Action not permitted
Modal body text goes here.
wid-sec-w-2024-1422
Vulnerability from csaf_certbund
Published
2024-06-20 22:00
Modified
2024-07-24 22:00
Summary
Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1422 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1422.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1422 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1422"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2021-4439 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062001-CVE-2021-4439-59ce@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48711 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062053-CVE-2022-48711-4d4e@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48712 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062054-CVE-2022-48712-6289@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48713 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062054-CVE-2022-48713-6025@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48714 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062054-CVE-2022-48714-726f@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48715 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062055-CVE-2022-48715-dba4@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48716 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062055-CVE-2022-48716-7621@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48717 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062055-CVE-2022-48717-064d@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48718 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062056-CVE-2022-48718-1d94@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48719 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062056-CVE-2022-48719-4312@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48720 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062056-CVE-2022-48720-5541@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48721 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062056-CVE-2022-48721-3959@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48722 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062057-CVE-2022-48722-dc20@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48723 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062057-CVE-2022-48723-1347@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48724 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062057-CVE-2022-48724-6bcd@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48725 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062058-CVE-2022-48725-aba3@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48726 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062058-CVE-2022-48726-adb1@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48727 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062058-CVE-2022-48727-5101@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48728 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062058-CVE-2022-48728-caf6@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48729 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062059-CVE-2022-48729-dc0b@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48730 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062059-CVE-2022-48730-f1fd@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48731 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062059-CVE-2022-48731-d547@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48732 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062000-CVE-2022-48732-9d9b@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48733 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062000-CVE-2022-48733-4217@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48734 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062000-CVE-2022-48734-88b7@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48735 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062001-CVE-2022-48735-32e6@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48736 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062001-CVE-2022-48736-afa0@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48737 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062001-CVE-2022-48737-8efb@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48738 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062001-CVE-2022-48738-ecf0@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48739 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062002-CVE-2022-48739-c0d9@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48740 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062002-CVE-2022-48740-a623@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48741 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062002-CVE-2022-48741-cdd7@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48742 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062003-CVE-2022-48742-6393@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48743 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062003-CVE-2022-48743-ee30@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48744 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062003-CVE-2022-48744-0f03@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48745 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062004-CVE-2022-48745-7f0a@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48746 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062004-CVE-2022-48746-3d3a@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48747 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062004-CVE-2022-48747-c63f@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48748 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062004-CVE-2022-48748-3e75@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48749 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062005-CVE-2022-48749-0566@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48750 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062005-CVE-2022-48750-20d1@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48751 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062005-CVE-2022-48751-10d0@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48752 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062006-CVE-2022-48752-7ff8@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48753 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062006-CVE-2022-48753-38c0@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48754 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062006-CVE-2022-48754-4012@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48755 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062006-CVE-2022-48755-8abf@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48756 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062007-CVE-2022-48756-fc26@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48757 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062007-CVE-2022-48757-c816@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48758 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062007-CVE-2022-48758-1500@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48759 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062008-CVE-2022-48759-d017@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48760 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062008-CVE-2022-48760-b80e@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48761 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062008-CVE-2022-48761-51ee@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48762 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062009-CVE-2022-48762-9a17@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48763 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062009-CVE-2022-48763-862a@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48764 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062009-CVE-2022-48764-6de1@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48765 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062009-CVE-2022-48765-ddb8@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48766 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062010-CVE-2022-48766-3b8e@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48767 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062010-CVE-2022-48767-e91d@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48768 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062010-CVE-2022-48768-afee@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48769 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062011-CVE-2022-48769-0ff7@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48770 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062011-CVE-2022-48770-34e0@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2022-48771 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062011-CVE-2022-48771-2c90@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement CVE-2023-52883 vom 2024-06-20",
"url": "https://lore.kernel.org/linux-cve-announce/2024062030-CVE-2023-52883-0069@gregkh/"
},
{
"category": "external",
"summary": "Linux CVE Announcement vom 2024-06-20",
"url": "https://kernel.org/"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3840 vom 2024-06-27",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2360-1 vom 2024-07-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018907.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2365-1 vom 2024-07-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018897.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2372-1 vom 2024-07-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018901.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2362-1 vom 2024-07-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018905.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2381-1 vom 2024-07-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018916.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2384-1 vom 2024-07-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018921.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2394-1 vom 2024-07-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018922.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5730 vom 2024-07-16",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00141.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4583 vom 2024-07-17",
"url": "https://access.redhat.com/errata/RHSA-2024:4583"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-4583 vom 2024-07-19",
"url": "https://linux.oracle.com/errata/ELSA-2024-4583.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2561-1 vom 2024-07-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019001.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2571-1 vom 2024-07-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019019.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4831 vom 2024-07-24",
"url": "https://access.redhat.com/errata/RHSA-2024:4831"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4823 vom 2024-07-24",
"url": "https://access.redhat.com/errata/RHSA-2024:4823"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen erm\u00f6glichen nicht spezifizierten Angriff",
"tracking": {
"current_release_date": "2024-07-24T22:00:00.000+00:00",
"generator": {
"date": "2024-07-25T08:33:05.421+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2024-1422",
"initial_release_date": "2024-06-20T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-06-20T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-06-27T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2024-07-09T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-07-10T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-07-15T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2024-07-16T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-18T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Oracle Linux und SUSE aufgenommen"
},
{
"date": "2024-07-22T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-07-24T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "9"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T035603",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4439",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2021-4439"
},
{
"cve": "CVE-2022-48711",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48711"
},
{
"cve": "CVE-2022-48712",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48712"
},
{
"cve": "CVE-2022-48713",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48713"
},
{
"cve": "CVE-2022-48714",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48714"
},
{
"cve": "CVE-2022-48715",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48715"
},
{
"cve": "CVE-2022-48716",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48716"
},
{
"cve": "CVE-2022-48717",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48717"
},
{
"cve": "CVE-2022-48718",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48718"
},
{
"cve": "CVE-2022-48719",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48719"
},
{
"cve": "CVE-2022-48720",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48720"
},
{
"cve": "CVE-2022-48721",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48721"
},
{
"cve": "CVE-2022-48722",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48722"
},
{
"cve": "CVE-2022-48723",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48723"
},
{
"cve": "CVE-2022-48724",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48724"
},
{
"cve": "CVE-2022-48725",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48725"
},
{
"cve": "CVE-2022-48726",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48726"
},
{
"cve": "CVE-2022-48727",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48727"
},
{
"cve": "CVE-2022-48728",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48728"
},
{
"cve": "CVE-2022-48729",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48729"
},
{
"cve": "CVE-2022-48730",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48730"
},
{
"cve": "CVE-2022-48731",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48731"
},
{
"cve": "CVE-2022-48732",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48732"
},
{
"cve": "CVE-2022-48733",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48733"
},
{
"cve": "CVE-2022-48734",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48734"
},
{
"cve": "CVE-2022-48735",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48735"
},
{
"cve": "CVE-2022-48736",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48736"
},
{
"cve": "CVE-2022-48737",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48737"
},
{
"cve": "CVE-2022-48738",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48738"
},
{
"cve": "CVE-2022-48739",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48739"
},
{
"cve": "CVE-2022-48740",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48740"
},
{
"cve": "CVE-2022-48741",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48741"
},
{
"cve": "CVE-2022-48742",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48742"
},
{
"cve": "CVE-2022-48743",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48743"
},
{
"cve": "CVE-2022-48744",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48744"
},
{
"cve": "CVE-2022-48745",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48745"
},
{
"cve": "CVE-2022-48746",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48746"
},
{
"cve": "CVE-2022-48747",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48747"
},
{
"cve": "CVE-2022-48748",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48748"
},
{
"cve": "CVE-2022-48749",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48749"
},
{
"cve": "CVE-2022-48750",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48750"
},
{
"cve": "CVE-2022-48751",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48751"
},
{
"cve": "CVE-2022-48752",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48752"
},
{
"cve": "CVE-2022-48753",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48753"
},
{
"cve": "CVE-2022-48754",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48754"
},
{
"cve": "CVE-2022-48755",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48755"
},
{
"cve": "CVE-2022-48756",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48756"
},
{
"cve": "CVE-2022-48757",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48757"
},
{
"cve": "CVE-2022-48758",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48758"
},
{
"cve": "CVE-2022-48759",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48759"
},
{
"cve": "CVE-2022-48760",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48760"
},
{
"cve": "CVE-2022-48761",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48761"
},
{
"cve": "CVE-2022-48762",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48762"
},
{
"cve": "CVE-2022-48763",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48763"
},
{
"cve": "CVE-2022-48764",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48764"
},
{
"cve": "CVE-2022-48765",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48765"
},
{
"cve": "CVE-2022-48766",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48766"
},
{
"cve": "CVE-2022-48767",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48767"
},
{
"cve": "CVE-2022-48768",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48768"
},
{
"cve": "CVE-2022-48769",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48769"
},
{
"cve": "CVE-2022-48770",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48770"
},
{
"cve": "CVE-2022-48771",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2022-48771"
},
{
"cve": "CVE-2023-52883",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2023-52883"
},
{
"cve": "CVE-2024-33619",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-33619"
},
{
"cve": "CVE-2024-33621",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-33621"
},
{
"cve": "CVE-2024-34777",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-34777"
},
{
"cve": "CVE-2024-36244",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-36244"
},
{
"cve": "CVE-2024-36270",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-36270"
},
{
"cve": "CVE-2024-36281",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-36281"
},
{
"cve": "CVE-2024-36286",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-36286"
},
{
"cve": "CVE-2024-36288",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-36288"
},
{
"cve": "CVE-2024-36477",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-36477"
},
{
"cve": "CVE-2024-36478",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-36478"
},
{
"cve": "CVE-2024-36481",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-36481"
},
{
"cve": "CVE-2024-36484",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-36484"
},
{
"cve": "CVE-2024-38622",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38622"
},
{
"cve": "CVE-2024-38623",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38623"
},
{
"cve": "CVE-2024-38624",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38624"
},
{
"cve": "CVE-2024-38625",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38625"
},
{
"cve": "CVE-2024-38626",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38626"
},
{
"cve": "CVE-2024-38627",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38627"
},
{
"cve": "CVE-2024-38628",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38628"
},
{
"cve": "CVE-2024-38629",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38629"
},
{
"cve": "CVE-2024-38630",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38630"
},
{
"cve": "CVE-2024-38631",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38631"
},
{
"cve": "CVE-2024-38632",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38632"
},
{
"cve": "CVE-2024-38633",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38633"
},
{
"cve": "CVE-2024-38634",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38634"
},
{
"cve": "CVE-2024-38635",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38635"
},
{
"cve": "CVE-2024-38636",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38636"
},
{
"cve": "CVE-2024-38637",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38637"
},
{
"cve": "CVE-2024-38659",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38659"
},
{
"cve": "CVE-2024-38662",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38662"
},
{
"cve": "CVE-2024-38780",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-38780"
},
{
"cve": "CVE-2024-39277",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Linux Kernel, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Diese Schwachstellen umfassen eine Vielzahl von Sicherheitsproblemen, die haupts\u00e4chlich mit der Speicherverwaltung und der Datenverarbeitung im Linux-Kernel und den zugeh\u00f6rigen Treibern und Subsystemen zusammenh\u00e4ngen. Ein lokaler Angreifer kann diese Sicherheitsl\u00fccken ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T035603",
"2951",
"T002207",
"67646",
"T004914"
]
},
"release_date": "2024-06-20T22:00:00Z",
"title": "CVE-2024-39277"
}
]
}
cve-2024-36477
Vulnerability from cvelistv5
Published
2024-06-21 11:18
Modified
2024-08-02 03:37
Severity ?
EPSS score ?
Summary
tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36477",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T13:25:38.377073Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T13:25:50.272Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:05.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1547183852dcdfcc25878db7dd3620509217b0cd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/de13c56f99477b56980c7e00b09c776d16b7563d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/195aba96b854dd664768f382cd1db375d8181f88"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/char/tpm/tpm_tis_spi_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "1547183852dc",
"status": "affected",
"version": "a86a42ac2bd6",
"versionType": "git"
},
{
"lessThan": "de13c56f9947",
"status": "affected",
"version": "a86a42ac2bd6",
"versionType": "git"
},
{
"lessThan": "195aba96b854",
"status": "affected",
"version": "a86a42ac2bd6",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/char/tpm/tpm_tis_spi_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.6"
},
{
"lessThan": "6.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer\n\nThe TPM SPI transfer mechanism uses MAX_SPI_FRAMESIZE for computing the\nmaximum transfer length and the size of the transfer buffer. As such, it\ndoes not account for the 4 bytes of header that prepends the SPI data\nframe. This can result in out-of-bounds accesses and was confirmed with\nKASAN.\n\nIntroduce SPI_HDRSIZE to account for the header and use to allocate the\ntransfer buffer."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:01.526Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/1547183852dcdfcc25878db7dd3620509217b0cd"
},
{
"url": "https://git.kernel.org/stable/c/de13c56f99477b56980c7e00b09c776d16b7563d"
},
{
"url": "https://git.kernel.org/stable/c/195aba96b854dd664768f382cd1db375d8181f88"
}
],
"title": "tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-36477",
"datePublished": "2024-06-21T11:18:46.822Z",
"dateReserved": "2024-06-21T11:16:40.603Z",
"dateUpdated": "2024-08-02T03:37:05.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38626
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
fuse: clear FR_SENT when re-adding requests into pending list
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.061Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/533070db659a9589310a743e9de14cf9d651ffaf"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/246014876d782bbf2e652267482cd2e799fb5fcd"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38626",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:09:09.210005Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:44.692Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/fuse/dev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "533070db659a",
"status": "affected",
"version": "760eac73f9f6",
"versionType": "git"
},
{
"lessThan": "246014876d78",
"status": "affected",
"version": "760eac73f9f6",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/fuse/dev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.9"
},
{
"lessThan": "6.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfuse: clear FR_SENT when re-adding requests into pending list\n\nThe following warning was reported by lee bruce:\n\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 8264 at fs/fuse/dev.c:300\n fuse_request_end+0x685/0x7e0 fs/fuse/dev.c:300\n Modules linked in:\n CPU: 0 PID: 8264 Comm: ab2 Not tainted 6.9.0-rc7\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)\n RIP: 0010:fuse_request_end+0x685/0x7e0 fs/fuse/dev.c:300\n ......\n Call Trace:\n \u003cTASK\u003e\n fuse_dev_do_read.constprop.0+0xd36/0x1dd0 fs/fuse/dev.c:1334\n fuse_dev_read+0x166/0x200 fs/fuse/dev.c:1367\n call_read_iter include/linux/fs.h:2104 [inline]\n new_sync_read fs/read_write.c:395 [inline]\n vfs_read+0x85b/0xba0 fs/read_write.c:476\n ksys_read+0x12f/0x260 fs/read_write.c:619\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xce/0x260 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n ......\n \u003c/TASK\u003e\n\nThe warning is due to the FUSE_NOTIFY_RESEND notify sent by the write()\nsyscall in the reproducer program and it happens as follows:\n\n(1) calls fuse_dev_read() to read the INIT request\nThe read succeeds. During the read, bit FR_SENT will be set on the\nrequest.\n(2) calls fuse_dev_write() to send an USE_NOTIFY_RESEND notify\nThe resend notify will resend all processing requests, so the INIT\nrequest is moved from processing list to pending list again.\n(3) calls fuse_dev_read() with an invalid output address\nfuse_dev_read() will try to copy the same INIT request to the output\naddress, but it will fail due to the invalid address, so the INIT\nrequest is ended and triggers the warning in fuse_request_end().\n\nFix it by clearing FR_SENT when re-adding requests into pending list."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:20.577Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/533070db659a9589310a743e9de14cf9d651ffaf"
},
{
"url": "https://git.kernel.org/stable/c/246014876d782bbf2e652267482cd2e799fb5fcd"
}
],
"title": "fuse: clear FR_SENT when re-adding requests into pending list",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38626",
"datePublished": "2024-06-21T10:18:18.255Z",
"dateReserved": "2024-06-18T19:36:34.945Z",
"dateUpdated": "2024-09-11T17:34:44.692Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-36244
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
net/sched: taprio: extend minimum interval restriction to entire cycle too
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:03.670Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b939d1e04a90248b4cdf417b0969c270ceb992b2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/91f249b01fe490fce11fbb4307952ca8cce78724"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fb66df20a7201e60f2b13d7f95d031b31a8831d3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36244",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:09:44.304375Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:46.251Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/sched/sch_taprio.c",
"tools/testing/selftests/tc-testing/tc-tests/qdiscs/taprio.json"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b939d1e04a90",
"status": "affected",
"version": "b5b73b26b3ca",
"versionType": "git"
},
{
"lessThan": "91f249b01fe4",
"status": "affected",
"version": "b5b73b26b3ca",
"versionType": "git"
},
{
"lessThan": "fb66df20a720",
"status": "affected",
"version": "b5b73b26b3ca",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/sched/sch_taprio.c",
"tools/testing/selftests/tc-testing/tc-tests/qdiscs/taprio.json"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.9"
},
{
"lessThan": "5.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: taprio: extend minimum interval restriction to entire cycle too\n\nIt is possible for syzbot to side-step the restriction imposed by the\nblamed commit in the Fixes: tag, because the taprio UAPI permits a\ncycle-time different from (and potentially shorter than) the sum of\nentry intervals.\n\nWe need one more restriction, which is that the cycle time itself must\nbe larger than N * ETH_ZLEN bit times, where N is the number of schedule\nentries. This restriction needs to apply regardless of whether the cycle\ntime came from the user or was the implicit, auto-calculated value, so\nwe move the existing \"cycle == 0\" check outside the \"if \"(!new-\u003ecycle_time)\"\nbranch. This way covers both conditions and scenarios.\n\nAdd a selftest which illustrates the issue triggered by syzbot."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:46:55.458Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b939d1e04a90248b4cdf417b0969c270ceb992b2"
},
{
"url": "https://git.kernel.org/stable/c/91f249b01fe490fce11fbb4307952ca8cce78724"
},
{
"url": "https://git.kernel.org/stable/c/fb66df20a7201e60f2b13d7f95d031b31a8831d3"
}
],
"title": "net/sched: taprio: extend minimum interval restriction to entire cycle too",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-36244",
"datePublished": "2024-06-21T10:18:06.373Z",
"dateReserved": "2024-06-21T10:13:16.319Z",
"dateUpdated": "2024-09-11T17:34:46.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48762
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
arm64: extable: fix load_unaligned_zeropad() reg indices
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48762",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:32:18.518076Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T13:32:25.982Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/47fe7a1c5e3e011eeb4ab79f2d54a794fdd1c3eb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3758a6c74e08bdc15ccccd6872a6ad37d165239a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/arm64/mm/extable.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "47fe7a1c5e3e",
"status": "affected",
"version": "753b32368705",
"versionType": "git"
},
{
"lessThan": "3758a6c74e08",
"status": "affected",
"version": "753b32368705",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/arm64/mm/extable.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.16"
},
{
"lessThan": "5.16",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: extable: fix load_unaligned_zeropad() reg indices\n\nIn ex_handler_load_unaligned_zeropad() we erroneously extract the data and\naddr register indices from ex-\u003etype rather than ex-\u003edata. As ex-\u003etype will\ncontain EX_TYPE_LOAD_UNALIGNED_ZEROPAD (i.e. 4):\n * We\u0027ll always treat X0 as the address register, since EX_DATA_REG_ADDR is\n extracted from bits [9:5]. Thus, we may attempt to dereference an\n arbitrary address as X0 may hold an arbitrary value.\n * We\u0027ll always treat X4 as the data register, since EX_DATA_REG_DATA is\n extracted from bits [4:0]. Thus we will corrupt X4 and cause arbitrary\n behaviour within load_unaligned_zeropad() and its caller.\n\nFix this by extracting both values from ex-\u003edata as originally intended.\n\nOn an MTE-enabled QEMU image we are hitting the following crash:\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n Call trace:\n fixup_exception+0xc4/0x108\n __do_kernel_fault+0x3c/0x268\n do_tag_check_fault+0x3c/0x104\n do_mem_abort+0x44/0xf4\n el1_abort+0x40/0x64\n el1h_64_sync_handler+0x60/0xa0\n el1h_64_sync+0x7c/0x80\n link_path_walk+0x150/0x344\n path_openat+0xa0/0x7dc\n do_filp_open+0xb8/0x168\n do_sys_openat2+0x88/0x17c\n __arm64_sys_openat+0x74/0xa0\n invoke_syscall+0x48/0x148\n el0_svc_common+0xb8/0xf8\n do_el0_svc+0x28/0x88\n el0_svc+0x24/0x84\n el0t_64_sync_handler+0x88/0xec\n el0t_64_sync+0x1b4/0x1b8\n Code: f8695a69 71007d1f 540000e0 927df12a (f940014a)"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:56.667Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/47fe7a1c5e3e011eeb4ab79f2d54a794fdd1c3eb"
},
{
"url": "https://git.kernel.org/stable/c/3758a6c74e08bdc15ccccd6872a6ad37d165239a"
}
],
"title": "arm64: extable: fix load_unaligned_zeropad() reg indices",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48762",
"datePublished": "2024-06-20T11:13:39.855Z",
"dateReserved": "2024-06-20T11:09:39.060Z",
"dateUpdated": "2024-08-03T15:25:01.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48730
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
dma-buf: heaps: Fix potential spectre v1 gadget
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.434Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5d40f1bdad3dd1a177f21a90ad4353c1ed40ba3a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/24f8e12d965b24f8aea762589e0e9fe2025c005e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cc8f7940d9c2d45f67b3d1a2f2b7a829ca561bed"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/92c4cfaee6872038563c5b6f2e8e613f9d84d47d"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48730",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:11:00.522844Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:49.081Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/dma-buf/dma-heap.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5d40f1bdad3d",
"status": "affected",
"version": "c02a81fba74f",
"versionType": "git"
},
{
"lessThan": "24f8e12d965b",
"status": "affected",
"version": "c02a81fba74f",
"versionType": "git"
},
{
"lessThan": "cc8f7940d9c2",
"status": "affected",
"version": "c02a81fba74f",
"versionType": "git"
},
{
"lessThan": "92c4cfaee687",
"status": "affected",
"version": "c02a81fba74f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/dma-buf/dma-heap.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.6"
},
{
"lessThan": "5.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.99",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf: heaps: Fix potential spectre v1 gadget\n\nIt appears like nr could be a Spectre v1 gadget as it\u0027s supplied by a\nuser and used as an array index. Prevent the contents\nof kernel memory from being leaked to userspace via speculative\nexecution by using array_index_nospec.\n\n [sumits: added fixes and cc: stable tags]"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:19.518Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/5d40f1bdad3dd1a177f21a90ad4353c1ed40ba3a"
},
{
"url": "https://git.kernel.org/stable/c/24f8e12d965b24f8aea762589e0e9fe2025c005e"
},
{
"url": "https://git.kernel.org/stable/c/cc8f7940d9c2d45f67b3d1a2f2b7a829ca561bed"
},
{
"url": "https://git.kernel.org/stable/c/92c4cfaee6872038563c5b6f2e8e613f9d84d47d"
}
],
"title": "dma-buf: heaps: Fix potential spectre v1 gadget",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48730",
"datePublished": "2024-06-20T11:13:18.750Z",
"dateReserved": "2024-06-20T11:09:39.052Z",
"dateUpdated": "2024-09-11T17:34:49.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-33619
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
efi: libstub: only free priv.runtime_map when allocated
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:36:04.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b8938d6f570f010a1dcdbfed3e5b5d3258c2a908"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9dce01f386c9ce6990c0a83fa14b1c95330b037e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6ca67a5fe1c606d1fbe24c30a9fc0bdc43a18554"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4b2543f7e1e6b91cfc8dd1696e3cdf01c3ac8974"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-33619",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:09:50.722948Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:46.488Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/firmware/efi/libstub/fdt.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b8938d6f570f",
"status": "affected",
"version": "f80d26043af9",
"versionType": "git"
},
{
"lessThan": "9dce01f386c9",
"status": "affected",
"version": "f80d26043af9",
"versionType": "git"
},
{
"lessThan": "6ca67a5fe1c6",
"status": "affected",
"version": "f80d26043af9",
"versionType": "git"
},
{
"lessThan": "4b2543f7e1e6",
"status": "affected",
"version": "f80d26043af9",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/firmware/efi/libstub/fdt.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"lessThan": "6.1",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: libstub: only free priv.runtime_map when allocated\n\npriv.runtime_map is only allocated when efi_novamap is not set.\nOtherwise, it is an uninitialized value. In the error path, it is freed\nunconditionally. Avoid passing an uninitialized value to free_pool.\nFree priv.runtime_map only when it was allocated.\n\nThis bug was discovered and resolved using Coverity Static Analysis\nSecurity Testing (SAST) by Synopsys, Inc."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:46:42.636Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b8938d6f570f010a1dcdbfed3e5b5d3258c2a908"
},
{
"url": "https://git.kernel.org/stable/c/9dce01f386c9ce6990c0a83fa14b1c95330b037e"
},
{
"url": "https://git.kernel.org/stable/c/6ca67a5fe1c606d1fbe24c30a9fc0bdc43a18554"
},
{
"url": "https://git.kernel.org/stable/c/4b2543f7e1e6b91cfc8dd1696e3cdf01c3ac8974"
}
],
"title": "efi: libstub: only free priv.runtime_map when allocated",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-33619",
"datePublished": "2024-06-21T10:18:05.007Z",
"dateReserved": "2024-06-21T10:13:16.311Z",
"dateUpdated": "2024-09-11T17:34:46.488Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48749
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48749",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:33:31.394411Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T13:33:38.927Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/93a6e920d8ccb4df846c03b6e72f7e08843d294c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8f069f6dde518dfebe86e848508c07e497bd9298"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1ebc18836d5df09061657f8c548e594cbb519476"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/170b22234d5495f5e0844246e23f004639ee89ba"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/msm/disp/dpu1/dpu_hw_dspp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "93a6e920d8cc",
"status": "affected",
"version": "4259ff7ae509",
"versionType": "git"
},
{
"lessThan": "8f069f6dde51",
"status": "affected",
"version": "4259ff7ae509",
"versionType": "git"
},
{
"lessThan": "1ebc18836d5d",
"status": "affected",
"version": "4259ff7ae509",
"versionType": "git"
},
{
"lessThan": "170b22234d54",
"status": "affected",
"version": "4259ff7ae509",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/msm/disp/dpu1/dpu_hw_dspp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.8"
},
{
"lessThan": "5.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc\n\nThe function performs a check on the \"ctx\" input parameter, however, it\nis used before the check.\n\nInitialize the \"base\" variable after the sanity check to avoid a\npossible NULL pointer dereference.\n\nAddresses-Coverity-ID: 1493866 (\"Null pointer dereference\")"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:41.441Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/93a6e920d8ccb4df846c03b6e72f7e08843d294c"
},
{
"url": "https://git.kernel.org/stable/c/8f069f6dde518dfebe86e848508c07e497bd9298"
},
{
"url": "https://git.kernel.org/stable/c/1ebc18836d5df09061657f8c548e594cbb519476"
},
{
"url": "https://git.kernel.org/stable/c/170b22234d5495f5e0844246e23f004639ee89ba"
}
],
"title": "drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48749",
"datePublished": "2024-06-20T11:13:31.274Z",
"dateReserved": "2024-06-20T11:09:39.055Z",
"dateUpdated": "2024-08-03T15:25:01.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48724
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:24:59.995Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a0c685ba99961b1dd894b2e470e692a539770f6d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5c43d46daa0d2928234dd2792ebebc35d29ee2d1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9d9995b0371e4e8c18d4f955479e5d47efe7b2d4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/336d096b62bdc673e852b6b80d5072d7888ce85d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b62eceb5f8f08815fe3f945fc55bbf997c344ecd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/99e675d473eb8cf2deac1376a0f840222fc1adcf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48724",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:11:09.906830Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:49.407Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/iommu/intel/irq_remapping.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a0c685ba9996",
"status": "affected",
"version": "03992c88d71b",
"versionType": "git"
},
{
"lessThan": "a31cb1f0fb6c",
"status": "affected",
"version": "c0c489e54305",
"versionType": "git"
},
{
"lessThan": "5c43d46daa0d",
"status": "affected",
"version": "36f735554572",
"versionType": "git"
},
{
"lessThan": "9d9995b0371e",
"status": "affected",
"version": "e3beca48a45b",
"versionType": "git"
},
{
"lessThan": "336d096b62bd",
"status": "affected",
"version": "e3beca48a45b",
"versionType": "git"
},
{
"lessThan": "b62eceb5f8f0",
"status": "affected",
"version": "e3beca48a45b",
"versionType": "git"
},
{
"lessThan": "99e675d473eb",
"status": "affected",
"version": "e3beca48a45b",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/iommu/intel/irq_remapping.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.8"
},
{
"lessThan": "5.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.265",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.178",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.99",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()\n\nAfter commit e3beca48a45b (\"irqdomain/treewide: Keep firmware node\nunconditionally allocated\"). For tear down scenario, fn is only freed\nafter fail to allocate ir_domain, though it also should be freed in case\ndmar_enable_qi returns error.\n\nBesides free fn, irq_domain and ir_msi_domain need to be removed as well\nif intel_setup_irq_remapping fails to enable queued invalidation.\n\nImprove the rewinding path by add out_free_ir_domain and out_free_fwnode\nlables per Baolu\u0027s suggestion."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:12.481Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a0c685ba99961b1dd894b2e470e692a539770f6d"
},
{
"url": "https://git.kernel.org/stable/c/a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9"
},
{
"url": "https://git.kernel.org/stable/c/5c43d46daa0d2928234dd2792ebebc35d29ee2d1"
},
{
"url": "https://git.kernel.org/stable/c/9d9995b0371e4e8c18d4f955479e5d47efe7b2d4"
},
{
