP: 002b:00007ffe72b643f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 190.272391] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f1bd657d263\n[ 190.272395] RDX: 0000000000000002 RSI: 0000555a6eb538e0 RDI: 0000000000000001\n[ 190.272398] RBP: 0000555a6eb538e0 R08: 000000000000000a R09: 0000000000000000\n[ 190.272401] R10: 0000555a6eb55190 R11: 0000000000000246 R12: 00007f1bd6662500\n[ 190.272404] R13: 0000000000000002 R14: 00007f1bd6667c00 R15: 0000000000000002\n[ 190.272412] \u003c/TASK\u003e\n[ 190.272414] ---[ end trace 0000000000000000 ]---\n\nNote that ring_buffer_resize() calls rb_check_pages() only if the parent\ntrace_buffer has recording disabled. Recent commit d78ab792705c\n(\"tracing: Stop current tracer when resizing buffer\") causes that it is\nnow always the case which makes it more likely to experience this issue.\n\nThe window to hit this race is nonetheless very small. To help\nreproducing it, one can add a delay loop in rb_get_reader_page():\n\n ret = rb_head_page_replace(reader, cpu_buffer-\u003ereader_page);\n if (!ret)\n \tgoto spin;\n for (unsigned i = 0; i \u003c 1U \u003c\u003c 26; i++) /* inserted delay loop */\n \t__asm__ __volatile__ (\"\" : : : \"memory\");\n rb_list_head(reader-\u003elist.next)-\u003eprev = \u0026cpu_buffer-\u003ereader_page-\u003elist;\n\n.. \n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:51.057Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b50932ea673b5a089a4bb570a8a868d95c72854e"
},
{
"url": "https://git.kernel.org/stable/c/c68b7a442ee61d04ca58b2b5cb5ea7cb8230f84a"
},
{
"url": "https://git.kernel.org/stable/c/1e160196042cac946798ac192a0bc3398f1aa66b"
},
{
"url": "https://git.kernel.org/stable/c/595363182f28786d641666a09e674b852c83b4bb"
},
{
"url": "https://git.kernel.org/stable/c/54c64967ba5f8658ae7da76005024ebd3d9d8f6e"
},
{
"url": "https://git.kernel.org/stable/c/af3274905b3143ea23142bbf77bd9b610c54e533"
},
{
"url": "https://git.kernel.org/stable/c/5ef9e330406d3fb4f4b2c8bca2c6b8a93bae32d1"
},
{
"url": "https://git.kernel.org/stable/c/79b52013429a42b8efdb0cda8bb0041386abab87"
},
{
"url": "https://git.kernel.org/stable/c/c2274b908db05529980ec056359fae916939fdaa"
}
],
"title": "ring-buffer: Fix a race between readers and resize checks",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38601",
"datePublished": "2024-06-19T13:48:13.097Z",
"dateReserved": "2024-06-18T19:36:34.933Z",
"dateUpdated": "2024-08-02T04:12:25.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47601
Vulnerability from cvelistv5
Published
2024-06-19 14:54
Modified
2024-08-04 05:47
Severity
Summary
tee: amdtee: fix an IS_ERR() vs NULL bug
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47601",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T16:26:03.847403Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:57.389Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/640e28d618e82be78fb43b4bf5113bc90d6aa442"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/832f3655c6138c23576ed268e31cc76e0f05f2b1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9d7482771fac8d8e38e763263f2ca0ca12dd22c6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/tee/amdtee/core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "640e28d618e8",
"status": "affected",
"version": "757cc3e9ff1d",
"versionType": "git"
},
{
"lessThan": "832f3655c613",
"status": "affected",
"version": "757cc3e9ff1d",
"versionType": "git"
},
{
"lessThan": "9d7482771fac",
"status": "affected",
"version": "757cc3e9ff1d",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/tee/amdtee/core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.6"
},
{
"lessThan": "5.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: amdtee: fix an IS_ERR() vs NULL bug\n\nThe __get_free_pages() function does not return error pointers it returns\nNULL so fix this condition to avoid a NULL dereference."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:54:01.639Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/640e28d618e82be78fb43b4bf5113bc90d6aa442"
},
{
"url": "https://git.kernel.org/stable/c/832f3655c6138c23576ed268e31cc76e0f05f2b1"
},
{
"url": "https://git.kernel.org/stable/c/9d7482771fac8d8e38e763263f2ca0ca12dd22c6"
}
],
"title": "tee: amdtee: fix an IS_ERR() vs NULL bug",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47601",
"datePublished": "2024-06-19T14:54:01.639Z",
"dateReserved": "2024-05-24T15:11:00.736Z",
"dateUpdated": "2024-08-04T05:47:40.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38620
Vulnerability from cvelistv5
Published
2024-06-20 08:03
Modified
2024-08-02 04:12
Severity
Summary
Bluetooth: HCI: Remove HCI_AMP support
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38620",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T16:21:10.645379Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T16:22:30.641Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.064Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5af2e235b0d5b797e9531a00c50058319130e156"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d3c7b012d912b31ad23b9349c0e499d6dddd48ec"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/af1d425b6dc67cd67809f835dd7afb6be4d43e03"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/84a4bb6548a29326564f0e659fb8064503ecc1c7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/bluetooth/btmrvl_main.c",
"drivers/bluetooth/btrsi.c",
"drivers/bluetooth/btsdio.c",
"drivers/bluetooth/btusb.c",
"drivers/bluetooth/hci_bcm4377.c",
"drivers/bluetooth/hci_ldisc.c",
"drivers/bluetooth/hci_serdev.c",
"drivers/bluetooth/hci_uart.h",
"drivers/bluetooth/hci_vhci.c",
"drivers/bluetooth/virtio_bt.c",
"include/net/bluetooth/hci.h",
"include/net/bluetooth/hci_core.h",
"include/uapi/linux/virtio_bt.h",
"net/bluetooth/hci_conn.c",
"net/bluetooth/hci_core.c",
"net/bluetooth/hci_event.c",
"net/bluetooth/hci_sock.c",
"net/bluetooth/hci_sync.c",
"net/bluetooth/l2cap_core.c",
"net/bluetooth/mgmt.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5af2e235b0d5",
"status": "affected",
"version": "244bc377591c",
"versionType": "git"
},
{
"lessThan": "d3c7b012d912",
"status": "affected",
"version": "244bc377591c",
"versionType": "git"
},
{
"lessThan": "af1d425b6dc6",
"status": "affected",
"version": "244bc377591c",
"versionType": "git"
},
{
"lessThan": "84a4bb6548a2",
"status": "affected",
"version": "244bc377591c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/bluetooth/btmrvl_main.c",
"drivers/bluetooth/btrsi.c",
"drivers/bluetooth/btsdio.c",
"drivers/bluetooth/btusb.c",
"drivers/bluetooth/hci_bcm4377.c",
"drivers/bluetooth/hci_ldisc.c",
"drivers/bluetooth/hci_serdev.c",
"drivers/bluetooth/hci_uart.h",
"drivers/bluetooth/hci_vhci.c",
"drivers/bluetooth/virtio_bt.c",
"include/net/bluetooth/hci.h",
"include/net/bluetooth/hci_core.h",
"include/uapi/linux/virtio_bt.h",
"net/bluetooth/hci_conn.c",
"net/bluetooth/hci_core.c",
"net/bluetooth/hci_event.c",
"net/bluetooth/hci_sock.c",
"net/bluetooth/hci_sync.c",
"net/bluetooth/l2cap_core.c",
"net/bluetooth/mgmt.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.3"
},
{
"lessThan": "4.3",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: HCI: Remove HCI_AMP support\n\nSince BT_HS has been remove HCI_AMP controllers no longer has any use so\nremove it along with the capability of creating AMP controllers.\n\nSince we no longer need to differentiate between AMP and Primary\ncontrollers, as only HCI_PRIMARY is left, this also remove\nhdev-\u003edev_type altogether."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:13.596Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/5af2e235b0d5b797e9531a00c50058319130e156"
},
{
"url": "https://git.kernel.org/stable/c/d3c7b012d912b31ad23b9349c0e499d6dddd48ec"
},
{
"url": "https://git.kernel.org/stable/c/af1d425b6dc67cd67809f835dd7afb6be4d43e03"
},
{
"url": "https://git.kernel.org/stable/c/84a4bb6548a29326564f0e659fb8064503ecc1c7"
}
],
"title": "Bluetooth: HCI: Remove HCI_AMP support",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38620",
"datePublished": "2024-06-20T08:03:43.906Z",
"dateReserved": "2024-06-18T19:36:34.945Z",
"dateUpdated": "2024-08-02T04:12:26.064Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47574
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2024-06-20T08:24:47.535Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"rejectedReasons": [
{
"lang": "en",
"value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47574",
"datePublished": "2024-06-19T14:53:43.145Z",
"dateRejected": "2024-06-20T08:24:47.535Z",
"dateReserved": "2024-05-24T15:11:00.729Z",
"dateUpdated": "2024-06-20T08:24:47.535Z",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38605
Vulnerability from cvelistv5
Published
2024-06-19 13:48
Modified
2024-08-02 04:12
Severity
Summary
ALSA: core: Fix NULL module pointer assignment at card init
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "d7ff29a429b5",
"status": "affected",
"version": "81033c6b584b",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "e7e0ca200772",
"status": "affected",
"version": "81033c6b584b",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "e00747672573",
"status": "affected",
"version": "81033c6b584b",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "e644036a3e2b",
"status": "affected",
"version": "81033c6b584b",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "c935e72139e6",
"status": "affected",
"version": "81033c6b584b",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "6b8374ee2cab",
"status": "affected",
"version": "81033c6b584b",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "39381fe7394e",
"status": "affected",
"version": "81033c6b584b",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "5.9"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "5.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.11",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.16",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.2",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.7",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.9",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.7",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unaffected",
"version": "6.10-rc1"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-38605",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-27T17:45:58.997847Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-27T18:08:30.086Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d7ff29a429b56f04783152ad7bbd7233b740e434"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e7e0ca200772bdb2fdc6d43d32d341e87a36f811"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e007476725730c1a68387b54b7629486d8a8301e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e644036a3e2b2c9b3eee3c61b5d31c2ca8b5ba92"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c935e72139e6d523defd60fe875c01eb1f9ea5c5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6b8374ee2cabcf034faa34e69a855dc496a9ec12"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/39381fe7394e5eafac76e7e9367e7351138a29c1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"sound/core/init.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d7ff29a429b5",
"status": "affected",
"version": "81033c6b584b",
"versionType": "git"
},
{
"lessThan": "e7e0ca200772",
"status": "affected",
"version": "81033c6b584b",
"versionType": "git"
},
{
"lessThan": "e00747672573",
"status": "affected",
"version": "81033c6b584b",
"versionType": "git"
},
{
"lessThan": "e644036a3e2b",
"status": "affected",
"version": "81033c6b584b",
"versionType": "git"
},
{
"lessThan": "c935e72139e6",
"status": "affected",
"version": "81033c6b584b",
"versionType": "git"
},
{
"lessThan": "6b8374ee2cab",
"status": "affected",
"version": "81033c6b584b",
"versionType": "git"
},
{
"lessThan": "39381fe7394e",
"status": "affected",
"version": "81033c6b584b",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"sound/core/init.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.9"
},
{
"lessThan": "5.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: core: Fix NULL module pointer assignment at card init\n\nThe commit 81033c6b584b (\"ALSA: core: Warn on empty module\")\nintroduced a WARN_ON() for a NULL module pointer passed at snd_card\nobject creation, and it also wraps the code around it with \u0027#ifdef\nMODULE\u0027. This works in most cases, but the devils are always in\ndetails. \"MODULE\" is defined when the target code (i.e. the sound\ncore) is built as a module; but this doesn\u0027t mean that the caller is\nalso built-in or not. Namely, when only the sound core is built-in\n(CONFIG_SND=y) while the driver is a module (CONFIG_SND_USB_AUDIO=m),\nthe passed module pointer is ignored even if it\u0027s non-NULL, and\ncard-\u003emodule remains as NULL. This would result in the missing module\nreference up/down at the device open/close, leading to a race with the\ncode execution after the module removal.\n\nFor addressing the bug, move the assignment of card-\u003emodule again out\nof ifdef. The WARN_ON() is still wrapped with ifdef because the\nmodule can be really NULL when all sound drivers are built-in.\n\nNote that we keep \u0027ifdef MODULE\u0027 for WARN_ON(), otherwise it would\nlead to a false-positive NULL module check. Admittedly it won\u0027t catch\nperfectly, i.e. no check is performed when CONFIG_SND=y. But, it\u0027s no\nreal problem as it\u0027s only for debugging, and the condition is pretty\nrare."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:55.685Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d7ff29a429b56f04783152ad7bbd7233b740e434"
},
{
"url": "https://git.kernel.org/stable/c/e7e0ca200772bdb2fdc6d43d32d341e87a36f811"
},
{
"url": "https://git.kernel.org/stable/c/e007476725730c1a68387b54b7629486d8a8301e"
},
{
"url": "https://git.kernel.org/stable/c/e644036a3e2b2c9b3eee3c61b5d31c2ca8b5ba92"
},
{
"url": "https://git.kernel.org/stable/c/c935e72139e6d523defd60fe875c01eb1f9ea5c5"
},
{
"url": "https://git.kernel.org/stable/c/6b8374ee2cabcf034faa34e69a855dc496a9ec12"
},
{
"url": "https://git.kernel.org/stable/c/39381fe7394e5eafac76e7e9367e7351138a29c1"
}
],
"title": "ALSA: core: Fix NULL module pointer assignment at card init",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38605",
"datePublished": "2024-06-19T13:48:15.769Z",
"dateReserved": "2024-06-18T19:36:34.934Z",
"dateUpdated": "2024-08-02T04:12:25.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38618
Vulnerability from cvelistv5
Published
2024-06-19 13:56
Modified
2024-08-02 04:12
Severity
Summary
ALSA: timer: Set lower bound of start tick time
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38618",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T16:01:19.317734Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T16:01:30.171Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.962Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/68396c825c43664b20a3a1ba546844deb2b4e48f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/74bfb8d90f2601718ae203faf45a196844c01fa1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bdd0aa055b8ec7e24bbc19513f3231958741d0ab"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/83f0ba8592b9e258fd80ac6486510ab1dcd7ad6e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ceab795a67dd28dd942d0d8bba648c6c0f7a044b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2c95241ac5fc90c929d6c0c023e84bf0d30e84c3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/abb1ad69d98cf1ff25bb14fff0e7c3f66239e1cd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4a63bd179fa8d3fcc44a0d9d71d941ddd62f0c4e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"sound/core/timer.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "68396c825c43",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "74bfb8d90f26",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "bdd0aa055b8e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "83f0ba8592b9",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "ceab795a67dd",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "2c95241ac5fc",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "abb1ad69d98c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "4a63bd179fa8",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"sound/core/timer.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: timer: Set lower bound of start tick time\n\nCurrently ALSA timer doesn\u0027t have the lower limit of the start tick\ntime, and it allows a very small size, e.g. 1 tick with 1ns resolution\nfor hrtimer. Such a situation may lead to an unexpected RCU stall,\nwhere the callback repeatedly queuing the expire update, as reported\nby fuzzer.\n\nThis patch introduces a sanity check of the timer start tick time, so\nthat the system returns an error when a too small start size is set.\nAs of this patch, the lower limit is hard-coded to 100us, which is\nsmall enough but can still work somehow."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:11.304Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/68396c825c43664b20a3a1ba546844deb2b4e48f"