"url": "https://git.kernel.org/stable/c/336d096b62bdc673e852b6b80d5072d7888ce85d"
},
{
"url": "https://git.kernel.org/stable/c/b62eceb5f8f08815fe3f945fc55bbf997c344ecd"
},
{
"url": "https://git.kernel.org/stable/c/99e675d473eb8cf2deac1376a0f840222fc1adcf"
}
],
"title": "iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48724",
"datePublished": "2024-06-20T11:13:14.644Z",
"dateReserved": "2024-06-20T11:09:39.051Z",
"dateUpdated": "2024-09-11T17:34:49.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48752
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
powerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/55402a4618721f350a9ab660bb42717d8aa18e7c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/28aaed966e76807a71de79dd40a8eee9042374dd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fa4ad064a6bd49208221df5e62adf27b426d1720"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fb6433b48a178d4672cb26632454ee0b21056eaa"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48752",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:25.606940Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:47.858Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/powerpc/perf/core-book3s.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "55402a461872",
"status": "affected",
"version": "ef798cd035f3",
"versionType": "git"
},
{
"lessThan": "28aaed966e76",
"status": "affected",
"version": "fadcafa39592",
"versionType": "git"
},
{
"lessThan": "fa4ad064a6bd",
"status": "affected",
"version": "215a90ce3754",
"versionType": "git"
},
{
"lessThan": "fb6433b48a17",
"status": "affected",
"version": "2c9ac51b850d",
"versionType": "git"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/powerpc/perf/core-book3s.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5.10.96",
"status": "affected",
"version": "5.10.94",
"versionType": "custom"
},
{
"lessThan": "5.15.19",
"status": "affected",
"version": "5.15.17",
"versionType": "custom"
},
{
"lessThan": "5.16.5",
"status": "affected",
"version": "5.16.3",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending\n\nRunning selftest with CONFIG_PPC_IRQ_SOFT_MASK_DEBUG enabled in kernel\ntriggered below warning:\n\n[ 172.851380] ------------[ cut here ]------------\n[ 172.851391] WARNING: CPU: 8 PID: 2901 at arch/powerpc/include/asm/hw_irq.h:246 power_pmu_disable+0x270/0x280\n[ 172.851402] Modules linked in: dm_mod bonding nft_ct nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables rfkill nfnetlink sunrpc xfs libcrc32c pseries_rng xts vmx_crypto uio_pdrv_genirq uio sch_fq_codel ip_tables ext4 mbcache jbd2 sd_mod t10_pi sg ibmvscsi ibmveth scsi_transport_srp fuse\n[ 172.851442] CPU: 8 PID: 2901 Comm: lost_exception_ Not tainted 5.16.0-rc5-03218-g798527287598 #2\n[ 172.851451] NIP: c00000000013d600 LR: c00000000013d5a4 CTR: c00000000013b180\n[ 172.851458] REGS: c000000017687860 TRAP: 0700 Not tainted (5.16.0-rc5-03218-g798527287598)\n[ 172.851465] MSR: 8000000000029033 \u003cSF,EE,ME,IR,DR,RI,LE\u003e CR: 48004884 XER: 20040000\n[ 172.851482] CFAR: c00000000013d5b4 IRQMASK: 1\n[ 172.851482] GPR00: c00000000013d5a4 c000000017687b00 c000000002a10600 0000000000000004\n[ 172.851482] GPR04: 0000000082004000 c0000008ba08f0a8 0000000000000000 00000008b7ed0000\n[ 172.851482] GPR08: 00000000446194f6 0000000000008000 c00000000013b118 c000000000d58e68\n[ 172.851482] GPR12: c00000000013d390 c00000001ec54a80 0000000000000000 0000000000000000\n[ 172.851482] GPR16: 0000000000000000 0000000000000000 c000000015d5c708 c0000000025396d0\n[ 172.851482] GPR20: 0000000000000000 0000000000000000 c00000000a3bbf40 0000000000000003\n[ 172.851482] GPR24: 0000000000000000 c0000008ba097400 c0000000161e0d00 c00000000a3bb600\n[ 172.851482] GPR28: c000000015d5c700 0000000000000001 0000000082384090 c0000008ba0020d8\n[ 172.851549] NIP [c00000000013d600] power_pmu_disable+0x270/0x280\n[ 172.851557] LR [c00000000013d5a4] power_pmu_disable+0x214/0x280\n[ 172.851565] Call Trace:\n[ 172.851568] [c000000017687b00] [c00000000013d5a4] power_pmu_disable+0x214/0x280 (unreliable)\n[ 172.851579] [c000000017687b40] [c0000000003403ac] perf_pmu_disable+0x4c/0x60\n[ 172.851588] [c000000017687b60] [c0000000003445e4] __perf_event_task_sched_out+0x1d4/0x660\n[ 172.851596] [c000000017687c50] [c000000000d1175c] __schedule+0xbcc/0x12a0\n[ 172.851602] [c000000017687d60] [c000000000d11ea8] schedule+0x78/0x140\n[ 172.851608] [c000000017687d90] [c0000000001a8080] sys_sched_yield+0x20/0x40\n[ 172.851615] [c000000017687db0] [c0000000000334dc] system_call_exception+0x18c/0x380\n[ 172.851622] [c000000017687e10] [c00000000000c74c] system_call_common+0xec/0x268\n\nThe warning indicates that MSR_EE being set(interrupt enabled) when\nthere was an overflown PMC detected. This could happen in\npower_pmu_disable since it runs under interrupt soft disable\ncondition ( local_irq_save ) and not with interrupts hard disabled.\ncommit 2c9ac51b850d (\"powerpc/perf: Fix PMU callbacks to clear\npending PMI before resetting an overflown PMC\") intended to clear\nPMI pending bit in Paca when disabling the PMU. It could happen\nthat PMC gets overflown while code is in power_pmu_disable\ncallback function. Hence add a check to see if PMI pending bit\nis set in Paca before clearing it via clear_pmi_pending."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:44.945Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/55402a4618721f350a9ab660bb42717d8aa18e7c"
},
{
"url": "https://git.kernel.org/stable/c/28aaed966e76807a71de79dd40a8eee9042374dd"
},
{
"url": "https://git.kernel.org/stable/c/fa4ad064a6bd49208221df5e62adf27b426d1720"
},
{
"url": "https://git.kernel.org/stable/c/fb6433b48a178d4672cb26632454ee0b21056eaa"
}
],
"title": "powerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48752",
"datePublished": "2024-06-20T11:13:33.245Z",
"dateReserved": "2024-06-20T11:09:39.057Z",
"dateUpdated": "2024-09-11T17:34:47.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48757
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
net: fix information leakage in /proc/net/ptype
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48757",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:16.134809Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:47.482Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"include/linux/netdevice.h",
"net/core/net-procfs.c",
"net/packet/af_packet.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8f88c78d24f6",
"status": "affected",
"version": "2feb27dbe00c",
"versionType": "git"
},
{
"lessThan": "be1ca30331c7",
"status": "affected",
"version": "2feb27dbe00c",
"versionType": "git"
},
{
"lessThan": "c38023032a59",
"status": "affected",
"version": "2feb27dbe00c",
"versionType": "git"
},
{
"lessThan": "b67ad6170c0e",
"status": "affected",
"version": "2feb27dbe00c",
"versionType": "git"
},
{
"lessThan": "e372ecd455b6",
"status": "affected",
"version": "2feb27dbe00c",
"versionType": "git"
},
{
"lessThan": "db044d97460e",
"status": "affected",
"version": "2feb27dbe00c",
"versionType": "git"
},
{
"lessThan": "e43669c77cb3",
"status": "affected",
"version": "2feb27dbe00c",
"versionType": "git"
},
{
"lessThan": "839ec7039513",
"status": "affected",
"version": "2feb27dbe00c",
"versionType": "git"
},
{
"lessThan": "47934e06b656",
"status": "affected",
"version": "2feb27dbe00c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"include/linux/netdevice.h",
"net/core/net-procfs.c",
"net/packet/af_packet.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.26"
},
{
"lessThan": "2.6.26",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"version": "4.4.302",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.300",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.265",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.176",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix information leakage in /proc/net/ptype\n\nIn one net namespace, after creating a packet socket without binding\nit to a device, users in other net namespaces can observe the new\n`packet_type` added by this packet socket by reading `/proc/net/ptype`\nfile. This is minor information leakage as packet socket is\nnamespace aware.\n\nAdd a net pointer in `packet_type` to keep the net namespace of\nof corresponding packet socket. In `ptype_seq_show`, this net pointer\nmust be checked when it is not NULL."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:50.866Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779"
},
{
"url": "https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908"
},
{
"url": "https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7"
},
{
"url": "https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54"
},
{
"url": "https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092"
},
{
"url": "https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6"
},
{
"url": "https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b"
},
{
"url": "https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee"
},
{
"url": "https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888"
}
],
"title": "net: fix information leakage in /proc/net/ptype",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48757",
"datePublished": "2024-06-20T11:13:36.529Z",
"dateReserved": "2024-06-20T11:09:39.059Z",
"dateUpdated": "2024-09-11T17:34:47.482Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48739
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
ASoC: hdmi-codec: Fix OOB memory accesses
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:24:59.935Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/10007bd96b6c4c3cfaea9e76c311b06a07a5e260"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1552e66be325a21d7eff49f46013fb402165a0ac"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/06feec6005c9d9500cd286ec440aabf8b2ddd94d"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48739",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:44.552131Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:48.539Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"include/uapi/sound/asound.h",
"sound/soc/codecs/hdmi-codec.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "10007bd96b6c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "1552e66be325",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "06feec6005c9",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"include/uapi/sound/asound.h",
"sound/soc/codecs/hdmi-codec.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: hdmi-codec: Fix OOB memory accesses\n\nCorrect size of iec_status array by changing it to the size of status\narray of the struct snd_aes_iec958. This fixes out-of-bounds slab\nread accesses made by memcpy() of the hdmi-codec driver. This problem\nis reported by KASAN."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:29.954Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/10007bd96b6c4c3cfaea9e76c311b06a07a5e260"
},
{
"url": "https://git.kernel.org/stable/c/1552e66be325a21d7eff49f46013fb402165a0ac"
},
{
"url": "https://git.kernel.org/stable/c/06feec6005c9d9500cd286ec440aabf8b2ddd94d"
}
],
"title": "ASoC: hdmi-codec: Fix OOB memory accesses",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48739",
"datePublished": "2024-06-20T11:13:24.693Z",
"dateReserved": "2024-06-20T11:09:39.054Z",
"dateUpdated": "2024-09-11T17:34:48.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48766
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
drm/amd/display: Wrap dcn301_calculate_wm_and_dlg for FPU.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.135Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/456ba2433844a6483cc4c933aa8f43d24575e341"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/25f1488bdbba63415239ff301fe61a8546140d9f"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48766",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:09.858753Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:47.233Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/dc/dcn301/dcn301_resource.c",
"drivers/gpu/drm/amd/display/dc/dml/dcn301/dcn301_fpu.c",
"drivers/gpu/drm/amd/display/dc/dml/dcn301/dcn301_fpu.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "456ba2433844",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "25f1488bdbba",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/dc/dcn301/dcn301_resource.c",
"drivers/gpu/drm/amd/display/dc/dml/dcn301/dcn301_fpu.c",
"drivers/gpu/drm/amd/display/dc/dml/dcn301/dcn301_fpu.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Wrap dcn301_calculate_wm_and_dlg for FPU.\n\nMirrors the logic for dcn30. Cue lots of WARNs and some\nkernel panics without this fix."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:15:01.549Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/456ba2433844a6483cc4c933aa8f43d24575e341"
},
{
"url": "https://git.kernel.org/stable/c/25f1488bdbba63415239ff301fe61a8546140d9f"
}
],
"title": "drm/amd/display: Wrap dcn301_calculate_wm_and_dlg for FPU.",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48766",
"datePublished": "2024-06-20T11:13:42.486Z",
"dateReserved": "2024-06-20T11:09:39.060Z",
"dateUpdated": "2024-09-11T17:34:47.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48723
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
spi: uniphier: fix reference count leak in uniphier_spi_probe()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.430Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e895e067d73e154b1ebc84a124e00831e311d9b0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dd00b4f8f768d81c3788a8ac88fdb3d745e55ea3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/447c3d4046d7b54052d07d8b27e15e6edea5662c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/37c2c83ca4f1ef4b6908181ac98e18360af89b42"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48723",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:11:13.006477Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:49.515Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/spi/spi-uniphier.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e895e067d73e",
"status": "affected",
"version": "28d1dddc59f6",
"versionType": "git"
},
{
"lessThan": "dd00b4f8f768",
"status": "affected",
"version": "28d1dddc59f6",
"versionType": "git"
},
{
"lessThan": "447c3d4046d7",
"status": "affected",
"version": "28d1dddc59f6",
"versionType": "git"
},
{
"lessThan": "37c2c83ca4f1",
"status": "affected",
"version": "28d1dddc59f6",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/spi/spi-uniphier.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.6"
},
{
"lessThan": "5.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.99",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: uniphier: fix reference count leak in uniphier_spi_probe()\n\nThe issue happens in several error paths in uniphier_spi_probe().\nWhen either dma_get_slave_caps() or devm_spi_register_master() returns\nan error code, the function forgets to decrease the refcount of both\n`dma_rx` and `dma_tx` objects, which may lead to refcount leaks.\n\nFix it by decrementing the reference count of specific objects in\nthose error paths."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:11.346Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e895e067d73e154b1ebc84a124e00831e311d9b0"
},
{
"url": "https://git.kernel.org/stable/c/dd00b4f8f768d81c3788a8ac88fdb3d745e55ea3"
},
{
"url": "https://git.kernel.org/stable/c/447c3d4046d7b54052d07d8b27e15e6edea5662c"
},
{
"url": "https://git.kernel.org/stable/c/37c2c83ca4f1ef4b6908181ac98e18360af89b42"
}
],
"title": "spi: uniphier: fix reference count leak in uniphier_spi_probe()",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48723",
"datePublished": "2024-06-20T11:13:13.965Z",
"dateReserved": "2024-06-20T11:09:39.051Z",
"dateUpdated": "2024-09-11T17:34:49.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48732
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
drm/nouveau: fix off by one in BIOS boundary checking
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d4b746e60fd8eaa8016e144223abe91158edcdad"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/909d3ec1bf9f0ec534bfc081b77c0836fea7b0e2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b2a21669ee98aafc41c6d42ef15af4dab9e6e882"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/acc887ba88333f5fec49631f12d8cc7ebd95781c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f071d9fa857582d7bd77f4906691f73d3edeab73"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d877e814a62b7de9069aeff8bc1d979dfc996e06"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e7c36fa8a1e63b08312162179c78a0c7795ea369"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1b777d4d9e383d2744fc9b3a09af6ec1893c8b1a"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48732",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:57.349463Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:48.977Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/nouveau/nvkm/subdev/bios/base.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d4b746e60fd8",
"status": "affected",
"version": "4d4e9907ff57",
"versionType": "git"
},
{
"lessThan": "909d3ec1bf9f",
"status": "affected",
"version": "4d4e9907ff57",
"versionType": "git"
},
{
"lessThan": "b2a21669ee98",
"status": "affected",
"version": "4d4e9907ff57",
"versionType": "git"
},
{
"lessThan": "acc887ba8833",
"status": "affected",
"version": "4d4e9907ff57",
"versionType": "git"
},
{
"lessThan": "f071d9fa8575",
"status": "affected",
"version": "4d4e9907ff57",
"versionType": "git"
},
{
"lessThan": "d877e814a62b",
"status": "affected",
"version": "4d4e9907ff57",
"versionType": "git"
},
{
"lessThan": "e7c36fa8a1e6",
"status": "affected",
"version": "4d4e9907ff57",
"versionType": "git"
},
{
"lessThan": "1b777d4d9e38",
"status": "affected",
"version": "4d4e9907ff57",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/nouveau/nvkm/subdev/bios/base.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.8"
},
{
"lessThan": "4.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.300",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.265",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.178",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.99",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: fix off by one in BIOS boundary checking\n\nBounds checking when parsing init scripts embedded in the BIOS reject\naccess to the last byte. This causes driver initialization to fail on\nApple eMac\u0027s with GeForce 2 MX GPUs, leaving the system with no working\nconsole.\n\nThis is probably only seen on OpenFirmware machines like PowerPC Macs\nbecause the BIOS image provided by OF is only the used parts of the ROM,\nnot a power-of-two blocks read from PCI directly so PCs always have\nempty bytes at the end that are never accessed."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:21.847Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d4b746e60fd8eaa8016e144223abe91158edcdad"
},
{
"url": "https://git.kernel.org/stable/c/909d3ec1bf9f0ec534bfc081b77c0836fea7b0e2"
},
{
"url": "https://git.kernel.org/stable/c/b2a21669ee98aafc41c6d42ef15af4dab9e6e882"
},
{
"url": "https://git.kernel.org/stable/c/acc887ba88333f5fec49631f12d8cc7ebd95781c"
},
{
"url": "https://git.kernel.org/stable/c/f071d9fa857582d7bd77f4906691f73d3edeab73"
},
{
"url": "https://git.kernel.org/stable/c/d877e814a62b7de9069aeff8bc1d979dfc996e06"
},
{
"url": "https://git.kernel.org/stable/c/e7c36fa8a1e63b08312162179c78a0c7795ea369"
},
{
"url": "https://git.kernel.org/stable/c/1b777d4d9e383d2744fc9b3a09af6ec1893c8b1a"
}
],
"title": "drm/nouveau: fix off by one in BIOS boundary checking",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48732",
"datePublished": "2024-06-20T11:13:20.065Z",
"dateReserved": "2024-06-20T11:09:39.053Z",
"dateUpdated": "2024-09-11T17:34:48.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48735
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
ALSA: hda: Fix UAF of leds class devs at unbinding
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a7de1002135cf94367748ffc695a29812d7633b5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0e629052f013eeb61494d4df2f1f647c2a9aef47"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/813e9f3e06d22e29872d4fd51b54992d89cf66c8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/549f8ffc7b2f7561bea7f90930b6c5104318e87b"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48735",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:50.919175Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:48.755Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"sound/pci/hda/hda_generic.c",
"sound/pci/hda/hda_generic.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a7de1002135c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "0e629052f013",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "813e9f3e06d2",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "549f8ffc7b2f",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"sound/pci/hda/hda_generic.c",
"sound/pci/hda/hda_generic.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.99",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: Fix UAF of leds class devs at unbinding\n\nThe LED class devices that are created by HD-audio codec drivers are\nregistered via devm_led_classdev_register() and associated with the\nHD-audio codec device. Unfortunately, it turned out that the devres\nrelease doesn\u0027t work for this case; namely, since the codec resource\nrelease happens before the devm call chain, it triggers a NULL\ndereference or a UAF for a stale set_brightness_delay callback.\n\nFor fixing the bug, this patch changes the LED class device register\nand unregister in a manual manner without devres, keeping the\ninstances in hda_gen_spec."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:25.322Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a7de1002135cf94367748ffc695a29812d7633b5"
},
{
"url": "https://git.kernel.org/stable/c/0e629052f013eeb61494d4df2f1f647c2a9aef47"
},
{
"url": "https://git.kernel.org/stable/c/813e9f3e06d22e29872d4fd51b54992d89cf66c8"
},
{
"url": "https://git.kernel.org/stable/c/549f8ffc7b2f7561bea7f90930b6c5104318e87b"
}
],
"title": "ALSA: hda: Fix UAF of leds class devs at unbinding",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48735",
"datePublished": "2024-06-20T11:13:22.065Z",
"dateReserved": "2024-06-20T11:09:39.053Z",
"dateUpdated": "2024-09-11T17:34:48.755Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48748
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
net: bridge: vlan: fix memory leak in __allowed_ingress
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "446ff1fc37c7",
"status": "affected",
"version": "a580c76d534c",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "c5e216e880fa",
"status": "affected",
"version": "a580c76d534c",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "14be8d448fca",
"status": "affected",
"version": "a580c76d534c",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "fd20d9738395",
"status": "affected",
"version": "a580c76d534c",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "5.6"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "5.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.11",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.16",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.17",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unaffected",
"version": "5.17"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48748",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-26T14:37:10.652624Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-26T14:50:05.679Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/446ff1fc37c74093e81db40811a07b5a19f1d797"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c5e216e880fa6f2cd9d4a6541269377657163098"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/14be8d448fca6fe7b2a413831eedd55aef6c6511"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fd20d9738395cf8e27d0a17eba34169699fccdff"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/bridge/br_vlan.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "446ff1fc37c7",
"status": "affected",
"version": "a580c76d534c",
"versionType": "git"
},
{
"lessThan": "c5e216e880fa",
"status": "affected",
"version": "a580c76d534c",
"versionType": "git"
},
{
"lessThan": "14be8d448fca",
"status": "affected",
"version": "a580c76d534c",
"versionType": "git"
},
{
"lessThan": "fd20d9738395",
"status": "affected",
"version": "a580c76d534c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/bridge/br_vlan.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.6"
},
{
"lessThan": "5.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: vlan: fix memory leak in __allowed_ingress\n\nWhen using per-vlan state, if vlan snooping and stats are disabled,\nuntagged or priority-tagged ingress frame will go to check pvid state.\nIf the port state is forwarding and the pvid state is not\nlearning/forwarding, untagged or priority-tagged frame will be dropped\nbut skb memory is not freed.\nShould free skb when __allowed_ingress returns false."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:40.299Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/446ff1fc37c74093e81db40811a07b5a19f1d797"
},
{
"url": "https://git.kernel.org/stable/c/c5e216e880fa6f2cd9d4a6541269377657163098"
},
{
"url": "https://git.kernel.org/stable/c/14be8d448fca6fe7b2a413831eedd55aef6c6511"
},
{
"url": "https://git.kernel.org/stable/c/fd20d9738395cf8e27d0a17eba34169699fccdff"
}
],
"title": "net: bridge: vlan: fix memory leak in __allowed_ingress",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48748",
"datePublished": "2024-06-20T11:13:30.612Z",
"dateReserved": "2024-06-20T11:09:39.055Z",
"dateUpdated": "2024-08-03T15:25:01.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48718
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:24
Severity ?
EPSS score ?
Summary
drm: mxsfb: Fix NULL pointer dereference
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48718",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:53:23.368086Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:53:31.684Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:24:59.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/86a337bb803040e4401b87c974a7fb92efe3d0e1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6f9267e01cca749137349d8ffb0d0ebbadf567f4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/622c9a3a7868e1eeca39c55305ca3ebec4742b64"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/mxsfb/mxsfb_kms.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "86a337bb8030",
"status": "affected",
"version": "b776b0f00f24",
"versionType": "git"
},
{
"lessThan": "6f9267e01cca",
"status": "affected",
"version": "b776b0f00f24",
"versionType": "git"
},
{
"lessThan": "622c9a3a7868",
"status": "affected",
"version": "b776b0f00f24",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/mxsfb/mxsfb_kms.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.15"
},
{
"lessThan": "5.15",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.27",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: mxsfb: Fix NULL pointer dereference\n\nmxsfb should not ever dereference the NULL pointer which\ndrm_atomic_get_new_bridge_state is allowed to return.\nAssume a fixed format instead."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:00.496Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/86a337bb803040e4401b87c974a7fb92efe3d0e1"
},
{
"url": "https://git.kernel.org/stable/c/6f9267e01cca749137349d8ffb0d0ebbadf567f4"
},
{
"url": "https://git.kernel.org/stable/c/622c9a3a7868e1eeca39c55305ca3ebec4742b64"
}
],
"title": "drm: mxsfb: Fix NULL pointer dereference",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48718",
"datePublished": "2024-06-20T11:13:10.608Z",
"dateReserved": "2024-06-20T11:09:39.050Z",
"dateUpdated": "2024-08-03T15:24:59.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38625
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
fs/ntfs3: Check 'folio' pointer for NULL
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.044Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6c8054d590668629bb2eb6fb4cbf22455d08ada8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ff1068929459347f9e47f8d14c409dcf938c2641"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1cd6c96219c429ebcfa8e79a865277376c563803"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38625",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:09:12.508694Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:44.808Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/ntfs3/inode.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6c8054d59066",
"status": "affected",
"version": "82cae269cfa9",
"versionType": "git"
},
{
"lessThan": "ff1068929459",
"status": "affected",
"version": "82cae269cfa9",
"versionType": "git"
},
{
"lessThan": "1cd6c96219c4",
"status": "affected",
"version": "82cae269cfa9",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/ntfs3/inode.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.15"
},
{
"lessThan": "5.15",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Check \u0027folio\u0027 pointer for NULL\n\nIt can be NULL if bmap is called."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:19.434Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/6c8054d590668629bb2eb6fb4cbf22455d08ada8"
},
{
"url": "https://git.kernel.org/stable/c/ff1068929459347f9e47f8d14c409dcf938c2641"
},
{
"url": "https://git.kernel.org/stable/c/1cd6c96219c429ebcfa8e79a865277376c563803"
}
],
"title": "fs/ntfs3: Check \u0027folio\u0027 pointer for NULL",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38625",
"datePublished": "2024-06-21T10:18:17.603Z",
"dateReserved": "2024-06-18T19:36:34.945Z",
"dateUpdated": "2024-09-11T17:34:44.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38634
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-08-02 04:12
Severity ?
EPSS score ?
Summary
serial: max3100: Lock port->lock when calling uart_handle_cts_change()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38634",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T13:19:09.330989Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T13:19:18.846Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.070Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/44b38924135d2093e2ec1812969464845dd66dc9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ea9b35372b58ac2931bfc1d5bc25e839d1221e30"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cc121e3722a0a2c8f716ef991e5425b180a5fb94"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/78dbda51bb4241b88a52d71620f06231a341f9ba"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8296bb9e5925b6634259c5d4daee88f0cc0884ec"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/93df2fba6c7dfa9a2f08546ea9a5ca4728758458"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/865b30c8661924ee9145f442bf32cea549faa869"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/77ab53371a2066fdf9b895246505f5ef5a4b5d47"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/tty/serial/max3100.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "44b38924135d",
"status": "affected",
"version": "7831d56b0a35",
"versionType": "git"
},
{
"lessThan": "ea9b35372b58",
"status": "affected",
"version": "7831d56b0a35",
"versionType": "git"
},
{
"lessThan": "cc121e3722a0",
"status": "affected",
"version": "7831d56b0a35",
"versionType": "git"
},
{
"lessThan": "78dbda51bb42",
"status": "affected",
"version": "7831d56b0a35",
"versionType": "git"
},
{
"lessThan": "8296bb9e5925",
"status": "affected",
"version": "7831d56b0a35",
"versionType": "git"
},
{
"lessThan": "93df2fba6c7d",
"status": "affected",
"version": "7831d56b0a35",
"versionType": "git"
},
{
"lessThan": "865b30c86619",
"status": "affected",
"version": "7831d56b0a35",
"versionType": "git"
},
{
"lessThan": "77ab53371a20",
"status": "affected",
"version": "7831d56b0a35",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/tty/serial/max3100.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.30"
},
{
"lessThan": "2.6.30",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: max3100: Lock port-\u003elock when calling uart_handle_cts_change()\n\nuart_handle_cts_change() has to be called with port lock taken,\nSince we run it in a separate work, the lock may not be taken at\nthe time of running. Make sure that it\u0027s taken by explicitly doing\nthat. Without it we got a splat:\n\n WARNING: CPU: 0 PID: 10 at drivers/tty/serial/serial_core.c:3491 uart_handle_cts_change+0xa6/0xb0\n ...\n Workqueue: max3100-0 max3100_work [max3100]\n RIP: 0010:uart_handle_cts_change+0xa6/0xb0\n ...\n max3100_handlerx+0xc5/0x110 [max3100]\n max3100_work+0x12a/0x340 [max3100]"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:29.863Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/44b38924135d2093e2ec1812969464845dd66dc9"
},
{
"url": "https://git.kernel.org/stable/c/ea9b35372b58ac2931bfc1d5bc25e839d1221e30"
},
{
"url": "https://git.kernel.org/stable/c/cc121e3722a0a2c8f716ef991e5425b180a5fb94"
},
{
"url": "https://git.kernel.org/stable/c/78dbda51bb4241b88a52d71620f06231a341f9ba"
},
{
"url": "https://git.kernel.org/stable/c/8296bb9e5925b6634259c5d4daee88f0cc0884ec"
},
{
"url": "https://git.kernel.org/stable/c/93df2fba6c7dfa9a2f08546ea9a5ca4728758458"
},
{
"url": "https://git.kernel.org/stable/c/865b30c8661924ee9145f442bf32cea549faa869"
},
{
"url": "https://git.kernel.org/stable/c/77ab53371a2066fdf9b895246505f5ef5a4b5d47"
}
],
"title": "serial: max3100: Lock port-\u003elock when calling uart_handle_cts_change()",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38634",
"datePublished": "2024-06-21T10:18:23.573Z",
"dateReserved": "2024-06-18T19:36:34.947Z",
"dateUpdated": "2024-08-02T04:12:26.070Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48744
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
net/mlx5e: Avoid field-overflowing memcpy()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8fbdf8c8b8ab82beab882175157650452c46493e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ad5185735f7dab342fdd0dd41044da4c9ccfef67"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48744",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:38.103398Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:48.322Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/en.h",
"drivers/net/ethernet/mellanox/mlx5/core/en/xdp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8fbdf8c8b8ab",
"status": "affected",
"version": "b5503b994ed5",
"versionType": "git"
},
{
"lessThan": "ad5185735f7d",
"status": "affected",
"version": "b5503b994ed5",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/en.h",
"drivers/net/ethernet/mellanox/mlx5/core/en/xdp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.9"
},
{
"lessThan": "4.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.6",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Avoid field-overflowing memcpy()\n\nIn preparation for FORTIFY_SOURCE performing compile-time and run-time\nfield bounds checking for memcpy(), memmove(), and memset(), avoid\nintentionally writing across neighboring fields.\n\nUse flexible arrays instead of zero-element arrays (which look like they\nare always overflowing) and split the cross-field memcpy() into two halves\nthat can be appropriately bounds-checked by the compiler.\n\nWe were doing:\n\n\t#define ETH_HLEN 14\n\t#define VLAN_HLEN 4\n\t...\n\t#define MLX5E_XDP_MIN_INLINE (ETH_HLEN + VLAN_HLEN)\n\t...\n struct mlx5e_tx_wqe *wqe = mlx5_wq_cyc_get_wqe(wq, pi);\n\t...\n struct mlx5_wqe_eth_seg *eseg = \u0026wqe-\u003eeth;\n struct mlx5_wqe_data_seg *dseg = wqe-\u003edata;\n\t...\n\tmemcpy(eseg-\u003einline_hdr.start, xdptxd-\u003edata, MLX5E_XDP_MIN_INLINE);\n\ntarget is wqe-\u003eeth.inline_hdr.start (which the compiler sees as being\n2 bytes in size), but copying 18, intending to write across start\n(really vlan_tci, 2 bytes). The remaining 16 bytes get written into\nwqe-\u003edata[0], covering byte_count (4 bytes), lkey (4 bytes), and addr\n(8 bytes).\n\nstruct mlx5e_tx_wqe {\n struct mlx5_wqe_ctrl_seg ctrl; /* 0 16 */\n struct mlx5_wqe_eth_seg eth; /* 16 16 */\n struct mlx5_wqe_data_seg data[]; /* 32 0 */\n\n /* size: 32, cachelines: 1, members: 3 */\n /* last cacheline: 32 bytes */\n};\n\nstruct mlx5_wqe_eth_seg {\n u8 swp_outer_l4_offset; /* 0 1 */\n u8 swp_outer_l3_offset; /* 1 1 */\n u8 swp_inner_l4_offset; /* 2 1 */\n u8 swp_inner_l3_offset; /* 3 1 */\n u8 cs_flags; /* 4 1 */\n u8 swp_flags; /* 5 1 */\n __be16 mss; /* 6 2 */\n __be32 flow_table_metadata; /* 8 4 */\n union {\n struct {\n __be16 sz; /* 12 2 */\n u8 start[2]; /* 14 2 */\n } inline_hdr; /* 12 4 */\n struct {\n __be16 type; /* 12 2 */\n __be16 vlan_tci; /* 14 2 */\n } insert; /* 12 4 */\n __be32 trailer; /* 12 4 */\n }; /* 12 4 */\n\n /* size: 16, cachelines: 1, members: 9 */\n /* last cacheline: 16 bytes */\n};\n\nstruct mlx5_wqe_data_seg {\n __be32 byte_count; /* 0 4 */\n __be32 lkey; /* 4 4 */\n __be64 addr; /* 8 8 */\n\n /* size: 16, cachelines: 1, members: 3 */\n /* last cacheline: 16 bytes */\n};\n\nSo, split the memcpy() so the compiler can reason about the buffer\nsizes.\n\n\"pahole\" shows no size nor member offset changes to struct mlx5e_tx_wqe\nnor struct mlx5e_umr_wqe. \"objdump -d\" shows no meaningful object\ncode changes (i.e. only source line number induced differences and\noptimizations)."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:35.699Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8fbdf8c8b8ab82beab882175157650452c46493e"
},
{
"url": "https://git.kernel.org/stable/c/ad5185735f7dab342fdd0dd41044da4c9ccfef67"
}
],
"title": "net/mlx5e: Avoid field-overflowing memcpy()",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48744",
"datePublished": "2024-06-20T11:13:27.979Z",
"dateReserved": "2024-06-20T11:09:39.055Z",
"dateUpdated": "2024-09-11T17:34:48.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-36478
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-10-10 11:29
Severity ?
EPSS score ?
Summary
null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues'
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:05.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5d0495473ee4c1d041b5a917f10446a22c047f47"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a2db328b0839312c169eb42746ec46fc1ab53ed2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36478",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:09:31.490057Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:45.770Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/block/null_blk/main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "aaadb755f2d6",
"status": "affected",
"version": "45919fbfe1c4",
"versionType": "git"
},
{
"lessThan": "5d0495473ee4",
"status": "affected",
"version": "45919fbfe1c4",
"versionType": "git"
},
{
"lessThan": "a2db328b0839",
"status": "affected",
"version": "45919fbfe1c4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/block/null_blk/main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.5"
},
{
"lessThan": "5.5",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.55",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnull_blk: fix null-ptr-dereference while configuring \u0027power\u0027 and \u0027submit_queues\u0027\n\nWriting \u0027power\u0027 and \u0027submit_queues\u0027 concurrently will trigger kernel\npanic:\n\nTest script:\n\nmodprobe null_blk nr_devices=0\nmkdir -p /sys/kernel/config/nullb/nullb0\nwhile true; do echo 1 \u003e submit_queues; echo 4 \u003e submit_queues; done \u0026\nwhile true; do echo 1 \u003e power; echo 0 \u003e power; done\n\nTest result:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000148\nOops: 0000 [#1] PREEMPT SMP\nRIP: 0010:__lock_acquire+0x41d/0x28f0\nCall Trace:\n \u003cTASK\u003e\n lock_acquire+0x121/0x450\n down_write+0x5f/0x1d0\n simple_recursive_removal+0x12f/0x5c0\n blk_mq_debugfs_unregister_hctxs+0x7c/0x100\n blk_mq_update_nr_hw_queues+0x4a3/0x720\n nullb_update_nr_hw_queues+0x71/0xf0 [null_blk]\n nullb_device_submit_queues_store+0x79/0xf0 [null_blk]\n configfs_write_iter+0x119/0x1e0\n vfs_write+0x326/0x730\n ksys_write+0x74/0x150\n\nThis is because del_gendisk() can concurrent with\nblk_mq_update_nr_hw_queues():\n\nnullb_device_power_store\tnullb_apply_submit_queues\n null_del_dev\n del_gendisk\n\t\t\t\t nullb_update_nr_hw_queues\n\t\t\t\t if (!dev-\u003enullb)\n\t\t\t\t // still set while gendisk is deleted\n\t\t\t\t return 0\n\t\t\t\t blk_mq_update_nr_hw_queues\n dev-\u003enullb = NULL\n\nFix this problem by resuing the global mutex to protect\nnullb_device_power_store() and nullb_update_nr_hw_queues() from configfs."
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T11:29:50.625Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/aaadb755f2d684f715a6eb85cb7243aa0c67dfa9"
},
{
"url": "https://git.kernel.org/stable/c/5d0495473ee4c1d041b5a917f10446a22c047f47"
},
{
"url": "https://git.kernel.org/stable/c/a2db328b0839312c169eb42746ec46fc1ab53ed2"
}
],
"title": "null_blk: fix null-ptr-dereference while configuring \u0027power\u0027 and \u0027submit_queues\u0027",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-36478",
"datePublished": "2024-06-21T10:18:09.027Z",
"dateReserved": "2024-06-21T10:13:16.284Z",
"dateUpdated": "2024-10-10T11:29:50.625Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38630
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-10-12 13:03
Severity ?
EPSS score ?
Summary
watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.084Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9b1c063ffc075abf56f63e55d70b9778ff534314"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f19686d616500cd0d47b30cee82392b53f7f784a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/573601521277119f2e2ba5f28ae6e87fc594f4d4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38630",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:09:05.880196Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:44.575Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/watchdog/cpu5wdt.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "9b1c063ffc07",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "f19686d61650",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "573601521277",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/watchdog/cpu5wdt.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.12"
},
{
"lessThan": "2.6.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger\n\nWhen the cpu5wdt module is removing, the origin code uses del_timer() to\nde-activate the timer. If the timer handler is running, del_timer() could\nnot stop it and will return directly. If the port region is released by\nrelease_region() and then the timer handler cpu5wdt_trigger() calls outb()\nto write into the region that is released, the use-after-free bug will\nhappen.\n\nChange del_timer() to timer_shutdown_sync() in order that the timer handler\ncould be finished before the port region is released."
}
],
"providerMetadata": {
"dateUpdated": "2024-10-12T13:03:42.695Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/9b1c063ffc075abf56f63e55d70b9778ff534314"
},
{
"url": "https://git.kernel.org/stable/c/f19686d616500cd0d47b30cee82392b53f7f784a"
},
{
"url": "https://git.kernel.org/stable/c/573601521277119f2e2ba5f28ae6e87fc594f4d4"
}
],
"title": "watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38630",
"datePublished": "2024-06-21T10:18:20.892Z",
"dateReserved": "2024-06-18T19:36:34.947Z",
"dateUpdated": "2024-10-12T13:03:42.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48768
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
tracing/histogram: Fix a potential memory leak for kstrdup()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8a8878ebb596281f50fc0b9a6e1f23f0d7f154e8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d71b06aa995007eafd247626d0669b9364c42ad7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e33fa4a46ee22de88a700e2e3d033da8214a5175"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/df86e2fe808c3536a9dba353cc2bebdfea00d0cf"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e629e7b525a179e29d53463d992bdee759c950fb"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48768",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:06.707508Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:47.107Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/trace/trace_events_hist.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8a8878ebb596",
"status": "affected",
"version": "38b67e60b6b5",
"versionType": "git"
},
{
"lessThan": "d71b06aa9950",
"status": "affected",
"version": "d380dcde9a07",
"versionType": "git"
},
{
"lessThan": "e33fa4a46ee2",
"status": "affected",
"version": "d380dcde9a07",
"versionType": "git"
},
{
"lessThan": "df86e2fe808c",
"status": "affected",
"version": "d380dcde9a07",
"versionType": "git"
},
{
"lessThan": "e629e7b525a1",
"status": "affected",
"version": "d380dcde9a07",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/trace/trace_events_hist.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.6"
},
{
"lessThan": "5.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.176",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/histogram: Fix a potential memory leak for kstrdup()\n\nkfree() is missing on an error path to free the memory allocated by\nkstrdup():\n\n p = param = kstrdup(data-\u003eparams[i], GFP_KERNEL);\n\nSo it is better to free it via kfree(p)."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:15:03.901Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8a8878ebb596281f50fc0b9a6e1f23f0d7f154e8"
},
{
"url": "https://git.kernel.org/stable/c/d71b06aa995007eafd247626d0669b9364c42ad7"
},
{
"url": "https://git.kernel.org/stable/c/e33fa4a46ee22de88a700e2e3d033da8214a5175"
},
{
"url": "https://git.kernel.org/stable/c/df86e2fe808c3536a9dba353cc2bebdfea00d0cf"
},
{
"url": "https://git.kernel.org/stable/c/e629e7b525a179e29d53463d992bdee759c950fb"
}
],
"title": "tracing/histogram: Fix a potential memory leak for kstrdup()",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48768",
"datePublished": "2024-06-20T11:13:43.830Z",
"dateReserved": "2024-06-20T11:09:39.061Z",
"dateUpdated": "2024-09-11T17:34:47.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48769
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
efi: runtime: avoid EFIv2 runtime services on Apple x86 machines
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.538Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b0f1cc093bc2493ac259c53766fd2b800e085807"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3df52448978802ae15dcebf66beba1029df957b4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a4085859411c825c321c9b55b8a9dc5a128a6684"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f5390cd0b43c2e54c7cf5506c7da4a37c5cef746"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48769",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:03.596823Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:46.991Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/firmware/efi/efi.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b0f1cc093bc2",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "3df524489788",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "a4085859411c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "f5390cd0b43c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/firmware/efi/efi.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: runtime: avoid EFIv2 runtime services on Apple x86 machines\n\nAditya reports [0] that his recent MacbookPro crashes in the firmware\nwhen using the variable services at runtime. The culprit appears to be a\ncall to QueryVariableInfo(), which we did not use to call on Apple x86\nmachines in the past as they only upgraded from EFI v1.10 to EFI v2.40\nfirmware fairly recently, and QueryVariableInfo() (along with\nUpdateCapsule() et al) was added in EFI v2.00.\n\nThe only runtime service introduced in EFI v2.00 that we actually use in\nLinux is QueryVariableInfo(), as the capsule based ones are optional,\ngenerally not used at runtime (all the LVFS/fwupd firmware update\ninfrastructure uses helper EFI programs that invoke capsule update at\nboot time, not runtime), and not implemented by Apple machines in the\nfirst place. QueryVariableInfo() is used to \u0027safely\u0027 set variables,\ni.e., only when there is enough space. This prevents machines with buggy\nfirmwares from corrupting their NVRAMs when they run out of space.\n\nGiven that Apple machines have been using EFI v1.10 services only for\nthe longest time (the EFI v2.0 spec was released in 2006, and Linux\nsupport for the newly introduced runtime services was added in 2011, but\nthe MacbookPro12,1 released in 2015 still claims to be EFI v1.10 only),\nlet\u0027s avoid the EFI v2.0 ones on all Apple x86 machines.\n\n[0] https://lore.kernel.org/all/6D757C75-65B1-468B-842D-10410081A8E4@live.com/"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:15:05.214Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b0f1cc093bc2493ac259c53766fd2b800e085807"
},
{
"url": "https://git.kernel.org/stable/c/3df52448978802ae15dcebf66beba1029df957b4"
},
{
"url": "https://git.kernel.org/stable/c/a4085859411c825c321c9b55b8a9dc5a128a6684"
},
{
"url": "https://git.kernel.org/stable/c/f5390cd0b43c2e54c7cf5506c7da4a37c5cef746"
}
],
"title": "efi: runtime: avoid EFIv2 runtime services on Apple x86 machines",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48769",
"datePublished": "2024-06-20T11:13:44.469Z",
"dateReserved": "2024-06-20T11:09:39.061Z",
"dateUpdated": "2024-09-11T17:34:46.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38627
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-08-02 04:12
Severity ?
EPSS score ?
Summary
stm class: Fix a double free in stm_register_device()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38627",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T13:23:15.087129Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T13:23:21.516Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.080Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6cc30ef8eb6d8f8d6df43152264bbf8835d99931"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a0450d3f38e7c6c0a7c0afd4182976ee15573695"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/713fc00c571dde4af3db2dbd5d1b0eadc327817b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7419df1acffbcc90037f6b5a2823e81389659b36"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4bfd48bb6e62512b9c392c5002c11e1e3b18d247"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/370c480410f60b90ba3e96abe73ead21ec827b20"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d782a2db8f7ac49c33b9ca3e835500a28667d1be"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3df463865ba42b8f88a590326f4c9ea17a1ce459"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/hwtracing/stm/core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6cc30ef8eb6d",
"status": "affected",
"version": "389b6699a2aa",
"versionType": "git"
},
{
"lessThan": "a0450d3f38e7",
"status": "affected",
"version": "389b6699a2aa",
"versionType": "git"
},
{
"lessThan": "713fc00c571d",
"status": "affected",
"version": "389b6699a2aa",
"versionType": "git"
},
{
"lessThan": "7419df1acffb",
"status": "affected",
"version": "389b6699a2aa",
"versionType": "git"
},
{
"lessThan": "4bfd48bb6e62",
"status": "affected",
"version": "389b6699a2aa",
"versionType": "git"
},
{
"lessThan": "370c480410f6",
"status": "affected",
"version": "389b6699a2aa",
"versionType": "git"
},
{
"lessThan": "d782a2db8f7a",
"status": "affected",
"version": "389b6699a2aa",
"versionType": "git"
},
{
"lessThan": "3df463865ba4",
"status": "affected",
"version": "389b6699a2aa",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/hwtracing/stm/core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.7"
},
{
"lessThan": "4.7",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nstm class: Fix a double free in stm_register_device()\n\nThe put_device(\u0026stm-\u003edev) call will trigger stm_device_release() which\nfrees \"stm\" so the vfree(stm) on the next line is a double free."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:21.714Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/6cc30ef8eb6d8f8d6df43152264bbf8835d99931"
},
{
"url": "https://git.kernel.org/stable/c/a0450d3f38e7c6c0a7c0afd4182976ee15573695"
},
{
"url": "https://git.kernel.org/stable/c/713fc00c571dde4af3db2dbd5d1b0eadc327817b"
},
{
"url": "https://git.kernel.org/stable/c/7419df1acffbcc90037f6b5a2823e81389659b36"
},
{
"url": "https://git.kernel.org/stable/c/4bfd48bb6e62512b9c392c5002c11e1e3b18d247"
},
{
"url": "https://git.kernel.org/stable/c/370c480410f60b90ba3e96abe73ead21ec827b20"
},
{
"url": "https://git.kernel.org/stable/c/d782a2db8f7ac49c33b9ca3e835500a28667d1be"
},
{
"url": "https://git.kernel.org/stable/c/3df463865ba42b8f88a590326f4c9ea17a1ce459"
}
],
"title": "stm class: Fix a double free in stm_register_device()",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38627",
"datePublished": "2024-06-21T10:18:18.912Z",
"dateReserved": "2024-06-18T19:36:34.946Z",
"dateUpdated": "2024-08-02T04:12:26.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48747
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
block: Fix wrong offset in bio_truncate()
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "6cbf4c731d78",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "b63e120189fd",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "4633a79ff8bc",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "941d5180c430",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "3ee859e384d4",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.5",
"status": "unaffected",
"version": "5.4.176",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.11",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.16",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.17",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unaffected",
"version": "5.17"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48747",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-26T14:56:40.641058Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-908",
"description": "CWE-908 Use of Uninitialized Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-26T15:24:18.657Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6cbf4c731d7812518cd857c2cfc3da9fd120f6ae"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b63e120189fd92aff00096d11e2fc5253f60248b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4633a79ff8bc82770486a063a08b55e5162521d8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/941d5180c430ce5b0f7a3622ef9b76077bfa3d82"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3ee859e384d453d6ac68bfd5971f630d9fa46ad3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"block/bio.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6cbf4c731d78",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "b63e120189fd",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "4633a79ff8bc",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "941d5180c430",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "3ee859e384d4",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"block/bio.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.176",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix wrong offset in bio_truncate()\n\nbio_truncate() clears the buffer outside of last block of bdev, however\ncurrent bio_truncate() is using the wrong offset of page. So it can\nreturn the uninitialized data.\n\nThis happened when both of truncated/corrupted FS and userspace (via\nbdev) are trying to read the last of bdev."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:39.143Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/6cbf4c731d7812518cd857c2cfc3da9fd120f6ae"
},
{
"url": "https://git.kernel.org/stable/c/b63e120189fd92aff00096d11e2fc5253f60248b"
},
{
"url": "https://git.kernel.org/stable/c/4633a79ff8bc82770486a063a08b55e5162521d8"
},
{
"url": "https://git.kernel.org/stable/c/941d5180c430ce5b0f7a3622ef9b76077bfa3d82"
},
{
"url": "https://git.kernel.org/stable/c/3ee859e384d453d6ac68bfd5971f630d9fa46ad3"
}
],
"title": "block: Fix wrong offset in bio_truncate()",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48747",
"datePublished": "2024-06-20T11:13:29.951Z",
"dateReserved": "2024-06-20T11:09:39.055Z",
"dateUpdated": "2024-08-03T15:25:01.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48754
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
phylib: fix potential use-after-free
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "67d271760b03",
"status": "affected",
"version": "bafbdd527d56",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "f39027cbada4",
"status": "affected",
"version": "bafbdd527d56",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "bd024e36f681",
"status": "affected",
"version": "bafbdd527d56",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "aefaccd19379",
"status": "affected",
"version": "bafbdd527d56",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "cb2fab10fc5e",
"status": "affected",
"version": "bafbdd527d56",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "cbda1b166875",
"status": "affected",
"version": "bafbdd527d56",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "4.16"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "4.16",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "4.20",
"status": "unaffected",
"version": "4.19.228",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.5",
"status": "unaffected",
"version": "5.4.176",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.11",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.16",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.17",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unaffected",
"version": "5.17"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48754",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T15:12:03.815461Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T15:26:05.300Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/67d271760b037ce0806d687ee6057edc8afd4205"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f39027cbada43b33566c312e6be3db654ca3ad17"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bd024e36f68174b1793906c39ca16cee0c9295c2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/aefaccd19379d6c4620269a162bfb88ff687f289"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cb2fab10fc5e7a3aa1bb0a68a3abdcf3e37852af"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cbda1b16687580d5beee38273f6241ae3725960c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/phy/phy_device.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "67d271760b03",
"status": "affected",
"version": "bafbdd527d56",
"versionType": "git"
},
{
"lessThan": "f39027cbada4",
"status": "affected",
"version": "bafbdd527d56",
"versionType": "git"
},
{
"lessThan": "bd024e36f681",
"status": "affected",
"version": "bafbdd527d56",
"versionType": "git"
},
{
"lessThan": "aefaccd19379",
"status": "affected",
"version": "bafbdd527d56",
"versionType": "git"
},
{
"lessThan": "cb2fab10fc5e",
"status": "affected",
"version": "bafbdd527d56",
"versionType": "git"
},
{
"lessThan": "cbda1b166875",
"status": "affected",
"version": "bafbdd527d56",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/phy/phy_device.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.16"
},
{
"lessThan": "4.16",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.176",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nphylib: fix potential use-after-free\n\nCommit bafbdd527d56 (\"phylib: Add device reset GPIO support\") added call\nto phy_device_reset(phydev) after the put_device() call in phy_detach().\n\nThe comment before the put_device() call says that the phydev might go\naway with put_device().\n\nFix potential use-after-free by calling phy_device_reset() before\nput_device()."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:47.307Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/67d271760b037ce0806d687ee6057edc8afd4205"
},
{
"url": "https://git.kernel.org/stable/c/f39027cbada43b33566c312e6be3db654ca3ad17"
},
{
"url": "https://git.kernel.org/stable/c/bd024e36f68174b1793906c39ca16cee0c9295c2"
},
{
"url": "https://git.kernel.org/stable/c/aefaccd19379d6c4620269a162bfb88ff687f289"
},
{
"url": "https://git.kernel.org/stable/c/cb2fab10fc5e7a3aa1bb0a68a3abdcf3e37852af"
},
{
"url": "https://git.kernel.org/stable/c/cbda1b16687580d5beee38273f6241ae3725960c"
}
],
"title": "phylib: fix potential use-after-free",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48754",
"datePublished": "2024-06-20T11:13:34.561Z",
"dateReserved": "2024-06-20T11:09:39.057Z",
"dateUpdated": "2024-08-03T15:25:01.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38637
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
greybus: lights: check return of get_channel_from_mode
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.007Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8f4a76d477f0cc3c54d512f07f6f88c8e1c1e07b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e2c64246e5dc8c0d35ec41770b85e2b4cafdff21"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/eac10cf3a97ffd4b4deb0a29f57c118225a42850"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/330f6bcdcef03f70f81db5f2ed6747af656a09f2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9b41a9b9c8be8c552f10633453fdb509e83b66f8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/518e2c46b5dbce40b1aa0100001d03c3ceaa7d38"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/895cdd9aa9546523df839f9cc1488a0ecc1e0731"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a1ba19a1ae7cd1e324685ded4ab563e78fe68648"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38637",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:08:59.285414Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:44.356Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/staging/greybus/light.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8f4a76d477f0",
"status": "affected",
"version": "2870b52bae4c",
"versionType": "git"
},
{
"lessThan": "e2c64246e5dc",
"status": "affected",
"version": "2870b52bae4c",
"versionType": "git"
},
{
"lessThan": "eac10cf3a97f",
"status": "affected",
"version": "2870b52bae4c",
"versionType": "git"
},
{
"lessThan": "330f6bcdcef0",
"status": "affected",
"version": "2870b52bae4c",
"versionType": "git"
},
{
"lessThan": "9b41a9b9c8be",
"status": "affected",
"version": "2870b52bae4c",
"versionType": "git"
},
{
"lessThan": "518e2c46b5db",
"status": "affected",
"version": "2870b52bae4c",
"versionType": "git"
},
{
"lessThan": "895cdd9aa954",
"status": "affected",
"version": "2870b52bae4c",
"versionType": "git"
},
{
"lessThan": "a1ba19a1ae7c",
"status": "affected",
"version": "2870b52bae4c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/staging/greybus/light.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.9"
},
{
"lessThan": "4.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngreybus: lights: check return of get_channel_from_mode\n\nIf channel for the given node is not found we return null from\nget_channel_from_mode. Make sure we validate the return pointer\nbefore using it in two of the missing places.\n\nThis was originally reported in [0]:\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[0] https://lore.kernel.org/all/20240301190425.120605-1-m.lobanov@rosalinux.ru"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:33.371Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8f4a76d477f0cc3c54d512f07f6f88c8e1c1e07b"
},
{
"url": "https://git.kernel.org/stable/c/e2c64246e5dc8c0d35ec41770b85e2b4cafdff21"
},
{
"url": "https://git.kernel.org/stable/c/eac10cf3a97ffd4b4deb0a29f57c118225a42850"
},
{
"url": "https://git.kernel.org/stable/c/330f6bcdcef03f70f81db5f2ed6747af656a09f2"
},
{
"url": "https://git.kernel.org/stable/c/9b41a9b9c8be8c552f10633453fdb509e83b66f8"
},
{
"url": "https://git.kernel.org/stable/c/518e2c46b5dbce40b1aa0100001d03c3ceaa7d38"
},
{
"url": "https://git.kernel.org/stable/c/895cdd9aa9546523df839f9cc1488a0ecc1e0731"
},
{
"url": "https://git.kernel.org/stable/c/a1ba19a1ae7cd1e324685ded4ab563e78fe68648"
}
],
"title": "greybus: lights: check return of get_channel_from_mode",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38637",
"datePublished": "2024-06-21T10:18:25.560Z",
"dateReserved": "2024-06-18T19:36:34.948Z",
"dateUpdated": "2024-09-11T17:34:44.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48759
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48759",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:44:05.243673Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:44:14.329Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/74d85e9fbc7022a4011102c7474a9c7aeb704a35"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/70cb4295ec806b663665e1d2ed15caab6159880e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/da27b834c1e0222e149e06caddf7718478086d1b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1dbb206730f3e5ce90014ad569ddf8167ec4124a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/85aba11a8ea92a8eef2de95ebbe063086fd62d9c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d6cdc6ae542845d4d0ac8b6d99362bde7042a3c7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b7fb2dad571d1e21173c06cef0bced77b323990a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/rpmsg/rpmsg_char.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "74d85e9fbc70",
"status": "affected",
"version": "c0cdc19f84a4",
"versionType": "git"
},
{
"lessThan": "70cb4295ec80",
"status": "affected",
"version": "c0cdc19f84a4",
"versionType": "git"
},
{
"lessThan": "da27b834c1e0",
"status": "affected",
"version": "c0cdc19f84a4",
"versionType": "git"
},
{
"lessThan": "1dbb206730f3",
"status": "affected",
"version": "c0cdc19f84a4",
"versionType": "git"
},
{
"lessThan": "85aba11a8ea9",
"status": "affected",
"version": "c0cdc19f84a4",
"versionType": "git"
},
{
"lessThan": "d6cdc6ae5428",
"status": "affected",
"version": "c0cdc19f84a4",
"versionType": "git"
},
{
"lessThan": "b7fb2dad571d",
"status": "affected",
"version": "c0cdc19f84a4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/rpmsg/rpmsg_char.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.11"
},
{
"lessThan": "4.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.265",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.176",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev\n\nstruct rpmsg_ctrldev contains a struct cdev. The current code frees\nthe rpmsg_ctrldev struct in rpmsg_ctrldev_release_device(), but the\ncdev is a managed object, therefore its release is not predictable\nand the rpmsg_ctrldev could be freed before the cdev is entirely\nreleased, as in the backtrace below.\n\n[ 93.625603] ODEBUG: free active (active state 0) object type: timer_list hint: delayed_work_timer_fn+0x0/0x7c\n[ 93.636115] WARNING: CPU: 0 PID: 12 at lib/debugobjects.c:488 debug_print_object+0x13c/0x1b0\n[ 93.644799] Modules linked in: veth xt_cgroup xt_MASQUERADE rfcomm algif_hash algif_skcipher af_alg uinput ip6table_nat fuse uvcvideo videobuf2_vmalloc venus_enc venus_dec videobuf2_dma_contig hci_uart btandroid btqca snd_soc_rt5682_i2c bluetooth qcom_spmi_temp_alarm snd_soc_rt5682v\n[ 93.715175] CPU: 0 PID: 12 Comm: kworker/0:1 Tainted: G B 5.4.163-lockdep #26\n[ 93.723855] Hardware name: Google Lazor (rev3 - 8) with LTE (DT)\n[ 93.730055] Workqueue: events kobject_delayed_cleanup\n[ 93.735271] pstate: 60c00009 (nZCv daif +PAN +UAO)\n[ 93.740216] pc : debug_print_object+0x13c/0x1b0\n[ 93.744890] lr : debug_print_object+0x13c/0x1b0\n[ 93.749555] sp : ffffffacf5bc7940\n[ 93.752978] x29: ffffffacf5bc7940 x28: dfffffd000000000\n[ 93.758448] x27: ffffffacdb11a800 x26: dfffffd000000000\n[ 93.763916] x25: ffffffd0734f856c x24: dfffffd000000000\n[ 93.769389] x23: 0000000000000000 x22: ffffffd0733c35b0\n[ 93.774860] x21: ffffffd0751994a0 x20: ffffffd075ec27c0\n[ 93.780338] x19: ffffffd075199100 x18: 00000000000276e0\n[ 93.785814] x17: 0000000000000000 x16: dfffffd000000000\n[ 93.791291] x15: ffffffffffffffff x14: 6e6968207473696c\n[ 93.796768] x13: 0000000000000000 x12: ffffffd075e2b000\n[ 93.802244] x11: 0000000000000001 x10: 0000000000000000\n[ 93.807723] x9 : d13400dff1921900 x8 : d13400dff1921900\n[ 93.813200] x7 : 0000000000000000 x6 : 0000000000000000\n[ 93.818676] x5 : 0000000000000080 x4 : 0000000000000000\n[ 93.824152] x3 : ffffffd0732a0fa4 x2 : 0000000000000001\n[ 93.829628] x1 : ffffffacf5bc7580 x0 : 0000000000000061\n[ 93.835104] Call trace:\n[ 93.837644] debug_print_object+0x13c/0x1b0\n[ 93.841963] __debug_check_no_obj_freed+0x25c/0x3c0\n[ 93.846987] debug_check_no_obj_freed+0x18/0x20\n[ 93.851669] slab_free_freelist_hook+0xbc/0x1e4\n[ 93.856346] kfree+0xfc/0x2f4\n[ 93.859416] rpmsg_ctrldev_release_device+0x78/0xb8\n[ 93.864445] device_release+0x84/0x168\n[ 93.868310] kobject_cleanup+0x12c/0x298\n[ 93.872356] kobject_delayed_cleanup+0x10/0x18\n[ 93.876948] process_one_work+0x578/0x92c\n[ 93.881086] worker_thread+0x804/0xcf8\n[ 93.884963] kthread+0x2a8/0x314\n[ 93.888303] ret_from_fork+0x10/0x18\n\nThe cdev_device_add/del() API was created to address this issue (see\ncommit \u0027233ed09d7fda (\"chardev: add helper function to register char\ndevs with a struct device\")\u0027), use it instead of cdev add/del()."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:53.194Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/74d85e9fbc7022a4011102c7474a9c7aeb704a35"
},
{
"url": "https://git.kernel.org/stable/c/70cb4295ec806b663665e1d2ed15caab6159880e"
},
{
"url": "https://git.kernel.org/stable/c/da27b834c1e0222e149e06caddf7718478086d1b"
},
{
"url": "https://git.kernel.org/stable/c/1dbb206730f3e5ce90014ad569ddf8167ec4124a"
},
{
"url": "https://git.kernel.org/stable/c/85aba11a8ea92a8eef2de95ebbe063086fd62d9c"
},
{
"url": "https://git.kernel.org/stable/c/d6cdc6ae542845d4d0ac8b6d99362bde7042a3c7"
},
{
"url": "https://git.kernel.org/stable/c/b7fb2dad571d1e21173c06cef0bced77b323990a"
}
],
"title": "rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48759",
"datePublished": "2024-06-20T11:13:37.872Z",
"dateReserved": "2024-06-20T11:09:39.059Z",
"dateUpdated": "2024-08-03T15:25:00.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38633
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-08-02 04:12
Severity ?
EPSS score ?
Summary
serial: max3100: Update uart_driver_registered on driver removal
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38633",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T15:15:33.848896Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T15:15:44.451Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.000Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/21a61a7fbcfdd3493cede43ebc7c4dfae2147a8b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9db4222ed8cd3e50b81c8b910ae74c26427a4003"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e8e2a4339decad7e59425b594a98613402652d72"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/361a92c9038e8c8c3996f8eeaa14522a8ad90752"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b6eb7aff23e05f362e8c9b560f6ac5e727b70e00"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e8a10089eddba40d4b2080c9d3fc2d2b2488f762"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fa84ca78b048dfb00df0ef446f5c35e0a98ca6a0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/712a1fcb38dc7cac6da63ee79a88708fbf9c45ec"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/tty/serial/max3100.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "21a61a7fbcfd",
"status": "affected",
"version": "7831d56b0a35",
"versionType": "git"
},
{
"lessThan": "9db4222ed8cd",
"status": "affected",
"version": "7831d56b0a35",
"versionType": "git"
},
{
"lessThan": "e8e2a4339dec",
"status": "affected",
"version": "7831d56b0a35",
"versionType": "git"
},
{
"lessThan": "361a92c9038e",
"status": "affected",
"version": "7831d56b0a35",
"versionType": "git"
},
{
"lessThan": "b6eb7aff23e0",
"status": "affected",
"version": "7831d56b0a35",
"versionType": "git"
},
{
"lessThan": "e8a10089eddb",
"status": "affected",
"version": "7831d56b0a35",
"versionType": "git"
},
{
"lessThan": "fa84ca78b048",
"status": "affected",
"version": "7831d56b0a35",
"versionType": "git"
},
{
"lessThan": "712a1fcb38dc",
"status": "affected",
"version": "7831d56b0a35",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/tty/serial/max3100.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.30"
},
{
"lessThan": "2.6.30",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: max3100: Update uart_driver_registered on driver removal\n\nThe removal of the last MAX3100 device triggers the removal of\nthe driver. However, code doesn\u0027t update the respective global\nvariable and after insmod \u2014 rmmod \u2014 insmod cycle the kernel\noopses:\n\n max3100 spi-PRP0001:01: max3100_probe: adding port 0\n BUG: kernel NULL pointer dereference, address: 0000000000000408\n ...\n RIP: 0010:serial_core_register_port+0xa0/0x840\n ...\n max3100_probe+0x1b6/0x280 [max3100]\n spi_probe+0x8d/0xb0\n\nUpdate the actual state so next time UART driver will be registered\nagain.\n\nHugo also noticed, that the error path in the probe also affected\nby having the variable set, and not cleared. Instead of clearing it\nmove the assignment after the successfull uart_register_driver() call."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:28.693Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/21a61a7fbcfdd3493cede43ebc7c4dfae2147a8b"
},
{
"url": "https://git.kernel.org/stable/c/9db4222ed8cd3e50b81c8b910ae74c26427a4003"
},
{
"url": "https://git.kernel.org/stable/c/e8e2a4339decad7e59425b594a98613402652d72"
},
{
"url": "https://git.kernel.org/stable/c/361a92c9038e8c8c3996f8eeaa14522a8ad90752"
},
{
"url": "https://git.kernel.org/stable/c/b6eb7aff23e05f362e8c9b560f6ac5e727b70e00"
},
{
"url": "https://git.kernel.org/stable/c/e8a10089eddba40d4b2080c9d3fc2d2b2488f762"
},
{
"url": "https://git.kernel.org/stable/c/fa84ca78b048dfb00df0ef446f5c35e0a98ca6a0"
},
{
"url": "https://git.kernel.org/stable/c/712a1fcb38dc7cac6da63ee79a88708fbf9c45ec"
}
],
"title": "serial: max3100: Update uart_driver_registered on driver removal",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38633",
"datePublished": "2024-06-21T10:18:22.905Z",
"dateReserved": "2024-06-18T19:36:34.947Z",
"dateUpdated": "2024-08-02T04:12:26.000Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48737
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2024-07-05T06:43:53.123Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"rejectedReasons": [
{
"lang": "en",
"value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48737",
"datePublished": "2024-06-20T11:13:23.368Z",
"dateRejected": "2024-07-05T06:43:53.123Z",
"dateReserved": "2024-06-20T11:09:39.054Z",
"dateUpdated": "2024-07-05T06:43:53.123Z",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48765
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
KVM: LAPIC: Also cancel preemption timer during SET_LAPIC
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.534Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/54b3439c8e70e0bcfea59aeef9dd98908cbbf655"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ce55f63f6cea4cab8ae9212f73285648a5baa30d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/35fe7cfbab2e81f1afb23fc4212210b1de6d9633"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48765",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:12.992201Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:47.369Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/x86/kvm/lapic.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "54b3439c8e70",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "ce55f63f6cea",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "35fe7cfbab2e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/x86/kvm/lapic.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: LAPIC: Also cancel preemption timer during SET_LAPIC\n\nThe below warning is splatting during guest reboot.\n\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 1931 at arch/x86/kvm/x86.c:10322 kvm_arch_vcpu_ioctl_run+0x874/0x880 [kvm]\n CPU: 0 PID: 1931 Comm: qemu-system-x86 Tainted: G I 5.17.0-rc1+ #5\n RIP: 0010:kvm_arch_vcpu_ioctl_run+0x874/0x880 [kvm]\n Call Trace:\n \u003cTASK\u003e\n kvm_vcpu_ioctl+0x279/0x710 [kvm]\n __x64_sys_ioctl+0x83/0xb0\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7fd39797350b\n\nThis can be triggered by not exposing tsc-deadline mode and doing a reboot in\nthe guest. The lapic_shutdown() function which is called in sys_reboot path\nwill not disarm the flying timer, it just masks LVTT. lapic_shutdown() clears\nAPIC state w/ LVT_MASKED and timer-mode bit is 0, this can trigger timer-mode\nswitch between tsc-deadline and oneshot/periodic, which can result in preemption\ntimer be cancelled in apic_update_lvtt(). However, We can\u0027t depend on this when\nnot exposing tsc-deadline mode and oneshot/periodic modes emulated by preemption\ntimer. Qemu will synchronise states around reset, let\u0027s cancel preemption timer\nunder KVM_SET_LAPIC."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:15:00.398Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/54b3439c8e70e0bcfea59aeef9dd98908cbbf655"
},
{
"url": "https://git.kernel.org/stable/c/ce55f63f6cea4cab8ae9212f73285648a5baa30d"
},
{
"url": "https://git.kernel.org/stable/c/35fe7cfbab2e81f1afb23fc4212210b1de6d9633"
}
],
"title": "KVM: LAPIC: Also cancel preemption timer during SET_LAPIC",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48765",
"datePublished": "2024-06-20T11:13:41.830Z",
"dateReserved": "2024-06-20T11:09:39.060Z",
"dateUpdated": "2024-09-11T17:34:47.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48731
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
mm/kmemleak: avoid scanning potential huge holes
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48731",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:35:34.134503Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T13:35:41.308Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.574Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d3533ee20e9a0e2e8f60384da7450d43d1c63d1a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/352715593e81b917ce1b321e794549815b850134"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a5389c80992f0001ee505838fe6a8b20897ce96e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cebb0aceb21ad91429617a40e3a17444fabf1529"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c10a0f877fe007021d70f9cada240f42adc2b5db"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"mm/kmemleak.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d3533ee20e9a",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "352715593e81",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "a5389c80992f",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "cebb0aceb21a",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "c10a0f877fe0",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"mm/kmemleak.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.178",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.99",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/kmemleak: avoid scanning potential huge holes\n\nWhen using devm_request_free_mem_region() and devm_memremap_pages() to\nadd ZONE_DEVICE memory, if requested free mem region\u0027s end pfn were\nhuge(e.g., 0x400000000), the node_end_pfn() will be also huge (see\nmove_pfn_range_to_zone()). Thus it creates a huge hole between\nnode_start_pfn() and node_end_pfn().\n\nWe found on some AMD APUs, amdkfd requested such a free mem region and\ncreated a huge hole. In such a case, following code snippet was just\ndoing busy test_bit() looping on the huge hole.\n\n for (pfn = start_pfn; pfn \u003c end_pfn; pfn++) {\n\tstruct page *page = pfn_to_online_page(pfn);\n\t\tif (!page)\n\t\t\tcontinue;\n\t...\n }\n\nSo we got a soft lockup:\n\n watchdog: BUG: soft lockup - CPU#6 stuck for 26s! [bash:1221]\n CPU: 6 PID: 1221 Comm: bash Not tainted 5.15.0-custom #1\n RIP: 0010:pfn_to_online_page+0x5/0xd0\n Call Trace:\n ? kmemleak_scan+0x16a/0x440\n kmemleak_write+0x306/0x3a0\n ? common_file_perm+0x72/0x170\n full_proxy_write+0x5c/0x90\n vfs_write+0xb9/0x260\n ksys_write+0x67/0xe0\n __x64_sys_write+0x1a/0x20\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nI did some tests with the patch.\n\n(1) amdgpu module unloaded\n\nbefore the patch:\n\n real 0m0.976s\n user 0m0.000s\n sys 0m0.968s\n\nafter the patch:\n\n real 0m0.981s\n user 0m0.000s\n sys 0m0.973s\n\n(2) amdgpu module loaded\n\nbefore the patch:\n\n real 0m35.365s\n user 0m0.000s\n sys 0m35.354s\n\nafter the patch:\n\n real 0m1.049s\n user 0m0.000s\n sys 0m1.042s"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:20.662Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d3533ee20e9a0e2e8f60384da7450d43d1c63d1a"
},
{
"url": "https://git.kernel.org/stable/c/352715593e81b917ce1b321e794549815b850134"
},
{
"url": "https://git.kernel.org/stable/c/a5389c80992f0001ee505838fe6a8b20897ce96e"
},
{
"url": "https://git.kernel.org/stable/c/cebb0aceb21ad91429617a40e3a17444fabf1529"
},
{
"url": "https://git.kernel.org/stable/c/c10a0f877fe007021d70f9cada240f42adc2b5db"
}
],
"title": "mm/kmemleak: avoid scanning potential huge holes",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48731",
"datePublished": "2024-06-20T11:13:19.407Z",
"dateReserved": "2024-06-20T11:09:39.053Z",
"dateUpdated": "2024-08-03T15:25:01.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-36484
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-08-02 03:37
Severity ?
EPSS score ?