},
{
"url": "https://git.kernel.org/stable/c/74bfb8d90f2601718ae203faf45a196844c01fa1"
},
{
"url": "https://git.kernel.org/stable/c/bdd0aa055b8ec7e24bbc19513f3231958741d0ab"
},
{
"url": "https://git.kernel.org/stable/c/83f0ba8592b9e258fd80ac6486510ab1dcd7ad6e"
},
{
"url": "https://git.kernel.org/stable/c/ceab795a67dd28dd942d0d8bba648c6c0f7a044b"
},
{
"url": "https://git.kernel.org/stable/c/2c95241ac5fc90c929d6c0c023e84bf0d30e84c3"
},
{
"url": "https://git.kernel.org/stable/c/abb1ad69d98cf1ff25bb14fff0e7c3f66239e1cd"
},
{
"url": "https://git.kernel.org/stable/c/4a63bd179fa8d3fcc44a0d9d71d941ddd62f0c4e"
}
],
"title": "ALSA: timer: Set lower bound of start tick time",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38618",
"datePublished": "2024-06-19T13:56:17.422Z",
"dateReserved": "2024-06-18T19:36:34.945Z",
"dateUpdated": "2024-08-02T04:12:25.962Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47616
Vulnerability from cvelistv5
Published
2024-06-19 14:58
Modified
2024-08-04 05:47
Severity
Summary
RDMA: Fix use-after-free in rxe_queue_cleanup
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/acb53e47db1fbc7cd37ab10b46388f045a76e383"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/84b01721e8042cdd1e8ffeb648844a09cd4213e0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/sw/rxe/rxe_qp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "acb53e47db1f",
"status": "affected",
"version": "514aee660df4",
"versionType": "git"
},
{
"lessThan": "84b01721e804",
"status": "affected",
"version": "514aee660df4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/sw/rxe/rxe_qp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.15"
},
{
"lessThan": "5.15",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.10",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA: Fix use-after-free in rxe_queue_cleanup\n\nOn error handling path in rxe_qp_from_init() qp-\u003esq.queue is freed and\nthen rxe_create_qp() will drop last reference to this object. qp clean up\nfunction will try to free this queue one time and it causes UAF bug.\n\nFix it by zeroing queue pointer after freeing queue in rxe_qp_from_init()."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:58:03.817Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/acb53e47db1fbc7cd37ab10b46388f045a76e383"
},
{
"url": "https://git.kernel.org/stable/c/84b01721e8042cdd1e8ffeb648844a09cd4213e0"
}
],
"title": "RDMA: Fix use-after-free in rxe_queue_cleanup",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47616",
"datePublished": "2024-06-19T14:58:03.817Z",
"dateReserved": "2024-06-19T14:55:32.795Z",
"dateUpdated": "2024-08-04T05:47:40.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47595
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:47
Severity
Summary
net/sched: sch_ets: don't remove idle classes from the round-robin list
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47595",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T14:04:57.060953Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T14:05:11.250Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.255Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/81fbdd45652d8605a029e78ef14a6aaa529c4e72"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/491c1253441e2fdc8f6a6f4976e3f13440419b7a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c062f2a0b04d86c5b8c9d973bea43493eaca3d32"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/sched/sch_ets.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "81fbdd45652d",
"status": "affected",
"version": "ae2659d2c670",
"versionType": "git"
},
{
"lessThan": "491c1253441e",
"status": "affected",
"version": "e25bdbc7e951",
"versionType": "git"
},
{
"lessThan": "c062f2a0b04d",
"status": "affected",
"version": "de6d25924c2a",
"versionType": "git"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/sched/sch_ets.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5.10.88",
"status": "affected",
"version": "5.10.83",
"versionType": "custom"
},
{
"lessThan": "5.15.11",
"status": "affected",
"version": "5.15.6",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_ets: don\u0027t remove idle classes from the round-robin list\n\nShuang reported that the following script:\n\n 1) tc qdisc add dev ddd0 handle 10: parent 1: ets bands 8 strict 4 priomap 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7\n 2) mausezahn ddd0 -A 10.10.10.1 -B 10.10.10.2 -c 0 -a own -b 00:c1:a0:c1:a0:00 -t udp \u0026\n 3) tc qdisc change dev ddd0 handle 10: ets bands 4 strict 2 quanta 2500 2500 priomap 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3\n\ncrashes systematically when line 2) is commented:\n\n list_del corruption, ffff8e028404bd30-\u003enext is LIST_POISON1 (dead000000000100)\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:47!\n invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 0 PID: 954 Comm: tc Not tainted 5.16.0-rc4+ #478\n Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+4066+0f1aadab 04/01/2014\n RIP: 0010:__list_del_entry_valid.cold.1+0x12/0x47\n Code: fe ff 0f 0b 48 89 c1 4c 89 c6 48 c7 c7 08 42 1b 87 e8 1d c5 fe ff 0f 0b 48 89 fe 48 89 c2 48 c7 c7 98 42 1b 87 e8 09 c5 fe ff \u003c0f\u003e 0b 48 c7 c7 48 43 1b 87 e8 fb c4 fe ff 0f 0b 48 89 f2 48 89 fe\n RSP: 0018:ffffae46807a3888 EFLAGS: 00010246\n RAX: 000000000000004e RBX: 0000000000000007 RCX: 0000000000000202\n RDX: 0000000000000000 RSI: ffffffff871ac536 RDI: 00000000ffffffff\n RBP: ffffae46807a3a10 R08: 0000000000000000 R09: c0000000ffff7fff\n R10: 0000000000000001 R11: ffffae46807a36a8 R12: ffff8e028404b800\n R13: ffff8e028404bd30 R14: dead000000000100 R15: ffff8e02fafa2400\n FS: 00007efdc92e4480(0000) GS:ffff8e02fb600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000682f48 CR3: 00000001058be000 CR4: 0000000000350ef0\n Call Trace:\n \u003cTASK\u003e\n ets_qdisc_change+0x58b/0xa70 [sch_ets]\n tc_modify_qdisc+0x323/0x880\n rtnetlink_rcv_msg+0x169/0x4a0\n netlink_rcv_skb+0x50/0x100\n netlink_unicast+0x1a5/0x280\n netlink_sendmsg+0x257/0x4d0\n sock_sendmsg+0x5b/0x60\n ____sys_sendmsg+0x1f2/0x260\n ___sys_sendmsg+0x7c/0xc0\n __sys_sendmsg+0x57/0xa0\n do_syscall_64+0x3a/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7efdc8031338\n Code: 89 02 48 c7 c0 ff ff ff ff eb b5 0f 1f 80 00 00 00 00 f3 0f 1e fa 48 8d 05 25 43 2c 00 8b 00 85 c0 75 17 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 41 54 41 89 d4 55\n RSP: 002b:00007ffdf1ce9828 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 0000000061b37a97 RCX: 00007efdc8031338\n RDX: 0000000000000000 RSI: 00007ffdf1ce9890 RDI: 0000000000000003\n RBP: 0000000000000000 R08: 0000000000000001 R09: 000000000078a940\n R10: 000000000000000c R11: 0000000000000246 R12: 0000000000000001\n R13: 0000000000688880 R14: 0000000000000000 R15: 0000000000000000\n \u003c/TASK\u003e\n Modules linked in: sch_ets sch_tbf dummy rfkill iTCO_wdt iTCO_vendor_support intel_rapl_msr intel_rapl_common joydev pcspkr i2c_i801 virtio_balloon i2c_smbus lpc_ich ip_tables xfs libcrc32c crct10dif_pclmul crc32_pclmul crc32c_intel serio_raw ghash_clmulni_intel ahci libahci libata virtio_blk virtio_console virtio_net net_failover failover sunrpc dm_mirror dm_region_hash dm_log dm_mod [last unloaded: sch_ets]\n ---[ end trace f35878d1912655c2 ]---\n RIP: 0010:__list_del_entry_valid.cold.1+0x12/0x47\n Code: fe ff 0f 0b 48 89 c1 4c 89 c6 48 c7 c7 08 42 1b 87 e8 1d c5 fe ff 0f 0b 48 89 fe 48 89 c2 48 c7 c7 98 42 1b 87 e8 09 c5 fe ff \u003c0f\u003e 0b 48 c7 c7 48 43 1b 87 e8 fb c4 fe ff 0f 0b 48 89 f2 48 89 fe\n RSP: 0018:ffffae46807a3888 EFLAGS: 00010246\n RAX: 000000000000004e RBX: 0000000000000007 RCX: 0000000000000202\n RDX: 0000000000000000 RSI: ffffffff871ac536 RDI: 00000000ffffffff\n RBP: ffffae46807a3a10 R08: 0000000000000000 R09: c0000000ffff7fff\n R10: 0000000000000001 R11: ffffae46807a36a8 R12: ffff8e028404b800\n R13: ffff8e028404bd30 R14: dead000000000100 R15: ffff8e02fafa2400\n FS: 00007efdc92e4480(0000) GS:ffff8e02fb600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000000\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:57.568Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/81fbdd45652d8605a029e78ef14a6aaa529c4e72"
},
{
"url": "https://git.kernel.org/stable/c/491c1253441e2fdc8f6a6f4976e3f13440419b7a"
},
{
"url": "https://git.kernel.org/stable/c/c062f2a0b04d86c5b8c9d973bea43493eaca3d32"
}
],
"title": "net/sched: sch_ets: don\u0027t remove idle classes from the round-robin list",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47595",
"datePublished": "2024-06-19T14:53:57.568Z",
"dateReserved": "2024-05-24T15:11:00.733Z",
"dateUpdated": "2024-08-04T05:47:40.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47581
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2024-06-20T08:25:26.639Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"rejectedReasons": [
{
"lang": "en",
"value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47581",
"datePublished": "2024-06-19T14:53:48.111Z",
"dateRejected": "2024-06-20T08:25:26.639Z",
"dateReserved": "2024-05-24T15:11:00.730Z",
"dateUpdated": "2024-06-20T08:25:26.639Z",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47593
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:47
Severity
Summary
mptcp: clear 'kern' flag from fallback sockets
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:39.485Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/451f1eded7f56e93aaf52eb547ba97742d9c0e97"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c26ac0ea3a91c210cf90452e625dc441adf3e549"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d6692b3b97bdc165d150f4c1505751a323a80717"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/mptcp/protocol.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "451f1eded7f5",
"status": "affected",
"version": "cf7da0d66cc1",
"versionType": "git"
},
{
"lessThan": "c26ac0ea3a91",
"status": "affected",
"version": "cf7da0d66cc1",
"versionType": "git"
},
{
"lessThan": "d6692b3b97bd",
"status": "affected",
"version": "cf7da0d66cc1",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/mptcp/protocol.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.6"
},
{
"lessThan": "5.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: clear \u0027kern\u0027 flag from fallback sockets\n\nThe mptcp ULP extension relies on sk-\u003esk_sock_kern being set correctly:\nIt prevents setsockopt(fd, IPPROTO_TCP, TCP_ULP, \"mptcp\", 6); from\nworking for plain tcp sockets (any userspace-exposed socket).\n\nBut in case of fallback, accept() can return a plain tcp sk.\nIn such case, sk is still tagged as \u0027kernel\u0027 and setsockopt will work.\n\nThis will crash the kernel, The subflow extension has a NULL ctx-\u003econn\nmptcp socket:\n\nBUG: KASAN: null-ptr-deref in subflow_data_ready+0x181/0x2b0\nCall Trace:\n tcp_data_ready+0xf8/0x370\n [..]"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:56.251Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/451f1eded7f56e93aaf52eb547ba97742d9c0e97"
},
{
"url": "https://git.kernel.org/stable/c/c26ac0ea3a91c210cf90452e625dc441adf3e549"
},
{
"url": "https://git.kernel.org/stable/c/d6692b3b97bdc165d150f4c1505751a323a80717"
}
],
"title": "mptcp: clear \u0027kern\u0027 flag from fallback sockets",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47593",
"datePublished": "2024-06-19T14:53:56.251Z",
"dateReserved": "2024-05-24T15:11:00.733Z",
"dateUpdated": "2024-08-04T05:47:39.485Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38563
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
wifi: mt76: mt7996: fix potential memory leakage when reading chip temperature
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.045Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/84e81f9b4818b8efe89beb12a246d5d510631939"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ef46dbb93fc9279fb7de883aac22abffe214e6b5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/474b9412f33be87076b40a49756662594598a85e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/mediatek/mt76/mt7996/mcu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "84e81f9b4818",
"status": "affected",
"version": "6879b2e94172",
"versionType": "git"
},
{
"lessThan": "ef46dbb93fc9",
"status": "affected",
"version": "6879b2e94172",
"versionType": "git"
},
{
"lessThan": "474b9412f33b",
"status": "affected",
"version": "6879b2e94172",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/wireless/mediatek/mt76/mt7996/mcu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7996: fix potential memory leakage when reading chip temperature\n\nWithout this commit, reading chip temperature will cause memory leakage."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:08.568Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/84e81f9b4818b8efe89beb12a246d5d510631939"
},
{
"url": "https://git.kernel.org/stable/c/ef46dbb93fc9279fb7de883aac22abffe214e6b5"
},
{
"url": "https://git.kernel.org/stable/c/474b9412f33be87076b40a49756662594598a85e"
}
],
"title": "wifi: mt76: mt7996: fix potential memory leakage when reading chip temperature",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38563",
"datePublished": "2024-06-19T13:35:31.551Z",
"dateReserved": "2024-06-18T19:36:34.922Z",
"dateUpdated": "2024-08-02T04:12:26.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38617
Vulnerability from cvelistv5
Published
2024-06-19 13:56
Modified
2024-08-02 04:12
Severity
Summary
kunit/fortify: Fix mismatched kvalloc()/vfree() usage
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38617",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T18:11:00.320461Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T18:11:07.454Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7880dbf4eafe22a6a41a42e774f1122c814ed02d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/42d21c9727028fe7ee392223ba127484b1b8677e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/03758d5a0932016b6d5f5bfbca580177e6bc937a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/998b18072ceb0613629c256b409f4d299829c7ec"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"lib/fortify_kunit.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7880dbf4eafe",
"status": "affected",
"version": "9124a2640148",
"versionType": "git"
},
{
"lessThan": "42d21c972702",
"status": "affected",
"version": "9124a2640148",
"versionType": "git"
},
{
"lessThan": "03758d5a0932",
"status": "affected",
"version": "9124a2640148",
"versionType": "git"
},
{
"lessThan": "998b18072ceb",
"status": "affected",
"version": "9124a2640148",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"lib/fortify_kunit.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.2"
},
{
"lessThan": "6.2",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkunit/fortify: Fix mismatched kvalloc()/vfree() usage\n\nThe kv*() family of tests were accidentally freeing with vfree() instead\nof kvfree(). Use kvfree() instead."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:10.171Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7880dbf4eafe22a6a41a42e774f1122c814ed02d"
},
{
"url": "https://git.kernel.org/stable/c/42d21c9727028fe7ee392223ba127484b1b8677e"
},
{
"url": "https://git.kernel.org/stable/c/03758d5a0932016b6d5f5bfbca580177e6bc937a"