Summary
net: relax socket state check at accept time.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36484",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T13:58:06.399872Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T13:58:14.703Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:05.014Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7de00adc9bd035d861ba4177848ca0bfa5ed1e04"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/59801e88c99f7c3f44a4d20af6ba6417aa359b5d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6e03006548c66b979f4e5e9fc797aac4dad82822"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/21c14c556cccd0cb54b71ec5e901e64ba84c7165"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c09ddc605893df542c6cf8dde6a57a93f7cf0adb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/87bdc9f6f58b4417362d6932b49b828e319f97dc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5f9a04a94fd1894d7009055ab8e5832a0242dba3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/26afda78cda3da974fd4c287962c169e9462c495"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/ipv4/af_inet.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7de00adc9bd0",
"status": "affected",
"version": "34e41a031fd7",
"versionType": "git"
},
{
"lessThan": "59801e88c99f",
"status": "affected",
"version": "ed5e279b69e0",
"versionType": "git"
},
{
"lessThan": "6e03006548c6",
"status": "affected",
"version": "413c33b9f3bc",
"versionType": "git"
},
{
"lessThan": "21c14c556ccc",
"status": "affected",
"version": "2552c9d9440f",
"versionType": "git"
},
{
"lessThan": "c09ddc605893",
"status": "affected",
"version": "3fe4ef0568a4",
"versionType": "git"
},
{
"lessThan": "87bdc9f6f58b",
"status": "affected",
"version": "f47d0d32fa94",
"versionType": "git"
},
{
"lessThan": "5f9a04a94fd1",
"status": "affected",
"version": "94062790aedb",
"versionType": "git"
},
{
"lessThan": "26afda78cda3",
"status": "affected",
"version": "94062790aedb",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/ipv4/af_inet.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.9"
},
{
"lessThan": "6.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.319",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.281",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.223",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.164",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: relax socket state check at accept time.\n\nChristoph reported the following splat:\n\nWARNING: CPU: 1 PID: 772 at net/ipv4/af_inet.c:761 __inet_accept+0x1f4/0x4a0\nModules linked in:\nCPU: 1 PID: 772 Comm: syz-executor510 Not tainted 6.9.0-rc7-g7da7119fe22b #56\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014\nRIP: 0010:__inet_accept+0x1f4/0x4a0 net/ipv4/af_inet.c:759\nCode: 04 38 84 c0 0f 85 87 00 00 00 41 c7 04 24 03 00 00 00 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 ec b7 da fd \u003c0f\u003e 0b e9 7f fe ff ff e8 e0 b7 da fd 0f 0b e9 fe fe ff ff 89 d9 80\nRSP: 0018:ffffc90000c2fc58 EFLAGS: 00010293\nRAX: ffffffff836bdd14 RBX: 0000000000000000 RCX: ffff888104668000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: dffffc0000000000 R08: ffffffff836bdb89 R09: fffff52000185f64\nR10: dffffc0000000000 R11: fffff52000185f64 R12: dffffc0000000000\nR13: 1ffff92000185f98 R14: ffff88810754d880 R15: ffff8881007b7800\nFS: 000000001c772880(0000) GS:ffff88811b280000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fb9fcf2e178 CR3: 00000001045d2002 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n inet_accept+0x138/0x1d0 net/ipv4/af_inet.c:786\n do_accept+0x435/0x620 net/socket.c:1929\n __sys_accept4_file net/socket.c:1969 [inline]\n __sys_accept4+0x9b/0x110 net/socket.c:1999\n __do_sys_accept net/socket.c:2016 [inline]\n __se_sys_accept net/socket.c:2013 [inline]\n __x64_sys_accept+0x7d/0x90 net/socket.c:2013\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x58/0x100 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x4315f9\nCode: fd ff 48 81 c4 80 00 00 00 e9 f1 fe ff ff 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 0f 83 ab b4 fd ff c3 66 2e 0f 1f 84 00 00 00 00\nRSP: 002b:00007ffdb26d9c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002b\nRAX: ffffffffffffffda RBX: 0000000000400300 RCX: 00000000004315f9\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004\nRBP: 00000000006e1018 R08: 0000000000400300 R09: 0000000000400300\nR10: 0000000000400300 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000040cdf0 R14: 000000000040ce80 R15: 0000000000000055\n \u003c/TASK\u003e\n\nThe reproducer invokes shutdown() before entering the listener status.\nAfter commit 94062790aedb (\"tcp: defer shutdown(SEND_SHUTDOWN) for\nTCP_SYN_RECV sockets\"), the above causes the child to reach the accept\nsyscall in FIN_WAIT1 status.\n\nEric noted we can relax the existing assertion in __inet_accept()"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T06:28:27.788Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7de00adc9bd035d861ba4177848ca0bfa5ed1e04"
},
{
"url": "https://git.kernel.org/stable/c/59801e88c99f7c3f44a4d20af6ba6417aa359b5d"
},
{
"url": "https://git.kernel.org/stable/c/6e03006548c66b979f4e5e9fc797aac4dad82822"
},
{
"url": "https://git.kernel.org/stable/c/21c14c556cccd0cb54b71ec5e901e64ba84c7165"
},
{
"url": "https://git.kernel.org/stable/c/c09ddc605893df542c6cf8dde6a57a93f7cf0adb"
},
{
"url": "https://git.kernel.org/stable/c/87bdc9f6f58b4417362d6932b49b828e319f97dc"
},
{
"url": "https://git.kernel.org/stable/c/5f9a04a94fd1894d7009055ab8e5832a0242dba3"
},
{
"url": "https://git.kernel.org/stable/c/26afda78cda3da974fd4c287962c169e9462c495"
}
],
"title": "net: relax socket state check at accept time.",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-36484",
"datePublished": "2024-06-21T10:18:09.672Z",
"dateReserved": "2024-06-21T10:12:11.494Z",
"dateUpdated": "2024-08-02T03:37:05.014Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38659
Vulnerability from cvelistv5
Published
2024-06-21 10:28
Modified
2024-08-02 04:12
Severity ?
EPSS score ?
Summary
enic: Validate length of nl attributes in enic_set_vf_port
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38659",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T13:26:27.611937Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T13:26:37.555Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.044Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2b649d7e0cb42a660f0260ef25fd55fdc9c6c600"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ca63fb7af9d3e531aa25f7ae187bfc6c7166ec2d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3c0d36972edbe56fcf98899622d9b90ac9965227"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/25571a12fbc8a1283bd8380d461267956fd426f7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7077c22f84f41974a711604a42fd0e0684232ee5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f6638e955ca00c489894789492776842e102af9c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/aee1955a1509a921c05c70dad5d6fc8563dfcb31"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e8021b94b0412c37bcc79027c2e382086b6ce449"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/cisco/enic/enic_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "2b649d7e0cb4",
"status": "affected",
"version": "f8bd909183ac",
"versionType": "git"
},
{
"lessThan": "ca63fb7af9d3",
"status": "affected",
"version": "f8bd909183ac",
"versionType": "git"
},
{
"lessThan": "3c0d36972edb",
"status": "affected",
"version": "f8bd909183ac",
"versionType": "git"
},
{
"lessThan": "25571a12fbc8",
"status": "affected",
"version": "f8bd909183ac",
"versionType": "git"
},
{
"lessThan": "7077c22f84f4",
"status": "affected",
"version": "f8bd909183ac",
"versionType": "git"
},
{
"lessThan": "f6638e955ca0",
"status": "affected",
"version": "f8bd909183ac",
"versionType": "git"
},
{
"lessThan": "aee1955a1509",
"status": "affected",
"version": "f8bd909183ac",
"versionType": "git"
},
{
"lessThan": "e8021b94b041",
"status": "affected",
"version": "f8bd909183ac",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/cisco/enic/enic_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.35"
},
{
"lessThan": "2.6.35",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nenic: Validate length of nl attributes in enic_set_vf_port\n\nenic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE\nis of length PORT_PROFILE_MAX and that the nl attributes\nIFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are of length PORT_UUID_MAX.\nThese attributes are validated (in the function do_setlink in rtnetlink.c)\nusing the nla_policy ifla_port_policy. The policy defines IFLA_PORT_PROFILE\nas NLA_STRING, IFLA_PORT_INSTANCE_UUID as NLA_BINARY and\nIFLA_PORT_HOST_UUID as NLA_STRING. That means that the length validation\nusing the policy is for the max size of the attributes and not on exact\nsize so the length of these attributes might be less than the sizes that\nenic_set_vf_port expects. This might cause an out of bands\nread access in the memcpys of the data of these\nattributes in enic_set_vf_port."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:34.623Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/2b649d7e0cb42a660f0260ef25fd55fdc9c6c600"
},
{
"url": "https://git.kernel.org/stable/c/ca63fb7af9d3e531aa25f7ae187bfc6c7166ec2d"
},
{
"url": "https://git.kernel.org/stable/c/3c0d36972edbe56fcf98899622d9b90ac9965227"
},
{
"url": "https://git.kernel.org/stable/c/25571a12fbc8a1283bd8380d461267956fd426f7"
},
{
"url": "https://git.kernel.org/stable/c/7077c22f84f41974a711604a42fd0e0684232ee5"
},
{
"url": "https://git.kernel.org/stable/c/f6638e955ca00c489894789492776842e102af9c"
},
{
"url": "https://git.kernel.org/stable/c/aee1955a1509a921c05c70dad5d6fc8563dfcb31"
},
{
"url": "https://git.kernel.org/stable/c/e8021b94b0412c37bcc79027c2e382086b6ce449"
}
],
"title": "enic: Validate length of nl attributes in enic_set_vf_port",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38659",
"datePublished": "2024-06-21T10:28:15.337Z",
"dateReserved": "2024-06-21T10:12:11.472Z",
"dateUpdated": "2024-08-02T04:12:26.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48771
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
drm/vmwgfx: Fix stale file descriptors on failed usercopy
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.306Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e8d092a62449dcfc73517ca43963d2b8f44d0516"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0008a0c78fc33a84e2212a7c04e6b21a36ca6f4d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/84b1259fe36ae0915f3d6ddcea6377779de48b82"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ae2b20f27732fe92055d9e7b350abc5cdf3e2414"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6066977961fc6f437bc064f628cf9b0e4571c56c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1d833b27fb708d6fdf5de9f6b3a8be4bd4321565"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a0f90c8815706981c483a652a6aefca51a5e191c"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48771",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:09:57.107831Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:46.747Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/vmwgfx/vmwgfx_drv.h",
"drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c",
"drivers/gpu/drm/vmwgfx/vmwgfx_fence.c",
"drivers/gpu/drm/vmwgfx/vmwgfx_kms.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e8d092a62449",
"status": "affected",
"version": "c906965dee22",
"versionType": "git"
},
{
"lessThan": "0008a0c78fc3",
"status": "affected",
"version": "c906965dee22",
"versionType": "git"
},
{
"lessThan": "84b1259fe36a",
"status": "affected",
"version": "c906965dee22",
"versionType": "git"
},
{
"lessThan": "ae2b20f27732",
"status": "affected",
"version": "c906965dee22",
"versionType": "git"
},
{
"lessThan": "6066977961fc",
"status": "affected",
"version": "c906965dee22",
"versionType": "git"
},
{
"lessThan": "1d833b27fb70",
"status": "affected",
"version": "c906965dee22",
"versionType": "git"
},
{
"lessThan": "a0f90c881570",
"status": "affected",
"version": "c906965dee22",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/vmwgfx/vmwgfx_drv.h",
"drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c",
"drivers/gpu/drm/vmwgfx/vmwgfx_fence.c",
"drivers/gpu/drm/vmwgfx/vmwgfx_kms.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.14"
},
{
"lessThan": "4.14",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.264",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.227",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.175",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.95",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.18",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix stale file descriptors on failed usercopy\n\nA failing usercopy of the fence_rep object will lead to a stale entry in\nthe file descriptor table as put_unused_fd() won\u0027t release it. This\nenables userland to refer to a dangling \u0027file\u0027 object through that still\nvalid file descriptor, leading to all kinds of use-after-free\nexploitation scenarios.\n\nFix this by deferring the call to fd_install() until after the usercopy\nhas succeeded."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:15:07.689Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e8d092a62449dcfc73517ca43963d2b8f44d0516"
},
{
"url": "https://git.kernel.org/stable/c/0008a0c78fc33a84e2212a7c04e6b21a36ca6f4d"
},
{
"url": "https://git.kernel.org/stable/c/84b1259fe36ae0915f3d6ddcea6377779de48b82"
},
{
"url": "https://git.kernel.org/stable/c/ae2b20f27732fe92055d9e7b350abc5cdf3e2414"
},
{
"url": "https://git.kernel.org/stable/c/6066977961fc6f437bc064f628cf9b0e4571c56c"
},
{
"url": "https://git.kernel.org/stable/c/1d833b27fb708d6fdf5de9f6b3a8be4bd4321565"
},
{
"url": "https://git.kernel.org/stable/c/a0f90c8815706981c483a652a6aefca51a5e191c"
}
],
"title": "drm/vmwgfx: Fix stale file descriptors on failed usercopy",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48771",
"datePublished": "2024-06-20T11:13:45.896Z",
"dateReserved": "2024-06-20T11:09:39.061Z",
"dateUpdated": "2024-09-11T17:34:46.747Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48717
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
ASoC: max9759: fix underflow in speaker_gain_control_put()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:17:55.849Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a0f49d12547d45ea8b0f356a96632dd503941c1e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/71e60c170105d153e34d01766c1e4db26a4b24cc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5a45448ac95b715173edb1cd090ff24b6586d921"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/baead410e5db49e962a67fffc17ac30e44b50b7c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f114fd6165dfb52520755cc4d1c1dfbd447b88b6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4c907bcd9dcd233da6707059d777ab389dcbd964"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48717",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:11:22.587612Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:49.845Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"sound/soc/codecs/max9759.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a0f49d12547d",
"status": "affected",
"version": "fa8d915172b8",
"versionType": "git"
},
{
"lessThan": "71e60c170105",
"status": "affected",
"version": "fa8d915172b8",
"versionType": "git"
},
{
"lessThan": "5a45448ac95b",
"status": "affected",
"version": "fa8d915172b8",
"versionType": "git"
},
{
"lessThan": "baead410e5db",
"status": "affected",
"version": "fa8d915172b8",
"versionType": "git"
},
{
"lessThan": "f114fd6165df",
"status": "affected",
"version": "fa8d915172b8",
"versionType": "git"
},
{
"lessThan": "4c907bcd9dcd",
"status": "affected",
"version": "fa8d915172b8",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"sound/soc/codecs/max9759.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.17"
},
{
"lessThan": "4.17",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.178",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.99",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: max9759: fix underflow in speaker_gain_control_put()\n\nCheck for negative values of \"priv-\u003egain\" to prevent an out of bounds\naccess. The concern is that these might come from the user via:\n -\u003e snd_ctl_elem_write_user()\n -\u003e snd_ctl_elem_write()\n -\u003e kctl-\u003eput()"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:13:59.341Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a0f49d12547d45ea8b0f356a96632dd503941c1e"
},
{
"url": "https://git.kernel.org/stable/c/71e60c170105d153e34d01766c1e4db26a4b24cc"
},
{
"url": "https://git.kernel.org/stable/c/5a45448ac95b715173edb1cd090ff24b6586d921"
},
{
"url": "https://git.kernel.org/stable/c/baead410e5db49e962a67fffc17ac30e44b50b7c"
},
{
"url": "https://git.kernel.org/stable/c/f114fd6165dfb52520755cc4d1c1dfbd447b88b6"
},
{
"url": "https://git.kernel.org/stable/c/4c907bcd9dcd233da6707059d777ab389dcbd964"
}
],
"title": "ASoC: max9759: fix underflow in speaker_gain_control_put()",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48717",
"datePublished": "2024-06-20T11:13:09.959Z",
"dateReserved": "2024-06-20T11:09:39.050Z",
"dateUpdated": "2024-09-11T17:34:49.845Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39277
Vulnerability from cvelistv5
Published
2024-06-21 11:15
Modified
2024-08-20 13:31
Severity ?
EPSS score ?
Summary
dma-mapping: benchmark: handle NUMA_NO_NODE correctly
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:5.11:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "5.11"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "b41b0018e8ca",
"status": "affected",
"version": "65789daa8087",
"versionType": "git"
},
{
"lessThan": "8e1ba9df9a35",
"status": "affected",
"version": "65789daa8087",
"versionType": "git"
},
{
"lessThan": "5a91116b0031",
"status": "affected",
"version": "65789daa8087",
"versionType": "git"
},
{
"lessThan": "50ee21bfc005",
"status": "affected",
"version": "65789daa8087",
"versionType": "git"
},
{
"lessThan": "e64746e74f71",
"status": "affected",
"version": "65789daa8087",
"versionType": "git"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-39277",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-20T03:55:13.483536Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T13:31:39.441Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:19:20.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b41b0018e8ca06e985e87220a618ec633988fd13"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8e1ba9df9a35e8dc64f657a64e523c79ba01e464"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5a91116b003175302f2e6ad94b76fb9b5a141a41"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/50ee21bfc005e69f183d6b4b454e33f0c2571e1f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e64746e74f717961250a155e14c156616fcd981f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/dma/map_benchmark.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b41b0018e8ca",
"status": "affected",
"version": "65789daa8087",
"versionType": "git"
},
{
"lessThan": "8e1ba9df9a35",
"status": "affected",
"version": "65789daa8087",
"versionType": "git"
},
{
"lessThan": "5a91116b0031",
"status": "affected",
"version": "65789daa8087",
"versionType": "git"
},
{
"lessThan": "50ee21bfc005",
"status": "affected",
"version": "65789daa8087",
"versionType": "git"
},
{
"lessThan": "e64746e74f71",
"status": "affected",
"version": "65789daa8087",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/dma/map_benchmark.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.11"
},
{
"lessThan": "5.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-mapping: benchmark: handle NUMA_NO_NODE correctly\n\ncpumask_of_node() can be called for NUMA_NO_NODE inside do_map_benchmark()\nresulting in the following sanitizer report:\n\nUBSAN: array-index-out-of-bounds in ./arch/x86/include/asm/topology.h:72:28\nindex -1 is out of range for type \u0027cpumask [64][1]\u0027\nCPU: 1 PID: 990 Comm: dma_map_benchma Not tainted 6.9.0-rc6 #29\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n \u003cTASK\u003e\ndump_stack_lvl (lib/dump_stack.c:117)\nubsan_epilogue (lib/ubsan.c:232)\n__ubsan_handle_out_of_bounds (lib/ubsan.c:429)\ncpumask_of_node (arch/x86/include/asm/topology.h:72) [inline]\ndo_map_benchmark (kernel/dma/map_benchmark.c:104)\nmap_benchmark_ioctl (kernel/dma/map_benchmark.c:246)\nfull_proxy_unlocked_ioctl (fs/debugfs/file.c:333)\n__x64_sys_ioctl (fs/ioctl.c:890)\ndo_syscall_64 (arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nUse cpumask_of_node() in place when binding a kernel thread to a cpuset\nof a particular node.\n\nNote that the provided node id is checked inside map_benchmark_ioctl().\nIt\u0027s just a NUMA_NO_NODE case which is not handled properly later.\n\nFound by Linux Verification Center (linuxtesting.org)."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:44.251Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b41b0018e8ca06e985e87220a618ec633988fd13"
},
{
"url": "https://git.kernel.org/stable/c/8e1ba9df9a35e8dc64f657a64e523c79ba01e464"
},
{
"url": "https://git.kernel.org/stable/c/5a91116b003175302f2e6ad94b76fb9b5a141a41"
},
{
"url": "https://git.kernel.org/stable/c/50ee21bfc005e69f183d6b4b454e33f0c2571e1f"
},
{
"url": "https://git.kernel.org/stable/c/e64746e74f717961250a155e14c156616fcd981f"
}
],
"title": "dma-mapping: benchmark: handle NUMA_NO_NODE correctly",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-39277",
"datePublished": "2024-06-21T11:15:13.559Z",
"dateReserved": "2024-06-21T10:12:11.489Z",
"dateUpdated": "2024-08-20T13:31:39.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48743
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
net: amd-xgbe: Fix skb data length underflow
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48743",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:32:55.523566Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T13:33:03.384Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.057Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9924c80bd484340191e586110ca22bff23a49f2e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/617f9934bb37993b9813832516f318ba874bcb7d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/34aeb4da20f93ac80a6291a2dbe7b9c6460e9b26"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9892742f035f7aa7dcd2bb0750effa486db89576"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4d3fcfe8464838b3920bc2b939d888e0b792934e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/db6fd92316a254be2097556f01bccecf560e53ce"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e8f73f620fee5f52653ed2da360121e4446575c5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5aac9108a180fc06e28d4e7fb00247ce603b72ee"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/amd/xgbe/xgbe-drv.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "9924c80bd484",
"status": "affected",
"version": "fafc9555d87a",
"versionType": "git"
},
{
"lessThan": "617f9934bb37",
"status": "affected",
"version": "622c36f143fc",
"versionType": "git"
},
{
"lessThan": "34aeb4da20f9",
"status": "affected",
"version": "622c36f143fc",
"versionType": "git"
},
{
"lessThan": "9892742f035f",
"status": "affected",
"version": "622c36f143fc",
"versionType": "git"
},
{
"lessThan": "4d3fcfe84648",
"status": "affected",
"version": "622c36f143fc",
"versionType": "git"
},
{
"lessThan": "db6fd92316a2",
"status": "affected",
"version": "622c36f143fc",
"versionType": "git"
},
{
"lessThan": "e8f73f620fee",
"status": "affected",
"version": "622c36f143fc",
"versionType": "git"
},
{
"lessThan": "5aac9108a180",
"status": "affected",
"version": "622c36f143fc",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/amd/xgbe/xgbe-drv.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.11"
},
{
"lessThan": "4.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.300",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.265",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.177",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.97",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.20",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.6",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: amd-xgbe: Fix skb data length underflow\n\nThere will be BUG_ON() triggered in include/linux/skbuff.h leading to\nintermittent kernel panic, when the skb length underflow is detected.\n\nFix this by dropping the packet if such length underflows are seen\nbecause of inconsistencies in the hardware descriptors."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:34.539Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/9924c80bd484340191e586110ca22bff23a49f2e"
},
{
"url": "https://git.kernel.org/stable/c/617f9934bb37993b9813832516f318ba874bcb7d"
},
{
"url": "https://git.kernel.org/stable/c/34aeb4da20f93ac80a6291a2dbe7b9c6460e9b26"
},
{
"url": "https://git.kernel.org/stable/c/9892742f035f7aa7dcd2bb0750effa486db89576"
},
{
"url": "https://git.kernel.org/stable/c/4d3fcfe8464838b3920bc2b939d888e0b792934e"
},
{
"url": "https://git.kernel.org/stable/c/db6fd92316a254be2097556f01bccecf560e53ce"
},
{
"url": "https://git.kernel.org/stable/c/e8f73f620fee5f52653ed2da360121e4446575c5"
},
{
"url": "https://git.kernel.org/stable/c/5aac9108a180fc06e28d4e7fb00247ce603b72ee"
}
],
"title": "net: amd-xgbe: Fix skb data length underflow",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48743",
"datePublished": "2024-06-20T11:13:27.312Z",
"dateReserved": "2024-06-20T11:09:39.054Z",
"dateUpdated": "2024-08-03T15:25:01.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48726
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
RDMA/ucma: Protect mc during concurrent multicast leaves
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:24:59.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/75c610212b9f1756b9384911d3a2c347eee8031c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2923948ffe0835f7114e948b35bcc42bc9b3baa1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ee2477e8ccd3d978eeac0dc5a981b286d9bb7b0a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/36e8169ec973359f671f9ec7213547059cae972e"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48726",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:11:03.672761Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:49.191Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/core/ucma.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "75c610212b9f",
"status": "affected",
"version": "95fe51096b7a",
"versionType": "git"
},
{
"lessThan": "2923948ffe08",
"status": "affected",
"version": "95fe51096b7a",
"versionType": "git"
},
{
"lessThan": "ee2477e8ccd3",
"status": "affected",
"version": "95fe51096b7a",
"versionType": "git"
},
{
"lessThan": "36e8169ec973",
"status": "affected",
"version": "95fe51096b7a",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/core/ucma.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.10"
},
{
"lessThan": "5.10",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.99",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/ucma: Protect mc during concurrent multicast leaves\n\nPartially revert the commit mentioned in the Fixes line to make sure that\nallocation and erasing multicast struct are locked.\n\n BUG: KASAN: use-after-free in ucma_cleanup_multicast drivers/infiniband/core/ucma.c:491 [inline]\n BUG: KASAN: use-after-free in ucma_destroy_private_ctx+0x914/0xb70 drivers/infiniband/core/ucma.c:579\n Read of size 8 at addr ffff88801bb74b00 by task syz-executor.1/25529\n CPU: 0 PID: 25529 Comm: syz-executor.1 Not tainted 5.16.0-rc7-syzkaller #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\n Call Trace:\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0x8d/0x320 mm/kasan/report.c:247\n __kasan_report mm/kasan/report.c:433 [inline]\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:450\n ucma_cleanup_multicast drivers/infiniband/core/ucma.c:491 [inline]\n ucma_destroy_private_ctx+0x914/0xb70 drivers/infiniband/core/ucma.c:579\n ucma_destroy_id+0x1e6/0x280 drivers/infiniband/core/ucma.c:614\n ucma_write+0x25c/0x350 drivers/infiniband/core/ucma.c:1732\n vfs_write+0x28e/0xae0 fs/read_write.c:588\n ksys_write+0x1ee/0x250 fs/read_write.c:643\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nCurrently the xarray search can touch a concurrently freeing mc as the\nxa_for_each() is not surrounded by any lock. Rather than hold the lock for\na full scan hold it only for the effected items, which is usually an empty\nlist."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:14.879Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/75c610212b9f1756b9384911d3a2c347eee8031c"
},
{
"url": "https://git.kernel.org/stable/c/2923948ffe0835f7114e948b35bcc42bc9b3baa1"
},
{
"url": "https://git.kernel.org/stable/c/ee2477e8ccd3d978eeac0dc5a981b286d9bb7b0a"
},
{
"url": "https://git.kernel.org/stable/c/36e8169ec973359f671f9ec7213547059cae972e"
}
],
"title": "RDMA/ucma: Protect mc during concurrent multicast leaves",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48726",
"datePublished": "2024-06-20T11:13:15.957Z",
"dateReserved": "2024-06-20T11:09:39.051Z",
"dateUpdated": "2024-09-11T17:34:49.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38780
Vulnerability from cvelistv5
Published
2024-06-21 11:15
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
dma-buf/sw-sync: don't enable IRQ from sync_print_obj()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:19:20.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1ff116f68560a25656933d5a18e7619cb6773d8a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/165b25e3ee9333f7b04f8db43895beacb51582ed"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ae6fc4e6a3322f6d1c8ff59150d8469487a73dd8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9d75fab2c14a25553a1664586ed122c316bd1878"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/242b30466879e6defa521573c27e12018276c33a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a4ee78244445ab73af22bfc5a5fc543963b25aef"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8a283cdfc8beeb14024387a925247b563d614e1e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b794918961516f667b0c745aebdfebbb8a98df39"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38780",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:08:56.155586Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:44.243Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/dma-buf/sync_debug.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "1ff116f68560",
"status": "affected",
"version": "a6aa8fca4d79",
"versionType": "git"
},
{
"lessThan": "165b25e3ee93",
"status": "affected",
"version": "a6aa8fca4d79",
"versionType": "git"
},
{
"lessThan": "ae6fc4e6a332",
"status": "affected",
"version": "a6aa8fca4d79",
"versionType": "git"
},
{
"lessThan": "9d75fab2c14a",
"status": "affected",
"version": "a6aa8fca4d79",
"versionType": "git"
},
{
"lessThan": "242b30466879",
"status": "affected",
"version": "a6aa8fca4d79",
"versionType": "git"
},
{
"lessThan": "a4ee78244445",
"status": "affected",
"version": "a6aa8fca4d79",
"versionType": "git"
},
{
"lessThan": "8a283cdfc8be",
"status": "affected",
"version": "a6aa8fca4d79",
"versionType": "git"
},
{
"lessThan": "b79491896151",
"status": "affected",
"version": "a6aa8fca4d79",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/dma-buf/sync_debug.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.14"
},
{
"lessThan": "4.14",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf/sw-sync: don\u0027t enable IRQ from sync_print_obj()\n\nSince commit a6aa8fca4d79 (\"dma-buf/sw-sync: Reduce irqsave/irqrestore from\nknown context\") by error replaced spin_unlock_irqrestore() with\nspin_unlock_irq() for both sync_debugfs_show() and sync_print_obj() despite\nsync_print_obj() is called from sync_debugfs_show(), lockdep complains\ninconsistent lock state warning.\n\nUse plain spin_{lock,unlock}() for sync_print_obj(), for\nsync_debugfs_show() is already using spin_{lock,unlock}_irq()."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:41.926Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/1ff116f68560a25656933d5a18e7619cb6773d8a"
},
{
"url": "https://git.kernel.org/stable/c/165b25e3ee9333f7b04f8db43895beacb51582ed"
},
{
"url": "https://git.kernel.org/stable/c/ae6fc4e6a3322f6d1c8ff59150d8469487a73dd8"
},
{
"url": "https://git.kernel.org/stable/c/9d75fab2c14a25553a1664586ed122c316bd1878"
},
{
"url": "https://git.kernel.org/stable/c/242b30466879e6defa521573c27e12018276c33a"
},
{
"url": "https://git.kernel.org/stable/c/a4ee78244445ab73af22bfc5a5fc543963b25aef"
},
{
"url": "https://git.kernel.org/stable/c/8a283cdfc8beeb14024387a925247b563d614e1e"
},
{
"url": "https://git.kernel.org/stable/c/b794918961516f667b0c745aebdfebbb8a98df39"
}
],
"title": "dma-buf/sw-sync: don\u0027t enable IRQ from sync_print_obj()",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38780",
"datePublished": "2024-06-21T11:15:12.892Z",
"dateReserved": "2024-06-21T10:12:11.516Z",
"dateUpdated": "2024-09-11T17:34:44.243Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48722
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:24
Severity ?
EPSS score ?
Summary
net: ieee802154: ca8210: Stop leaking skb's
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48722",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:47:13.685216Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:47:23.565Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:24:59.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a1c277b0ed2a13e7de923b5f03bc23586eceb851"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d6a44feb2f28d71a7e725f72d09c97c81561cd9a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6f38d3a6ec11c2733b1c641a46a2a2ecec57be08"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/78b3f20c17cbcb7645bfa63f2ca0e11b53c09d56"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/94cd597e20ed4acedb8f15f029d92998b011cb1a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/21feb6df3967541931242c427fe0958276af81cc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/621b24b09eb61c63f262da0c9c5f0e93348897e5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ieee802154/ca8210.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a1c277b0ed2a",
"status": "affected",
"version": "ded845a781a5",
"versionType": "git"
},
{
"lessThan": "d6a44feb2f28",
"status": "affected",
"version": "ded845a781a5",
"versionType": "git"
},
{
"lessThan": "6f38d3a6ec11",
"status": "affected",
"version": "ded845a781a5",
"versionType": "git"
},
{
"lessThan": "78b3f20c17cb",
"status": "affected",
"version": "ded845a781a5",
"versionType": "git"
},
{
"lessThan": "94cd597e20ed",
"status": "affected",
"version": "ded845a781a5",
"versionType": "git"
},
{
"lessThan": "21feb6df3967",
"status": "affected",
"version": "ded845a781a5",
"versionType": "git"
},
{
"lessThan": "621b24b09eb6",
"status": "affected",
"version": "ded845a781a5",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ieee802154/ca8210.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.12"
},
{
"lessThan": "4.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.265",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.178",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.99",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: ca8210: Stop leaking skb\u0027s\n\nUpon error the ieee802154_xmit_complete() helper is not called. Only\nieee802154_wake_queue() is called manually. We then leak the skb\nstructure.\n\nFree the skb structure upon error before returning."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:10.203Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a1c277b0ed2a13e7de923b5f03bc23586eceb851"
},
{
"url": "https://git.kernel.org/stable/c/d6a44feb2f28d71a7e725f72d09c97c81561cd9a"
},
{
"url": "https://git.kernel.org/stable/c/6f38d3a6ec11c2733b1c641a46a2a2ecec57be08"
},
{
"url": "https://git.kernel.org/stable/c/78b3f20c17cbcb7645bfa63f2ca0e11b53c09d56"
},
{
"url": "https://git.kernel.org/stable/c/94cd597e20ed4acedb8f15f029d92998b011cb1a"
},
{
"url": "https://git.kernel.org/stable/c/21feb6df3967541931242c427fe0958276af81cc"
},
{
"url": "https://git.kernel.org/stable/c/621b24b09eb61c63f262da0c9c5f0e93348897e5"
}
],
"title": "net: ieee802154: ca8210: Stop leaking skb\u0027s",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48722",
"datePublished": "2024-06-20T11:13:13.315Z",
"dateReserved": "2024-06-20T11:09:39.051Z",
"dateUpdated": "2024-08-03T15:24:59.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48758
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48758",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T14:53:30.492120Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-27T18:16:35.348Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.353Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2a12fe8248a38437b95b942bbe85aced72e6e2eb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/262550f29c750f7876b6ed1244281e72b64ebffb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c93a290c862ccfa404e42d7420565730d67cbff9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/de6336b17a1376db1c0f7a528cce8783db0881c0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bf2bd892a0cb14dd2d21f2c658f4b747813be311"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/00849de10f798a9538242824a51b1756e7110754"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b11e34f7bab21df36f02a5e54fb69e858c09a65d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ace7b6ef41251c5fe47f629a9a922382fb7b0a6b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/847f9ea4c5186fdb7b84297e3eeed9e340e83fce"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/scsi/bnx2fc/bnx2fc_fcoe.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "2a12fe8248a3",
"status": "affected",
"version": "0cbf32e1681d",
"versionType": "git"
},
{
"lessThan": "262550f29c75",
"status": "affected",
"version": "0cbf32e1681d",
"versionType": "git"
},
{
"lessThan": "c93a290c862c",
"status": "affected",
"version": "0cbf32e1681d",
"versionType": "git"
},
{
"lessThan": "de6336b17a13",
"status": "affected",
"version": "0cbf32e1681d",
"versionType": "git"
},
{
"lessThan": "bf2bd892a0cb",
"status": "affected",
"version": "0cbf32e1681d",
"versionType": "git"
},
{
"lessThan": "00849de10f79",
"status": "affected",
"version": "0cbf32e1681d",
"versionType": "git"
},
{
"lessThan": "b11e34f7bab2",
"status": "affected",
"version": "0cbf32e1681d",
"versionType": "git"
},
{
"lessThan": "ace7b6ef4125",
"status": "affected",
"version": "0cbf32e1681d",
"versionType": "git"
},
{
"lessThan": "847f9ea4c518",
"status": "affected",
"version": "0cbf32e1681d",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/scsi/bnx2fc/bnx2fc_fcoe.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.2"
},
{
"lessThan": "3.2",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"version": "4.4.302",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.300",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.265",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.176",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()\n\nThe bnx2fc_destroy() functions are removing the interface before calling\ndestroy_work. This results multiple WARNings from sysfs_remove_group() as\nthe controller rport device attributes are removed too early.\n\nReplace the fcoe_port\u0027s destroy_work queue. It\u0027s not needed.\n\nThe problem is easily reproducible with the following steps.\n\nExample:\n\n $ dmesg -w \u0026\n $ systemctl enable --now fcoe\n $ fipvlan -s -c ens2f1\n $ fcoeadm -d ens2f1.802\n [ 583.464488] host2: libfc: Link down on port (7500a1)\n [ 583.472651] bnx2fc: 7500a1 - rport not created Yet!!\n [ 583.490468] ------------[ cut here ]------------\n [ 583.538725] sysfs group \u0027power\u0027 not found for kobject \u0027rport-2:0-0\u0027\n [ 583.568814] WARNING: CPU: 3 PID: 192 at fs/sysfs/group.c:279 sysfs_remove_group+0x6f/0x80\n [ 583.607130] Modules linked in: dm_service_time 8021q garp mrp stp llc bnx2fc cnic uio rpcsec_gss_krb5 auth_rpcgss nfsv4 ...\n [ 583.942994] CPU: 3 PID: 192 Comm: kworker/3:2 Kdump: loaded Not tainted 5.14.0-39.el9.x86_64 #1\n [ 583.984105] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013\n [ 584.016535] Workqueue: fc_wq_2 fc_rport_final_delete [scsi_transport_fc]\n [ 584.050691] RIP: 0010:sysfs_remove_group+0x6f/0x80\n [ 584.074725] Code: ff 5b 48 89 ef 5d 41 5c e9 ee c0 ff ff 48 89 ef e8 f6 b8 ff ff eb d1 49 8b 14 24 48 8b 33 48 c7 c7 ...\n [ 584.162586] RSP: 0018:ffffb567c15afdc0 EFLAGS: 00010282\n [ 584.188225] RAX: 0000000000000000 RBX: ffffffff8eec4220 RCX: 0000000000000000\n [ 584.221053] RDX: ffff8c1586ce84c0 RSI: ffff8c1586cd7cc0 RDI: ffff8c1586cd7cc0\n [ 584.255089] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb567c15afc00\n [ 584.287954] R10: ffffb567c15afbf8 R11: ffffffff8fbe7f28 R12: ffff8c1486326400\n [ 584.322356] R13: ffff8c1486326480 R14: ffff8c1483a4a000 R15: 0000000000000004\n [ 584.355379] FS: 0000000000000000(0000) GS:ffff8c1586cc0000(0000) knlGS:0000000000000000\n [ 584.394419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 584.421123] CR2: 00007fe95a6f7840 CR3: 0000000107674002 CR4: 00000000000606e0\n [ 584.454888] Call Trace:\n [ 584.466108] device_del+0xb2/0x3e0\n [ 584.481701] device_unregister+0x13/0x60\n [ 584.501306] bsg_unregister_queue+0x5b/0x80\n [ 584.522029] bsg_remove_queue+0x1c/0x40\n [ 584.541884] fc_rport_final_delete+0xf3/0x1d0 [scsi_transport_fc]\n [ 584.573823] process_one_work+0x1e3/0x3b0\n [ 584.592396] worker_thread+0x50/0x3b0\n [ 584.609256] ? rescuer_thread+0x370/0x370\n [ 584.628877] kthread+0x149/0x170\n [ 584.643673] ? set_kthread_struct+0x40/0x40\n [ 584.662909] ret_from_fork+0x22/0x30\n [ 584.680002] ---[ end trace 53575ecefa942ece ]---"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:52.029Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/2a12fe8248a38437b95b942bbe85aced72e6e2eb"
},
{
"url": "https://git.kernel.org/stable/c/262550f29c750f7876b6ed1244281e72b64ebffb"
},
{
"url": "https://git.kernel.org/stable/c/c93a290c862ccfa404e42d7420565730d67cbff9"
},
{
"url": "https://git.kernel.org/stable/c/de6336b17a1376db1c0f7a528cce8783db0881c0"
},
{
"url": "https://git.kernel.org/stable/c/bf2bd892a0cb14dd2d21f2c658f4b747813be311"
},
{
"url": "https://git.kernel.org/stable/c/00849de10f798a9538242824a51b1756e7110754"
},
{
"url": "https://git.kernel.org/stable/c/b11e34f7bab21df36f02a5e54fb69e858c09a65d"
},
{
"url": "https://git.kernel.org/stable/c/ace7b6ef41251c5fe47f629a9a922382fb7b0a6b"
},
{
"url": "https://git.kernel.org/stable/c/847f9ea4c5186fdb7b84297e3eeed9e340e83fce"
}
],
"title": "scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48758",
"datePublished": "2024-06-20T11:13:37.204Z",
"dateReserved": "2024-06-20T11:09:39.059Z",
"dateUpdated": "2024-08-03T15:25:00.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-36286
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:04.735Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8658bd777cbfcb0c13df23d0ea120e70517761b9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3989b817857f4890fab9379221a9d3f52bf5c256"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e01065b339e323b3dfa1be217fd89e9b3208b0ab"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/25ea5377e3d2921a0f96ae2551f5ab1b36825dd4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/68f40354a3851df46c27be96b84f11ae193e36c5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8f365564af898819a523f1a8cf5c6ce053e9f718"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/215df6490e208bfdd5b3012f5075e7f8736f3e7a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dc21c6cc3d6986d938efbf95de62473982c98dec"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36286",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:09:34.720987Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:45.892Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/netfilter/nfnetlink_queue.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8658bd777cbf",
"status": "affected",
"version": "9872bec773c2",
"versionType": "git"
},
{
"lessThan": "3989b817857f",
"status": "affected",
"version": "9872bec773c2",
"versionType": "git"
},
{
"lessThan": "e01065b339e3",
"status": "affected",
"version": "9872bec773c2",
"versionType": "git"
},
{
"lessThan": "25ea5377e3d2",
"status": "affected",
"version": "9872bec773c2",
"versionType": "git"
},
{
"lessThan": "68f40354a385",
"status": "affected",
"version": "9872bec773c2",
"versionType": "git"
},
{
"lessThan": "8f365564af89",
"status": "affected",
"version": "9872bec773c2",
"versionType": "git"
},
{
"lessThan": "215df6490e20",
"status": "affected",
"version": "9872bec773c2",
"versionType": "git"
},
{
"lessThan": "dc21c6cc3d69",
"status": "affected",
"version": "9872bec773c2",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/netfilter/nfnetlink_queue.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.25"
},
{
"lessThan": "2.6.25",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()\n\nsyzbot reported that nf_reinject() could be called without rcu_read_lock() :\n\nWARNING: suspicious RCU usage\n6.9.0-rc7-syzkaller-02060-g5c1672705a1a #0 Not tainted\n\nnet/netfilter/nfnetlink_queue.c:263 suspicious rcu_dereference_check() usage!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n2 locks held by syz-executor.4/13427:\n #0: ffffffff8e334f60 (rcu_callback){....}-{0:0}, at: rcu_lock_acquire include/linux/rcupdate.h:329 [inline]\n #0: ffffffff8e334f60 (rcu_callback){....}-{0:0}, at: rcu_do_batch kernel/rcu/tree.c:2190 [inline]\n #0: ffffffff8e334f60 (rcu_callback){....}-{0:0}, at: rcu_core+0xa86/0x1830 kernel/rcu/tree.c:2471\n #1: ffff88801ca92958 (\u0026inst-\u003elock){+.-.}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline]\n #1: ffff88801ca92958 (\u0026inst-\u003elock){+.-.}-{2:2}, at: nfqnl_flush net/netfilter/nfnetlink_queue.c:405 [inline]\n #1: ffff88801ca92958 (\u0026inst-\u003elock){+.-.}-{2:2}, at: instance_destroy_rcu+0x30/0x220 net/netfilter/nfnetlink_queue.c:172\n\nstack backtrace:\nCPU: 0 PID: 13427 Comm: syz-executor.4 Not tainted 6.9.0-rc7-syzkaller-02060-g5c1672705a1a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n lockdep_rcu_suspicious+0x221/0x340 kernel/locking/lockdep.c:6712\n nf_reinject net/netfilter/nfnetlink_queue.c:323 [inline]\n nfqnl_reinject+0x6ec/0x1120 net/netfilter/nfnetlink_queue.c:397\n nfqnl_flush net/netfilter/nfnetlink_queue.c:410 [inline]\n instance_destroy_rcu+0x1ae/0x220 net/netfilter/nfnetlink_queue.c:172\n rcu_do_batch kernel/rcu/tree.c:2196 [inline]\n rcu_core+0xafd/0x1830 kernel/rcu/tree.c:2471\n handle_softirqs+0x2d6/0x990 kernel/softirq.c:554\n __do_softirq kernel/softirq.c:588 [inline]\n invoke_softirq kernel/softirq.c:428 [inline]\n __irq_exit_rcu+0xf4/0x1c0 kernel/softirq.c:637\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:649\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1043\n \u003c/IRQ\u003e\n \u003cTASK\u003e"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:46:58.957Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8658bd777cbfcb0c13df23d0ea120e70517761b9"
},
{
"url": "https://git.kernel.org/stable/c/3989b817857f4890fab9379221a9d3f52bf5c256"
},
{
"url": "https://git.kernel.org/stable/c/e01065b339e323b3dfa1be217fd89e9b3208b0ab"
},
{
"url": "https://git.kernel.org/stable/c/25ea5377e3d2921a0f96ae2551f5ab1b36825dd4"
},
{
"url": "https://git.kernel.org/stable/c/68f40354a3851df46c27be96b84f11ae193e36c5"
},
{
"url": "https://git.kernel.org/stable/c/8f365564af898819a523f1a8cf5c6ce053e9f718"
},
{
"url": "https://git.kernel.org/stable/c/215df6490e208bfdd5b3012f5075e7f8736f3e7a"
},
{
"url": "https://git.kernel.org/stable/c/dc21c6cc3d6986d938efbf95de62473982c98dec"
}
],
"title": "netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-36286",
"datePublished": "2024-06-21T10:18:08.364Z",
"dateReserved": "2024-06-21T10:13:16.315Z",
"dateUpdated": "2024-09-11T17:34:45.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48753
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
block: fix memory leak in disk_register_independent_access_ranges
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48753",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:33:58.045322Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T13:34:05.758Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fe4214a07e0b53d2af711f57519e33739c5df23f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/83114df32ae779df57e0af99a8ba6c3968b2ba3d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"block/blk-ia-ranges.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "fe4214a07e0b",
"status": "affected",
"version": "a2247f19ee1c",
"versionType": "git"
},
{
"lessThan": "83114df32ae7",
"status": "affected",
"version": "a2247f19ee1c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"block/blk-ia-ranges.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.16"
},
{
"lessThan": "5.16",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix memory leak in disk_register_independent_access_ranges\n\nkobject_init_and_add() takes reference even when it fails.\nAccording to the doc of kobject_init_and_add()\n\n If this function returns an error, kobject_put() must be called to\n properly clean up the memory associated with the object.\n\nFix this issue by adding kobject_put().\nCallback function blk_ia_ranges_sysfs_release() in kobject_put()\ncan handle the pointer \"iars\" properly."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:46.101Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/fe4214a07e0b53d2af711f57519e33739c5df23f"
},
{
"url": "https://git.kernel.org/stable/c/83114df32ae779df57e0af99a8ba6c3968b2ba3d"
}
],
"title": "block: fix memory leak in disk_register_independent_access_ranges",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48753",
"datePublished": "2024-06-20T11:13:33.907Z",
"dateReserved": "2024-06-20T11:09:39.057Z",
"dateUpdated": "2024-08-03T15:25:00.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48770
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ff6bdc205fd0a83bd365405d4e31fb5905826996"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0bcd484587b3b3092e448d27dc369e347e1810c3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b82ef4985a6d05e80f604624332430351df7b79a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b992f01e66150fc5e90be4a96f5eb8e634c8249e"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48770",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:00.483681Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:46.874Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/bpf/stackmap.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ff6bdc205fd0",
"status": "affected",
"version": "fa28dcb82a38",
"versionType": "git"
},
{
"lessThan": "0bcd484587b3",
"status": "affected",
"version": "fa28dcb82a38",
"versionType": "git"
},
{
"lessThan": "b82ef4985a6d",
"status": "affected",
"version": "fa28dcb82a38",
"versionType": "git"
},
{
"lessThan": "b992f01e6615",
"status": "affected",
"version": "fa28dcb82a38",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/bpf/stackmap.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.9"
},
{
"lessThan": "5.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()\n\ntask_pt_regs() can return NULL on powerpc for kernel threads. This is\nthen used in __bpf_get_stack() to check for user mode, resulting in a\nkernel oops. Guard against this by checking return value of\ntask_pt_regs() before trying to obtain the call chain."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:15:06.526Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ff6bdc205fd0a83bd365405d4e31fb5905826996"
},
{
"url": "https://git.kernel.org/stable/c/0bcd484587b3b3092e448d27dc369e347e1810c3"
},
{
"url": "https://git.kernel.org/stable/c/b82ef4985a6d05e80f604624332430351df7b79a"
},
{
"url": "https://git.kernel.org/stable/c/b992f01e66150fc5e90be4a96f5eb8e634c8249e"
}
],
"title": "bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48770",
"datePublished": "2024-06-20T11:13:45.193Z",
"dateReserved": "2024-06-20T11:09:39.061Z",
"dateUpdated": "2024-09-11T17:34:46.874Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48756
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbe"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775c"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48756",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:19.274762Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:47.609Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/msm/dsi/phy/dsi_phy.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6d9f8ba28f37",
"status": "affected",
"version": "5c8290284402",
"versionType": "git"
},
{
"lessThan": "ca63eeb70fcb",
"status": "affected",
"version": "5c8290284402",
"versionType": "git"
},
{
"lessThan": "581317b1f001",
"status": "affected",
"version": "5c8290284402",
"versionType": "git"
},
{
"lessThan": "79c0b5287ded",
"status": "affected",
"version": "5c8290284402",
"versionType": "git"
},
{
"lessThan": "56480fb10b97",
"status": "affected",
"version": "5c8290284402",
"versionType": "git"
},
{
"lessThan": "2b7e7df1eacd",
"status": "affected",
"version": "5c8290284402",
"versionType": "git"
},
{
"lessThan": "5e761a228723",
"status": "affected",
"version": "5c8290284402",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/msm/dsi/phy/dsi_phy.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.3"
},
{
"lessThan": "4.3",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.265",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.176",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dsi: invalid parameter check in msm_dsi_phy_enable\n\nThe function performs a check on the \"phy\" input parameter, however, it\nis used before the check.\n\nInitialize the \"dev\" variable after the sanity check to avoid a possible\nNULL pointer dereference.\n\nAddresses-Coverity-ID: 1493860 (\"Null pointer dereference\")"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:49.699Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbe"
},
{
"url": "https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fd"
},
{
"url": "https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100"
},
{
"url": "https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5"
},
{
"url": "https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7"
},
{
"url": "https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951"
},
{
"url": "https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775c"
}
],
"title": "drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48756",
"datePublished": "2024-06-20T11:13:35.882Z",
"dateReserved": "2024-06-20T11:09:39.059Z",
"dateUpdated": "2024-09-11T17:34:47.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48727
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:24
Severity ?
EPSS score ?
Summary
KVM: arm64: Avoid consuming a stale esr value when SError occur
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48727",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T16:20:44.710184Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T16:20:53.835Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:24:59.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e1e852746997500f1873f60b954da5f02cc2dba3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/57e2986c3b25092691a6e3d6ee9168caf8978932"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1c71dbc8a179d99dd9bb7e7fc1888db613cf85de"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/arm64/kvm/hyp/include/hyp/switch.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e1e852746997",
"status": "affected",
"version": "defe21f49bc9",
"versionType": "git"
},
{
"lessThan": "57e2986c3b25",
"status": "affected",
"version": "defe21f49bc9",
"versionType": "git"
},
{
"lessThan": "1c71dbc8a179",
"status": "affected",
"version": "defe21f49bc9",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/arm64/kvm/hyp/include/hyp/switch.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.11"
},
{
"lessThan": "5.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Avoid consuming a stale esr value when SError occur\n\nWhen any exception other than an IRQ occurs, the CPU updates the ESR_EL2\nregister with the exception syndrome. An SError may also become pending,\nand will be synchronised by KVM. KVM notes the exception type, and whether\nan SError was synchronised in exit_code.\n\nWhen an exception other than an IRQ occurs, fixup_guest_exit() updates\nvcpu-\u003earch.fault.esr_el2 from the hardware register. When an SError was\nsynchronised, the vcpu esr value is used to determine if the exception\nwas due to an HVC. If so, ELR_EL2 is moved back one instruction. This\nis so that KVM can process the SError first, and re-execute the HVC if\nthe guest survives the SError.\n\nBut if an IRQ synchronises an SError, the vcpu\u0027s esr value is stale.\nIf the previous non-IRQ exception was an HVC, KVM will corrupt ELR_EL2,\ncausing an unrelated guest instruction to be executed twice.\n\nCheck ARM_EXCEPTION_CODE() before messing with ELR_EL2, IRQs don\u0027t\nupdate this register so don\u0027t need to check."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:16.037Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e1e852746997500f1873f60b954da5f02cc2dba3"
},
{
"url": "https://git.kernel.org/stable/c/57e2986c3b25092691a6e3d6ee9168caf8978932"
},
{
"url": "https://git.kernel.org/stable/c/1c71dbc8a179d99dd9bb7e7fc1888db613cf85de"
}
],
"title": "KVM: arm64: Avoid consuming a stale esr value when SError occur",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48727",
"datePublished": "2024-06-20T11:13:16.668Z",
"dateReserved": "2024-06-20T11:09:39.052Z",
"dateUpdated": "2024-08-03T15:24:59.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48746
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
net/mlx5e: Fix handling of wrong devices during bond netevent
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.598Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a01ee1b8165f4161459b5ec4e728bc7130fe8cd4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fe70126da6063c29ca161cdec7ad1dae9af836b3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4fad499d7fece448e7230d5e5b92f6d8a073e0bb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ec41332e02bd0acf1f24206867bb6a02f5877a62"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48746",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:31.973719Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:48.098Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/en/rep/bond.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a01ee1b8165f",
"status": "affected",
"version": "7e51891a237f",
"versionType": "git"
},
{
"lessThan": "fe70126da606",
"status": "affected",
"version": "7e51891a237f",
"versionType": "git"
},
{
"lessThan": "4fad499d7fec",
"status": "affected",
"version": "7e51891a237f",
"versionType": "git"
},
{
"lessThan": "ec41332e02bd",
"status": "affected",
"version": "7e51891a237f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/en/rep/bond.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.8"
},
{
"lessThan": "5.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.97",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.20",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.6",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix handling of wrong devices during bond netevent\n\nCurrent implementation of bond netevent handler only check if\nthe handled netdev is VF representor and it missing a check if\nthe VF representor is on the same phys device of the bond handling\nthe netevent.\n\nFix by adding the missing check and optimizing the check if\nthe netdev is VF representor so it will not access uninitialized\nprivate data and crashes.\n\nBUG: kernel NULL pointer dereference, address: 000000000000036c\nPGD 0 P4D 0\nOops: 0000 [#1] SMP NOPTI\nWorkqueue: eth3bond0 bond_mii_monitor [bonding]\nRIP: 0010:mlx5e_is_uplink_rep+0xc/0x50 [mlx5_core]\nRSP: 0018:ffff88812d69fd60 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff8881cf800000 RCX: 0000000000000000\nRDX: ffff88812d69fe10 RSI: 000000000000001b RDI: ffff8881cf800880\nRBP: ffff8881cf800000 R08: 00000445cabccf2b R09: 0000000000000008\nR10: 0000000000000004 R11: 0000000000000008 R12: ffff88812d69fe10\nR13: 00000000fffffffe R14: ffff88820c0f9000 R15: 0000000000000000\nFS: 0000000000000000(0000) GS:ffff88846fb00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000000000036c CR3: 0000000103d80006 CR4: 0000000000370ea0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n mlx5e_eswitch_uplink_rep+0x31/0x40 [mlx5_core]\n mlx5e_rep_is_lag_netdev+0x94/0xc0 [mlx5_core]\n mlx5e_rep_esw_bond_netevent+0xeb/0x3d0 [mlx5_core]\n raw_notifier_call_chain+0x41/0x60\n call_netdevice_notifiers_info+0x34/0x80\n netdev_lower_state_changed+0x4e/0xa0\n bond_mii_monitor+0x56b/0x640 [bonding]\n process_one_work+0x1b9/0x390\n worker_thread+0x4d/0x3d0\n ? rescuer_thread+0x350/0x350\n kthread+0x124/0x150\n ? set_kthread_struct+0x40/0x40\n ret_from_fork+0x1f/0x30"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:37.981Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a01ee1b8165f4161459b5ec4e728bc7130fe8cd4"
},
{
"url": "https://git.kernel.org/stable/c/fe70126da6063c29ca161cdec7ad1dae9af836b3"
},
{
"url": "https://git.kernel.org/stable/c/4fad499d7fece448e7230d5e5b92f6d8a073e0bb"
},
{
"url": "https://git.kernel.org/stable/c/ec41332e02bd0acf1f24206867bb6a02f5877a62"
}
],
"title": "net/mlx5e: Fix handling of wrong devices during bond netevent",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48746",
"datePublished": "2024-06-20T11:13:29.308Z",
"dateReserved": "2024-06-20T11:09:39.055Z",
"dateUpdated": "2024-09-11T17:34:48.098Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38624
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
fs/ntfs3: Use 64 bit variable to avoid 32 bit overflow
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2d1ad595d15f36a925480199bf1d9ad72614210b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/98db3155b54d3684ef0ab5bfa0b856d13f65843d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/109d85a98345ee52d47c650405dc51bdd2bc7d40"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/847db4049f6189427ddaefcfc967d4d235b73c57"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e931f6b630ffb22d66caab202a52aa8cbb10c649"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38624",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:09:15.600220Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:44.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/ntfs3/fslog.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "2d1ad595d15f",
"status": "affected",
"version": "b46acd6a6a62",
"versionType": "git"
},
{
"lessThan": "98db3155b54d",
"status": "affected",
"version": "b46acd6a6a62",
"versionType": "git"
},
{
"lessThan": "109d85a98345",
"status": "affected",
"version": "b46acd6a6a62",
"versionType": "git"
},
{
"lessThan": "847db4049f61",
"status": "affected",
"version": "b46acd6a6a62",
"versionType": "git"
},
{
"lessThan": "e931f6b630ff",
"status": "affected",
"version": "b46acd6a6a62",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/ntfs3/fslog.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.15"
},
{
"lessThan": "5.15",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Use 64 bit variable to avoid 32 bit overflow\n\nFor example, in the expression:\n\tvbo = 2 * vbo + skip"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:18.295Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/2d1ad595d15f36a925480199bf1d9ad72614210b"
},
{
"url": "https://git.kernel.org/stable/c/98db3155b54d3684ef0ab5bfa0b856d13f65843d"
},
{
"url": "https://git.kernel.org/stable/c/109d85a98345ee52d47c650405dc51bdd2bc7d40"
},
{
"url": "https://git.kernel.org/stable/c/847db4049f6189427ddaefcfc967d4d235b73c57"
},
{
"url": "https://git.kernel.org/stable/c/e931f6b630ffb22d66caab202a52aa8cbb10c649"
}
],
"title": "fs/ntfs3: Use 64 bit variable to avoid 32 bit overflow",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38624",
"datePublished": "2024-06-21T10:18:16.940Z",
"dateReserved": "2024-06-18T19:36:34.945Z",
"dateUpdated": "2024-09-11T17:34:44.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38631
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-08-02 04:12
Severity ?
EPSS score ?
Summary
iio: adc: PAC1934: fix accessing out of bounds array index
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38631",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T13:27:43.437054Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T13:27:56.278Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8dbcb3a8cfdf8ff5afce62dad50790278ff0d3b7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/51fafb3cd7fcf4f4682693b4d2883e2a5bfffe33"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/iio/adc/pac1934.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8dbcb3a8cfdf",
"status": "affected",
"version": "0fb528c8255b",
"versionType": "git"
},
{
"lessThan": "51fafb3cd7fc",
"status": "affected",
"version": "0fb528c8255b",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/iio/adc/pac1934.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.9"
},
{
"lessThan": "6.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: PAC1934: fix accessing out of bounds array index\n\nFix accessing out of bounds array index for average\ncurrent and voltage measurements. The device itself has\nonly 4 channels, but in sysfs there are \"fake\"\nchannels for the average voltages and currents too."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:26.361Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8dbcb3a8cfdf8ff5afce62dad50790278ff0d3b7"
},
{
"url": "https://git.kernel.org/stable/c/51fafb3cd7fcf4f4682693b4d2883e2a5bfffe33"
}
],
"title": "iio: adc: PAC1934: fix accessing out of bounds array index",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38631",
"datePublished": "2024-06-21T10:18:21.553Z",
"dateReserved": "2024-06-18T19:36:34.947Z",
"dateUpdated": "2024-08-02T04:12:25.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48742
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.117Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2cf180360d66bd657e606c1217e0e668e6faa303"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7d9211678c0f0624f74cdff36117ab8316697bb8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a01e60a1ec6bef9be471fb7182a33c6d6f124e93"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bd43771ee9759dd9dfae946bff190e2c5a120de5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3bbe2019dd12b8d13671ee6cda055d49637b4c39"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/def5e7070079b2a214b3b1a2fbec623e6fbfe34a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/36a9a0aee881940476b254e0352581401b23f210"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c6f6f2444bdbe0079e41914a35081530d0409963"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48742",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:41.257620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:48.431Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/core/rtnetlink.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "2cf180360d66",
"status": "affected",
"version": "ba7d49b1f0f8",
"versionType": "git"
},
{
"lessThan": "7d9211678c0f",
"status": "affected",
"version": "ba7d49b1f0f8",
"versionType": "git"
},
{
"lessThan": "a01e60a1ec6b",
"status": "affected",
"version": "ba7d49b1f0f8",
"versionType": "git"
},
{
"lessThan": "bd43771ee975",
"status": "affected",
"version": "ba7d49b1f0f8",
"versionType": "git"
},
{
"lessThan": "3bbe2019dd12",
"status": "affected",
"version": "ba7d49b1f0f8",
"versionType": "git"
},
{
"lessThan": "def5e7070079",
"status": "affected",
"version": "ba7d49b1f0f8",
"versionType": "git"
},
{
"lessThan": "36a9a0aee881",
"status": "affected",
"version": "ba7d49b1f0f8",
"versionType": "git"
},
{
"lessThan": "c6f6f2444bdb",
"status": "affected",
"version": "ba7d49b1f0f8",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/core/rtnetlink.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.14"
},
{
"lessThan": "3.14",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.300",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.265",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.177",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.97",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.20",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.6",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()\n\nWhile looking at one unrelated syzbot bug, I found the replay logic\nin __rtnl_newlink() to potentially trigger use-after-free.\n\nIt is better to clear master_dev and m_ops inside the loop,\nin case we have to replay it."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:33.381Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/2cf180360d66bd657e606c1217e0e668e6faa303"
},
{
"url": "https://git.kernel.org/stable/c/7d9211678c0f0624f74cdff36117ab8316697bb8"
},
{
"url": "https://git.kernel.org/stable/c/a01e60a1ec6bef9be471fb7182a33c6d6f124e93"
},
{
"url": "https://git.kernel.org/stable/c/bd43771ee9759dd9dfae946bff190e2c5a120de5"
},
{
"url": "https://git.kernel.org/stable/c/3bbe2019dd12b8d13671ee6cda055d49637b4c39"
},
{
"url": "https://git.kernel.org/stable/c/def5e7070079b2a214b3b1a2fbec623e6fbfe34a"
},
{
"url": "https://git.kernel.org/stable/c/36a9a0aee881940476b254e0352581401b23f210"
},
{
"url": "https://git.kernel.org/stable/c/c6f6f2444bdbe0079e41914a35081530d0409963"
}
],
"title": "rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48742",
"datePublished": "2024-06-20T11:13:26.653Z",
"dateReserved": "2024-06-20T11:09:39.054Z",
"dateUpdated": "2024-09-11T17:34:48.431Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48729
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
IB/hfi1: Fix panic with larger ipoib send_queue_size
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48729",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:45:31.301094Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:45:40.072Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1530d84fba1e459ba55f46aa42649b88773210e7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8c83d39cc730378bbac64d67a551897b203a606e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/hfi1/ipoib_tx.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "1530d84fba1e",
"status": "affected",
"version": "d47dfc2b00e6",
"versionType": "git"
},
{
"lessThan": "8c83d39cc730",
"status": "affected",
"version": "d47dfc2b00e6",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/hfi1/ipoib_tx.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.16"
},
{
"lessThan": "5.16",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix panic with larger ipoib send_queue_size\n\nWhen the ipoib send_queue_size is increased from the default the following\npanic happens:\n\n RIP: 0010:hfi1_ipoib_drain_tx_ring+0x45/0xf0 [hfi1]\n Code: 31 e4 eb 0f 8b 85 c8 02 00 00 41 83 c4 01 44 39 e0 76 60 8b 8d cc 02 00 00 44 89 e3 be 01 00 00 00 d3 e3 48 03 9d c0 02 00 00 \u003cc7\u003e 83 18 01 00 00 00 00 00 00 48 8b bb 30 01 00 00 e8 25 af a7 e0\n RSP: 0018:ffffc9000798f4a0 EFLAGS: 00010286\n RAX: 0000000000008000 RBX: ffffc9000aa0f000 RCX: 000000000000000f\n RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000\n RBP: ffff88810ff08000 R08: ffff88889476d900 R09: 0000000000000101\n R10: 0000000000000000 R11: ffffc90006590ff8 R12: 0000000000000200\n R13: ffffc9000798fba8 R14: 0000000000000000 R15: 0000000000000001\n FS: 00007fd0f79cc3c0(0000) GS:ffff88885fb00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffc9000aa0f118 CR3: 0000000889c84001 CR4: 00000000001706e0\n Call Trace:\n \u003cTASK\u003e\n hfi1_ipoib_napi_tx_disable+0x45/0x60 [hfi1]\n hfi1_ipoib_dev_stop+0x18/0x80 [hfi1]\n ipoib_ib_dev_stop+0x1d/0x40 [ib_ipoib]\n ipoib_stop+0x48/0xc0 [ib_ipoib]\n __dev_close_many+0x9e/0x110\n __dev_change_flags+0xd9/0x210\n dev_change_flags+0x21/0x60\n do_setlink+0x31c/0x10f0\n ? __nla_validate_parse+0x12d/0x1a0\n ? __nla_parse+0x21/0x30\n ? inet6_validate_link_af+0x5e/0xf0\n ? cpumask_next+0x1f/0x20\n ? __snmp6_fill_stats64.isra.53+0xbb/0x140\n ? __nla_validate_parse+0x47/0x1a0\n __rtnl_newlink+0x530/0x910\n ? pskb_expand_head+0x73/0x300\n ? __kmalloc_node_track_caller+0x109/0x280\n ? __nla_put+0xc/0x20\n ? cpumask_next_and+0x20/0x30\n ? update_sd_lb_stats.constprop.144+0xd3/0x820\n ? _raw_spin_unlock_irqrestore+0x25/0x37\n ? __wake_up_common_lock+0x87/0xc0\n ? kmem_cache_alloc_trace+0x3d/0x3d0\n rtnl_newlink+0x43/0x60\n\nThe issue happens when the shift that should have been a function of the\ntxq item size mistakenly used the ring size.\n\nFix by using the item size."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:18.379Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/1530d84fba1e459ba55f46aa42649b88773210e7"
},
{
"url": "https://git.kernel.org/stable/c/8c83d39cc730378bbac64d67a551897b203a606e"
}
],
"title": "IB/hfi1: Fix panic with larger ipoib send_queue_size",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48729",
"datePublished": "2024-06-20T11:13:18.072Z",
"dateReserved": "2024-06-20T11:09:39.052Z",
"dateUpdated": "2024-08-03T15:25:00.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38632
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-10-17 13:48
Severity ?
EPSS score ?
Summary
vfio/pci: fix potential memory leak in vfio_intx_enable()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.012Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0bd22a4966d55f1d2c127a53300d5c2b50152376"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/35fef97c33f3d3ca0455f9a8e2a3f2c1f8cc9140"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/82b951e6fbd31d85ae7f4feb5f00ddd4c5d256e2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38632",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:09:02.671800Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:44.469Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/vfio/pci/vfio_pci_intrs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a6d810554d7d",
"status": "affected",
"version": "4cb0d7532126",
"versionType": "git"
},
{
"lessThan": "91ced077db20",
"status": "affected",
"version": "7d29d4c72c1e",
"versionType": "git"
},
{
"lessThan": "0bd22a4966d5",
"status": "affected",
"version": "69276a555c74",
"versionType": "git"
},
{
"lessThan": "35fef97c33f3",
"status": "affected",
"version": "18c198c96a81",
"versionType": "git"
},
{
"lessThan": "82b951e6fbd3",
"status": "affected",
"version": "18c198c96a81",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/vfio/pci/vfio_pci_intrs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.9"
},
{
"lessThan": "6.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.168",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.113",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/pci: fix potential memory leak in vfio_intx_enable()\n\nIf vfio_irq_ctx_alloc() failed will lead to \u0027name\u0027 memory leak."