},
{
"url": "https://git.kernel.org/stable/c/998b18072ceb0613629c256b409f4d299829c7ec"
}
],
"title": "kunit/fortify: Fix mismatched kvalloc()/vfree() usage",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38617",
"datePublished": "2024-06-19T13:56:16.763Z",
"dateReserved": "2024-06-18T19:36:34.944Z",
"dateUpdated": "2024-08-02T04:12:25.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47582
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:39
Severity
Summary
USB: core: Make do_proc_control() and do_proc_bulk() killable
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:39:59.853Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/403716741c6c2c510dce44e88f085a740f535de6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ae8709b296d80c7f45aa1f35c0e7659ad69edce1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/usb/core/devio.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "403716741c6c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "ae8709b296d8",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/usb/core/devio.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Make do_proc_control() and do_proc_bulk() killable\n\nThe USBDEVFS_CONTROL and USBDEVFS_BULK ioctls invoke\nusb_start_wait_urb(), which contains an uninterruptible wait with a\nuser-specified timeout value. If timeout value is very large and the\ndevice being accessed does not respond in a reasonable amount of time,\nthe kernel will complain about \"Task X blocked for more than N\nseconds\", as found in testing by syzbot:\n\nINFO: task syz-executor.0:8700 blocked for more than 143 seconds.\n Not tainted 5.14.0-rc7-syzkaller #0\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:syz-executor.0 state:D stack:23192 pid: 8700 ppid: 8455 flags:0x00004004\nCall Trace:\n context_switch kernel/sched/core.c:4681 [inline]\n __schedule+0xc07/0x11f0 kernel/sched/core.c:5938\n schedule+0x14b/0x210 kernel/sched/core.c:6017\n schedule_timeout+0x98/0x2f0 kernel/time/timer.c:1857\n do_wait_for_common+0x2da/0x480 kernel/sched/completion.c:85\n __wait_for_common kernel/sched/completion.c:106 [inline]\n wait_for_common kernel/sched/completion.c:117 [inline]\n wait_for_completion_timeout+0x46/0x60 kernel/sched/completion.c:157\n usb_start_wait_urb+0x167/0x550 drivers/usb/core/message.c:63\n do_proc_bulk+0x978/0x1080 drivers/usb/core/devio.c:1236\n proc_bulk drivers/usb/core/devio.c:1273 [inline]\n usbdev_do_ioctl drivers/usb/core/devio.c:2547 [inline]\n usbdev_ioctl+0x3441/0x6b10 drivers/usb/core/devio.c:2713\n...\n\nTo fix this problem, this patch replaces usbfs\u0027s calls to\nusb_control_msg() and usb_bulk_msg() with special-purpose code that\ndoes essentially the same thing (as recommended in the comment for\nusb_start_wait_urb()), except that it always uses a killable wait and\nit uses GFP_KERNEL rather than GFP_NOIO."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:48.788Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/403716741c6c2c510dce44e88f085a740f535de6"
},
{
"url": "https://git.kernel.org/stable/c/ae8709b296d80c7f45aa1f35c0e7659ad69edce1"
}
],
"title": "USB: core: Make do_proc_control() and do_proc_bulk() killable",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47582",
"datePublished": "2024-06-19T14:53:48.788Z",
"dateReserved": "2024-05-24T15:11:00.730Z",
"dateUpdated": "2024-08-04T05:39:59.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38540
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38540",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T15:37:42.492444Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T15:37:52.149Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.214Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a658f011d89dd20cf2c7cb4760ffd79201700b98"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/627493443f3a8458cb55cdae1da254a7001123bc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8b799c00cea6fcfe5b501bbaeb228c8821acb753"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/78cfd17142ef70599d6409cbd709d94b3da58659"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/bnxt_re/qplib_fp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a658f011d89d",
"status": "affected",
"version": "0c4dcd602817",
"versionType": "git"
},
{
"lessThan": "627493443f3a",
"status": "affected",
"version": "0c4dcd602817",
"versionType": "git"
},
{
"lessThan": "8b799c00cea6",
"status": "affected",
"version": "0c4dcd602817",
"versionType": "git"
},
{
"lessThan": "78cfd17142ef",
"status": "affected",
"version": "0c4dcd602817",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/bnxt_re/qplib_fp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.7"
},
{
"lessThan": "5.7",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq\n\nUndefined behavior is triggered when bnxt_qplib_alloc_init_hwq is called\nwith hwq_attr-\u003eaux_depth != 0 and hwq_attr-\u003eaux_stride == 0.\nIn that case, \"roundup_pow_of_two(hwq_attr-\u003eaux_stride)\" gets called.\nroundup_pow_of_two is documented as undefined for 0.\n\nFix it in the one caller that had this combination.\n\nThe undefined behavior was detected by UBSAN:\n UBSAN: shift-out-of-bounds in ./include/linux/log2.h:57:13\n shift exponent 64 is too large for 64-bit type \u0027long unsigned int\u0027\n CPU: 24 PID: 1075 Comm: (udev-worker) Not tainted 6.9.0-rc6+ #4\n Hardware name: Abacus electric, s.r.o. - servis@abacus.cz Super Server/H12SSW-iN, BIOS 2.7 10/25/2023\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n ubsan_epilogue+0x5/0x30\n __ubsan_handle_shift_out_of_bounds.cold+0x61/0xec\n __roundup_pow_of_two+0x25/0x35 [bnxt_re]\n bnxt_qplib_alloc_init_hwq+0xa1/0x470 [bnxt_re]\n bnxt_qplib_create_qp+0x19e/0x840 [bnxt_re]\n bnxt_re_create_qp+0x9b1/0xcd0 [bnxt_re]\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? __kmalloc+0x1b6/0x4f0\n ? create_qp.part.0+0x128/0x1c0 [ib_core]\n ? __pfx_bnxt_re_create_qp+0x10/0x10 [bnxt_re]\n create_qp.part.0+0x128/0x1c0 [ib_core]\n ib_create_qp_kernel+0x50/0xd0 [ib_core]\n create_mad_qp+0x8e/0xe0 [ib_core]\n ? __pfx_qp_event_handler+0x10/0x10 [ib_core]\n ib_mad_init_device+0x2be/0x680 [ib_core]\n add_client_context+0x10d/0x1a0 [ib_core]\n enable_device_and_get+0xe0/0x1d0 [ib_core]\n ib_register_device+0x53c/0x630 [ib_core]\n ? srso_alias_return_thunk+0x5/0xfbef5\n bnxt_re_probe+0xbd8/0xe50 [bnxt_re]\n ? __pfx_bnxt_re_probe+0x10/0x10 [bnxt_re]\n auxiliary_bus_probe+0x49/0x80\n ? driver_sysfs_add+0x57/0xc0\n really_probe+0xde/0x340\n ? pm_runtime_barrier+0x54/0x90\n ? __pfx___driver_attach+0x10/0x10\n __driver_probe_device+0x78/0x110\n driver_probe_device+0x1f/0xa0\n __driver_attach+0xba/0x1c0\n bus_for_each_dev+0x8f/0xe0\n bus_add_driver+0x146/0x220\n driver_register+0x72/0xd0\n __auxiliary_driver_register+0x6e/0xd0\n ? __pfx_bnxt_re_mod_init+0x10/0x10 [bnxt_re]\n bnxt_re_mod_init+0x3e/0xff0 [bnxt_re]\n ? __pfx_bnxt_re_mod_init+0x10/0x10 [bnxt_re]\n do_one_initcall+0x5b/0x310\n do_init_module+0x90/0x250\n init_module_from_file+0x86/0xc0\n idempotent_init_module+0x121/0x2b0\n __x64_sys_finit_module+0x5e/0xb0\n do_syscall_64+0x82/0x160\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? syscall_exit_to_user_mode_prepare+0x149/0x170\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? syscall_exit_to_user_mode+0x75/0x230\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? do_syscall_64+0x8e/0x160\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? __count_memcg_events+0x69/0x100\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? count_memcg_events.constprop.0+0x1a/0x30\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? handle_mm_fault+0x1f0/0x300\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? do_user_addr_fault+0x34e/0x640\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? srso_alias_return_thunk+0x5/0xfbef5\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f4e5132821d\n Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d e3 db 0c 00 f7 d8 64 89 01 48\n RSP: 002b:00007ffca9c906a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139\n RAX: ffffffffffffffda RBX: 0000563ec8a8f130 RCX: 00007f4e5132821d\n RDX: 0000000000000000 RSI: 00007f4e518fa07d RDI: 000000000000003b\n RBP: 00007ffca9c90760 R08: 00007f4e513f6b20 R09: 00007ffca9c906f0\n R10: 0000563ec8a8faa0 R11: 0000000000000246 R12: 00007f4e518fa07d\n R13: 0000000000020000 R14: 0000563ec8409e90 R15: 0000563ec8a8fa60\n \u003c/TASK\u003e\n ---[ end trace ]---"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:41.292Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a658f011d89dd20cf2c7cb4760ffd79201700b98"
},
{
"url": "https://git.kernel.org/stable/c/627493443f3a8458cb55cdae1da254a7001123bc"
},
{
"url": "https://git.kernel.org/stable/c/8b799c00cea6fcfe5b501bbaeb228c8821acb753"
},
{
"url": "https://git.kernel.org/stable/c/78cfd17142ef70599d6409cbd709d94b3da58659"
}
],
"title": "bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38540",
"datePublished": "2024-06-19T13:35:15.823Z",
"dateReserved": "2024-06-18T19:36:34.918Z",
"dateUpdated": "2024-08-02T04:12:25.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38562
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
wifi: nl80211: Avoid address calculations via out of bounds array indexing
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38562",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T19:45:52.073349Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T19:46:05.208Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ed74398642fcb19f6ff385c35a7d512c6663e17b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4e2a5566462b53db7d4c4722da86eedf0b8f546c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8fa4d56564ee7cc2ee348258d88efe191d70dd7f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/838c7b8f1f278404d9d684c34a8cb26dc41aaaa1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/wireless/nl80211.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ed74398642fc",
"status": "affected",
"version": "e3eac9f32ec0",
"versionType": "git"
},
{
"lessThan": "4e2a5566462b",
"status": "affected",
"version": "e3eac9f32ec0",
"versionType": "git"
},
{
"lessThan": "8fa4d56564ee",
"status": "affected",
"version": "e3eac9f32ec0",
"versionType": "git"
},
{
"lessThan": "838c7b8f1f27",
"status": "affected",
"version": "e3eac9f32ec0",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/wireless/nl80211.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.6"
},
{
"lessThan": "6.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: Avoid address calculations via out of bounds array indexing\n\nBefore request-\u003echannels[] can be used, request-\u003en_channels must be set.\nAdditionally, address calculations for memory after the \"channels\" array\nneed to be calculated from the allocation base (\"request\") rather than\nvia the first \"out of bounds\" index of \"channels\", otherwise run-time\nbounds checking will throw a warning."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:07.397Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ed74398642fcb19f6ff385c35a7d512c6663e17b"
},
{
"url": "https://git.kernel.org/stable/c/4e2a5566462b53db7d4c4722da86eedf0b8f546c"
},
{
"url": "https://git.kernel.org/stable/c/8fa4d56564ee7cc2ee348258d88efe191d70dd7f"
},
{
"url": "https://git.kernel.org/stable/c/838c7b8f1f278404d9d684c34a8cb26dc41aaaa1"
}
],
"title": "wifi: nl80211: Avoid address calculations via out of bounds array indexing",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38562",
"datePublished": "2024-06-19T13:35:30.893Z",
"dateReserved": "2024-06-18T19:36:34.922Z",
"dateUpdated": "2024-08-02T04:12:25.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38603
Vulnerability from cvelistv5
Published
2024-06-19 13:48
Modified
2024-08-02 04:12
Severity
Summary
drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.887Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1491a01ef5a98149048b12e208f6ed8e86ad10b9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a7678a16c25b6ece1667ac681e3e783ff3de7a6f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2fcffaaf529d5fe3fdc6c0ee65a6f266b74de782"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b1e86f1ef8fa796f8935be392457639f3a907d91"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/582c1aeee0a9e73010cf1c4cef338709860deeb0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/perf/hisilicon/hns3_pmu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "1491a01ef5a9",
"status": "affected",
"version": "66637ab137b4",
"versionType": "git"
},
{
"lessThan": "a7678a16c25b",
"status": "affected",
"version": "66637ab137b4",
"versionType": "git"
},
{
"lessThan": "2fcffaaf529d",
"status": "affected",
"version": "66637ab137b4",
"versionType": "git"
},
{
"lessThan": "b1e86f1ef8fa",
"status": "affected",
"version": "66637ab137b4",
"versionType": "git"
},
{
"lessThan": "582c1aeee0a9",
"status": "affected",
"version": "66637ab137b4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/perf/hisilicon/hns3_pmu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"lessThan": "6.0",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/perf: hisi: hns3: Actually use devm_add_action_or_reset()\n\npci_alloc_irq_vectors() allocates an irq vector. When devm_add_action()\nfails, the irq vector is not freed, which leads to a memory leak.\n\nReplace the devm_add_action with devm_add_action_or_reset to ensure\nthe irq vector can be destroyed when it fails."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:53.398Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/1491a01ef5a98149048b12e208f6ed8e86ad10b9"
},
{
"url": "https://git.kernel.org/stable/c/a7678a16c25b6ece1667ac681e3e783ff3de7a6f"
},
{
"url": "https://git.kernel.org/stable/c/2fcffaaf529d5fe3fdc6c0ee65a6f266b74de782"
},
{
"url": "https://git.kernel.org/stable/c/b1e86f1ef8fa796f8935be392457639f3a907d91"
},
{
"url": "https://git.kernel.org/stable/c/582c1aeee0a9e73010cf1c4cef338709860deeb0"
}
],
"title": "drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset()",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38603",
"datePublished": "2024-06-19T13:48:14.426Z",
"dateReserved": "2024-06-18T19:36:34.933Z",
"dateUpdated": "2024-08-02T04:12:25.887Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38569
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38569",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T18:24:22.058209Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T18:24:28.077Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3d1face00ebb7996842aee4214d7d0fb0c77b1e9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8e9aab2492178f25372f1820bfd9289fbd74efd0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/567d34626c22b36579ec0abfdf5eda2949044220"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ff48247144d13a3a0817127703724256008efa78"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/77fce82678ea5fd51442e62febec2004f79e041b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/perf/hisilicon/hisi_pcie_pmu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3d1face00ebb",
"status": "affected",
"version": "8404b0fbc7fb",
"versionType": "git"
},
{
"lessThan": "8e9aab249217",
"status": "affected",
"version": "8404b0fbc7fb",
"versionType": "git"
},
{
"lessThan": "567d34626c22",
"status": "affected",
"version": "8404b0fbc7fb",
"versionType": "git"
},
{
"lessThan": "ff48247144d1",
"status": "affected",
"version": "8404b0fbc7fb",
"versionType": "git"
},
{
"lessThan": "77fce82678ea",
"status": "affected",
"version": "8404b0fbc7fb",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/perf/hisilicon/hisi_pcie_pmu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.17"
},
{