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T13:48:00.371Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a6d810554d7d9d07041f14c5fcd453f3d3fed594"
},
{
"url": "https://git.kernel.org/stable/c/91ced077db2062604ec270b1046f8337e9090079"
},
{
"url": "https://git.kernel.org/stable/c/0bd22a4966d55f1d2c127a53300d5c2b50152376"
},
{
"url": "https://git.kernel.org/stable/c/35fef97c33f3d3ca0455f9a8e2a3f2c1f8cc9140"
},
{
"url": "https://git.kernel.org/stable/c/82b951e6fbd31d85ae7f4feb5f00ddd4c5d256e2"
}
],
"title": "vfio/pci: fix potential memory leak in vfio_intx_enable()",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38632",
"datePublished": "2024-06-21T10:18:22.236Z",
"dateReserved": "2024-06-18T19:36:34.947Z",
"dateUpdated": "2024-10-17T13:48:00.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48764
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
KVM: x86: Free kvm_cpuid_entry2 array on post-KVM_RUN KVM_SET_CPUID{,2}
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48764",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:26:56.412300Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T13:27:07.630Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.597Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b9ee734a14bb685b2088f2176d82b34cb4e30dbc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/811f95ff95270e6048197821434d9301e3d7f07c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/x86/kvm/cpuid.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b9ee734a14bb",
"status": "affected",
"version": "24e7590c60aa",
"versionType": "git"
},
{
"lessThan": "811f95ff9527",
"status": "affected",
"version": "c6617c61e8fe",
"versionType": "git"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/x86/kvm/cpuid.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5.16.5",
"status": "affected",
"version": "5.16.3",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Free kvm_cpuid_entry2 array on post-KVM_RUN KVM_SET_CPUID{,2}\n\nFree the \"struct kvm_cpuid_entry2\" array on successful post-KVM_RUN\nKVM_SET_CPUID{,2} to fix a memory leak, the callers of kvm_set_cpuid()\nfree the array only on failure.\n\n BUG: memory leak\n unreferenced object 0xffff88810963a800 (size 2048):\n comm \"syz-executor025\", pid 3610, jiffies 4294944928 (age 8.080s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 0d 00 00 00 ................\n 47 65 6e 75 6e 74 65 6c 69 6e 65 49 00 00 00 00 GenuntelineI....\n backtrace:\n [\u003cffffffff814948ee\u003e] kmalloc_node include/linux/slab.h:604 [inline]\n [\u003cffffffff814948ee\u003e] kvmalloc_node+0x3e/0x100 mm/util.c:580\n [\u003cffffffff814950f2\u003e] kvmalloc include/linux/slab.h:732 [inline]\n [\u003cffffffff814950f2\u003e] vmemdup_user+0x22/0x100 mm/util.c:199\n [\u003cffffffff8109f5ff\u003e] kvm_vcpu_ioctl_set_cpuid2+0x8f/0xf0 arch/x86/kvm/cpuid.c:423\n [\u003cffffffff810711b9\u003e] kvm_arch_vcpu_ioctl+0xb99/0x1e60 arch/x86/kvm/x86.c:5251\n [\u003cffffffff8103e92d\u003e] kvm_vcpu_ioctl+0x4ad/0x950 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4066\n [\u003cffffffff815afacc\u003e] vfs_ioctl fs/ioctl.c:51 [inline]\n [\u003cffffffff815afacc\u003e] __do_sys_ioctl fs/ioctl.c:874 [inline]\n [\u003cffffffff815afacc\u003e] __se_sys_ioctl fs/ioctl.c:860 [inline]\n [\u003cffffffff815afacc\u003e] __x64_sys_ioctl+0xfc/0x140 fs/ioctl.c:860\n [\u003cffffffff844a3335\u003e] do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n [\u003cffffffff844a3335\u003e] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n [\u003cffffffff84600068\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:58.961Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b9ee734a14bb685b2088f2176d82b34cb4e30dbc"
},
{
"url": "https://git.kernel.org/stable/c/811f95ff95270e6048197821434d9301e3d7f07c"
}
],
"title": "KVM: x86: Free kvm_cpuid_entry2 array on post-KVM_RUN KVM_SET_CPUID{,2}",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48764",
"datePublished": "2024-06-20T11:13:41.170Z",
"dateReserved": "2024-06-20T11:09:39.060Z",
"dateUpdated": "2024-08-03T15:25:01.597Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-36281
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
net/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:04.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b0a15cde37a8388e57573686f650a17208ae1212"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cc9ac559f2e21894c21ac5b0c85fb24a5cab266c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/16d66a4fa81da07bc4ed19f4e53b87263c2f8d38"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36281",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:09:37.941517Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:46.031Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec_fs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b0a15cde37a8",
"status": "affected",
"version": "20af7afcd8b8",
"versionType": "git"
},
{
"lessThan": "cc9ac559f2e2",
"status": "affected",
"version": "94af50c0a9bb",
"versionType": "git"
},
{
"lessThan": "16d66a4fa81d",
"status": "affected",
"version": "94af50c0a9bb",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec_fs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.7"
},
{
"lessThan": "6.7",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules\n\nrx_create no longer allocates a modify_hdr instance that needs to be\ncleaned up. The mlx5_modify_header_dealloc call will lead to a NULL pointer\ndereference. A leak in the rules also previously occurred since there are\nnow two rules populated related to status.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 109907067 P4D 109907067 PUD 116890067 PMD 0\n Oops: 0000 [#1] SMP\n CPU: 1 PID: 484 Comm: ip Not tainted 6.9.0-rc2-rrameshbabu+ #254\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:mlx5_modify_header_dealloc+0xd/0x70\n \u003csnip\u003e\n Call Trace:\n \u003cTASK\u003e\n ? show_regs+0x60/0x70\n ? __die+0x24/0x70\n ? page_fault_oops+0x15f/0x430\n ? free_to_partial_list.constprop.0+0x79/0x150\n ? do_user_addr_fault+0x2c9/0x5c0\n ? exc_page_fault+0x63/0x110\n ? asm_exc_page_fault+0x27/0x30\n ? mlx5_modify_header_dealloc+0xd/0x70\n rx_create+0x374/0x590\n rx_add_rule+0x3ad/0x500\n ? rx_add_rule+0x3ad/0x500\n ? mlx5_cmd_exec+0x2c/0x40\n ? mlx5_create_ipsec_obj+0xd6/0x200\n mlx5e_accel_ipsec_fs_add_rule+0x31/0xf0\n mlx5e_xfrm_add_state+0x426/0xc00\n \u003csnip\u003e"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:46:57.784Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b0a15cde37a8388e57573686f650a17208ae1212"
},
{
"url": "https://git.kernel.org/stable/c/cc9ac559f2e21894c21ac5b0c85fb24a5cab266c"
},
{
"url": "https://git.kernel.org/stable/c/16d66a4fa81da07bc4ed19f4e53b87263c2f8d38"
}
],
"title": "net/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-36281",
"datePublished": "2024-06-21T10:18:07.695Z",
"dateReserved": "2024-06-21T10:12:11.453Z",
"dateUpdated": "2024-09-11T17:34:46.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-36288
Vulnerability from cvelistv5
Published
2024-06-21 11:18
Modified
2024-08-02 03:37
Severity ?
EPSS score ?
Summary
SUNRPC: Fix loop termination condition in gss_free_in_token_pages()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36288",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T13:05:00.955390Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T13:05:08.602Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:04.682Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/57ff6c0a175930856213b2aa39f8c845a53e5b1c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6ed45d20d30005bed94c8c527ce51d5ad8121018"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4cefcd0af7458bdeff56a9d8dfc6868ce23d128a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b4878ea99f2b40ef1925720b1b4ca7f4af1ba785"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f9977e4e0cd98a5f06f2492b4f3547db58deabf5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/af628d43a822b78ad8d4a58d8259f8bf8bc71115"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0a1cb0c6102bb4fd310243588d39461da49497ad"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4a77c3dead97339478c7422eb07bf4bf63577008"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/sunrpc/auth_gss/svcauth_gss.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "57ff6c0a1759",
"status": "affected",
"version": "ab8466d4e268",
"versionType": "git"
},
{
"lessThan": "6ed45d20d300",
"status": "affected",
"version": "4420b73c7f26",
"versionType": "git"
},
{
"lessThan": "4cefcd0af745",
"status": "affected",
"version": "f148a95f68c6",
"versionType": "git"
},
{
"lessThan": "b4878ea99f2b",
"status": "affected",
"version": "fe0b474974fe",
"versionType": "git"
},
{
"lessThan": "f9977e4e0cd9",
"status": "affected",
"version": "879fe60fccd5",
"versionType": "git"
},
{
"lessThan": "af628d43a822",
"status": "affected",
"version": "c1d8c429e4d2",
"versionType": "git"
},
{
"lessThan": "0a1cb0c6102b",
"status": "affected",
"version": "8ca148915670",
"versionType": "git"
},
{
"lessThan": "4a77c3dead97",
"status": "affected",
"version": "bafa6b4d95d9",
"versionType": "git"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/sunrpc/auth_gss/svcauth_gss.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6.9.4",
"status": "affected",
"version": "6.9.3",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix loop termination condition in gss_free_in_token_pages()\n\nThe in_token-\u003epages[] array is not NULL terminated. This results in\nthe following KASAN splat:\n\n KASAN: maybe wild-memory-access in range [0x04a2013400000008-0x04a201340000000f]"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:00.331Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/57ff6c0a175930856213b2aa39f8c845a53e5b1c"
},
{
"url": "https://git.kernel.org/stable/c/6ed45d20d30005bed94c8c527ce51d5ad8121018"
},
{
"url": "https://git.kernel.org/stable/c/4cefcd0af7458bdeff56a9d8dfc6868ce23d128a"
},
{
"url": "https://git.kernel.org/stable/c/b4878ea99f2b40ef1925720b1b4ca7f4af1ba785"
},
{
"url": "https://git.kernel.org/stable/c/f9977e4e0cd98a5f06f2492b4f3547db58deabf5"
},
{
"url": "https://git.kernel.org/stable/c/af628d43a822b78ad8d4a58d8259f8bf8bc71115"
},
{
"url": "https://git.kernel.org/stable/c/0a1cb0c6102bb4fd310243588d39461da49497ad"
},
{
"url": "https://git.kernel.org/stable/c/4a77c3dead97339478c7422eb07bf4bf63577008"
}
],
"title": "SUNRPC: Fix loop termination condition in gss_free_in_token_pages()",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-36288",
"datePublished": "2024-06-21T11:18:46.152Z",
"dateReserved": "2024-06-21T11:16:40.621Z",
"dateUpdated": "2024-08-02T03:37:04.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38622
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-08-02 04:12
Severity ?
EPSS score ?
Summary
drm/msm/dpu: Add callback function pointer check before its call
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38622",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T13:23:40.246723Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T13:23:53.817Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.011Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/873f67699114452c2a996c4e10faac8ff860c241"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9078630ed7f8f25d65d11823e7f2b11a8e2f4f0f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/530f272053a5e72243a9cb07bb1296af6c346002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/msm/disp/dpu1/dpu_hw_interrupts.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "873f67699114",
"status": "affected",
"version": "c929ac60b3ed",
"versionType": "git"
},
{
"lessThan": "9078630ed7f8",
"status": "affected",
"version": "c929ac60b3ed",
"versionType": "git"
},
{
"lessThan": "530f272053a5",
"status": "affected",
"version": "c929ac60b3ed",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/msm/disp/dpu1/dpu_hw_interrupts.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.19"
},
{
"lessThan": "5.19",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: Add callback function pointer check before its call\n\nIn dpu_core_irq_callback_handler() callback function pointer is compared to NULL,\nbut then callback function is unconditionally called by this pointer.\nFix this bug by adding conditional return.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\nPatchwork: https://patchwork.freedesktop.org/patch/588237/"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:15.899Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/873f67699114452c2a996c4e10faac8ff860c241"
},
{
"url": "https://git.kernel.org/stable/c/9078630ed7f8f25d65d11823e7f2b11a8e2f4f0f"
},
{
"url": "https://git.kernel.org/stable/c/530f272053a5e72243a9cb07bb1296af6c346002"
}
],
"title": "drm/msm/dpu: Add callback function pointer check before its call",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38622",
"datePublished": "2024-06-21T10:18:15.625Z",
"dateReserved": "2024-06-18T19:36:34.945Z",
"dateUpdated": "2024-08-02T04:12:26.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48750
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
hwmon: (nct6775) Fix crash in clear_caseopen
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48750",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T15:12:14.733914Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T15:12:27.350Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cfb7d12f2e4a4d694f49e9b4ebb352f7b67cdfbb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/79da533d3cc717ccc05ddbd3190da8a72bc2408b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/hwmon/nct6775.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "cfb7d12f2e4a",
"status": "affected",
"version": "2e7b9886968b",
"versionType": "git"
},
{
"lessThan": "79da533d3cc7",
"status": "affected",
"version": "2e7b9886968b",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/hwmon/nct6775.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.16"
},
{
"lessThan": "5.16",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (nct6775) Fix crash in clear_caseopen\n\nPawe\u0142 Marciniak reports the following crash, observed when clearing\nthe chassis intrusion alarm.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000028\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 3 PID: 4815 Comm: bash Tainted: G S 5.16.2-200.fc35.x86_64 #1\nHardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./Z97 Extreme4, BIOS P2.60A 05/03/2018\nRIP: 0010:clear_caseopen+0x5a/0x120 [nct6775]\nCode: 68 70 e8 e9 32 b1 e3 85 c0 0f 85 d2 00 00 00 48 83 7c 24 ...\nRSP: 0018:ffffabcb02803dd8 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000002 RCX: 0000000000000000\nRDX: ffff8e8808192880 RSI: 0000000000000000 RDI: ffff8e87c7509a68\nRBP: 0000000000000000 R08: 0000000000000001 R09: 000000000000000a\nR10: 000000000000000a R11: f000000000000000 R12: 000000000000001f\nR13: ffff8e87c7509828 R14: ffff8e87c7509a68 R15: ffff8e88494527a0\nFS: 00007f4db9151740(0000) GS:ffff8e8ebfec0000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000028 CR3: 0000000166b66001 CR4: 00000000001706e0\nCall Trace:\n \u003cTASK\u003e\n kernfs_fop_write_iter+0x11c/0x1b0\n new_sync_write+0x10b/0x180\n vfs_write+0x209/0x2a0\n ksys_write+0x4f/0xc0\n do_syscall_64+0x3b/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThe problem is that the device passed to clear_caseopen() is the hwmon\ndevice, not the platform device, and the platform data is not set in the\nhwmon device. Store the pointer to sio_data in struct nct6775_data and\nget if from there if needed."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:42.619Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/cfb7d12f2e4a4d694f49e9b4ebb352f7b67cdfbb"
},
{
"url": "https://git.kernel.org/stable/c/79da533d3cc717ccc05ddbd3190da8a72bc2408b"
}
],
"title": "hwmon: (nct6775) Fix crash in clear_caseopen",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48750",
"datePublished": "2024-06-20T11:13:31.920Z",
"dateReserved": "2024-06-20T11:09:39.055Z",
"dateUpdated": "2024-08-03T15:25:01.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-34777
Vulnerability from cvelistv5
Published
2024-06-21 11:18
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
dma-mapping: benchmark: fix node id validation
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:59:22.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/35d31c8bd4722b107f5a2f5ddddce839de04b936"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c57874265a3c5206d7aece3793bb2fc9abcd7570"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/34a816d8735f3924b74be8e5bf766ade1f3bd10b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/63e7e05a48a35308aeddd7ecccb68363a5988e87"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1ff05e723f7ca30644b8ec3fb093f16312e408ad"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34777",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:08:52.989247Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:44.129Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/dma/map_benchmark.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "35d31c8bd472",
"status": "affected",
"version": "65789daa8087",
"versionType": "git"
},
{
"lessThan": "c57874265a3c",
"status": "affected",
"version": "65789daa8087",
"versionType": "git"
},
{
"lessThan": "34a816d8735f",
"status": "affected",
"version": "65789daa8087",
"versionType": "git"
},
{
"lessThan": "63e7e05a48a3",
"status": "affected",
"version": "65789daa8087",
"versionType": "git"
},
{
"lessThan": "1ff05e723f7c",
"status": "affected",
"version": "65789daa8087",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/dma/map_benchmark.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.11"
},
{
"lessThan": "5.11",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-mapping: benchmark: fix node id validation\n\nWhile validating node ids in map_benchmark_ioctl(), node_possible() may\nbe provided with invalid argument outside of [0,MAX_NUMNODES-1] range\nleading to:\n\nBUG: KASAN: wild-memory-access in map_benchmark_ioctl (kernel/dma/map_benchmark.c:214)\nRead of size 8 at addr 1fffffff8ccb6398 by task dma_map_benchma/971\nCPU: 7 PID: 971 Comm: dma_map_benchma Not tainted 6.9.0-rc6 #37\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n \u003cTASK\u003e\ndump_stack_lvl (lib/dump_stack.c:117)\nkasan_report (mm/kasan/report.c:603)\nkasan_check_range (mm/kasan/generic.c:189)\nvariable_test_bit (arch/x86/include/asm/bitops.h:227) [inline]\narch_test_bit (arch/x86/include/asm/bitops.h:239) [inline]\n_test_bit at (include/asm-generic/bitops/instrumented-non-atomic.h:142) [inline]\nnode_state (include/linux/nodemask.h:423) [inline]\nmap_benchmark_ioctl (kernel/dma/map_benchmark.c:214)\nfull_proxy_unlocked_ioctl (fs/debugfs/file.c:333)\n__x64_sys_ioctl (fs/ioctl.c:890)\ndo_syscall_64 (arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nCompare node ids with sane bounds first. NUMA_NO_NODE is considered a\nspecial valid case meaning that benchmarking kthreads won\u0027t be bound to a\ncpuset of a given node.\n\nFound by Linux Verification Center (linuxtesting.org)."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:46:48.464Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/35d31c8bd4722b107f5a2f5ddddce839de04b936"
},
{
"url": "https://git.kernel.org/stable/c/c57874265a3c5206d7aece3793bb2fc9abcd7570"
},
{
"url": "https://git.kernel.org/stable/c/34a816d8735f3924b74be8e5bf766ade1f3bd10b"
},
{
"url": "https://git.kernel.org/stable/c/63e7e05a48a35308aeddd7ecccb68363a5988e87"
},
{
"url": "https://git.kernel.org/stable/c/1ff05e723f7ca30644b8ec3fb093f16312e408ad"
}
],
"title": "dma-mapping: benchmark: fix node id validation",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-34777",
"datePublished": "2024-06-21T11:18:45.481Z",
"dateReserved": "2024-06-21T11:16:40.638Z",
"dateUpdated": "2024-09-11T17:34:44.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38635
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-08-02 04:12
Severity ?
EPSS score ?
Summary
soundwire: cadence: fix invalid PDI offset
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38635",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T13:12:09.388099Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T13:12:24.572Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.040Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/002364b2d594a9afc0385c09e00994c510b1d089"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fd4bcb991ebaf0d1813d81d9983cfa99f9ef5328"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/902f6d656441a511ac25c6cffce74496db10a078"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2ebcaa0e5db9b6044bb487ae1cf41bc601761567"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7eeef1e935d23db5265233d92395bd5c648a4021"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4e99103f757cdf636c6ee860994a19a346a11785"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8ee1b439b1540ae543149b15a2a61b9dff937d91"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/soundwire/cadence_master.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "002364b2d594",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "fd4bcb991eba",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "902f6d656441",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "2ebcaa0e5db9",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "7eeef1e935d2",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "4e99103f757c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "8ee1b439b154",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/soundwire/cadence_master.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoundwire: cadence: fix invalid PDI offset\n\nFor some reason, we add an offset to the PDI, presumably to skip the\nPDI0 and PDI1 which are reserved for BPT.\n\nThis code is however completely wrong and leads to an out-of-bounds\naccess. We were just lucky so far since we used only a couple of PDIs\nand remained within the PDI array bounds.\n\nA Fixes: tag is not provided since there are no known platforms where\nthe out-of-bounds would be accessed, and the initial code had problems\nas well.\n\nA follow-up patch completely removes this useless offset."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:31.031Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/002364b2d594a9afc0385c09e00994c510b1d089"
},
{
"url": "https://git.kernel.org/stable/c/fd4bcb991ebaf0d1813d81d9983cfa99f9ef5328"
},
{
"url": "https://git.kernel.org/stable/c/902f6d656441a511ac25c6cffce74496db10a078"
},
{
"url": "https://git.kernel.org/stable/c/2ebcaa0e5db9b6044bb487ae1cf41bc601761567"
},
{
"url": "https://git.kernel.org/stable/c/7eeef1e935d23db5265233d92395bd5c648a4021"
},
{
"url": "https://git.kernel.org/stable/c/4e99103f757cdf636c6ee860994a19a346a11785"
},
{
"url": "https://git.kernel.org/stable/c/8ee1b439b1540ae543149b15a2a61b9dff937d91"
}
],
"title": "soundwire: cadence: fix invalid PDI offset",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38635",
"datePublished": "2024-06-21T10:18:24.244Z",
"dateReserved": "2024-06-18T19:36:34.947Z",
"dateUpdated": "2024-08-02T04:12:26.040Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-33621
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:36:04.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0049a623dfbbb49888de7f0c2f33a582b5ead989"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/54768bacfde60e8e4757968d79f8726711dd2cf5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1abbf079da59ef559d0ab4219d2a0302f7970761"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/183c4b416454b9983dc1b8aa0022b748911adc48"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cb53706a3403ba67f4040b2a82d9cf79e11b1a48"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/54213c09801e0bd2549ac42961093be36f65a7d0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/13c4543db34e0da5a7d2f550b6262d860f248381"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b3dc6e8003b500861fa307e9a3400c52e78e4d3a"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-33621",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:09:47.521739Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:46.366Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ipvlan/ipvlan_core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0049a623dfbb",
"status": "affected",
"version": "2ad7bf363841",
"versionType": "git"
},
{
"lessThan": "54768bacfde6",
"status": "affected",
"version": "2ad7bf363841",
"versionType": "git"
},
{
"lessThan": "1abbf079da59",
"status": "affected",
"version": "2ad7bf363841",
"versionType": "git"
},
{
"lessThan": "183c4b416454",
"status": "affected",
"version": "2ad7bf363841",
"versionType": "git"
},
{
"lessThan": "cb53706a3403",
"status": "affected",
"version": "2ad7bf363841",
"versionType": "git"
},
{
"lessThan": "54213c09801e",
"status": "affected",
"version": "2ad7bf363841",
"versionType": "git"
},
{
"lessThan": "13c4543db34e",
"status": "affected",
"version": "2ad7bf363841",
"versionType": "git"
},
{
"lessThan": "b3dc6e8003b5",
"status": "affected",
"version": "2ad7bf363841",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ipvlan/ipvlan_core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.19"
},
{
"lessThan": "3.19",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Dont Use skb-\u003esk in ipvlan_process_v{4,6}_outbound\n\nRaw packet from PF_PACKET socket ontop of an IPv6-backed ipvlan device will\nhit WARN_ON_ONCE() in sk_mc_loop() through sch_direct_xmit() path.\n\nWARNING: CPU: 2 PID: 0 at net/core/sock.c:775 sk_mc_loop+0x2d/0x70\nModules linked in: sch_netem ipvlan rfkill cirrus drm_shmem_helper sg drm_kms_helper\nCPU: 2 PID: 0 Comm: swapper/2 Kdump: loaded Not tainted 6.9.0+ #279\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nRIP: 0010:sk_mc_loop+0x2d/0x70\nCode: fa 0f 1f 44 00 00 65 0f b7 15 f7 96 a3 4f 31 c0 66 85 d2 75 26 48 85 ff 74 1c\nRSP: 0018:ffffa9584015cd78 EFLAGS: 00010212\nRAX: 0000000000000011 RBX: ffff91e585793e00 RCX: 0000000002c6a001\nRDX: 0000000000000000 RSI: 0000000000000040 RDI: ffff91e589c0f000\nRBP: ffff91e5855bd100 R08: 0000000000000000 R09: 3d00545216f43d00\nR10: ffff91e584fdcc50 R11: 00000060dd8616f4 R12: ffff91e58132d000\nR13: ffff91e584fdcc68 R14: ffff91e5869ce800 R15: ffff91e589c0f000\nFS: 0000000000000000(0000) GS:ffff91e898100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f788f7c44c0 CR3: 0000000008e1a000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cIRQ\u003e\n ? __warn (kernel/panic.c:693)\n ? sk_mc_loop (net/core/sock.c:760)\n ? report_bug (lib/bug.c:201 lib/bug.c:219)\n ? handle_bug (arch/x86/kernel/traps.c:239)\n ? exc_invalid_op (arch/x86/kernel/traps.c:260 (discriminator 1))\n ? asm_exc_invalid_op (./arch/x86/include/asm/idtentry.h:621)\n ? sk_mc_loop (net/core/sock.c:760)\n ip6_finish_output2 (net/ipv6/ip6_output.c:83 (discriminator 1))\n ? nf_hook_slow (net/netfilter/core.c:626)\n ip6_finish_output (net/ipv6/ip6_output.c:222)\n ? __pfx_ip6_finish_output (net/ipv6/ip6_output.c:215)\n ipvlan_xmit_mode_l3 (drivers/net/ipvlan/ipvlan_core.c:602) ipvlan\n ipvlan_start_xmit (drivers/net/ipvlan/ipvlan_main.c:226) ipvlan\n dev_hard_start_xmit (net/core/dev.c:3594)\n sch_direct_xmit (net/sched/sch_generic.c:343)\n __qdisc_run (net/sched/sch_generic.c:416)\n net_tx_action (net/core/dev.c:5286)\n handle_softirqs (kernel/softirq.c:555)\n __irq_exit_rcu (kernel/softirq.c:589)\n sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1043)\n\nThe warning triggers as this:\npacket_sendmsg\n packet_snd //skb-\u003esk is packet sk\n __dev_queue_xmit\n __dev_xmit_skb //q-\u003eenqueue is not NULL\n __qdisc_run\n sch_direct_xmit\n dev_hard_start_xmit\n ipvlan_start_xmit\n ipvlan_xmit_mode_l3 //l3 mode\n ipvlan_process_outbound //vepa flag\n ipvlan_process_v6_outbound\n ip6_local_out\n __ip6_finish_output\n ip6_finish_output2 //multicast packet\n sk_mc_loop //sk-\u003esk_family is AF_PACKET\n\nCall ip{6}_local_out() with NULL sk in ipvlan as other tunnels to fix this."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:46:43.793Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0049a623dfbbb49888de7f0c2f33a582b5ead989"
},
{
"url": "https://git.kernel.org/stable/c/54768bacfde60e8e4757968d79f8726711dd2cf5"
},
{
"url": "https://git.kernel.org/stable/c/1abbf079da59ef559d0ab4219d2a0302f7970761"
},
{
"url": "https://git.kernel.org/stable/c/183c4b416454b9983dc1b8aa0022b748911adc48"
},
{
"url": "https://git.kernel.org/stable/c/cb53706a3403ba67f4040b2a82d9cf79e11b1a48"
},
{
"url": "https://git.kernel.org/stable/c/54213c09801e0bd2549ac42961093be36f65a7d0"
},
{
"url": "https://git.kernel.org/stable/c/13c4543db34e0da5a7d2f550b6262d860f248381"
},
{
"url": "https://git.kernel.org/stable/c/b3dc6e8003b500861fa307e9a3400c52e78e4d3a"
}
],
"title": "ipvlan: Dont Use skb-\u003esk in ipvlan_process_v{4,6}_outbound",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-33621",
"datePublished": "2024-06-21T10:18:05.673Z",
"dateReserved": "2024-06-21T10:13:16.298Z",
"dateUpdated": "2024-09-11T17:34:46.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48741
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:24
Severity ?
EPSS score ?
Summary
ovl: fix NULL pointer dereference in copy up warning
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48741",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T16:02:21.941133Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T16:02:33.386Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:24:59.974Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e6b678c1a3673de6a5d2f4e22bb725a086a0701a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9c7f8a35c5a83740c0e3ea540b6ad145c50d79aa"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4ee7e4a6c9b298da44029ed9ec8ed23ae49cc209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/overlayfs/copy_up.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e6b678c1a367",
"status": "affected",
"version": "5cffa333a2b2",
"versionType": "git"
},
{
"lessThan": "9c7f8a35c5a8",
"status": "affected",
"version": "5b0a414d06c3",
"versionType": "git"
},
{
"lessThan": "4ee7e4a6c9b2",
"status": "affected",
"version": "5b0a414d06c3",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/overlayfs/copy_up.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.16"
},
{
"lessThan": "5.16",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.20",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.6",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix NULL pointer dereference in copy up warning\n\nThis patch is fixing a NULL pointer dereference to get a recently\nintroduced warning message working."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:32.232Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e6b678c1a3673de6a5d2f4e22bb725a086a0701a"
},
{
"url": "https://git.kernel.org/stable/c/9c7f8a35c5a83740c0e3ea540b6ad145c50d79aa"
},
{
"url": "https://git.kernel.org/stable/c/4ee7e4a6c9b298da44029ed9ec8ed23ae49cc209"
}
],
"title": "ovl: fix NULL pointer dereference in copy up warning",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48741",
"datePublished": "2024-06-20T11:13:25.990Z",
"dateReserved": "2024-06-20T11:09:39.054Z",
"dateUpdated": "2024-08-03T15:24:59.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48714
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:17:55.841Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6304a613a97d6dcd49b93fbad31e9f39d1e138d6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5e457aeab52a5947619e1f18047f4d2f3212b3eb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d578933f6226d5419af9306746efa1c693cbaf9c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b293dcc473d22a62dc6d78de2b15e4f49515db56"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48714",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:11:29.204417Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:50.097Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/bpf/ringbuf.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6304a613a97d",
"status": "affected",
"version": "457f44363a88",
"versionType": "git"
},
{
"lessThan": "5e457aeab52a",
"status": "affected",
"version": "457f44363a88",
"versionType": "git"
},
{
"lessThan": "d578933f6226",
"status": "affected",
"version": "457f44363a88",
"versionType": "git"
},
{
"lessThan": "b293dcc473d2",
"status": "affected",
"version": "457f44363a88",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/bpf/ringbuf.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.8"
},
{
"lessThan": "5.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.99",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Use VM_MAP instead of VM_ALLOC for ringbuf\n\nAfter commit 2fd3fb0be1d1 (\"kasan, vmalloc: unpoison VM_ALLOC pages\nafter mapping\"), non-VM_ALLOC mappings will be marked as accessible\nin __get_vm_area_node() when KASAN is enabled. But now the flag for\nringbuf area is VM_ALLOC, so KASAN will complain out-of-bound access\nafter vmap() returns. Because the ringbuf area is created by mapping\nallocated pages, so use VM_MAP instead.\n\nAfter the change, info in /proc/vmallocinfo also changes from\n [start]-[end] 24576 ringbuf_map_alloc+0x171/0x290 vmalloc user\nto\n [start]-[end] 24576 ringbuf_map_alloc+0x171/0x290 vmap user"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:13:55.864Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/6304a613a97d6dcd49b93fbad31e9f39d1e138d6"
},
{
"url": "https://git.kernel.org/stable/c/5e457aeab52a5947619e1f18047f4d2f3212b3eb"
},
{
"url": "https://git.kernel.org/stable/c/d578933f6226d5419af9306746efa1c693cbaf9c"
},
{
"url": "https://git.kernel.org/stable/c/b293dcc473d22a62dc6d78de2b15e4f49515db56"
}
],
"title": "bpf: Use VM_MAP instead of VM_ALLOC for ringbuf",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48714",
"datePublished": "2024-06-20T11:13:08.007Z",
"dateReserved": "2024-06-20T11:09:39.050Z",
"dateUpdated": "2024-09-11T17:34:50.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38628
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-08-02 04:12
Severity ?
EPSS score ?
Summary
usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38628",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T15:20:09.528911Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T15:20:30.852Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.065Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/89e66809684485590ea0b32c3178e42cba36ac09"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/453d3fa9266e53f85377b911c19b9a4563fa88c0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bea73b58ab67fe581037ad9cdb93c2557590c068"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1b739388aa3f8dfb63a9fca777e6dfa6912d0464"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/usb/gadget/function/u_audio.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "89e668096844",
"status": "affected",
"version": "02de698ca812",
"versionType": "git"
},
{
"lessThan": "453d3fa9266e",
"status": "affected",
"version": "02de698ca812",
"versionType": "git"
},
{
"lessThan": "bea73b58ab67",
"status": "affected",
"version": "02de698ca812",
"versionType": "git"
},
{
"lessThan": "1b739388aa3f",
"status": "affected",
"version": "02de698ca812",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/usb/gadget/function/u_audio.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.15"
},
{
"lessThan": "5.15",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind.\n\nHang on to the control IDs instead of pointers since those are correctly\nhandled with locks."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:22.881Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/89e66809684485590ea0b32c3178e42cba36ac09"
},
{
"url": "https://git.kernel.org/stable/c/453d3fa9266e53f85377b911c19b9a4563fa88c0"
},
{
"url": "https://git.kernel.org/stable/c/bea73b58ab67fe581037ad9cdb93c2557590c068"
},
{
"url": "https://git.kernel.org/stable/c/1b739388aa3f8dfb63a9fca777e6dfa6912d0464"
}
],
"title": "usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind.",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38628",
"datePublished": "2024-06-21T10:18:19.558Z",
"dateReserved": "2024-06-18T19:36:34.946Z",
"dateUpdated": "2024-08-02T04:12:26.065Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48734
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:24
Severity ?
EPSS score ?
Summary
btrfs: fix deadlock between quota disable and qgroup rescan worker
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48734",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T15:19:58.749311Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T15:20:10.553Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:24:59.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/26b3901d20bf9da2c6a00cb1fb48932166f80a45"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/32747e01436aac8ef93fe85b5b523b4f3b52f040"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/89d4cca583fc9594ee7d1a0bc986886d6fb587e6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/31198e58c09e21d4f65c49d2361f76b87aca4c3f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e804861bd4e69cc5fe1053eedcb024982dde8e48"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/btrfs/qgroup.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "26b3901d20bf",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "32747e01436a",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "89d4cca583fc",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "31198e58c09e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "e804861bd4e6",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/btrfs/qgroup.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.178",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.99",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix deadlock between quota disable and qgroup rescan worker\n\nQuota disable ioctl starts a transaction before waiting for the qgroup\nrescan worker completes. However, this wait can be infinite and results\nin deadlock because of circular dependency among the quota disable\nioctl, the qgroup rescan worker and the other task with transaction such\nas block group relocation task.\n\nThe deadlock happens with the steps following:\n\n1) Task A calls ioctl to disable quota. It starts a transaction and\n waits for qgroup rescan worker completes.\n2) Task B such as block group relocation task starts a transaction and\n joins to the transaction that task A started. Then task B commits to\n the transaction. In this commit, task B waits for a commit by task A.\n3) Task C as the qgroup rescan worker starts its job and starts a\n transaction. In this transaction start, task C waits for completion\n of the transaction that task A started and task B committed.\n\nThis deadlock was found with fstests test case btrfs/115 and a zoned\nnull_blk device. The test case enables and disables quota, and the\nblock group reclaim was triggered during the quota disable by chance.\nThe deadlock was also observed by running quota enable and disable in\nparallel with \u0027btrfs balance\u0027 command on regular null_blk devices.\n\nAn example report of the deadlock:\n\n [372.469894] INFO: task kworker/u16:6:103 blocked for more than 122 seconds.\n [372.479944] Not tainted 5.16.0-rc8 #7\n [372.485067] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n [372.493898] task:kworker/u16:6 state:D stack: 0 pid: 103 ppid: 2 flags:0x00004000\n [372.503285] Workqueue: btrfs-qgroup-rescan btrfs_work_helper [btrfs]\n [372.510782] Call Trace:\n [372.514092] \u003cTASK\u003e\n [372.521684] __schedule+0xb56/0x4850\n [372.530104] ? io_schedule_timeout+0x190/0x190\n [372.538842] ? lockdep_hardirqs_on+0x7e/0x100\n [372.547092] ? _raw_spin_unlock_irqrestore+0x3e/0x60\n [372.555591] schedule+0xe0/0x270\n [372.561894] btrfs_commit_transaction+0x18bb/0x2610 [btrfs]\n [372.570506] ? btrfs_apply_pending_changes+0x50/0x50 [btrfs]\n [372.578875] ? free_unref_page+0x3f2/0x650\n [372.585484] ? finish_wait+0x270/0x270\n [372.591594] ? release_extent_buffer+0x224/0x420 [btrfs]\n [372.599264] btrfs_qgroup_rescan_worker+0xc13/0x10c0 [btrfs]\n [372.607157] ? lock_release+0x3a9/0x6d0\n [372.613054] ? btrfs_qgroup_account_extent+0xda0/0xda0 [btrfs]\n [372.620960] ? do_raw_spin_lock+0x11e/0x250\n [372.627137] ? rwlock_bug.part.0+0x90/0x90\n [372.633215] ? lock_is_held_type+0xe4/0x140\n [372.639404] btrfs_work_helper+0x1ae/0xa90 [btrfs]\n [372.646268] process_one_work+0x7e9/0x1320\n [372.652321] ? lock_release+0x6d0/0x6d0\n [372.658081] ? pwq_dec_nr_in_flight+0x230/0x230\n [372.664513] ? rwlock_bug.part.0+0x90/0x90\n [372.670529] worker_thread+0x59e/0xf90\n [372.676172] ? process_one_work+0x1320/0x1320\n [372.682440] kthread+0x3b9/0x490\n [372.687550] ? _raw_spin_unlock_irq+0x24/0x50\n [372.693811] ? set_kthread_struct+0x100/0x100\n [372.700052] ret_from_fork+0x22/0x30\n [372.705517] \u003c/TASK\u003e\n [372.709747] INFO: task btrfs-transacti:2347 blocked for more than 123 seconds.\n [372.729827] Not tainted 5.16.0-rc8 #7\n [372.745907] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n [372.767106] task:btrfs-transacti state:D stack: 0 pid: 2347 ppid: 2 flags:0x00004000\n [372.787776] Call Trace:\n [372.801652] \u003cTASK\u003e\n [372.812961] __schedule+0xb56/0x4850\n [372.830011] ? io_schedule_timeout+0x190/0x190\n [372.852547] ? lockdep_hardirqs_on+0x7e/0x100\n [372.871761] ? _raw_spin_unlock_irqrestore+0x3e/0x60\n [372.886792] schedule+0xe0/0x270\n [372.901685] wait_current_trans+0x22c/0x310 [btrfs]\n [372.919743] ? btrfs_put_transaction+0x3d0/0x3d0 [btrfs]\n [372.938923] ? finish_wait+0x270/0x270\n [372.959085] ? join_transaction+0xc7\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:24.170Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/26b3901d20bf9da2c6a00cb1fb48932166f80a45"
},
{
"url": "https://git.kernel.org/stable/c/32747e01436aac8ef93fe85b5b523b4f3b52f040"
},
{
"url": "https://git.kernel.org/stable/c/89d4cca583fc9594ee7d1a0bc986886d6fb587e6"
},
{
"url": "https://git.kernel.org/stable/c/31198e58c09e21d4f65c49d2361f76b87aca4c3f"
},
{
"url": "https://git.kernel.org/stable/c/e804861bd4e69cc5fe1053eedcb024982dde8e48"
}
],
"title": "btrfs: fix deadlock between quota disable and qgroup rescan worker",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48734",
"datePublished": "2024-06-20T11:13:21.392Z",
"dateReserved": "2024-06-20T11:09:39.053Z",
"dateUpdated": "2024-08-03T15:24:59.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48745
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
net/mlx5: Use del_timer_sync in fw reset flow of halting poll
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/502c37b033fab7cde3e95a570af4f073306be45e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f895ebeb44d09d02674cfdd0cfc2bf687603918c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2a038dd1d942f8fbc495c58fa592ff24af05f1c2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3c5193a87b0fea090aa3f769d020337662d87b5e"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48745",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:34.989904Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:48.212Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/fw_reset.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "502c37b033fa",
"status": "affected",
"version": "38b9f903f22b",
"versionType": "git"
},
{
"lessThan": "f895ebeb44d0",
"status": "affected",
"version": "38b9f903f22b",
"versionType": "git"
},
{
"lessThan": "2a038dd1d942",
"status": "affected",
"version": "38b9f903f22b",
"versionType": "git"
},
{
"lessThan": "3c5193a87b0f",
"status": "affected",
"version": "38b9f903f22b",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/fw_reset.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.10"
},
{
"lessThan": "5.10",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.97",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.20",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.6",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Use del_timer_sync in fw reset flow of halting poll\n\nSubstitute del_timer() with del_timer_sync() in fw reset polling\ndeactivation flow, in order to prevent a race condition which occurs\nwhen del_timer() is called and timer is deactivated while another\nprocess is handling the timer interrupt. A situation that led to\nthe following call trace:\n\tRIP: 0010:run_timer_softirq+0x137/0x420\n\t\u003cIRQ\u003e\n\trecalibrate_cpu_khz+0x10/0x10\n\tktime_get+0x3e/0xa0\n\t? sched_clock_cpu+0xb/0xc0\n\t__do_softirq+0xf5/0x2ea\n\tirq_exit_rcu+0xc1/0xf0\n\tsysvec_apic_timer_interrupt+0x9e/0xc0\n\tasm_sysvec_apic_timer_interrupt+0x12/0x20\n\t\u003c/IRQ\u003e"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:36.851Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/502c37b033fab7cde3e95a570af4f073306be45e"
},
{
"url": "https://git.kernel.org/stable/c/f895ebeb44d09d02674cfdd0cfc2bf687603918c"
},
{
"url": "https://git.kernel.org/stable/c/2a038dd1d942f8fbc495c58fa592ff24af05f1c2"
},
{
"url": "https://git.kernel.org/stable/c/3c5193a87b0fea090aa3f769d020337662d87b5e"
}
],
"title": "net/mlx5: Use del_timer_sync in fw reset flow of halting poll",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48745",
"datePublished": "2024-06-20T11:13:28.638Z",
"dateReserved": "2024-06-20T11:09:39.055Z",
"dateUpdated": "2024-09-11T17:34:48.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48733
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-12 11:48
Severity ?