"lessThan": "5.17",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/perf: hisi_pcie: Fix out-of-bound access when valid event group\n\nThe perf tool allows users to create event groups through following\ncmd [1], but the driver does not check whether the array index is out of\nbounds when writing data to the event_group array. If the number of events\nin an event_group is greater than HISI_PCIE_MAX_COUNTERS, the memory write\noverflow of event_group array occurs.\n\nAdd array index check to fix the possible array out of bounds violation,\nand return directly when write new events are written to array bounds.\n\nThere are 9 different events in an event_group.\n[1] perf stat -e \u0027{pmu/event1/, ... ,pmu/event9/}\u0027"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:15.593Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3d1face00ebb7996842aee4214d7d0fb0c77b1e9"
},
{
"url": "https://git.kernel.org/stable/c/8e9aab2492178f25372f1820bfd9289fbd74efd0"
},
{
"url": "https://git.kernel.org/stable/c/567d34626c22b36579ec0abfdf5eda2949044220"
},
{
"url": "https://git.kernel.org/stable/c/ff48247144d13a3a0817127703724256008efa78"
},
{
"url": "https://git.kernel.org/stable/c/77fce82678ea5fd51442e62febec2004f79e041b"
}
],
"title": "drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38569",
"datePublished": "2024-06-19T13:35:35.588Z",
"dateReserved": "2024-06-18T19:36:34.923Z",
"dateUpdated": "2024-08-02T04:12:26.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38584
Vulnerability from cvelistv5
Published
2024-06-19 13:37
Modified
2024-08-02 04:12
Severity
Summary
net: ti: icssg_prueth: Fix NULL pointer dereference in prueth_probe()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38584",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T18:16:11.052234Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T18:16:18.133Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5cd17f0e74cb99d209945b9f1f06d411aa667eb1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b0a82ebabbdc4c307f781bb0e5cd617949a3900d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1e1d5bd7f4682e6925dd960aba2a1aa1d93da53a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b31c7e78086127a7fcaa761e8d336ee855a920c6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/ti/icssg/icssg_prueth.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5cd17f0e74cb",
"status": "affected",
"version": "128d5874c082",
"versionType": "git"
},
{
"lessThan": "b0a82ebabbdc",
"status": "affected",
"version": "128d5874c082",
"versionType": "git"
},
{
"lessThan": "1e1d5bd7f468",
"status": "affected",
"version": "128d5874c082",
"versionType": "git"
},
{
"lessThan": "b31c7e780861",
"status": "affected",
"version": "128d5874c082",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/ti/icssg/icssg_prueth.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.6"
},
{
"lessThan": "6.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ti: icssg_prueth: Fix NULL pointer dereference in prueth_probe()\n\nIn the prueth_probe() function, if one of the calls to emac_phy_connect()\nfails due to of_phy_connect() returning NULL, then the subsequent call to\nphy_attached_info() will dereference a NULL pointer.\n\nCheck the return code of emac_phy_connect and fail cleanly if there is an\nerror."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:30.785Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/5cd17f0e74cb99d209945b9f1f06d411aa667eb1"
},
{
"url": "https://git.kernel.org/stable/c/b0a82ebabbdc4c307f781bb0e5cd617949a3900d"
},
{
"url": "https://git.kernel.org/stable/c/1e1d5bd7f4682e6925dd960aba2a1aa1d93da53a"
},
{
"url": "https://git.kernel.org/stable/c/b31c7e78086127a7fcaa761e8d336ee855a920c6"
}
],
"title": "net: ti: icssg_prueth: Fix NULL pointer dereference in prueth_probe()",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38584",
"datePublished": "2024-06-19T13:37:40.515Z",
"dateReserved": "2024-06-18T19:36:34.928Z",
"dateUpdated": "2024-08-02T04:12:25.664Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47597
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:47
Severity
Summary
inet_diag: fix kernel-infoleak for UDP sockets
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:39.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7b5596e531253ce84213d9daa7120b71c9d83198"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3a4f6dba1eb98101abc012ef968a8b10dac1ce50"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e5d28205bf1de7082d904ed277ceb2db2879e302"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/71ddeac8cd1d217744a0e060ff520e147c9328d1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/ipv4/inet_diag.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7b5596e53125",
"status": "affected",
"version": "3c4d05c80567",
"versionType": "git"
},
{
"lessThan": "3a4f6dba1eb9",
"status": "affected",
"version": "3c4d05c80567",
"versionType": "git"
},
{
"lessThan": "e5d28205bf1d",
"status": "affected",
"version": "3c4d05c80567",
"versionType": "git"
},
{
"lessThan": "71ddeac8cd1d",
"status": "affected",
"version": "3c4d05c80567",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/ipv4/inet_diag.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.3"
},
{
"lessThan": "3.3",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.168",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet_diag: fix kernel-infoleak for UDP sockets\n\nKMSAN reported a kernel-infoleak [1], that can exploited\nby unpriv users.\n\nAfter analysis it turned out UDP was not initializing\nr-\u003eidiag_expires. Other users of inet_sk_diag_fill()\nmight make the same mistake in the future, so fix this\nin inet_sk_diag_fill().\n\n[1]\nBUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inline]\nBUG: KMSAN: kernel-infoleak in copyout lib/iov_iter.c:156 [inline]\nBUG: KMSAN: kernel-infoleak in _copy_to_iter+0x69d/0x25c0 lib/iov_iter.c:670\n instrument_copy_to_user include/linux/instrumented.h:121 [inline]\n copyout lib/iov_iter.c:156 [inline]\n _copy_to_iter+0x69d/0x25c0 lib/iov_iter.c:670\n copy_to_iter include/linux/uio.h:155 [inline]\n simple_copy_to_iter+0xf3/0x140 net/core/datagram.c:519\n __skb_datagram_iter+0x2cb/0x1280 net/core/datagram.c:425\n skb_copy_datagram_iter+0xdc/0x270 net/core/datagram.c:533\n skb_copy_datagram_msg include/linux/skbuff.h:3657 [inline]\n netlink_recvmsg+0x660/0x1c60 net/netlink/af_netlink.c:1974\n sock_recvmsg_nosec net/socket.c:944 [inline]\n sock_recvmsg net/socket.c:962 [inline]\n sock_read_iter+0x5a9/0x630 net/socket.c:1035\n call_read_iter include/linux/fs.h:2156 [inline]\n new_sync_read fs/read_write.c:400 [inline]\n vfs_read+0x1631/0x1980 fs/read_write.c:481\n ksys_read+0x28c/0x520 fs/read_write.c:619\n __do_sys_read fs/read_write.c:629 [inline]\n __se_sys_read fs/read_write.c:627 [inline]\n __x64_sys_read+0xdb/0x120 fs/read_write.c:627\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nUninit was created at:\n slab_post_alloc_hook mm/slab.h:524 [inline]\n slab_alloc_node mm/slub.c:3251 [inline]\n __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4974\n kmalloc_reserve net/core/skbuff.c:354 [inline]\n __alloc_skb+0x545/0xf90 net/core/skbuff.c:426\n alloc_skb include/linux/skbuff.h:1126 [inline]\n netlink_dump+0x3d5/0x16a0 net/netlink/af_netlink.c:2245\n __netlink_dump_start+0xd1c/0xee0 net/netlink/af_netlink.c:2370\n netlink_dump_start include/linux/netlink.h:254 [inline]\n inet_diag_handler_cmd+0x2e7/0x400 net/ipv4/inet_diag.c:1343\n sock_diag_rcv_msg+0x24a/0x620\n netlink_rcv_skb+0x447/0x800 net/netlink/af_netlink.c:2491\n sock_diag_rcv+0x63/0x80 net/core/sock_diag.c:276\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x1095/0x1360 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x16f3/0x1870 net/netlink/af_netlink.c:1916\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg net/socket.c:724 [inline]\n sock_write_iter+0x594/0x690 net/socket.c:1057\n do_iter_readv_writev+0xa7f/0xc70\n do_iter_write+0x52c/0x1500 fs/read_write.c:851\n vfs_writev fs/read_write.c:924 [inline]\n do_writev+0x63f/0xe30 fs/read_write.c:967\n __do_sys_writev fs/read_write.c:1040 [inline]\n __se_sys_writev fs/read_write.c:1037 [inline]\n __x64_sys_writev+0xe5/0x120 fs/read_write.c:1037\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nBytes 68-71 of 312 are uninitialized\nMemory access of size 312 starts at ffff88812ab54000\nData copied to user address 0000000020001440\n\nCPU: 1 PID: 6365 Comm: syz-executor801 Not tainted 5.16.0-rc3-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:58.902Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7b5596e531253ce84213d9daa7120b71c9d83198"
},
{
"url": "https://git.kernel.org/stable/c/3a4f6dba1eb98101abc012ef968a8b10dac1ce50"
},
{
"url": "https://git.kernel.org/stable/c/e5d28205bf1de7082d904ed277ceb2db2879e302"
},
{
"url": "https://git.kernel.org/stable/c/71ddeac8cd1d217744a0e060ff520e147c9328d1"
}
],
"title": "inet_diag: fix kernel-infoleak for UDP sockets",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47597",
"datePublished": "2024-06-19T14:53:58.902Z",
"dateReserved": "2024-05-24T15:11:00.734Z",
"dateUpdated": "2024-08-04T05:47:39.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47594
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:47
Severity
Summary
mptcp: never allow the PM to close a listener subflow
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47594",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T17:56:53.021423Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T17:57:03.119Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:39.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1456a0004cc54c58adb2501cb0c95dc8b3c83e9e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b0cdc5dbcf2ba0d99785da5aabf1b17943805b8a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/mptcp/pm_netlink.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "1456a0004cc5",
"status": "affected",
"version": "740d798e8767",
"versionType": "git"
},
{
"lessThan": "b0cdc5dbcf2b",
"status": "affected",
"version": "740d798e8767",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/mptcp/pm_netlink.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.13"
},
{
"lessThan": "5.13",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: never allow the PM to close a listener subflow\n\nCurrently, when deleting an endpoint the netlink PM treverses\nall the local MPTCP sockets, regardless of their status.\n\nIf an MPTCP listener socket is bound to the IP matching the\ndelete endpoint, the listener TCP socket will be closed.\nThat is unexpected, the PM should only affect data subflows.\n\nAdditionally, syzbot was able to trigger a NULL ptr dereference\ndue to the above:\n\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]\nCPU: 1 PID: 6550 Comm: syz-executor122 Not tainted 5.16.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:__lock_acquire+0xd7d/0x54a0 kernel/locking/lockdep.c:4897\nCode: 0f 0e 41 be 01 00 00 00 0f 86 c8 00 00 00 89 05 69 cc 0f 0e e9 bd 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 f3 2f 00 00 48 81 3b 20 75 17 8f 0f 84 52 f3 ff\nRSP: 0018:ffffc90001f2f818 EFLAGS: 00010016\nRAX: dffffc0000000000 RBX: 0000000000000018 RCX: 0000000000000000\nRDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000001\nRBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001\nR10: 0000000000000000 R11: 000000000000000a R12: 0000000000000000\nR13: ffff88801b98d700 R14: 0000000000000000 R15: 0000000000000001\nFS: 00007f177cd3d700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f177cd1b268 CR3: 000000001dd55000 CR4: 0000000000350ee0\nCall Trace:\n \u003cTASK\u003e\n lock_acquire kernel/locking/lockdep.c:5637 [inline]\n lock_acquire+0x1ab/0x510 kernel/locking/lockdep.c:5602\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0x39/0x50 kernel/locking/spinlock.c:162\n finish_wait+0xc0/0x270 kernel/sched/wait.c:400\n inet_csk_wait_for_connect net/ipv4/inet_connection_sock.c:464 [inline]\n inet_csk_accept+0x7de/0x9d0 net/ipv4/inet_connection_sock.c:497\n mptcp_accept+0xe5/0x500 net/mptcp/protocol.c:2865\n inet_accept+0xe4/0x7b0 net/ipv4/af_inet.c:739\n mptcp_stream_accept+0x2e7/0x10e0 net/mptcp/protocol.c:3345\n do_accept+0x382/0x510 net/socket.c:1773\n __sys_accept4_file+0x7e/0xe0 net/socket.c:1816\n __sys_accept4+0xb0/0x100 net/socket.c:1846\n __do_sys_accept net/socket.c:1864 [inline]\n __se_sys_accept net/socket.c:1861 [inline]\n __x64_sys_accept+0x71/0xb0 net/socket.c:1861\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f177cd8b8e9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f177cd3d308 EFLAGS: 00000246 ORIG_RAX: 000000000000002b\nRAX: ffffffffffffffda RBX: 00007f177ce13408 RCX: 00007f177cd8b8e9\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003\nRBP: 00007f177ce13400 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007f177ce1340c\nR13: 00007f177cde1004 R14: 6d705f706374706d R15: 0000000000022000\n \u003c/TASK\u003e\n\nFix the issue explicitly skipping MPTCP socket in TCP_LISTEN\nstatus."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:56.899Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/1456a0004cc54c58adb2501cb0c95dc8b3c83e9e"
},
{
"url": "https://git.kernel.org/stable/c/b0cdc5dbcf2ba0d99785da5aabf1b17943805b8a"
}
],
"title": "mptcp: never allow the PM to close a listener subflow",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47594",
"datePublished": "2024-06-19T14:53:56.899Z",
"dateReserved": "2024-05-24T15:11:00.733Z",
"dateUpdated": "2024-08-04T05:47:39.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38614
Vulnerability from cvelistv5
Published
2024-06-19 13:56
Modified
2024-08-02 04:12
Severity
Summary
openrisc: traps: Don't send signals to kernel mode threads
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c0ed9a711e3392d73e857faa031d8d349c0d70db"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/075c0405b0d7d9fc490609e988a3af0069596538"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cea9d0015c140af39477dd5eeb9b20233a45daa9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c88cfb5cea5f8f9868ef02cc9ce9183a26dcf20f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/openrisc/kernel/traps.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "c0ed9a711e33",
"status": "affected",
"version": "27267655c531",
"versionType": "git"
},
{
"lessThan": "075c0405b0d7",
"status": "affected",
"version": "27267655c531",
"versionType": "git"
},
{
"lessThan": "cea9d0015c14",
"status": "affected",
"version": "27267655c531",
"versionType": "git"
},
{
"lessThan": "c88cfb5cea5f",
"status": "affected",
"version": "27267655c531",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/openrisc/kernel/traps.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"lessThan": "6.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenrisc: traps: Don\u0027t send signals to kernel mode threads\n\nOpenRISC exception handling sends signals to user processes on floating\npoint exceptions and trap instructions (for debugging) among others.\nThere is a bug where the trap handling logic may send signals to kernel\nthreads, we should not send these signals to kernel threads, if that\nhappens we treat it as an error.\n\nThis patch adds conditions to die if the kernel receives these\nexceptions in kernel mode code."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:06.360Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/c0ed9a711e3392d73e857faa031d8d349c0d70db"
},
{
"url": "https://git.kernel.org/stable/c/075c0405b0d7d9fc490609e988a3af0069596538"
},
{
"url": "https://git.kernel.org/stable/c/cea9d0015c140af39477dd5eeb9b20233a45daa9"
},
{
"url": "https://git.kernel.org/stable/c/c88cfb5cea5f8f9868ef02cc9ce9183a26dcf20f"
}
],
"title": "openrisc: traps: Don\u0027t send signals to kernel mode threads",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38614",
"datePublished": "2024-06-19T13:56:14.753Z",
"dateReserved": "2024-06-18T19:36:34.944Z",
"dateUpdated": "2024-08-02T04:12:25.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38559
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
scsi: qedf: Ensure the copied buf is NUL terminated
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38559",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T15:39:36.404554Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T15:41:29.279Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.738Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1f84a2744ad813be23fc4be99fb74bfb24aadb95"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a75001678e1d38aa607d5b898ec7ff8ed0700d59"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/769b9fd2af02c069451fe9108dba73355d9a021c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dccd97b39ab2f2b1b9a47a1394647a4d65815255"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d93318f19d1e1a6d5f04f5d965eaa9055bb7c613"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/563e609275927c0b75fbfd0d90441543aa7b5e0d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4907f5ad246fa9b51093ed7dfc7da9ebbd3f20b8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/177f43c6892e6055de6541fe9391a8a3d1f95fc9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d0184a375ee797eb657d74861ba0935b6e405c62"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/scsi/qedf/qedf_debugfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "1f84a2744ad8",
"status": "affected",
"version": "61d8658b4a43",
"versionType": "git"
},
{
"lessThan": "a75001678e1d",
"status": "affected",
"version": "61d8658b4a43",
"versionType": "git"
},
{
"lessThan": "769b9fd2af02",
"status": "affected",
"version": "61d8658b4a43",
"versionType": "git"
},
{
"lessThan": "dccd97b39ab2",
"status": "affected",
"version": "61d8658b4a43",
"versionType": "git"
},
{
"lessThan": "d93318f19d1e",
"status": "affected",
"version": "61d8658b4a43",
"versionType": "git"
},
{
"lessThan": "563e60927592",
"status": "affected",
"version": "61d8658b4a43",
"versionType": "git"
},
{
"lessThan": "4907f5ad246f",
"status": "affected",
"version": "61d8658b4a43",
"versionType": "git"
},
{
"lessThan": "177f43c6892e",
"status": "affected",
"version": "61d8658b4a43",
"versionType": "git"
},
{
"lessThan": "d0184a375ee7",
"status": "affected",
"version": "61d8658b4a43",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/scsi/qedf/qedf_debugfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.11"
},
{
"lessThan": "4.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedf: Ensure the copied buf is NUL terminated\n\nCurrently, we allocate a count-sized kernel buffer and copy count from\nuserspace to that buffer. Later, we use kstrtouint on this buffer but we\ndon\u0027t ensure that the string is terminated inside the buffer, this can\nlead to OOB read when using kstrtouint. Fix this issue by using\nmemdup_user_nul instead of memdup_user."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:03.909Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/1f84a2744ad813be23fc4be99fb74bfb24aadb95"
},
{
"url": "https://git.kernel.org/stable/c/a75001678e1d38aa607d5b898ec7ff8ed0700d59"
},
{
"url": "https://git.kernel.org/stable/c/769b9fd2af02c069451fe9108dba73355d9a021c"
},
{
"url": "https://git.kernel.org/stable/c/dccd97b39ab2f2b1b9a47a1394647a4d65815255"
},
{
"url": "https://git.kernel.org/stable/c/d93318f19d1e1a6d5f04f5d965eaa9055bb7c613"
},
{
"url": "https://git.kernel.org/stable/c/563e609275927c0b75fbfd0d90441543aa7b5e0d"
},
{
"url": "https://git.kernel.org/stable/c/4907f5ad246fa9b51093ed7dfc7da9ebbd3f20b8"
},
{
"url": "https://git.kernel.org/stable/c/177f43c6892e6055de6541fe9391a8a3d1f95fc9"
},
{
"url": "https://git.kernel.org/stable/c/d0184a375ee797eb657d74861ba0935b6e405c62"
}
],
"title": "scsi: qedf: Ensure the copied buf is NUL terminated",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38559",
"datePublished": "2024-06-19T13:35:28.888Z",
"dateReserved": "2024-06-18T19:36:34.922Z",
"dateUpdated": "2024-08-02T04:12:25.738Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47613
Vulnerability from cvelistv5
Published
2024-06-19 14:58
Modified
2024-08-04 05:47
Severity
Summary
i2c: virtio: fix completion handling
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.505Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9cbb957441ed8873577d7d313a3d79d69f1dad5c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b503de239f62eca898cfb7e820d9a35499137d22"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/i2c/busses/i2c-virtio.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "9cbb957441ed",
"status": "affected",
"version": "3cfc88380413",
"versionType": "git"
},
{
"lessThan": "b503de239f62",
"status": "affected",
"version": "3cfc88380413",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/i2c/busses/i2c-virtio.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.15"
},
{
"lessThan": "5.15",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.10",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: virtio: fix completion handling\n\nThe driver currently assumes that the notify callback is only received\nwhen the device is done with all the queued buffers.\n\nHowever, this is not true, since the notify callback could be called\nwithout any of the queued buffers being completed (for example, with\nvirtio-pci and shared interrupts) or with only some of the buffers being\ncompleted (since the driver makes them available to the device in\nmultiple separate virtqueue_add_sgs() calls).\n\nThis can lead to incorrect data on the I2C bus or memory corruption in\nthe guest if the device operates on buffers which are have been freed by\nthe driver. (The WARN_ON in the driver is also triggered.)\n\n BUG kmalloc-128 (Tainted: G W ): Poison overwritten\n First byte 0x0 instead of 0x6b\n Allocated in i2cdev_ioctl_rdwr+0x9d/0x1de age=243 cpu=0 pid=28\n \tmemdup_user+0x2e/0xbd\n \ti2cdev_ioctl_rdwr+0x9d/0x1de\n \ti2cdev_ioctl+0x247/0x2ed\n \tvfs_ioctl+0x21/0x30\n \tsys_ioctl+0xb18/0xb41\n Freed in i2cdev_ioctl_rdwr+0x1bb/0x1de age=68 cpu=0 pid=28\n \tkfree+0x1bd/0x1cc\n \ti2cdev_ioctl_rdwr+0x1bb/0x1de\n \ti2cdev_ioctl+0x247/0x2ed\n \tvfs_ioctl+0x21/0x30\n \tsys_ioctl+0xb18/0xb41\n\nFix this by calling virtio_get_buf() from the notify handler like other\nvirtio drivers and by actually waiting for all the buffers to be\ncompleted."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:58:01.788Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/9cbb957441ed8873577d7d313a3d79d69f1dad5c"
},
{
"url": "https://git.kernel.org/stable/c/b503de239f62eca898cfb7e820d9a35499137d22"
}
],
"title": "i2c: virtio: fix completion handling",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47613",
"datePublished": "2024-06-19T14:58:01.788Z",
"dateReserved": "2024-06-19T14:55:32.795Z",
"dateUpdated": "2024-08-04T05:47:40.505Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47604
Vulnerability from cvelistv5
Published
2024-06-19 14:54
Modified
2024-08-04 05:47
Severity
Summary
vduse: check that offset is within bounds in get_config()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ebbbc5fea3f648175df1aa3f127c78eb0252cc2a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dc1db0060c02d119fd4196924eff2d1129e9a442"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/vdpa/vdpa_user/vduse_dev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ebbbc5fea3f6",
"status": "affected",
"version": "c8a6153b6c59",
"versionType": "git"
},
{
"lessThan": "dc1db0060c02",
"status": "affected",
"version": "c8a6153b6c59",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/vdpa/vdpa_user/vduse_dev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.15"
},
{
"lessThan": "5.15",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvduse: check that offset is within bounds in get_config()\n\nThis condition checks \"len\" but it does not check \"offset\" and that\ncould result in an out of bounds read if \"offset \u003e dev-\u003econfig_size\".\nThe problem is that since both variables are unsigned the\n\"dev-\u003econfig_size - offset\" subtraction would result in a very high\nunsigned value.\n\nI think these checks might not be necessary because \"len\" and \"offset\"\nare supposed to already have been validated using the\nvhost_vdpa_config_validate() function. But I do not know the code\nperfectly, and I like to be safe."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:54:03.664Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ebbbc5fea3f648175df1aa3f127c78eb0252cc2a"
},
{
"url": "https://git.kernel.org/stable/c/dc1db0060c02d119fd4196924eff2d1129e9a442"
}
],
"title": "vduse: check that offset is within bounds in get_config()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47604",
"datePublished": "2024-06-19T14:54:03.664Z",
"dateReserved": "2024-05-24T15:11:00.736Z",
"dateUpdated": "2024-08-04T05:47:40.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38568
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.654Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3669baf308308385a2ab391324abdde5682af5aa"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/be1fa711e59c874d049f592aef1d4685bdd22bdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b5120d322763c15c978bc47beb3b6dff45624304"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/aa2d3d678895c8eedd003f1473f87d3f06fe6ec7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/81bdd60a3d1d3b05e6cc6674845afb1694dd3a0e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/perf/hisilicon/hns3_pmu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3669baf30830",
"status": "affected",
"version": "66637ab137b4",
"versionType": "git"
},
{
"lessThan": "be1fa711e59c",
"status": "affected",
"version": "66637ab137b4",
"versionType": "git"
},
{
"lessThan": "b5120d322763",
"status": "affected",
"version": "66637ab137b4",
"versionType": "git"
},
{
"lessThan": "aa2d3d678895",
"status": "affected",
"version": "66637ab137b4",
"versionType": "git"
},
{
"lessThan": "81bdd60a3d1d",
"status": "affected",
"version": "66637ab137b4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/perf/hisilicon/hns3_pmu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"lessThan": "6.0",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/perf: hisi: hns3: Fix out-of-bound access when valid event group\n\nThe perf tool allows users to create event groups through following\ncmd [1], but the driver does not check whether the array index is out\nof bounds when writing data to the event_group array. If the number of\nevents in an event_group is greater than HNS3_PMU_MAX_HW_EVENTS, the\nmemory write overflow of event_group array occurs.\n\nAdd array index check to fix the possible array out of bounds violation,\nand return directly when write new events are written to array bounds.\n\nThere are 9 different events in an event_group.\n[1] perf stat -e \u0027{pmu/event1/, ... ,pmu/event9/}"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:14.357Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3669baf308308385a2ab391324abdde5682af5aa"
},
{
"url": "https://git.kernel.org/stable/c/be1fa711e59c874d049f592aef1d4685bdd22bdf"
},
{
"url": "https://git.kernel.org/stable/c/b5120d322763c15c978bc47beb3b6dff45624304"
},
{
"url": "https://git.kernel.org/stable/c/aa2d3d678895c8eedd003f1473f87d3f06fe6ec7"
},
{
"url": "https://git.kernel.org/stable/c/81bdd60a3d1d3b05e6cc6674845afb1694dd3a0e"
}
],
"title": "drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38568",
"datePublished": "2024-06-19T13:35:34.925Z",
"dateReserved": "2024-06-18T19:36:34.923Z",
"dateUpdated": "2024-08-02T04:12:25.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38610
Vulnerability from cvelistv5
Published
2024-06-19 13:56
Modified
2024-08-02 04:12
Severity
Summary
drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38610",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T18:14:59.732296Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T18:15:07.284Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.993Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5c6705aa47b5b78d7ad36fea832bb69caa5bf49a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/afeb0e69627695f759fc73c39c1640dbf8649b32"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e873f36ec890bece26ecce850e969917bceebbb6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4c4ba3cf3a15ccfbaf787d0296fa42cdb00da9b4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2c8d6e24930b8ef7d4a81787627c559ae0e0d3bb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3d6586008f7b638f91f3332602592caa8b00b559"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/virt/acrn/mm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5c6705aa47b5",
"status": "affected",
"version": "b9c43aa0b18d",
"versionType": "git"
},
{
"lessThan": "afeb0e696276",
"status": "affected",
"version": "8a6e85f75a83",
"versionType": "git"
},
{
"lessThan": "e873f36ec890",
"status": "affected",
"version": "8a6e85f75a83",
"versionType": "git"
},
{
"lessThan": "4c4ba3cf3a15",
"status": "affected",
"version": "8a6e85f75a83",
"versionType": "git"
},
{
"lessThan": "2c8d6e24930b",
"status": "affected",
"version": "8a6e85f75a83",
"versionType": "git"
},
{
"lessThan": "3d6586008f7b",
"status": "affected",
"version": "8a6e85f75a83",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/virt/acrn/mm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.18"
},
{
"lessThan": "5.18",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map()\n\nPatch series \"mm: follow_pte() improvements and acrn follow_pte() fixes\".\n\nPatch #1 fixes a bunch of issues I spotted in the acrn driver. It\ncompiles, that\u0027s all I know. I\u0027ll appreciate some review and testing from\nacrn folks.\n\nPatch #2+#3 improve follow_pte(), passing a VMA instead of the MM, adding\nmore sanity checks, and improving the documentation. Gave it a quick test\non x86-64 using VM_PAT that ends up using follow_pte().\n\n\nThis patch (of 3):\n\nWe currently miss handling various cases, resulting in a dangerous\nfollow_pte() (previously follow_pfn()) usage.\n\n(1) We\u0027re not checking PTE write permissions.\n\nMaybe we should simply always require pte_write() like we do for\npin_user_pages_fast(FOLL_WRITE)? Hard to tell, so let\u0027s check for\nACRN_MEM_ACCESS_WRITE for now.\n\n(2) We\u0027re not rejecting refcounted pages.\n\nAs we are not using MMU notifiers, messing with refcounted pages is\ndangerous and can result in use-after-free. Let\u0027s make sure to reject them.\n\n(3) We are only looking at the first PTE of a bigger range.\n\nWe only lookup a single PTE, but memmap-\u003elen may span a larger area.\nLet\u0027s loop over all involved PTEs and make sure the PFN range is\nactually contiguous. Reject everything else: it couldn\u0027t have worked\neither way, and rather made use access PFNs we shouldn\u0027t be accessing."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:01.613Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/5c6705aa47b5b78d7ad36fea832bb69caa5bf49a"
},
{
"url": "https://git.kernel.org/stable/c/afeb0e69627695f759fc73c39c1640dbf8649b32"
},
{
"url": "https://git.kernel.org/stable/c/e873f36ec890bece26ecce850e969917bceebbb6"
},
{
"url": "https://git.kernel.org/stable/c/4c4ba3cf3a15ccfbaf787d0296fa42cdb00da9b4"
},
{
"url": "https://git.kernel.org/stable/c/2c8d6e24930b8ef7d4a81787627c559ae0e0d3bb"
},
{
"url": "https://git.kernel.org/stable/c/3d6586008f7b638f91f3332602592caa8b00b559"
}
],
"title": "drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map()",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38610",
"datePublished": "2024-06-19T13:56:12.083Z",
"dateReserved": "2024-06-18T19:36:34.942Z",
"dateUpdated": "2024-08-02T04:12:25.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38541
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
of: module: add buffer overflow check in of_modalias()
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "0b0d5701a8bf",
"status": "affected",
"version": "bc575064d688",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "ee332023adfd",
"status": "affected",
"version": "bc575064d688",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "e45b69360a63",
"status": "affected",
"version": "bc575064d688",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "cf7385cb26ac",
"status": "affected",
"version": "bc575064d688",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "4.14"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "4.14",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.7",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.9",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.10",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unaffected",