EPSS score ?
Summary
btrfs: fix use-after-free after failure to create a snapshot
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a7b717fa15165d3d9245614680bebc48a52ac05d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9372fa1d73da5f1673921e365d0cd2c27ec7adc2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/28b21c558a3753171097193b6f6602a94169093a"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48733",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:54.149503Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:48.869Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/btrfs/ioctl.c",
"fs/btrfs/transaction.c",
"fs/btrfs/transaction.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7e4c72dbaf62",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "a7b717fa1516",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "9372fa1d73da",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "28b21c558a37",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/btrfs/ioctl.c",
"fs/btrfs/transaction.c",
"fs/btrfs/transaction.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.226",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free after failure to create a snapshot\n\nAt ioctl.c:create_snapshot(), we allocate a pending snapshot structure and\nthen attach it to the transaction\u0027s list of pending snapshots. After that\nwe call btrfs_commit_transaction(), and if that returns an error we jump\nto \u0027fail\u0027 label, where we kfree() the pending snapshot structure. This can\nresult in a later use-after-free of the pending snapshot:\n\n1) We allocated the pending snapshot and added it to the transaction\u0027s\n list of pending snapshots;\n\n2) We call btrfs_commit_transaction(), and it fails either at the first\n call to btrfs_run_delayed_refs() or btrfs_start_dirty_block_groups().\n In both cases, we don\u0027t abort the transaction and we release our\n transaction handle. We jump to the \u0027fail\u0027 label and free the pending\n snapshot structure. We return with the pending snapshot still in the\n transaction\u0027s list;\n\n3) Another task commits the transaction. This time there\u0027s no error at\n all, and then during the transaction commit it accesses a pointer\n to the pending snapshot structure that the snapshot creation task\n has already freed, resulting in a user-after-free.\n\nThis issue could actually be detected by smatch, which produced the\nfollowing warning:\n\n fs/btrfs/ioctl.c:843 create_snapshot() warn: \u0027\u0026pending_snapshot-\u003elist\u0027 not removed from list\n\nSo fix this by not having the snapshot creation ioctl directly add the\npending snapshot to the transaction\u0027s list. Instead add the pending\nsnapshot to the transaction handle, and then at btrfs_commit_transaction()\nwe add the snapshot to the list only when we can guarantee that any error\nreturned after that point will result in a transaction abort, in which\ncase the ioctl code can safely free the pending snapshot and no one can\naccess it anymore."
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T11:48:02.091Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7e4c72dbaf62f8978af8321a24dbd35566d3a78a"
},
{
"url": "https://git.kernel.org/stable/c/a7b717fa15165d3d9245614680bebc48a52ac05d"
},
{
"url": "https://git.kernel.org/stable/c/9372fa1d73da5f1673921e365d0cd2c27ec7adc2"
},
{
"url": "https://git.kernel.org/stable/c/28b21c558a3753171097193b6f6602a94169093a"
}
],
"title": "btrfs: fix use-after-free after failure to create a snapshot",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48733",
"datePublished": "2024-06-20T11:13:20.737Z",
"dateReserved": "2024-06-20T11:09:39.053Z",
"dateUpdated": "2024-09-12T11:48:02.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48760
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
USB: core: Fix hang in usb_kill_urb by adding memory barriers
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48760",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T14:49:44.326446Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T14:50:00.838Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5f138ef224dffd15d5e5c5b095859719e0038427"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b50f5ca60475710bbc9a3af32fbfc17b1e69c2f0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/546ba238535d925254e0b3f12012a5c55801e2f3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5904dfd3ddaff3bf4a41c3baf0a8e8f31ed4599b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9c61fce322ac2ef7fecf025285353570d60e41d6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e3b131e30e612ff0e32de6c1cb4f69f89db29193"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9340226388c66a7e090ebb00e91ed64a753b6c26"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c9a18f7c5b071dce5e6939568829d40994866ab0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/26fbe9772b8c459687930511444ce443011f86bf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/usb/core/hcd.c",
"drivers/usb/core/urb.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5f138ef224df",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "b50f5ca60475",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "546ba238535d",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "5904dfd3ddaf",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "9c61fce322ac",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "e3b131e30e61",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "9340226388c6",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "c9a18f7c5b07",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "26fbe9772b8c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/usb/core/hcd.c",
"drivers/usb/core/urb.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"version": "4.4.302",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.300",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.265",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.176",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix hang in usb_kill_urb by adding memory barriers\n\nThe syzbot fuzzer has identified a bug in which processes hang waiting\nfor usb_kill_urb() to return. It turns out the issue is not unlinking\nthe URB; that works just fine. Rather, the problem arises when the\nwakeup notification that the URB has completed is not received.\n\nThe reason is memory-access ordering on SMP systems. In outline form,\nusb_kill_urb() and __usb_hcd_giveback_urb() operating concurrently on\ndifferent CPUs perform the following actions:\n\nCPU 0\t\t\t\t\tCPU 1\n----------------------------\t\t---------------------------------\nusb_kill_urb():\t\t\t\t__usb_hcd_giveback_urb():\n ...\t\t\t\t\t ...\n atomic_inc(\u0026urb-\u003ereject);\t\t atomic_dec(\u0026urb-\u003euse_count);\n ...\t\t\t\t\t ...\n wait_event(usb_kill_urb_queue,\n\tatomic_read(\u0026urb-\u003euse_count) == 0);\n\t\t\t\t\t if (atomic_read(\u0026urb-\u003ereject))\n\t\t\t\t\t\twake_up(\u0026usb_kill_urb_queue);\n\nConfining your attention to urb-\u003ereject and urb-\u003euse_count, you can\nsee that the overall pattern of accesses on CPU 0 is:\n\n\twrite urb-\u003ereject, then read urb-\u003euse_count;\n\nwhereas the overall pattern of accesses on CPU 1 is:\n\n\twrite urb-\u003euse_count, then read urb-\u003ereject.\n\nThis pattern is referred to in memory-model circles as SB (for \"Store\nBuffering\"), and it is well known that without suitable enforcement of\nthe desired order of accesses -- in the form of memory barriers -- it\nis entirely possible for one or both CPUs to execute their reads ahead\nof their writes. The end result will be that sometimes CPU 0 sees the\nold un-decremented value of urb-\u003euse_count while CPU 1 sees the old\nun-incremented value of urb-\u003ereject. Consequently CPU 0 ends up on\nthe wait queue and never gets woken up, leading to the observed hang\nin usb_kill_urb().\n\nThe same pattern of accesses occurs in usb_poison_urb() and the\nfailure pathway of usb_hcd_submit_urb().\n\nThe problem is fixed by adding suitable memory barriers. To provide\nproper memory-access ordering in the SB pattern, a full barrier is\nrequired on both CPUs. The atomic_inc() and atomic_dec() accesses\nthemselves don\u0027t provide any memory ordering, but since they are\npresent, we can use the optimized smp_mb__after_atomic() memory\nbarrier in the various routines to obtain the desired effect.\n\nThis patch adds the necessary memory barriers."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:54.367Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/5f138ef224dffd15d5e5c5b095859719e0038427"
},
{
"url": "https://git.kernel.org/stable/c/b50f5ca60475710bbc9a3af32fbfc17b1e69c2f0"
},
{
"url": "https://git.kernel.org/stable/c/546ba238535d925254e0b3f12012a5c55801e2f3"
},
{
"url": "https://git.kernel.org/stable/c/5904dfd3ddaff3bf4a41c3baf0a8e8f31ed4599b"
},
{
"url": "https://git.kernel.org/stable/c/9c61fce322ac2ef7fecf025285353570d60e41d6"
},
{
"url": "https://git.kernel.org/stable/c/e3b131e30e612ff0e32de6c1cb4f69f89db29193"
},
{
"url": "https://git.kernel.org/stable/c/9340226388c66a7e090ebb00e91ed64a753b6c26"
},
{
"url": "https://git.kernel.org/stable/c/c9a18f7c5b071dce5e6939568829d40994866ab0"
},
{
"url": "https://git.kernel.org/stable/c/26fbe9772b8c459687930511444ce443011f86bf"
}
],
"title": "USB: core: Fix hang in usb_kill_urb by adding memory barriers",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48760",
"datePublished": "2024-06-20T11:13:38.532Z",
"dateReserved": "2024-06-20T11:09:39.059Z",
"dateUpdated": "2024-08-03T15:25:01.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48755
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA v2.06
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/129c71829d7f46423d95c19e8d87ce956d4c6e1c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3bfbc00587dc883eaed383558ae512a351c2cd09"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/aaccfeeee1630b155e8ff0d6c449d3de1ef86e73"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3f5f766d5f7f95a69a630da3544a1a0cee1cdddf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48755",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:22.467410Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:47.728Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/powerpc/include/asm/ppc-opcode.h",
"arch/powerpc/net/bpf_jit_comp64.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "129c71829d7f",
"status": "affected",
"version": "156d0e290e96",
"versionType": "git"
},
{
"lessThan": "3bfbc00587dc",
"status": "affected",
"version": "156d0e290e96",
"versionType": "git"
},
{
"lessThan": "aaccfeeee163",
"status": "affected",
"version": "156d0e290e96",
"versionType": "git"
},
{
"lessThan": "3f5f766d5f7f",
"status": "affected",
"version": "156d0e290e96",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/powerpc/include/asm/ppc-opcode.h",
"arch/powerpc/net/bpf_jit_comp64.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.8"
},
{
"lessThan": "4.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc64/bpf: Limit \u0027ldbrx\u0027 to processors compliant with ISA v2.06\n\nJohan reported the below crash with test_bpf on ppc64 e5500:\n\n test_bpf: #296 ALU_END_FROM_LE 64: 0x0123456789abcdef -\u003e 0x67452301 jited:1\n Oops: Exception in kernel mode, sig: 4 [#1]\n BE PAGE_SIZE=4K SMP NR_CPUS=24 QEMU e500\n Modules linked in: test_bpf(+)\n CPU: 0 PID: 76 Comm: insmod Not tainted 5.14.0-03771-g98c2059e008a-dirty #1\n NIP: 8000000000061c3c LR: 80000000006dea64 CTR: 8000000000061c18\n REGS: c0000000032d3420 TRAP: 0700 Not tainted (5.14.0-03771-g98c2059e008a-dirty)\n MSR: 0000000080089000 \u003cEE,ME\u003e CR: 88002822 XER: 20000000 IRQMASK: 0\n \u003c...\u003e\n NIP [8000000000061c3c] 0x8000000000061c3c\n LR [80000000006dea64] .__run_one+0x104/0x17c [test_bpf]\n Call Trace:\n .__run_one+0x60/0x17c [test_bpf] (unreliable)\n .test_bpf_init+0x6a8/0xdc8 [test_bpf]\n .do_one_initcall+0x6c/0x28c\n .do_init_module+0x68/0x28c\n .load_module+0x2460/0x2abc\n .__do_sys_init_module+0x120/0x18c\n .system_call_exception+0x110/0x1b8\n system_call_common+0xf0/0x210\n --- interrupt: c00 at 0x101d0acc\n \u003c...\u003e\n ---[ end trace 47b2bf19090bb3d0 ]---\n\n Illegal instruction\n\nThe illegal instruction turned out to be \u0027ldbrx\u0027 emitted for\nBPF_FROM_[L|B]E, which was only introduced in ISA v2.06. Guard use of\nthe same and implement an alternative approach for older processors."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:48.488Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/129c71829d7f46423d95c19e8d87ce956d4c6e1c"
},
{
"url": "https://git.kernel.org/stable/c/3bfbc00587dc883eaed383558ae512a351c2cd09"
},
{
"url": "https://git.kernel.org/stable/c/aaccfeeee1630b155e8ff0d6c449d3de1ef86e73"
},
{
"url": "https://git.kernel.org/stable/c/3f5f766d5f7f95a69a630da3544a1a0cee1cdddf"
}
],
"title": "powerpc64/bpf: Limit \u0027ldbrx\u0027 to processors compliant with ISA v2.06",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48755",
"datePublished": "2024-06-20T11:13:35.212Z",
"dateReserved": "2024-06-20T11:09:39.059Z",
"dateUpdated": "2024-09-11T17:34:47.728Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-4439
Vulnerability from cvelistv5
Published
2024-06-20 12:07
Modified
2024-08-03 17:30
Severity ?
EPSS score ?
Summary
isdn: cpai: check ctr->cnr to avoid array index out of bound
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-4439",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T14:46:11.140255Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T14:46:30.065Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:30:07.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e8b8de17e164c9f1b7777f1c6f99d05539000036"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/24219a977bfe3d658687e45615c70998acdbac5a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9b6b2db77bc3121fe435f1d4b56e34de443bec75"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7d91adc0ccb060ce564103315189466eb822cc6a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/285e9210b1fab96a11c0be3ed5cea9dd48b6ac54"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7f221ccbee4ec662e2292d490a43ce6c314c4594"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cc20226e218a2375d50dd9ac14fb4121b43375ff"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1f3e2e97c003f80c4b087092b225c8787ff91e4d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/isdn/capi/kcapi.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e8b8de17e164",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "24219a977bfe",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "9b6b2db77bc3",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "7d91adc0ccb0",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "285e9210b1fa",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "7f221ccbee4e",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "cc20226e218a",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "1f3e2e97c003",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/isdn/capi/kcapi.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"version": "4.4.290",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.288",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.253",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.214",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.156",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.76",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"version": "5.14.15",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nisdn: cpai: check ctr-\u003ecnr to avoid array index out of bound\n\nThe cmtp_add_connection() would add a cmtp session to a controller\nand run a kernel thread to process cmtp.\n\n\t__module_get(THIS_MODULE);\n\tsession-\u003etask = kthread_run(cmtp_session, session, \"kcmtpd_ctr_%d\",\n\t\t\t\t\t\t\t\tsession-\u003enum);\n\nDuring this process, the kernel thread would call detach_capi_ctr()\nto detach a register controller. if the controller\nwas not attached yet, detach_capi_ctr() would\ntrigger an array-index-out-bounds bug.\n\n[ 46.866069][ T6479] UBSAN: array-index-out-of-bounds in\ndrivers/isdn/capi/kcapi.c:483:21\n[ 46.867196][ T6479] index -1 is out of range for type \u0027capi_ctr *[32]\u0027\n[ 46.867982][ T6479] CPU: 1 PID: 6479 Comm: kcmtpd_ctr_0 Not tainted\n5.15.0-rc2+ #8\n[ 46.869002][ T6479] Hardware name: QEMU Standard PC (i440FX + PIIX,\n1996), BIOS 1.14.0-2 04/01/2014\n[ 46.870107][ T6479] Call Trace:\n[ 46.870473][ T6479] dump_stack_lvl+0x57/0x7d\n[ 46.870974][ T6479] ubsan_epilogue+0x5/0x40\n[ 46.871458][ T6479] __ubsan_handle_out_of_bounds.cold+0x43/0x48\n[ 46.872135][ T6479] detach_capi_ctr+0x64/0xc0\n[ 46.872639][ T6479] cmtp_session+0x5c8/0x5d0\n[ 46.873131][ T6479] ? __init_waitqueue_head+0x60/0x60\n[ 46.873712][ T6479] ? cmtp_add_msgpart+0x120/0x120\n[ 46.874256][ T6479] kthread+0x147/0x170\n[ 46.874709][ T6479] ? set_kthread_struct+0x40/0x40\n[ 46.875248][ T6479] ret_from_fork+0x1f/0x30\n[ 46.875773][ T6479]"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T12:07:57.944Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e8b8de17e164c9f1b7777f1c6f99d05539000036"
},
{
"url": "https://git.kernel.org/stable/c/24219a977bfe3d658687e45615c70998acdbac5a"
},
{
"url": "https://git.kernel.org/stable/c/9b6b2db77bc3121fe435f1d4b56e34de443bec75"
},
{
"url": "https://git.kernel.org/stable/c/7d91adc0ccb060ce564103315189466eb822cc6a"
},
{
"url": "https://git.kernel.org/stable/c/285e9210b1fab96a11c0be3ed5cea9dd48b6ac54"
},
{
"url": "https://git.kernel.org/stable/c/7f221ccbee4ec662e2292d490a43ce6c314c4594"
},
{
"url": "https://git.kernel.org/stable/c/cc20226e218a2375d50dd9ac14fb4121b43375ff"
},
{
"url": "https://git.kernel.org/stable/c/1f3e2e97c003f80c4b087092b225c8787ff91e4d"
}
],
"title": "isdn: cpai: check ctr-\u003ecnr to avoid array index out of bound",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-4439",
"datePublished": "2024-06-20T12:07:57.944Z",
"dateReserved": "2024-06-20T12:07:18.155Z",
"dateUpdated": "2024-08-03T17:30:07.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48763
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
KVM: x86: Forcibly leave nested virt when SMM state is toggled
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48763",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T14:49:19.727455Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T14:49:33.691Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.568Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/080dbe7e9b86a0392d8dffc00d9971792afc121f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e302786233e6bc512986d007c96458ccf5ca21c7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b4c0d89c92e957ecccce12e66b63875d0cc7af7e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f7e570780efc5cec9b2ed1e0472a7da14e864fdb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/x86/include/asm/kvm_host.h",
"arch/x86/kvm/svm/nested.c",
"arch/x86/kvm/svm/svm.c",
"arch/x86/kvm/svm/svm.h",
"arch/x86/kvm/vmx/nested.c",
"arch/x86/kvm/x86.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "080dbe7e9b86",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "e302786233e6",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "b4c0d89c92e9",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "f7e570780efc",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/x86/include/asm/kvm_host.h",
"arch/x86/kvm/svm/nested.c",
"arch/x86/kvm/svm/svm.c",
"arch/x86/kvm/svm/svm.h",
"arch/x86/kvm/vmx/nested.c",
"arch/x86/kvm/x86.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.97",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Forcibly leave nested virt when SMM state is toggled\n\nForcibly leave nested virtualization operation if userspace toggles SMM\nstate via KVM_SET_VCPU_EVENTS or KVM_SYNC_X86_EVENTS. If userspace\nforces the vCPU out of SMM while it\u0027s post-VMXON and then injects an SMI,\nvmx_enter_smm() will overwrite vmx-\u003enested.smm.vmxon and end up with both\nvmxon=false and smm.vmxon=false, but all other nVMX state allocated.\n\nDon\u0027t attempt to gracefully handle the transition as (a) most transitions\nare nonsencial, e.g. forcing SMM while L2 is running, (b) there isn\u0027t\nsufficient information to handle all transitions, e.g. SVM wants access\nto the SMRAM save state, and (c) KVM_SET_VCPU_EVENTS must precede\nKVM_SET_NESTED_STATE during state restore as the latter disallows putting\nthe vCPU into L2 if SMM is active, and disallows tagging the vCPU as\nbeing post-VMXON in SMM if SMM is not active.\n\nAbuse of KVM_SET_VCPU_EVENTS manifests as a WARN and memory leak in nVMX\ndue to failure to free vmcs01\u0027s shadow VMCS, but the bug goes far beyond\njust a memory leak, e.g. toggling SMM on while L2 is active puts the vCPU\nin an architecturally impossible state.\n\n WARNING: CPU: 0 PID: 3606 at free_loaded_vmcs arch/x86/kvm/vmx/vmx.c:2665 [inline]\n WARNING: CPU: 0 PID: 3606 at free_loaded_vmcs+0x158/0x1a0 arch/x86/kvm/vmx/vmx.c:2656\n Modules linked in:\n CPU: 1 PID: 3606 Comm: syz-executor725 Not tainted 5.17.0-rc1-syzkaller #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\n RIP: 0010:free_loaded_vmcs arch/x86/kvm/vmx/vmx.c:2665 [inline]\n RIP: 0010:free_loaded_vmcs+0x158/0x1a0 arch/x86/kvm/vmx/vmx.c:2656\n Code: \u003c0f\u003e 0b eb b3 e8 8f 4d 9f 00 e9 f7 fe ff ff 48 89 df e8 92 4d 9f 00\n Call Trace:\n \u003cTASK\u003e\n kvm_arch_vcpu_destroy+0x72/0x2f0 arch/x86/kvm/x86.c:11123\n kvm_vcpu_destroy arch/x86/kvm/../../../virt/kvm/kvm_main.c:441 [inline]\n kvm_destroy_vcpus+0x11f/0x290 arch/x86/kvm/../../../virt/kvm/kvm_main.c:460\n kvm_free_vcpus arch/x86/kvm/x86.c:11564 [inline]\n kvm_arch_destroy_vm+0x2e8/0x470 arch/x86/kvm/x86.c:11676\n kvm_destroy_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:1217 [inline]\n kvm_put_kvm+0x4fa/0xb00 arch/x86/kvm/../../../virt/kvm/kvm_main.c:1250\n kvm_vm_release+0x3f/0x50 arch/x86/kvm/../../../virt/kvm/kvm_main.c:1273\n __fput+0x286/0x9f0 fs/file_table.c:311\n task_work_run+0xdd/0x1a0 kernel/task_work.c:164\n exit_task_work include/linux/task_work.h:32 [inline]\n do_exit+0xb29/0x2a30 kernel/exit.c:806\n do_group_exit+0xd2/0x2f0 kernel/exit.c:935\n get_signal+0x4b0/0x28c0 kernel/signal.c:2862\n arch_do_signal_or_restart+0x2a9/0x1c40 arch/x86/kernel/signal.c:868\n handle_signal_work kernel/entry/common.c:148 [inline]\n exit_to_user_mode_loop kernel/entry/common.c:172 [inline]\n exit_to_user_mode_prepare+0x17d/0x290 kernel/entry/common.c:207\n __syscall_exit_to_user_mode_work kernel/entry/common.c:289 [inline]\n syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:300\n do_syscall_64+0x42/0xb0 arch/x86/entry/common.c:86\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n \u003c/TASK\u003e"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:57.802Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/080dbe7e9b86a0392d8dffc00d9971792afc121f"
},
{
"url": "https://git.kernel.org/stable/c/e302786233e6bc512986d007c96458ccf5ca21c7"
},
{
"url": "https://git.kernel.org/stable/c/b4c0d89c92e957ecccce12e66b63875d0cc7af7e"
},
{
"url": "https://git.kernel.org/stable/c/f7e570780efc5cec9b2ed1e0472a7da14e864fdb"
}
],
"title": "KVM: x86: Forcibly leave nested virt when SMM state is toggled",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48763",
"datePublished": "2024-06-20T11:13:40.504Z",
"dateReserved": "2024-06-20T11:09:39.060Z",
"dateUpdated": "2024-08-03T15:25:01.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48751
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
net/smc: Transitional solution for clcsock race issue
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.333Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/38f0bdd548fd2ef5d481b88d8a2bfef968452e34"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4284225cd8001e134f5cf533a7cd244bbb654d0f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c0bf3d8a943b6f2e912b7c1de03e2ef28e76f760"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48751",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:28.867754Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:47.967Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/smc/af_smc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "38f0bdd548fd",
"status": "affected",
"version": "fd57770dd198",
"versionType": "git"
},
{
"lessThan": "4284225cd800",
"status": "affected",
"version": "fd57770dd198",
"versionType": "git"
},
{
"lessThan": "c0bf3d8a943b",
"status": "affected",
"version": "fd57770dd198",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/smc/af_smc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.1"
},
{
"lessThan": "5.1",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: Transitional solution for clcsock race issue\n\nWe encountered a crash in smc_setsockopt() and it is caused by\naccessing smc-\u003eclcsock after clcsock was released.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000020\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP PTI\n CPU: 1 PID: 50309 Comm: nginx Kdump: loaded Tainted: G E 5.16.0-rc4+ #53\n RIP: 0010:smc_setsockopt+0x59/0x280 [smc]\n Call Trace:\n \u003cTASK\u003e\n __sys_setsockopt+0xfc/0x190\n __x64_sys_setsockopt+0x20/0x30\n do_syscall_64+0x34/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7f16ba83918e\n \u003c/TASK\u003e\n\nThis patch tries to fix it by holding clcsock_release_lock and\nchecking whether clcsock has already been released before access.\n\nIn case that a crash of the same reason happens in smc_getsockopt()\nor smc_switch_to_fallback(), this patch also checkes smc-\u003eclcsock\nin them too. And the caller of smc_switch_to_fallback() will identify\nwhether fallback succeeds according to the return value."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:43.792Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/38f0bdd548fd2ef5d481b88d8a2bfef968452e34"
},
{
"url": "https://git.kernel.org/stable/c/4284225cd8001e134f5cf533a7cd244bbb654d0f"
},
{
"url": "https://git.kernel.org/stable/c/c0bf3d8a943b6f2e912b7c1de03e2ef28e76f760"
}
],
"title": "net/smc: Transitional solution for clcsock race issue",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48751",
"datePublished": "2024-06-20T11:13:32.575Z",
"dateReserved": "2024-06-20T11:09:39.057Z",
"dateUpdated": "2024-09-11T17:34:47.967Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38662
Vulnerability from cvelistv5
Published
2024-06-21 11:15
Modified
2024-08-02 04:12
Severity ?
EPSS score ?
Summary
bpf: Allow delete from sockmap/sockhash only if update is allowed
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38662",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T13:43:09.177225Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T13:43:19.909Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:26.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/29467edc23818dc5a33042ffb4920b49b090e63d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/11e8ecc5b86037fec43d07b1c162e233e131b1d9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6693b172f008846811f48a099f33effc26068e1e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/000a65bf1dc04fb2b65e2abf116f0bc0fc2ee7b1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b81e1c5a3c70398cf76631ede63a03616ed1ba3c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/98e948fb60d41447fd8d2d0c3b8637fc6b6dc26d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/bpf/verifier.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "29467edc2381",
"status": "affected",
"version": "dd54b48db0c8",
"versionType": "git"
},
{
"lessThan": "11e8ecc5b860",
"status": "affected",
"version": "d1e73fb19a4c",
"versionType": "git"
},
{
"lessThan": "6693b172f008",
"status": "affected",
"version": "a44770fed865",
"versionType": "git"
},
{
"lessThan": "000a65bf1dc0",
"status": "affected",
"version": "668b3074aa14",
"versionType": "git"
},
{
"lessThan": "b81e1c5a3c70",
"status": "affected",
"version": "ff9105993240",
"versionType": "git"
},
{
"lessThan": "98e948fb60d4",
"status": "affected",
"version": "ff9105993240",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/bpf/verifier.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.9"
},
{
"lessThan": "6.9",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Allow delete from sockmap/sockhash only if update is allowed\n\nWe have seen an influx of syzkaller reports where a BPF program attached to\na tracepoint triggers a locking rule violation by performing a map_delete\non a sockmap/sockhash.\n\nWe don\u0027t intend to support this artificial use scenario. Extend the\nexisting verifier allowed-program-type check for updating sockmap/sockhash\nto also cover deleting from a map.\n\nFrom now on only BPF programs which were previously allowed to update\nsockmap/sockhash can delete from these map types."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:37.334Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/29467edc23818dc5a33042ffb4920b49b090e63d"
},
{
"url": "https://git.kernel.org/stable/c/11e8ecc5b86037fec43d07b1c162e233e131b1d9"
},
{
"url": "https://git.kernel.org/stable/c/6693b172f008846811f48a099f33effc26068e1e"
},
{
"url": "https://git.kernel.org/stable/c/000a65bf1dc04fb2b65e2abf116f0bc0fc2ee7b1"
},
{
"url": "https://git.kernel.org/stable/c/b81e1c5a3c70398cf76631ede63a03616ed1ba3c"
},
{
"url": "https://git.kernel.org/stable/c/98e948fb60d41447fd8d2d0c3b8637fc6b6dc26d"
}
],
"title": "bpf: Allow delete from sockmap/sockhash only if update is allowed",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38662",
"datePublished": "2024-06-21T11:15:12.202Z",
"dateReserved": "2024-06-21T10:12:11.509Z",
"dateUpdated": "2024-08-02T04:12:26.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38623
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-08-02 04:12
Severity ?
EPSS score ?
Summary
fs/ntfs3: Use variable length array instead of fixed size
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "a2de301d90b7",
"status": "affected",
"version": "4534a70b7056",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "3839a9b19a4b",
"status": "affected",
"version": "4534a70b7056",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "1fe1c9dc21ee",
"status": "affected",
"version": "4534a70b7056",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "cceef44b3481",
"status": "affected",
"version": "4534a70b7056",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "1997cdc3e727",
"status": "affected",
"version": "4534a70b7056",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "5.15"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "5.15",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.16",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.2",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.7",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.10",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unaffected",
"version": "6.10-rc1"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-38623",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T14:54:31.559522Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-129",
"description": "CWE-129 Improper Validation of Array Index",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T15:08:32.014Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.994Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a2de301d90b782ac5d7a5fe32995caaee9ab3a0f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3839a9b19a4b70eff6b6ad70446f639f7fd5a3d7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1fe1c9dc21ee52920629d2d9b9bd84358931a8d1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cceef44b34819c24bb6ed70dce5b524bd3e368d1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1997cdc3e727526aa5d84b32f7cbb3f56459b7ef"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/ntfs3/ntfs.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a2de301d90b7",
"status": "affected",
"version": "4534a70b7056",
"versionType": "git"
},
{
"lessThan": "3839a9b19a4b",
"status": "affected",
"version": "4534a70b7056",
"versionType": "git"
},
{
"lessThan": "1fe1c9dc21ee",
"status": "affected",
"version": "4534a70b7056",
"versionType": "git"
},
{
"lessThan": "cceef44b3481",
"status": "affected",
"version": "4534a70b7056",
"versionType": "git"
},
{
"lessThan": "1997cdc3e727",
"status": "affected",
"version": "4534a70b7056",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/ntfs3/ntfs.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.15"
},
{
"lessThan": "5.15",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Use variable length array instead of fixed size\n\nShould fix smatch warning:\n\tntfs_set_label() error: __builtin_memcpy() \u0027uni-\u003ename\u0027 too small (20 vs 256)"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:17.077Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a2de301d90b782ac5d7a5fe32995caaee9ab3a0f"
},
{
"url": "https://git.kernel.org/stable/c/3839a9b19a4b70eff6b6ad70446f639f7fd5a3d7"
},
{
"url": "https://git.kernel.org/stable/c/1fe1c9dc21ee52920629d2d9b9bd84358931a8d1"
},
{
"url": "https://git.kernel.org/stable/c/cceef44b34819c24bb6ed70dce5b524bd3e368d1"
},
{
"url": "https://git.kernel.org/stable/c/1997cdc3e727526aa5d84b32f7cbb3f56459b7ef"
}
],
"title": "fs/ntfs3: Use variable length array instead of fixed size",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38623",
"datePublished": "2024-06-21T10:18:16.291Z",
"dateReserved": "2024-06-18T19:36:34.945Z",
"dateUpdated": "2024-08-02T04:12:25.994Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48738
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/40f598698129b5ceaf31012f9501b775c7b6e57d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/586ef863c94354a7e00e5ae5ef01443d1dc99bc7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/65a61b1f56f5386486757930069fbdce94af08bf"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/68fd718724284788fc5f379e0b7cac541429ece7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a9394f21fba027147bf275b083c77955864c366a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9e8895f1b3d4433f6d78aa6578e9db61ca6e6830"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bb72d2dda85564c66d909108ea6903937a41679d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/817f7c9335ec01e0f5e8caffc4f1dcd5e458a4c0"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48738",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:47.744105Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:48.650Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"sound/soc/soc-ops.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "40f598698129",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "586ef863c943",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "65a61b1f56f5",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "68fd71872428",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "a9394f21fba0",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "9e8895f1b3d4",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "bb72d2dda855",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "817f7c9335ec",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"sound/soc/soc-ops.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.300",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.265",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.178",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.99",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Reject out of bounds values in snd_soc_put_volsw()\n\nWe don\u0027t currently validate that the values being set are within the range\nwe advertised to userspace as being valid, do so and reject any values\nthat are out of range."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:28.818Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/40f598698129b5ceaf31012f9501b775c7b6e57d"
},
{
"url": "https://git.kernel.org/stable/c/586ef863c94354a7e00e5ae5ef01443d1dc99bc7"
},
{
"url": "https://git.kernel.org/stable/c/65a61b1f56f5386486757930069fbdce94af08bf"
},
{
"url": "https://git.kernel.org/stable/c/68fd718724284788fc5f379e0b7cac541429ece7"
},
{
"url": "https://git.kernel.org/stable/c/a9394f21fba027147bf275b083c77955864c366a"
},
{
"url": "https://git.kernel.org/stable/c/9e8895f1b3d4433f6d78aa6578e9db61ca6e6830"
},
{
"url": "https://git.kernel.org/stable/c/bb72d2dda85564c66d909108ea6903937a41679d"
},
{
"url": "https://git.kernel.org/stable/c/817f7c9335ec01e0f5e8caffc4f1dcd5e458a4c0"
}
],
"title": "ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48738",
"datePublished": "2024-06-20T11:13:24.032Z",
"dateReserved": "2024-06-20T11:09:39.054Z",
"dateUpdated": "2024-09-11T17:34:48.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48720
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:24
Severity ?