"version": "6.10-rc1"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-38541",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-26T14:18:14.262373Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-26T14:31:31.776Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0b0d5701a8bf02f8fee037e81aacf6746558bfd6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ee332023adfd5882808f2dabf037b32d6ce36f9e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e45b69360a63165377b30db4a1dfddd89ca18e9a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cf7385cb26ac4f0ee6c7385960525ad534323252"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/of/module.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0b0d5701a8bf",
"status": "affected",
"version": "bc575064d688",
"versionType": "git"
},
{
"lessThan": "ee332023adfd",
"status": "affected",
"version": "bc575064d688",
"versionType": "git"
},
{
"lessThan": "e45b69360a63",
"status": "affected",
"version": "bc575064d688",
"versionType": "git"
},
{
"lessThan": "cf7385cb26ac",
"status": "affected",
"version": "bc575064d688",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/of/module.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.14"
},
{
"lessThan": "4.14",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: module: add buffer overflow check in of_modalias()\n\nIn of_modalias(), if the buffer happens to be too small even for the 1st\nsnprintf() call, the len parameter will become negative and str parameter\n(if not NULL initially) will point beyond the buffer\u0027s end. Add the buffer\noverflow check after the 1st snprintf() call and fix such check after the\nstrlen() call (accounting for the terminating NUL char)."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:42.441Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0b0d5701a8bf02f8fee037e81aacf6746558bfd6"
},
{
"url": "https://git.kernel.org/stable/c/ee332023adfd5882808f2dabf037b32d6ce36f9e"
},
{
"url": "https://git.kernel.org/stable/c/e45b69360a63165377b30db4a1dfddd89ca18e9a"
},
{
"url": "https://git.kernel.org/stable/c/cf7385cb26ac4f0ee6c7385960525ad534323252"
}
],
"title": "of: module: add buffer overflow check in of_modalias()",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38541",
"datePublished": "2024-06-19T13:35:16.637Z",
"dateReserved": "2024-06-18T19:36:34.919Z",
"dateUpdated": "2024-08-02T04:12:25.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38606
Vulnerability from cvelistv5
Published
2024-06-19 13:48
Modified
2024-08-02 04:12
Severity
Summary
crypto: qat - validate slices count returned by FW
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38606",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T18:15:45.557603Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T18:15:53.748Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e57ed345e2e6043629fc74aa5be051415dcc4f77"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9b284b915e2a5e63ca133353f8c456eff4446f82"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/483fd65ce29317044d1d00757e3fd23503b6b04c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/crypto/intel/qat/qat_common/adf_gen4_tl.c",
"drivers/crypto/intel/qat/qat_common/adf_telemetry.c",
"drivers/crypto/intel/qat/qat_common/adf_telemetry.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e57ed345e2e6",
"status": "affected",
"version": "69e7649f7cc2",
"versionType": "git"
},
{
"lessThan": "9b284b915e2a",
"status": "affected",
"version": "69e7649f7cc2",
"versionType": "git"
},
{
"lessThan": "483fd65ce293",
"status": "affected",
"version": "69e7649f7cc2",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/crypto/intel/qat/qat_common/adf_gen4_tl.c",
"drivers/crypto/intel/qat/qat_common/adf_telemetry.c",
"drivers/crypto/intel/qat/qat_common/adf_telemetry.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - validate slices count returned by FW\n\nThe function adf_send_admin_tl_start() enables the telemetry (TL)\nfeature on a QAT device by sending the ICP_QAT_FW_TL_START message to\nthe firmware. This triggers the FW to start writing TL data to a DMA\nbuffer in memory and returns an array containing the number of\naccelerators of each type (slices) supported by this HW.\nThe pointer to this array is stored in the adf_tl_hw_data data\nstructure called slice_cnt.\n\nThe array slice_cnt is then used in the function tl_print_dev_data()\nto report in debugfs only statistics about the supported accelerators.\nAn incorrect value of the elements in slice_cnt might lead to an out\nof bounds memory read.\nAt the moment, there isn\u0027t an implementation of FW that returns a wrong\nvalue, but for robustness validate the slice count array returned by FW."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:56.812Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e57ed345e2e6043629fc74aa5be051415dcc4f77"
},
{
"url": "https://git.kernel.org/stable/c/9b284b915e2a5e63ca133353f8c456eff4446f82"
},
{
"url": "https://git.kernel.org/stable/c/483fd65ce29317044d1d00757e3fd23503b6b04c"
}
],
"title": "crypto: qat - validate slices count returned by FW",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38606",
"datePublished": "2024-06-19T13:48:16.428Z",
"dateReserved": "2024-06-18T19:36:34.935Z",
"dateUpdated": "2024-08-02T04:12:25.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38543
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1a21fdeea502658e315bd939409b755974f4fb64"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/65e528a69cb3ed4a286c45b4afba57461c8b5b33"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ce47e8ead9a72834cc68431d53f8092ce69bebb7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3b20d18f475bd17309db640dbe7d7c7ebb5bc2bc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c2af060d1c18beaec56351cf9c9bcbbc5af341a3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"lib/test_hmm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "1a21fdeea502",
"status": "affected",
"version": "b2ef9f5a5cb3",
"versionType": "git"
},
{
"lessThan": "65e528a69cb3",
"status": "affected",
"version": "b2ef9f5a5cb3",
"versionType": "git"
},
{
"lessThan": "ce47e8ead9a7",
"status": "affected",
"version": "b2ef9f5a5cb3",
"versionType": "git"
},
{
"lessThan": "3b20d18f475b",
"status": "affected",
"version": "b2ef9f5a5cb3",
"versionType": "git"
},
{
"lessThan": "c2af060d1c18",
"status": "affected",
"version": "b2ef9f5a5cb3",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"lib/test_hmm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.8"
},
{
"lessThan": "5.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib/test_hmm.c: handle src_pfns and dst_pfns allocation failure\n\nThe kcalloc() in dmirror_device_evict_chunk() will return null if the\nphysical memory has run out. As a result, if src_pfns or dst_pfns is\ndereferenced, the null pointer dereference bug will happen.\n\nMoreover, the device is going away. If the kcalloc() fails, the pages\nmapping a chunk could not be evicted. So add a __GFP_NOFAIL flag in\nkcalloc().\n\nFinally, as there is no need to have physically contiguous memory, Switch\nkcalloc() to kvcalloc() in order to avoid failing allocations."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:44.748Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/1a21fdeea502658e315bd939409b755974f4fb64"
},
{
"url": "https://git.kernel.org/stable/c/65e528a69cb3ed4a286c45b4afba57461c8b5b33"
},
{
"url": "https://git.kernel.org/stable/c/ce47e8ead9a72834cc68431d53f8092ce69bebb7"
},
{
"url": "https://git.kernel.org/stable/c/3b20d18f475bd17309db640dbe7d7c7ebb5bc2bc"
},
{
"url": "https://git.kernel.org/stable/c/c2af060d1c18beaec56351cf9c9bcbbc5af341a3"
}
],
"title": "lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38543",
"datePublished": "2024-06-19T13:35:17.994Z",
"dateReserved": "2024-06-18T19:36:34.919Z",
"dateUpdated": "2024-08-02T04:12:25.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47602
Vulnerability from cvelistv5
Published
2024-06-19 14:54
Modified
2024-08-04 05:47
Severity
Summary
mac80211: track only QoS data frames for admission control
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47602",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T16:20:59.442074Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T16:21:10.120Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/69f054d6642c8f6173724ce17e7ee3ff66b8f682"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/46b9e29db2012a4d2a40a26101862e002ccf387b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/eed897a22230e3231a740eddd7d6d95ba476625f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/42d08e97b196479f593499e887a9ab81446a34b9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d5e568c3a4ec2ddd23e7dc5ad5b0c64e4f22981a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/mac80211/mlme.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "69f054d6642c",
"status": "affected",
"version": "02219b3abca5",
"versionType": "git"
},
{
"lessThan": "46b9e29db201",
"status": "affected",
"version": "02219b3abca5",
"versionType": "git"
},
{
"lessThan": "eed897a22230",
"status": "affected",
"version": "02219b3abca5",
"versionType": "git"
},
{
"lessThan": "42d08e97b196",
"status": "affected",
"version": "02219b3abca5",
"versionType": "git"
},
{
"lessThan": "d5e568c3a4ec",
"status": "affected",
"version": "02219b3abca5",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/mac80211/mlme.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.19"
},
{
"lessThan": "3.19",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.222",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.168",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac80211: track only QoS data frames for admission control\n\nFor admission control, obviously all of that only works for\nQoS data frames, otherwise we cannot even access the QoS\nfield in the header.\n\nSyzbot reported (see below) an uninitialized value here due\nto a status of a non-QoS nullfunc packet, which isn\u0027t even\nlong enough to contain the QoS header.\n\nFix this to only do anything for QoS data packets."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:54:02.310Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/69f054d6642c8f6173724ce17e7ee3ff66b8f682"
},
{
"url": "https://git.kernel.org/stable/c/46b9e29db2012a4d2a40a26101862e002ccf387b"
},
{
"url": "https://git.kernel.org/stable/c/eed897a22230e3231a740eddd7d6d95ba476625f"
},
{
"url": "https://git.kernel.org/stable/c/42d08e97b196479f593499e887a9ab81446a34b9"
},
{
"url": "https://git.kernel.org/stable/c/d5e568c3a4ec2ddd23e7dc5ad5b0c64e4f22981a"
}
],
"title": "mac80211: track only QoS data frames for admission control",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47602",
"datePublished": "2024-06-19T14:54:02.310Z",
"dateReserved": "2024-05-24T15:11:00.736Z",
"dateUpdated": "2024-08-04T05:47:40.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47598
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:47
Severity
Summary
sch_cake: do not call cake_destroy() from cake_init()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:39.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4e388232e630ebe4f94b4a0715ec98c0e2b314a3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0d80462fbdcafd536dcad7569e65d3d14a7e9f2f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/20ad1ef02f9ad5e1dda9eeb113e4c158b4806986"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f6deae2e2d83bd267e1986f5d71d8c458e18fd99"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ab443c53916730862cec202078d36fd4008bea79"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/sched/sch_cake.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "4e388232e630",
"status": "affected",
"version": "046f6fd5daef",
"versionType": "git"
},
{
"lessThan": "0d80462fbdca",
"status": "affected",
"version": "046f6fd5daef",
"versionType": "git"
},
{
"lessThan": "20ad1ef02f9a",
"status": "affected",
"version": "046f6fd5daef",
"versionType": "git"
},
{
"lessThan": "f6deae2e2d83",
"status": "affected",
"version": "046f6fd5daef",
"versionType": "git"
},
{
"lessThan": "ab443c539167",
"status": "affected",
"version": "046f6fd5daef",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/sched/sch_cake.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.19"
},
{
"lessThan": "4.19",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.222",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.168",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_cake: do not call cake_destroy() from cake_init()\n\nqdiscs are not supposed to call their own destroy() method\nfrom init(), because core stack already does that.\n\nsyzbot was able to trigger use after free:\n\nDEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock_common kernel/locking/mutex.c:586 [inline]\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nModules linked in:\nCPU: 0 PID: 21902 Comm: syz-executor189 Not tainted 5.16.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:__mutex_lock_common kernel/locking/mutex.c:586 [inline]\nRIP: 0010:__mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nCode: 08 84 d2 0f 85 19 08 00 00 8b 05 97 38 4b 04 85 c0 0f 85 27 f7 ff ff 48 c7 c6 20 00 ac 89 48 c7 c7 a0 fe ab 89 e8 bf 76 ba ff \u003c0f\u003e 0b e9 0d f7 ff ff 48 8b 44 24 40 48 8d b8 c8 08 00 00 48 89 f8\nRSP: 0018:ffffc9000627f290 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: ffff88802315d700 RSI: ffffffff815f1db8 RDI: fffff52000c4fe44\nRBP: ffff88818f28e000 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff815ebb5e R11: 0000000000000000 R12: 0000000000000000\nR13: dffffc0000000000 R14: ffffc9000627f458 R15: 0000000093c30000\nFS: 0000555556abc400(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fda689c3303 CR3: 000000001cfbb000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n tcf_chain0_head_change_cb_del+0x2e/0x3d0 net/sched/cls_api.c:810\n tcf_block_put_ext net/sched/cls_api.c:1381 [inline]\n tcf_block_put_ext net/sched/cls_api.c:1376 [inline]\n tcf_block_put+0xbc/0x130 net/sched/cls_api.c:1394\n cake_destroy+0x3f/0x80 net/sched/sch_cake.c:2695\n qdisc_create.constprop.0+0x9da/0x10f0 net/sched/sch_api.c:1293\n tc_modify_qdisc+0x4c5/0x1980 net/sched/sch_api.c:1660\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5571\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2496\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x904/0xdf0 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2463\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f1bb06badb9\nCode: Unable to access opcode bytes at RIP 0x7f1bb06bad8f.\nRSP: 002b:00007fff3012a658 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1bb06badb9\nRDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000003\nR10: 0000000000000003 R11: 0000000000000246 R12: 00007fff3012a688\nR13: 00007fff3012a6a0 R14: 00007fff3012a6e0 R15: 00000000000013c2\n \u003c/TASK\u003e"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:59.549Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/4e388232e630ebe4f94b4a0715ec98c0e2b314a3"
},
{
"url": "https://git.kernel.org/stable/c/0d80462fbdcafd536dcad7569e65d3d14a7e9f2f"
},
{
"url": "https://git.kernel.org/stable/c/20ad1ef02f9ad5e1dda9eeb113e4c158b4806986"
},
{
"url": "https://git.kernel.org/stable/c/f6deae2e2d83bd267e1986f5d71d8c458e18fd99"
},
{
"url": "https://git.kernel.org/stable/c/ab443c53916730862cec202078d36fd4008bea79"
}
],
"title": "sch_cake: do not call cake_destroy() from cake_init()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47598",
"datePublished": "2024-06-19T14:53:59.549Z",
"dateReserved": "2024-05-24T15:11:00.734Z",
"dateUpdated": "2024-08-04T05:47:39.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38591
Vulnerability from cvelistv5
Published
2024-06-19 13:45
Modified
2024-08-02 04:12
Severity
Summary
RDMA/hns: Fix deadlock on SRQ async events.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38591",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T19:45:07.375809Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T19:45:15.804Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4a3be1a0ffe04c085dd7f79be97c91b0c786df3d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/756ddbe665ea7f9416951bd76731b174d136eea0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/22c915af31bd84ffaa46145e317f53333f94a868"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/72dc542f0d8977e7d41d610db6bb65c47cad43e9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d271e66abac5c7eb8de345b9b44d89f777437a4c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b46494b6f9c19f141114a57729e198698f40af37"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/hns/hns_roce_main.c",
"drivers/infiniband/hw/hns/hns_roce_srq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "4a3be1a0ffe0",
"status": "affected",
"version": "81fce6291d99",
"versionType": "git"
},
{
"lessThan": "756ddbe665ea",
"status": "affected",
"version": "81fce6291d99",
"versionType": "git"
},
{
"lessThan": "22c915af31bd",
"status": "affected",
"version": "81fce6291d99",
"versionType": "git"
},
{
"lessThan": "72dc542f0d89",
"status": "affected",
"version": "81fce6291d99",
"versionType": "git"
},
{
"lessThan": "d271e66abac5",
"status": "affected",
"version": "81fce6291d99",
"versionType": "git"
},
{
"lessThan": "b46494b6f9c1",
"status": "affected",
"version": "81fce6291d99",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/hns/hns_roce_main.c",
"drivers/infiniband/hw/hns/hns_roce_srq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"lessThan": "5.0",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix deadlock on SRQ async events.\n\nxa_lock for SRQ table may be required in AEQ. Use xa_store_irq()/\nxa_erase_irq() to avoid deadlock."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:39.040Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/4a3be1a0ffe04c085dd7f79be97c91b0c786df3d"
},
{
"url": "https://git.kernel.org/stable/c/756ddbe665ea7f9416951bd76731b174d136eea0"
},
{
"url": "https://git.kernel.org/stable/c/22c915af31bd84ffaa46145e317f53333f94a868"
},
{
"url": "https://git.kernel.org/stable/c/72dc542f0d8977e7d41d610db6bb65c47cad43e9"
},
{
"url": "https://git.kernel.org/stable/c/d271e66abac5c7eb8de345b9b44d89f777437a4c"
},
{
"url": "https://git.kernel.org/stable/c/b46494b6f9c19f141114a57729e198698f40af37"
}
],
"title": "RDMA/hns: Fix deadlock on SRQ async events.",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38591",
"datePublished": "2024-06-19T13:45:42.701Z",
"dateReserved": "2024-06-18T19:36:34.930Z",
"dateUpdated": "2024-08-02T04:12:25.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47579
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:39
Severity
Summary
ovl: fix warning in ovl_create_real()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:39:59.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/445d2dc63e5871d218f21b8f62ab29ac72f2e6b8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f9f300a92297be8250547347fd52216ef0177ae0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6859985a2fbda5d1586bf44538853e1be69e85f7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d2ccdd4e4efab06178608a34d7bfb20a54104c02"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1f5573cfe7a7056e80a92c7a037a3e69f3a13d1c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/overlayfs/dir.c",
"fs/overlayfs/overlayfs.h",
"fs/overlayfs/super.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "445d2dc63e58",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "f9f300a92297",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "6859985a2fbd",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "d2ccdd4e4efa",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "1f5573cfe7a7",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/overlayfs/dir.c",
"fs/overlayfs/overlayfs.h",
"fs/overlayfs/super.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.222",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.168",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix warning in ovl_create_real()\n\nSyzbot triggered the following warning in ovl_workdir_create() -\u003e\novl_create_real():\n\n\tif (!err \u0026\u0026 WARN_ON(!newdentry-\u003ed_inode)) {\n\nThe reason is that the cgroup2 filesystem returns from mkdir without\ninstantiating the new dentry.\n\nWeird filesystems such as this will be rejected by overlayfs at a later\nstage during setup, but to prevent such a warning, call ovl_mkdir_real()\ndirectly from ovl_workdir_create() and reject this case early."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:46.750Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/445d2dc63e5871d218f21b8f62ab29ac72f2e6b8"
},
{
"url": "https://git.kernel.org/stable/c/f9f300a92297be8250547347fd52216ef0177ae0"
},
{
"url": "https://git.kernel.org/stable/c/6859985a2fbda5d1586bf44538853e1be69e85f7"
},
{
"url": "https://git.kernel.org/stable/c/d2ccdd4e4efab06178608a34d7bfb20a54104c02"
},
{
"url": "https://git.kernel.org/stable/c/1f5573cfe7a7056e80a92c7a037a3e69f3a13d1c"
}
],
"title": "ovl: fix warning in ovl_create_real()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47579",
"datePublished": "2024-06-19T14:53:46.750Z",
"dateReserved": "2024-05-24T15:11:00.730Z",
"dateUpdated": "2024-08-04T05:39:59.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38598
Vulnerability from cvelistv5
Published
2024-06-19 13:45
Modified
2024-08-02 04:12
Severity
Summary
md: fix resync softlockup when bitmap size is less than array size
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d4b9c764d48fa41caa24cfb4275f3aa9fb4bd798"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/43771597feba89a839c5f893716df88ae5c237ce"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3f5b73ef8fd6268cbc968b308d8eafe56fda97f3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/69296914bfd508c85935bf5f711cad9b0fe78492"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/71e8e4f288e74a896b6d9cd194f3bab12bd7a10f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c9566b812c8f66160466cc1e29df6d3646add0b1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5817f43ae1a118855676f57ef7ab50e37eac7482"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8bbc71315e0ae4bb7e37f8d43b915e1cb01a481b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f0e729af2eb6bee9eb58c4df1087f14ebaefe26b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/md/md-bitmap.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d4b9c764d48f",
"status": "affected",
"version": "374fb914304d",
"versionType": "git"
},
{
"lessThan": "43771597feba",
"status": "affected",
"version": "b0b971fe7d61",
"versionType": "git"
},
{
"lessThan": "3f5b73ef8fd6",
"status": "affected",
"version": "39fa14e824ac",
"versionType": "git"
},
{
"lessThan": "69296914bfd5",
"status": "affected",
"version": "a134dd582c0d",
"versionType": "git"
},
{
"lessThan": "71e8e4f288e7",
"status": "affected",
"version": "be1a3ec63a84",
"versionType": "git"
},
{
"lessThan": "c9566b812c8f",
"status": "affected",
"version": "301867b1c168",
"versionType": "git"
},
{
"lessThan": "5817f43ae1a1",
"status": "affected",
"version": "301867b1c168",
"versionType": "git"
},
{
"lessThan": "8bbc71315e0a",
"status": "affected",
"version": "301867b1c168",
"versionType": "git"
},
{
"lessThan": "f0e729af2eb6",
"status": "affected",
"version": "301867b1c168",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/md/md-bitmap.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.5"
},
{
"lessThan": "6.5",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix resync softlockup when bitmap size is less than array size\n\nIs is reported that for dm-raid10, lvextend + lvchange --syncaction will\ntrigger following softlockup:\n\nkernel:watchdog: BUG: soft lockup - CPU#3 stuck for 26s! [mdX_resync:6976]\nCPU: 7 PID: 3588 Comm: mdX_resync Kdump: loaded Not tainted 6.9.0-rc4-next-20240419 #1\nRIP: 0010:_raw_spin_unlock_irq+0x13/0x30\nCall Trace:\n \u003cTASK\u003e\n md_bitmap_start_sync+0x6b/0xf0\n raid10_sync_request+0x25c/0x1b40 [raid10]\n md_do_sync+0x64b/0x1020\n md_thread+0xa7/0x170\n kthread+0xcf/0x100\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1a/0x30\n\nAnd the detailed process is as follows:\n\nmd_do_sync\n j = mddev-\u003eresync_min\n while (j \u003c max_sectors)\n sectors = raid10_sync_request(mddev, j, \u0026skipped)\n if (!md_bitmap_start_sync(..., \u0026sync_blocks))\n // md_bitmap_start_sync set sync_blocks to 0\n return sync_blocks + sectors_skippe;\n // sectors = 0;\n j += sectors;\n // j never change\n\nRoot cause is that commit 301867b1c168 (\"md/raid10: check\nslab-out-of-bounds in md_bitmap_get_counter\") return early from\nmd_bitmap_get_counter(), without setting returned blocks.\n\nFix this problem by always set returned blocks from\nmd_bitmap_get_counter\"(), as it used to be.\n\nNoted that this patch just fix the softlockup problem in kernel, the\ncase that bitmap size doesn\u0027t match array size still need to be fixed."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:47.356Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d4b9c764d48fa41caa24cfb4275f3aa9fb4bd798"
},
{
"url": "https://git.kernel.org/stable/c/43771597feba89a839c5f893716df88ae5c237ce"
},
{
"url": "https://git.kernel.org/stable/c/3f5b73ef8fd6268cbc968b308d8eafe56fda97f3"
},
{
"url": "https://git.kernel.org/stable/c/69296914bfd508c85935bf5f711cad9b0fe78492"
},
{
"url": "https://git.kernel.org/stable/c/71e8e4f288e74a896b6d9cd194f3bab12bd7a10f"
},
{
"url": "https://git.kernel.org/stable/c/c9566b812c8f66160466cc1e29df6d3646add0b1"
},
{
"url": "https://git.kernel.org/stable/c/5817f43ae1a118855676f57ef7ab50e37eac7482"
},
{
"url": "https://git.kernel.org/stable/c/8bbc71315e0ae4bb7e37f8d43b915e1cb01a481b"
},
{
"url": "https://git.kernel.org/stable/c/f0e729af2eb6bee9eb58c4df1087f14ebaefe26b"
}
],
"title": "md: fix resync softlockup when bitmap size is less than array size",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38598",
"datePublished": "2024-06-19T13:45:47.309Z",
"dateReserved": "2024-06-18T19:36:34.932Z",
"dateUpdated": "2024-08-02T04:12:26.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38571
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
thermal/drivers/tsens: Fix null pointer dereference
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.873Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/27600e0c5272a262b0903e35ae1df37d33c5c1ad"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/11c731386ed82053c2759b6fea1a82ae946e5e0f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2d5ca6e4a2872e92a32fdfd87e04dd7d3ced7278"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/06d17744b77bc6cb29a6c785f4fad8c4163ee653"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fcf5f1b5f308f2eb422f6aca55d295b25890906b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d998ddc86a27c92140b9f7984ff41e3d1d07a48f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/thermal/qcom/tsens.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "27600e0c5272",
"status": "affected",
"version": "dfc1193d4dbd",
"versionType": "git"
},
{
"lessThan": "11c731386ed8",
"status": "affected",
"version": "dfc1193d4dbd",
"versionType": "git"
},
{
"lessThan": "2d5ca6e4a287",
"status": "affected",
"version": "dfc1193d4dbd",
"versionType": "git"
},
{
"lessThan": "06d17744b77b",
"status": "affected",
"version": "dfc1193d4dbd",
"versionType": "git"
},
{
"lessThan": "fcf5f1b5f308",
"status": "affected",
"version": "dfc1193d4dbd",
"versionType": "git"
},
{
"lessThan": "d998ddc86a27",
"status": "affected",
"version": "dfc1193d4dbd",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/thermal/qcom/tsens.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.13"
},
{
"lessThan": "5.13",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal/drivers/tsens: Fix null pointer dereference\n\ncompute_intercept_slope() is called from calibrate_8960() (in tsens-8960.c)\nas compute_intercept_slope(priv, p1, NULL, ONE_PT_CALIB) which lead to null\npointer dereference (if DEBUG or DYNAMIC_DEBUG set).\nFix this bug by adding null pointer check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:17.926Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/27600e0c5272a262b0903e35ae1df37d33c5c1ad"
},
{
"url": "https://git.kernel.org/stable/c/11c731386ed82053c2759b6fea1a82ae946e5e0f"
},
{
"url": "https://git.kernel.org/stable/c/2d5ca6e4a2872e92a32fdfd87e04dd7d3ced7278"
},
{
"url": "https://git.kernel.org/stable/c/06d17744b77bc6cb29a6c785f4fad8c4163ee653"
},
{
"url": "https://git.kernel.org/stable/c/fcf5f1b5f308f2eb422f6aca55d295b25890906b"
},
{
"url": "https://git.kernel.org/stable/c/d998ddc86a27c92140b9f7984ff41e3d1d07a48f"
}
],
"title": "thermal/drivers/tsens: Fix null pointer dereference",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38571",
"datePublished": "2024-06-19T13:35:36.981Z",
"dateReserved": "2024-06-18T19:36:34.923Z",
"dateUpdated": "2024-08-02T04:12:25.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38607
Vulnerability from cvelistv5
Published
2024-06-19 13:48
Modified
2024-08-02 04:12
Severity
Summary
macintosh/via-macii: Fix "BUG: sleeping function called from invalid context"
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e4ff8bcfb2841fe4e17e5901578b632adb89036d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1e9c3f2caec548cfa7a65416ec4e6006e542f18e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/280619bbdeac186fb320fab3d61122d2a085def8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/010d4cb19bb13f423e3e746b824f314a9bf3e9a9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/787fb79efc15b3b86442ecf079b8148f173376d7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d43a8c7ec0841e0ff91a968770aeca83f0fd4c56"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5900a88e897e6deb1bdce09ee34167a81c2da89d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2907d409ce5946390f513976f0454888d37d1058"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d301a71c76ee4c384b4e03cdc320a55f5cf1df05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/macintosh/via-macii.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e4ff8bcfb284",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "1e9c3f2caec5",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "280619bbdeac",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "010d4cb19bb1",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "787fb79efc15",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "d43a8c7ec084",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "5900a88e897e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "2907d409ce59",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "d301a71c76ee",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/macintosh/via-macii.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.12"
},
{
"lessThan": "2.6.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmacintosh/via-macii: Fix \"BUG: sleeping function called from invalid context\"\n\nThe via-macii ADB driver calls request_irq() after disabling hard\ninterrupts. But disabling interrupts isn\u0027t necessary here because the\nVIA shift register interrupt was masked during VIA1 initialization."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:57.941Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e4ff8bcfb2841fe4e17e5901578b632adb89036d"
},
{
"url": "https://git.kernel.org/stable/c/1e9c3f2caec548cfa7a65416ec4e6006e542f18e"
},
{
"url": "https://git.kernel.org/stable/c/280619bbdeac186fb320fab3d61122d2a085def8"
},
{
"url": "https://git.kernel.org/stable/c/010d4cb19bb13f423e3e746b824f314a9bf3e9a9"
},
{
"url": "https://git.kernel.org/stable/c/787fb79efc15b3b86442ecf079b8148f173376d7"
},
{
"url": "https://git.kernel.org/stable/c/d43a8c7ec0841e0ff91a968770aeca83f0fd4c56"
},
{
"url": "https://git.kernel.org/stable/c/5900a88e897e6deb1bdce09ee34167a81c2da89d"
},
{
"url": "https://git.kernel.org/stable/c/2907d409ce5946390f513976f0454888d37d1058"
},
{
"url": "https://git.kernel.org/stable/c/d301a71c76ee4c384b4e03cdc320a55f5cf1df05"
}
],
"title": "macintosh/via-macii: Fix \"BUG: sleeping function called from invalid context\"",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38607",
"datePublished": "2024-06-19T13:48:17.096Z",
"dateReserved": "2024-06-18T19:36:34.941Z",