EPSS score ?
Summary
net: macsec: Fix offload support for NETDEV_UNREGISTER event
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48720",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:49:59.493508Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:50:07.599Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:24:59.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2e7f5b6ee1a7a2c628253a95b0a95b582901ef1b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e7a0b3a0806dae3cc81931f0e83055ca2ac6f455"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8299be160aad8548071d080518712dec0df92bd5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9cef24c8b76c1f6effe499d2f131807c90f7ce9a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/macsec.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "2e7f5b6ee1a7",
"status": "affected",
"version": "3cf3227a21d1",
"versionType": "git"
},
{
"lessThan": "e7a0b3a0806d",
"status": "affected",
"version": "3cf3227a21d1",
"versionType": "git"
},
{
"lessThan": "8299be160aad",
"status": "affected",
"version": "3cf3227a21d1",
"versionType": "git"
},
{
"lessThan": "9cef24c8b76c",
"status": "affected",
"version": "3cf3227a21d1",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/macsec.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.6"
},
{
"lessThan": "5.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.99",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: macsec: Fix offload support for NETDEV_UNREGISTER event\n\nCurrent macsec netdev notify handler handles NETDEV_UNREGISTER event by\nreleasing relevant SW resources only, this causes resources leak in case\nof macsec HW offload, as the underlay driver was not notified to clean\nit\u0027s macsec offload resources.\n\nFix by calling the underlay driver to clean it\u0027s relevant resources\nby moving offload handling from macsec_dellink() to macsec_common_dellink()\nwhen handling NETDEV_UNREGISTER event."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:02.788Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/2e7f5b6ee1a7a2c628253a95b0a95b582901ef1b"
},
{
"url": "https://git.kernel.org/stable/c/e7a0b3a0806dae3cc81931f0e83055ca2ac6f455"
},
{
"url": "https://git.kernel.org/stable/c/8299be160aad8548071d080518712dec0df92bd5"
},
{
"url": "https://git.kernel.org/stable/c/9cef24c8b76c1f6effe499d2f131807c90f7ce9a"
}
],
"title": "net: macsec: Fix offload support for NETDEV_UNREGISTER event",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48720",
"datePublished": "2024-06-20T11:13:12.025Z",
"dateReserved": "2024-06-20T11:09:39.051Z",
"dateUpdated": "2024-08-03T15:24:59.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48736
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2024-07-05T06:43:37.045Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"rejectedReasons": [
{
"lang": "en",
"value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48736",
"datePublished": "2024-06-20T11:13:22.729Z",
"dateRejected": "2024-07-05T06:43:37.045Z",
"dateReserved": "2024-06-20T11:09:39.053Z",
"dateUpdated": "2024-07-05T06:43:37.045Z",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48761
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
usb: xhci-plat: fix crash when suspend if remote wake enable
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48761",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:34:36.950098Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T13:34:48.820Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.055Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/20c51a4c52208f98e27308c456a1951778f41fa5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d5755832a1e47f5d8773f0776e211ecd4e02da72"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8b05ad29acb972850ad795fa850e814b2e758b83"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9df478463d9feb90dae24f183383961cf123a0ec"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/usb/host/xhci-plat.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "20c51a4c5220",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "d5755832a1e4",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "8b05ad29acb9",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "9df478463d9f",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/usb/host/xhci-plat.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci-plat: fix crash when suspend if remote wake enable\n\nCrashed at i.mx8qm platform when suspend if enable remote wakeup\n\nInternal error: synchronous external abort: 96000210 [#1] PREEMPT SMP\nModules linked in:\nCPU: 2 PID: 244 Comm: kworker/u12:6 Not tainted 5.15.5-dirty #12\nHardware name: Freescale i.MX8QM MEK (DT)\nWorkqueue: events_unbound async_run_entry_fn\npstate: 600000c5 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : xhci_disable_hub_port_wake.isra.62+0x60/0xf8\nlr : xhci_disable_hub_port_wake.isra.62+0x34/0xf8\nsp : ffff80001394bbf0\nx29: ffff80001394bbf0 x28: 0000000000000000 x27: ffff00081193b578\nx26: ffff00081193b570 x25: 0000000000000000 x24: 0000000000000000\nx23: ffff00081193a29c x22: 0000000000020001 x21: 0000000000000001\nx20: 0000000000000000 x19: ffff800014e90490 x18: 0000000000000000\nx17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\nx14: 0000000000000000 x13: 0000000000000002 x12: 0000000000000000\nx11: 0000000000000000 x10: 0000000000000960 x9 : ffff80001394baa0\nx8 : ffff0008145d1780 x7 : ffff0008f95b8e80 x6 : 000000001853b453\nx5 : 0000000000000496 x4 : 0000000000000000 x3 : ffff00081193a29c\nx2 : 0000000000000001 x1 : 0000000000000000 x0 : ffff000814591620\nCall trace:\n xhci_disable_hub_port_wake.isra.62+0x60/0xf8\n xhci_suspend+0x58/0x510\n xhci_plat_suspend+0x50/0x78\n platform_pm_suspend+0x2c/0x78\n dpm_run_callback.isra.25+0x50/0xe8\n __device_suspend+0x108/0x3c0\n\nThe basic flow:\n\t1. run time suspend call xhci_suspend, xhci parent devices gate the clock.\n 2. echo mem \u003e/sys/power/state, system _device_suspend call xhci_suspend\n 3. xhci_suspend call xhci_disable_hub_port_wake, which access register,\n\t but clock already gated by run time suspend.\n\nThis problem was hidden by power domain driver, which call run time resume before it.\n\nBut the below commit remove it and make this issue happen.\n\tcommit c1df456d0f06e (\"PM: domains: Don\u0027t runtime resume devices at genpd_prepare()\")\n\nThis patch call run time resume before suspend to make sure clock is on\nbefore access register.\n\nTesteb-by: Abel Vesa \u003cabel.vesa@nxp.com\u003e"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:55.523Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/20c51a4c52208f98e27308c456a1951778f41fa5"
},
{
"url": "https://git.kernel.org/stable/c/d5755832a1e47f5d8773f0776e211ecd4e02da72"
},
{
"url": "https://git.kernel.org/stable/c/8b05ad29acb972850ad795fa850e814b2e758b83"
},
{
"url": "https://git.kernel.org/stable/c/9df478463d9feb90dae24f183383961cf123a0ec"
}
],
"title": "usb: xhci-plat: fix crash when suspend if remote wake enable",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48761",
"datePublished": "2024-06-20T11:13:39.194Z",
"dateReserved": "2024-06-20T11:09:39.060Z",
"dateUpdated": "2024-08-03T15:25:01.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48728
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:24
Severity ?
EPSS score ?
Summary
IB/hfi1: Fix AIP early init panic
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48728",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:36:00.400967Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T13:36:10.891Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:24:59.985Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4a9bd1e6780fc59f81466ec3489d5ad535a37190"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a3dd4d2682f2a796121609e5f3bbeb1243198c53"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1899c3cad265c4583658aed5293d02e8af84276b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5f8f55b92edd621f056bdf09e572092849fabd83"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/hfi1/ipoib_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "4a9bd1e6780f",
"status": "affected",
"version": "d99dc602e2a5",
"versionType": "git"
},
{
"lessThan": "a3dd4d2682f2",
"status": "affected",
"version": "d99dc602e2a5",
"versionType": "git"
},
{
"lessThan": "1899c3cad265",
"status": "affected",
"version": "d99dc602e2a5",
"versionType": "git"
},
{
"lessThan": "5f8f55b92edd",
"status": "affected",
"version": "d99dc602e2a5",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/hfi1/ipoib_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.8"
},
{
"lessThan": "5.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.99",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix AIP early init panic\n\nAn early failure in hfi1_ipoib_setup_rn() can lead to the following panic:\n\n BUG: unable to handle kernel NULL pointer dereference at 00000000000001b0\n PGD 0 P4D 0\n Oops: 0002 [#1] SMP NOPTI\n Workqueue: events work_for_cpu_fn\n RIP: 0010:try_to_grab_pending+0x2b/0x140\n Code: 1f 44 00 00 41 55 41 54 55 48 89 d5 53 48 89 fb 9c 58 0f 1f 44 00 00 48 89 c2 fa 66 0f 1f 44 00 00 48 89 55 00 40 84 f6 75 77 \u003cf0\u003e 48 0f ba 2b 00 72 09 31 c0 5b 5d 41 5c 41 5d c3 48 89 df e8 6c\n RSP: 0018:ffffb6b3cf7cfa48 EFLAGS: 00010046\n RAX: 0000000000000246 RBX: 00000000000001b0 RCX: 0000000000000000\n RDX: 0000000000000246 RSI: 0000000000000000 RDI: 00000000000001b0\n RBP: ffffb6b3cf7cfa70 R08: 0000000000000f09 R09: 0000000000000001\n R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000\n R13: ffffb6b3cf7cfa90 R14: ffffffff9b2fbfc0 R15: ffff8a4fdf244690\n FS: 0000000000000000(0000) GS:ffff8a527f400000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00000000000001b0 CR3: 00000017e2410003 CR4: 00000000007706f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n __cancel_work_timer+0x42/0x190\n ? dev_printk_emit+0x4e/0x70\n iowait_cancel_work+0x15/0x30 [hfi1]\n hfi1_ipoib_txreq_deinit+0x5a/0x220 [hfi1]\n ? dev_err+0x6c/0x90\n hfi1_ipoib_netdev_dtor+0x15/0x30 [hfi1]\n hfi1_ipoib_setup_rn+0x10e/0x150 [hfi1]\n rdma_init_netdev+0x5a/0x80 [ib_core]\n ? hfi1_ipoib_free_rdma_netdev+0x20/0x20 [hfi1]\n ipoib_intf_init+0x6c/0x350 [ib_ipoib]\n ipoib_intf_alloc+0x5c/0xc0 [ib_ipoib]\n ipoib_add_one+0xbe/0x300 [ib_ipoib]\n add_client_context+0x12c/0x1a0 [ib_core]\n enable_device_and_get+0xdc/0x1d0 [ib_core]\n ib_register_device+0x572/0x6b0 [ib_core]\n rvt_register_device+0x11b/0x220 [rdmavt]\n hfi1_register_ib_device+0x6b4/0x770 [hfi1]\n do_init_one.isra.20+0x3e3/0x680 [hfi1]\n local_pci_probe+0x41/0x90\n work_for_cpu_fn+0x16/0x20\n process_one_work+0x1a7/0x360\n ? create_worker+0x1a0/0x1a0\n worker_thread+0x1cf/0x390\n ? create_worker+0x1a0/0x1a0\n kthread+0x116/0x130\n ? kthread_flush_work_fn+0x10/0x10\n ret_from_fork+0x1f/0x40\n\nThe panic happens in hfi1_ipoib_txreq_deinit() because there is a NULL\nderef when hfi1_ipoib_netdev_dtor() is called in this error case.\n\nhfi1_ipoib_txreq_init() and hfi1_ipoib_rxq_init() are self unwinding so\nfix by adjusting the error paths accordingly.\n\nOther changes:\n- hfi1_ipoib_free_rdma_netdev() is deleted including the free_netdev()\n since the netdev core code deletes calls free_netdev()\n- The switch to the accelerated entrances is moved to the success path."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:17.223Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/4a9bd1e6780fc59f81466ec3489d5ad535a37190"
},
{
"url": "https://git.kernel.org/stable/c/a3dd4d2682f2a796121609e5f3bbeb1243198c53"
},
{
"url": "https://git.kernel.org/stable/c/1899c3cad265c4583658aed5293d02e8af84276b"
},
{
"url": "https://git.kernel.org/stable/c/5f8f55b92edd621f056bdf09e572092849fabd83"
}
],
"title": "IB/hfi1: Fix AIP early init panic",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48728",
"datePublished": "2024-06-20T11:13:17.378Z",
"dateReserved": "2024-06-20T11:09:39.052Z",
"dateUpdated": "2024-08-03T15:24:59.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-36270
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
netfilter: tproxy: bail out if IP has been disabled on the device
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:04.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/10f0af5234dafd03d2b75233428ec3f11cf7e43d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/07eeedafc59c45fe5de43958128542be3784764c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6fe5af4ff06db3d4d80e07a19356640428159f03"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/caf3a8afb5ea00db6d5398adf148d5534615fd80"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/570b4c52096e62fda562448f5760fd0ff06110f0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/819bfeca16eb9ad647ddcae25e7e12c30612147c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/21a673bddc8fd4873c370caf9ae70ffc6d47e8d3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36270",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:09:41.037239Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:46.135Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/ipv4/netfilter/nf_tproxy_ipv4.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "10f0af5234da",
"status": "affected",
"version": "cc6eb4338569",
"versionType": "git"
},
{
"lessThan": "07eeedafc59c",
"status": "affected",
"version": "cc6eb4338569",
"versionType": "git"
},
{
"lessThan": "6fe5af4ff06d",
"status": "affected",
"version": "cc6eb4338569",
"versionType": "git"
},
{
"lessThan": "caf3a8afb5ea",
"status": "affected",
"version": "cc6eb4338569",
"versionType": "git"
},
{
"lessThan": "570b4c52096e",
"status": "affected",
"version": "cc6eb4338569",
"versionType": "git"
},
{
"lessThan": "819bfeca16eb",
"status": "affected",
"version": "cc6eb4338569",
"versionType": "git"
},
{
"lessThan": "21a673bddc8f",
"status": "affected",
"version": "cc6eb4338569",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/ipv4/netfilter/nf_tproxy_ipv4.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.37"
},
{
"lessThan": "2.6.37",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: tproxy: bail out if IP has been disabled on the device\n\nsyzbot reports:\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]\n[..]\nRIP: 0010:nf_tproxy_laddr4+0xb7/0x340 net/ipv4/netfilter/nf_tproxy_ipv4.c:62\nCall Trace:\n nft_tproxy_eval_v4 net/netfilter/nft_tproxy.c:56 [inline]\n nft_tproxy_eval+0xa9a/0x1a00 net/netfilter/nft_tproxy.c:168\n\n__in_dev_get_rcu() can return NULL, so check for this."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:46:56.628Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/10f0af5234dafd03d2b75233428ec3f11cf7e43d"
},
{
"url": "https://git.kernel.org/stable/c/07eeedafc59c45fe5de43958128542be3784764c"
},
{
"url": "https://git.kernel.org/stable/c/6fe5af4ff06db3d4d80e07a19356640428159f03"
},
{
"url": "https://git.kernel.org/stable/c/caf3a8afb5ea00db6d5398adf148d5534615fd80"
},
{
"url": "https://git.kernel.org/stable/c/570b4c52096e62fda562448f5760fd0ff06110f0"
},
{
"url": "https://git.kernel.org/stable/c/819bfeca16eb9ad647ddcae25e7e12c30612147c"
},
{
"url": "https://git.kernel.org/stable/c/21a673bddc8fd4873c370caf9ae70ffc6d47e8d3"
}
],
"title": "netfilter: tproxy: bail out if IP has been disabled on the device",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-36270",
"datePublished": "2024-06-21T10:18:07.026Z",
"dateReserved": "2024-06-21T10:13:16.302Z",
"dateUpdated": "2024-09-11T17:34:46.135Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48740
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
selinux: fix double free of cond_list on error paths
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48740",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T16:02:52.249178Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-27T18:17:10.641Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.573Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f446089a268c8fc6908488e991d28a9b936293db"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/70caa32e6d81f45f0702070c0e4dfe945e92fbd7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7ed9cbf7ac0d4ed86b356e1b944304ae9ee450d4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/186edf7e368c40d06cf727a1ad14698ea67b74ad"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"security/selinux/ss/conditional.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f446089a268c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "70caa32e6d81",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "7ed9cbf7ac0d",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "186edf7e368c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"security/selinux/ss/conditional.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.99",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: fix double free of cond_list on error paths\n\nOn error path from cond_read_list() and duplicate_policydb_cond_list()\nthe cond_list_destroy() gets called a second time in caller functions,\nresulting in NULL pointer deref. Fix this by resetting the\ncond_list_len to 0 in cond_list_destroy(), making subsequent calls a\nnoop.\n\nAlso consistently reset the cond_list pointer to NULL after freeing.\n\n[PM: fix line lengths in the description]"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:31.085Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/f446089a268c8fc6908488e991d28a9b936293db"
},
{
"url": "https://git.kernel.org/stable/c/70caa32e6d81f45f0702070c0e4dfe945e92fbd7"
},
{
"url": "https://git.kernel.org/stable/c/7ed9cbf7ac0d4ed86b356e1b944304ae9ee450d4"
},
{
"url": "https://git.kernel.org/stable/c/186edf7e368c40d06cf727a1ad14698ea67b74ad"
}
],
"title": "selinux: fix double free of cond_list on error paths",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48740",
"datePublished": "2024-06-20T11:13:25.346Z",
"dateReserved": "2024-06-20T11:09:39.054Z",
"dateUpdated": "2024-08-03T15:25:01.573Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48713
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:17
Severity ?
EPSS score ?
Summary
perf/x86/intel/pt: Fix crash with stop filters in single-range mode
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48713",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:57:49.148833Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:58:11.307Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:17:55.875Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/456f041e035913fcedb275aff6f8a71dfebcd394"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e83d941fd3445f660d2f43647c580a320cc384f6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/feffb6ae2c80b9a8206450cdef90f5943baced99"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1d9093457b243061a9bba23543c38726e864a643"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/x86/events/intel/pt.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "456f041e0359",
"status": "affected",
"version": "670638477aed",
"versionType": "git"
},
{
"lessThan": "e83d941fd344",
"status": "affected",
"version": "670638477aed",
"versionType": "git"
},
{
"lessThan": "feffb6ae2c80",
"status": "affected",
"version": "670638477aed",
"versionType": "git"
},
{
"lessThan": "1d9093457b24",
"status": "affected",
"version": "670638477aed",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/x86/events/intel/pt.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.5"
},
{
"lessThan": "5.5",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.99",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel/pt: Fix crash with stop filters in single-range mode\n\nAdd a check for !buf-\u003esingle before calling pt_buffer_region_size in a\nplace where a missing check can cause a kernel crash.\n\nFixes a bug introduced by commit 670638477aed (\"perf/x86/intel/pt:\nOpportunistically use single range output mode\"), which added a\nsupport for PT single-range output mode. Since that commit if a PT\nstop filter range is hit while tracing, the kernel will crash because\nof a null pointer dereference in pt_handle_status due to calling\npt_buffer_region_size without a ToPA configured.\n\nThe commit which introduced single-range mode guarded almost all uses of\nthe ToPA buffer variables with checks of the buf-\u003esingle variable, but\nmissed the case where tracing was stopped by the PT hardware, which\nhappens when execution hits a configured stop filter.\n\nTested that hitting a stop filter while PT recording successfully\nrecords a trace with this patch but crashes without this patch."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:13:54.687Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/456f041e035913fcedb275aff6f8a71dfebcd394"
},
{
"url": "https://git.kernel.org/stable/c/e83d941fd3445f660d2f43647c580a320cc384f6"
},
{
"url": "https://git.kernel.org/stable/c/feffb6ae2c80b9a8206450cdef90f5943baced99"
},
{
"url": "https://git.kernel.org/stable/c/1d9093457b243061a9bba23543c38726e864a643"
}
],
"title": "perf/x86/intel/pt: Fix crash with stop filters in single-range mode",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48713",
"datePublished": "2024-06-20T11:13:07.350Z",
"dateReserved": "2024-06-20T11:09:39.050Z",
"dateUpdated": "2024-08-03T15:17:55.875Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48719
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
net, neigh: Do not trigger immediate probes on NUD_FAILED from neigh_managed_work
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:24:59.987Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/203a35ebb49cdce377416b0690215d3ce090d364"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4a81f6da9cb2d1ef911131a6fd8bd15cb61fc772"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48719",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:11:19.414078Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:49.740Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"include/net/neighbour.h",
"net/core/neighbour.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "203a35ebb49c",
"status": "affected",
"version": "7482e3841d52",
"versionType": "git"
},
{
"lessThan": "4a81f6da9cb2",
"status": "affected",
"version": "7482e3841d52",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"include/net/neighbour.h",
"net/core/neighbour.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.16"
},
{
"lessThan": "5.16",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet, neigh: Do not trigger immediate probes on NUD_FAILED from neigh_managed_work\n\nsyzkaller was able to trigger a deadlock for NTF_MANAGED entries [0]:\n\n kworker/0:16/14617 is trying to acquire lock:\n ffffffff8d4dd370 (\u0026tbl-\u003elock){++-.}-{2:2}, at: ___neigh_create+0x9e1/0x2990 net/core/neighbour.c:652\n [...]\n but task is already holding lock:\n ffffffff8d4dd370 (\u0026tbl-\u003elock){++-.}-{2:2}, at: neigh_managed_work+0x35/0x250 net/core/neighbour.c:1572\n\nThe neighbor entry turned to NUD_FAILED state, where __neigh_event_send()\ntriggered an immediate probe as per commit cd28ca0a3dd1 (\"neigh: reduce\narp latency\") via neigh_probe() given table lock was held.\n\nOne option to fix this situation is to defer the neigh_probe() back to\nthe neigh_timer_handler() similarly as pre cd28ca0a3dd1. For the case\nof NTF_MANAGED, this deferral is acceptable given this only happens on\nactual failure state and regular / expected state is NUD_VALID with the\nentry already present.\n\nThe fix adds a parameter to __neigh_event_send() in order to communicate\nwhether immediate probe is allowed or disallowed. Existing call-sites\nof neigh_event_send() default as-is to immediate probe. However, the\nneigh_managed_work() disables it via use of neigh_event_send_probe().\n\n[0] \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_deadlock_bug kernel/locking/lockdep.c:2956 [inline]\n check_deadlock kernel/locking/lockdep.c:2999 [inline]\n validate_chain kernel/locking/lockdep.c:3788 [inline]\n __lock_acquire.cold+0x149/0x3ab kernel/locking/lockdep.c:5027\n lock_acquire kernel/locking/lockdep.c:5639 [inline]\n lock_acquire+0x1ab/0x510 kernel/locking/lockdep.c:5604\n __raw_write_lock_bh include/linux/rwlock_api_smp.h:202 [inline]\n _raw_write_lock_bh+0x2f/0x40 kernel/locking/spinlock.c:334\n ___neigh_create+0x9e1/0x2990 net/core/neighbour.c:652\n ip6_finish_output2+0x1070/0x14f0 net/ipv6/ip6_output.c:123\n __ip6_finish_output net/ipv6/ip6_output.c:191 [inline]\n __ip6_finish_output+0x61e/0xe90 net/ipv6/ip6_output.c:170\n ip6_finish_output+0x32/0x200 net/ipv6/ip6_output.c:201\n NF_HOOK_COND include/linux/netfilter.h:296 [inline]\n ip6_output+0x1e4/0x530 net/ipv6/ip6_output.c:224\n dst_output include/net/dst.h:451 [inline]\n NF_HOOK include/linux/netfilter.h:307 [inline]\n ndisc_send_skb+0xa99/0x17f0 net/ipv6/ndisc.c:508\n ndisc_send_ns+0x3a9/0x840 net/ipv6/ndisc.c:650\n ndisc_solicit+0x2cd/0x4f0 net/ipv6/ndisc.c:742\n neigh_probe+0xc2/0x110 net/core/neighbour.c:1040\n __neigh_event_send+0x37d/0x1570 net/core/neighbour.c:1201\n neigh_event_send include/net/neighbour.h:470 [inline]\n neigh_managed_work+0x162/0x250 net/core/neighbour.c:1574\n process_one_work+0x9ac/0x1650 kernel/workqueue.c:2307\n worker_thread+0x657/0x1110 kernel/workqueue.c:2454\n kthread+0x2e9/0x3a0 kernel/kthread.c:377\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n \u003c/TASK\u003e"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:01.652Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/203a35ebb49cdce377416b0690215d3ce090d364"
},
{
"url": "https://git.kernel.org/stable/c/4a81f6da9cb2d1ef911131a6fd8bd15cb61fc772"
}
],
"title": "net, neigh: Do not trigger immediate probes on NUD_FAILED from neigh_managed_work",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48719",
"datePublished": "2024-06-20T11:13:11.362Z",
"dateReserved": "2024-06-20T11:09:39.051Z",
"dateUpdated": "2024-09-11T17:34:49.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52883
Vulnerability from cvelistv5
Published
2024-06-20 11:54
Modified
2024-08-02 23:18
Severity ?
EPSS score ?
Summary
drm/amdgpu: Fix possible null pointer dereference
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "fefac8c4686f",
"status": "affected",
"version": "180253782038",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "51b79f338175",
"status": "affected",
"version": "180253782038",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "6.4"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "6.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "6.6",
"status": "unaffected",
"version": "6.5.9",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unaffected",
"version": "6.6"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52883",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T18:49:26.969492Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T18:57:34.790Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:41.353Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fefac8c4686fd81fde6830c6dae32f9001d2ac28"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/51b79f33817544e3b4df838d86e8e8e4388ff684"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "fefac8c4686f",
"status": "affected",
"version": "180253782038",
"versionType": "git"
},
{
"lessThan": "51b79f338175",
"status": "affected",
"version": "180253782038",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"lessThan": "6.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.5.*",
"status": "unaffected",
"version": "6.5.9",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.6",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix possible null pointer dereference\n\nabo-\u003etbo.resource may be NULL in amdgpu_vm_bo_update."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:54:26.424Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/fefac8c4686fd81fde6830c6dae32f9001d2ac28"
},
{
"url": "https://git.kernel.org/stable/c/51b79f33817544e3b4df838d86e8e8e4388ff684"
}
],
"title": "drm/amdgpu: Fix possible null pointer dereference",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-52883",
"datePublished": "2024-06-20T11:54:26.424Z",
"dateReserved": "2024-05-21T15:35:00.782Z",
"dateUpdated": "2024-08-02T23:18:41.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48711
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:17
Severity ?
EPSS score ?
Summary
tipc: improve size validations for received domain records
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48711",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:31:43.909633Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T13:31:53.524Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:17:55.714Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/175db196e45d6f0e6047eccd09c8ba55465eb131"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fde4ddeadd099bf9fbb9ccbee8e1b5c20d530a2d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f1af11edd08dd8376f7a84487cbb0ea8203e3a1d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d692e3406e052dbf9f6d9da0cba36cb763272529"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3c7e5943553594f68bbc070683db6bb6f6e9e78e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1f1788616157b0222b0c2153828b475d95e374a7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/59ff7514f8c56f166aadca49bcecfa028e0ad50f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9aa422ad326634b76309e8ff342c246800621216"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/tipc/link.c",
"net/tipc/monitor.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "175db196e45d",
"status": "affected",
"version": "35c55c9877f8",
"versionType": "git"
},
{
"lessThan": "fde4ddeadd09",
"status": "affected",
"version": "35c55c9877f8",
"versionType": "git"
},
{
"lessThan": "f1af11edd08d",
"status": "affected",
"version": "35c55c9877f8",
"versionType": "git"
},
{
"lessThan": "d692e3406e05",
"status": "affected",
"version": "35c55c9877f8",
"versionType": "git"
},
{
"lessThan": "3c7e59435535",
"status": "affected",
"version": "35c55c9877f8",
"versionType": "git"
},
{
"lessThan": "1f1788616157",
"status": "affected",
"version": "35c55c9877f8",
"versionType": "git"
},
{
"lessThan": "59ff7514f8c5",
"status": "affected",
"version": "35c55c9877f8",
"versionType": "git"
},
{
"lessThan": "9aa422ad3266",
"status": "affected",
"version": "35c55c9877f8",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/tipc/link.c",
"net/tipc/monitor.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.8"
},
{
"lessThan": "4.8",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.301",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.266",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.229",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.179",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.100",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.9",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: improve size validations for received domain records\n\nThe function tipc_mon_rcv() allows a node to receive and process\ndomain_record structs from peer nodes to track their views of the\nnetwork topology.\n\nThis patch verifies that the number of members in a received domain\nrecord does not exceed the limit defined by MAX_MON_DOMAIN, something\nthat may otherwise lead to a stack overflow.\n\ntipc_mon_rcv() is called from the function tipc_link_proto_rcv(), where\nwe are reading a 32 bit message data length field into a uint16. To\navert any risk of bit overflow, we add an extra sanity check for this in\nthat function. We cannot see that happen with the current code, but\nfuture designers being unaware of this risk, may introduce it by\nallowing delivery of very large (\u003e 64k) sk buffers from the bearer\nlayer. This potential problem was identified by Eric Dumazet.\n\nThis fixes CVE-2022-0435"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:13:52.250Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/175db196e45d6f0e6047eccd09c8ba55465eb131"
},
{
"url": "https://git.kernel.org/stable/c/fde4ddeadd099bf9fbb9ccbee8e1b5c20d530a2d"
},
{
"url": "https://git.kernel.org/stable/c/f1af11edd08dd8376f7a84487cbb0ea8203e3a1d"
},
{
"url": "https://git.kernel.org/stable/c/d692e3406e052dbf9f6d9da0cba36cb763272529"
},
{
"url": "https://git.kernel.org/stable/c/3c7e5943553594f68bbc070683db6bb6f6e9e78e"
},
{
"url": "https://git.kernel.org/stable/c/1f1788616157b0222b0c2153828b475d95e374a7"
},
{
"url": "https://git.kernel.org/stable/c/59ff7514f8c56f166aadca49bcecfa028e0ad50f"
},
{
"url": "https://git.kernel.org/stable/c/9aa422ad326634b76309e8ff342c246800621216"
}
],
"title": "tipc: improve size validations for received domain records",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48711",
"datePublished": "2024-06-20T11:13:06.050Z",
"dateReserved": "2024-06-20T11:09:39.049Z",
"dateUpdated": "2024-08-03T15:17:55.714Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48725
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
RDMA/siw: Fix refcounting leak in siw_create_qp()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2989ba9532babac66e79997ccff73c015b69700c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fa3b844a50845c817660146c27c0fc29b08d3116"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a75badebfdc0b3823054bedf112edb54d6357c75"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48725",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:11:06.784601Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:49.302Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/sw/siw/siw_verbs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "2989ba9532ba",
"status": "affected",
"version": "514aee660df4",
"versionType": "git"
},
{
"lessThan": "fa3b844a5084",
"status": "affected",
"version": "514aee660df4",
"versionType": "git"
},
{
"lessThan": "a75badebfdc0",
"status": "affected",
"version": "514aee660df4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/sw/siw/siw_verbs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.15"
},
{
"lessThan": "5.15",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/siw: Fix refcounting leak in siw_create_qp()\n\nThe atomic_inc() needs to be paired with an atomic_dec() on the error\npath."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:13.687Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/2989ba9532babac66e79997ccff73c015b69700c"
},
{
"url": "https://git.kernel.org/stable/c/fa3b844a50845c817660146c27c0fc29b08d3116"
},
{
"url": "https://git.kernel.org/stable/c/a75badebfdc0b3823054bedf112edb54d6357c75"
}
],
"title": "RDMA/siw: Fix refcounting leak in siw_create_qp()",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48725",
"datePublished": "2024-06-20T11:13:15.295Z",
"dateReserved": "2024-06-20T11:09:39.051Z",
"dateUpdated": "2024-09-11T17:34:49.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48721
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
net/smc: Forward wakeup to smc socket waitqueue after fallback
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0ef6049f664941bc0f75828b3a61877635048b27"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/504078fbe9dd570d685361b57784a6050bc40aaa"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/341adeec9adad0874f29a0a1af35638207352a39"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48721",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:11:16.258278Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:49.624Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/smc/af_smc.c",
"net/smc/smc.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0ef6049f6649",
"status": "affected",
"version": "fb92e025baa7",
"versionType": "git"
},
{
"lessThan": "504078fbe9dd",
"status": "affected",
"version": "2153bd1e3d3d",
"versionType": "git"
},
{
"lessThan": "341adeec9ada",
"status": "affected",
"version": "2153bd1e3d3d",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/smc/af_smc.c",
"net/smc/smc.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.16"
},
{
"lessThan": "5.16",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: Forward wakeup to smc socket waitqueue after fallback\n\nWhen we replace TCP with SMC and a fallback occurs, there may be\nsome socket waitqueue entries remaining in smc socket-\u003ewq, such\nas eppoll_entries inserted by userspace applications.\n\nAfter the fallback, data flows over TCP/IP and only clcsocket-\u003ewq\nwill be woken up. Applications can\u0027t be notified by the entries\nwhich were inserted in smc socket-\u003ewq before fallback. So we need\na mechanism to wake up smc socket-\u003ewq at the same time if some\nentries remaining in it.\n\nThe current workaround is to transfer the entries from smc socket-\u