"dateUpdated": "2024-08-02T04:12:26.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47575
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2024-06-20T08:25:08.645Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"rejectedReasons": [
{
"lang": "en",
"value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47575",
"datePublished": "2024-06-19T14:53:44.058Z",
"dateRejected": "2024-06-20T08:25:08.645Z",
"dateReserved": "2024-05-24T15:11:00.729Z",
"dateUpdated": "2024-06-20T08:25:08.645Z",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38596
Vulnerability from cvelistv5
Published
2024-06-19 13:45
Modified
2024-08-02 04:12
Severity
Summary
af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.062Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fca6072e1a7b1e709ada5604b951513b89b4bd0a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/de6641d213373fbde9bbdd7c4b552254bc9f82fe"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4d51845d734a4c5d079e56e0916f936a55e15055"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9aa8773abfa0e954136875b4cbf2df4cf638e8a5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8299e4d778f664b31b67cf4cf3d5409de2ecb92c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0688d4e499bee3f2749bca27329bd128686230cb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a4c88072abcaca593cefe70f90e9d3707526e8f9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a52fa2addfcccc2c5a0217fd45562605088c018b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/540bf24fba16b88c1b3b9353927204b4f1074e25"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/unix/af_unix.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "fca6072e1a7b",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "de6641d21337",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "4d51845d734a",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "9aa8773abfa0",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "8299e4d778f6",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "0688d4e499be",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "a4c88072abca",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "a52fa2addfcc",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "540bf24fba16",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/unix/af_unix.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.12"
},
{
"lessThan": "2.6.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Fix data races in unix_release_sock/unix_stream_sendmsg\n\nA data-race condition has been identified in af_unix. In one data path,\nthe write function unix_release_sock() atomically writes to\nsk-\u003esk_shutdown using WRITE_ONCE. However, on the reader side,\nunix_stream_sendmsg() does not read it atomically. Consequently, this\nissue is causing the following KCSAN splat to occur:\n\n\tBUG: KCSAN: data-race in unix_release_sock / unix_stream_sendmsg\n\n\twrite (marked) to 0xffff88867256ddbb of 1 bytes by task 7270 on cpu 28:\n\tunix_release_sock (net/unix/af_unix.c:640)\n\tunix_release (net/unix/af_unix.c:1050)\n\tsock_close (net/socket.c:659 net/socket.c:1421)\n\t__fput (fs/file_table.c:422)\n\t__fput_sync (fs/file_table.c:508)\n\t__se_sys_close (fs/open.c:1559 fs/open.c:1541)\n\t__x64_sys_close (fs/open.c:1541)\n\tx64_sys_call (arch/x86/entry/syscall_64.c:33)\n\tdo_syscall_64 (arch/x86/entry/common.c:?)\n\tentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\n\tread to 0xffff88867256ddbb of 1 bytes by task 989 on cpu 14:\n\tunix_stream_sendmsg (net/unix/af_unix.c:2273)\n\t__sock_sendmsg (net/socket.c:730 net/socket.c:745)\n\t____sys_sendmsg (net/socket.c:2584)\n\t__sys_sendmmsg (net/socket.c:2638 net/socket.c:2724)\n\t__x64_sys_sendmmsg (net/socket.c:2753 net/socket.c:2750 net/socket.c:2750)\n\tx64_sys_call (arch/x86/entry/syscall_64.c:33)\n\tdo_syscall_64 (arch/x86/entry/common.c:?)\n\tentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\n\tvalue changed: 0x01 -\u003e 0x03\n\nThe line numbers are related to commit dd5a440a31fa (\"Linux 6.9-rc7\").\n\nCommit e1d09c2c2f57 (\"af_unix: Fix data races around sk-\u003esk_shutdown.\")\naddressed a comparable issue in the past regarding sk-\u003esk_shutdown.\nHowever, it overlooked resolving this particular data path.\nThis patch only offending unix_stream_sendmsg() function, since the\nother reads seem to be protected by unix_state_lock() as discussed in"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:48:44.930Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/fca6072e1a7b1e709ada5604b951513b89b4bd0a"
},
{
"url": "https://git.kernel.org/stable/c/de6641d213373fbde9bbdd7c4b552254bc9f82fe"
},
{
"url": "https://git.kernel.org/stable/c/4d51845d734a4c5d079e56e0916f936a55e15055"
},
{
"url": "https://git.kernel.org/stable/c/9aa8773abfa0e954136875b4cbf2df4cf638e8a5"
},
{
"url": "https://git.kernel.org/stable/c/8299e4d778f664b31b67cf4cf3d5409de2ecb92c"
},
{
"url": "https://git.kernel.org/stable/c/0688d4e499bee3f2749bca27329bd128686230cb"
},
{
"url": "https://git.kernel.org/stable/c/a4c88072abcaca593cefe70f90e9d3707526e8f9"
},
{
"url": "https://git.kernel.org/stable/c/a52fa2addfcccc2c5a0217fd45562605088c018b"
},
{
"url": "https://git.kernel.org/stable/c/540bf24fba16b88c1b3b9353927204b4f1074e25"
}
],
"title": "af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38596",
"datePublished": "2024-06-19T13:45:45.984Z",
"dateReserved": "2024-06-18T19:36:34.931Z",
"dateUpdated": "2024-08-02T04:12:26.062Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47576
Vulnerability from cvelistv5
Published
2024-06-19 14:53
Modified
2024-08-04 05:39
Severity
Summary
scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:39:59.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/adcecd50da6cab7b4957cba0606771dcc846c5a9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/90491283b4064220682e4b0687d07b05df01e3bf"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/04181973c38f3d6a353f9246dcf7fee08024fd9e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b847ecff850719c46c95acd25a0d555dfd16e10d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a9078e791426c2cbbdf28a320c3670f6e0a611e6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dfc3fff63793c571147930b13c0f8c689c4281ac"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e0a2c28da11e2c2b963fc01d50acbf03045ac732"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/scsi/scsi_debug.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "adcecd50da6c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "90491283b406",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "04181973c38f",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "b847ecff8507",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "a9078e791426",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "dfc3fff63793",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "e0a2c28da11e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/scsi/scsi_debug.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.294",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.259",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.222",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.168",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: scsi_debug: Sanity check block descriptor length in resp_mode_select()\n\nIn resp_mode_select() sanity check the block descriptor len to avoid UAF.\n\nBUG: KASAN: use-after-free in resp_mode_select+0xa4c/0xb40 drivers/scsi/scsi_debug.c:2509\nRead of size 1 at addr ffff888026670f50 by task scsicmd/15032\n\nCPU: 1 PID: 15032 Comm: scsicmd Not tainted 5.15.0-01d0625 #15\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x89/0xb5 lib/dump_stack.c:107\n print_address_description.constprop.9+0x28/0x160 mm/kasan/report.c:257\n kasan_report.cold.14+0x7d/0x117 mm/kasan/report.c:443\n __asan_report_load1_noabort+0x14/0x20 mm/kasan/report_generic.c:306\n resp_mode_select+0xa4c/0xb40 drivers/scsi/scsi_debug.c:2509\n schedule_resp+0x4af/0x1a10 drivers/scsi/scsi_debug.c:5483\n scsi_debug_queuecommand+0x8c9/0x1e70 drivers/scsi/scsi_debug.c:7537\n scsi_queue_rq+0x16b4/0x2d10 drivers/scsi/scsi_lib.c:1521\n blk_mq_dispatch_rq_list+0xb9b/0x2700 block/blk-mq.c:1640\n __blk_mq_sched_dispatch_requests+0x28f/0x590 block/blk-mq-sched.c:325\n blk_mq_sched_dispatch_requests+0x105/0x190 block/blk-mq-sched.c:358\n __blk_mq_run_hw_queue+0xe5/0x150 block/blk-mq.c:1762\n __blk_mq_delay_run_hw_queue+0x4f8/0x5c0 block/blk-mq.c:1839\n blk_mq_run_hw_queue+0x18d/0x350 block/blk-mq.c:1891\n blk_mq_sched_insert_request+0x3db/0x4e0 block/blk-mq-sched.c:474\n blk_execute_rq_nowait+0x16b/0x1c0 block/blk-exec.c:63\n sg_common_write.isra.18+0xeb3/0x2000 drivers/scsi/sg.c:837\n sg_new_write.isra.19+0x570/0x8c0 drivers/scsi/sg.c:775\n sg_ioctl_common+0x14d6/0x2710 drivers/scsi/sg.c:941\n sg_ioctl+0xa2/0x180 drivers/scsi/sg.c:1166\n __x64_sys_ioctl+0x19d/0x220 fs/ioctl.c:52\n do_syscall_64+0x3a/0x80 arch/x86/entry/common.c:50\n entry_SYSCALL_64_after_hwframe+0x44/0xae arch/x86/entry/entry_64.S:113"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:53:44.725Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/adcecd50da6cab7b4957cba0606771dcc846c5a9"
},
{
"url": "https://git.kernel.org/stable/c/90491283b4064220682e4b0687d07b05df01e3bf"
},
{
"url": "https://git.kernel.org/stable/c/04181973c38f3d6a353f9246dcf7fee08024fd9e"
},
{
"url": "https://git.kernel.org/stable/c/b847ecff850719c46c95acd25a0d555dfd16e10d"
},
{
"url": "https://git.kernel.org/stable/c/a9078e791426c2cbbdf28a320c3670f6e0a611e6"
},
{
"url": "https://git.kernel.org/stable/c/dfc3fff63793c571147930b13c0f8c689c4281ac"
},
{
"url": "https://git.kernel.org/stable/c/e0a2c28da11e2c2b963fc01d50acbf03045ac732"
}
],
"title": "scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47576",
"datePublished": "2024-06-19T14:53:44.725Z",
"dateReserved": "2024-05-24T15:11:00.730Z",
"dateUpdated": "2024-08-04T05:39:59.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-47610
Vulnerability from cvelistv5
Published
2024-06-19 14:57
Modified
2024-08-04 05:47
Severity
Summary
drm/msm: Fix null ptr access msm_ioctl_gem_submit()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47610",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T17:57:36.573885Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T17:57:46.600Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.585Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f6db3d98f876870c35e96693cfd54752f6199e59"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/26d776fd0f79f093a5d0ce1a4c7c7a992bc3264c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/msm/msm_gem_submit.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f6db3d98f876",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "26d776fd0f79",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/msm/msm_gem_submit.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.10",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: Fix null ptr access msm_ioctl_gem_submit()\n\nFix the below null pointer dereference in msm_ioctl_gem_submit():\n\n 26545.260705: Call trace:\n 26545.263223: kref_put+0x1c/0x60\n 26545.266452: msm_ioctl_gem_submit+0x254/0x744\n 26545.270937: drm_ioctl_kernel+0xa8/0x124\n 26545.274976: drm_ioctl+0x21c/0x33c\n 26545.278478: drm_compat_ioctl+0xdc/0xf0\n 26545.282428: __arm64_compat_sys_ioctl+0xc8/0x100\n 26545.287169: el0_svc_common+0xf8/0x250\n 26545.291025: do_el0_svc_compat+0x28/0x54\n 26545.295066: el0_svc_compat+0x10/0x1c\n 26545.298838: el0_sync_compat_handler+0xa8/0xcc\n 26545.303403: el0_sync_compat+0x188/0x1c0\n 26545.307445: Code: d503201f d503201f 52800028 4b0803e8 (b8680008)\n 26545.318799: Kernel panic - not syncing: Oops: Fatal exception"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T14:57:59.673Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/f6db3d98f876870c35e96693cfd54752f6199e59"
},
{
"url": "https://git.kernel.org/stable/c/26d776fd0f79f093a5d0ce1a4c7c7a992bc3264c"
}
],
"title": "drm/msm: Fix null ptr access msm_ioctl_gem_submit()",
"x_generator": {
"engine": "bippy-a5840b7849dd"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47610",
"datePublished": "2024-06-19T14:57:59.673Z",
"dateReserved": "2024-06-19T14:55:32.794Z",
"dateUpdated": "2024-08-04T05:47:40.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38539
Vulnerability from cvelistv5
Published
2024-06-19 13:35
Modified
2024-08-02 04:12
Severity
Summary
RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.210Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3eb127dc408bf7959a4920d04d16ce10e863686a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6564fc1818404254d1c9f7d75b403b4941516d26"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b3a7fb93afd888793ef226e9665fbda98a95c48e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9c0731832d3b7420cbadba6a7f334363bc8dfb15"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/core/cma.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3eb127dc408b",
"status": "affected",
"version": "f8ef1be816bf",
"versionType": "git"
},
{
"lessThan": "6564fc181840",
"status": "affected",
"version": "f8ef1be816bf",
"versionType": "git"
},
{
"lessThan": "b3a7fb93afd8",
"status": "affected",
"version": "f8ef1be816bf",
"versionType": "git"
},
{
"lessThan": "9c0731832d3b",
"status": "affected",
"version": "f8ef1be816bf",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/core/cma.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.6"
},
{
"lessThan": "6.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw\n\nWhen running blktests nvme/rdma, the following kmemleak issue will appear.\n\nkmemleak: Kernel memory leak detector initialized (mempool available:36041)\nkmemleak: Automatic memory scanning thread started\nkmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\nkmemleak: 8 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\nkmemleak: 17 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\nkmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\n\nunreferenced object 0xffff88855da53400 (size 192):\n comm \"rdma\", pid 10630, jiffies 4296575922\n hex dump (first 32 bytes):\n 37 00 00 00 00 00 00 00 c0 ff ff ff 1f 00 00 00 7...............\n 10 34 a5 5d 85 88 ff ff 10 34 a5 5d 85 88 ff ff .4.].....4.]....\n backtrace (crc 47f66721):\n [\u003cffffffff911251bd\u003e] kmalloc_trace+0x30d/0x3b0\n [\u003cffffffffc2640ff7\u003e] alloc_gid_entry+0x47/0x380 [ib_core]\n [\u003cffffffffc2642206\u003e] add_modify_gid+0x166/0x930 [ib_core]\n [\u003cffffffffc2643468\u003e] ib_cache_update.part.0+0x6d8/0x910 [ib_core]\n [\u003cffffffffc2644e1a\u003e] ib_cache_setup_one+0x24a/0x350 [ib_core]\n [\u003cffffffffc263949e\u003e] ib_register_device+0x9e/0x3a0 [ib_core]\n [\u003cffffffffc2a3d389\u003e] 0xffffffffc2a3d389\n [\u003cffffffffc2688cd8\u003e] nldev_newlink+0x2b8/0x520 [ib_core]\n [\u003cffffffffc2645fe3\u003e] rdma_nl_rcv_msg+0x2c3/0x520 [ib_core]\n [\u003cffffffffc264648c\u003e]\nrdma_nl_rcv_skb.constprop.0.isra.0+0x23c/0x3a0 [ib_core]\n [\u003cffffffff9270e7b5\u003e] netlink_unicast+0x445/0x710\n [\u003cffffffff9270f1f1\u003e] netlink_sendmsg+0x761/0xc40\n [\u003cffffffff9249db29\u003e] __sys_sendto+0x3a9/0x420\n [\u003cffffffff9249dc8c\u003e] __x64_sys_sendto+0xdc/0x1b0\n [\u003cffffffff92db0ad3\u003e] do_syscall_64+0x93/0x180\n [\u003cffffffff92e00126\u003e] entry_SYSCALL_64_after_hwframe+0x71/0x79\n\nThe root cause: rdma_put_gid_attr is not called when sgid_attr is set\nto ERR_PTR(-ENODEV)."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:40.097Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3eb127dc408bf7959a4920d04d16ce10e863686a"
},
{
"url": "https://git.kernel.org/stable/c/6564fc1818404254d1c9f7d75b403b4941516d26"
},
{
"url": "https://git.kernel.org/stable/c/b3a7fb93afd888793ef226e9665fbda98a95c48e"
},
{
"url": "https://git.kernel.org/stable/c/9c0731832d3b7420cbadba6a7f334363bc8dfb15"
}
],
"title": "RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38539",
"datePublished": "2024-06-19T13:35:14.099Z",
"dateReserved": "2024-06-18T19:36:34.918Z",
"dateUpdated": "2024-08-02T04:12:25.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading...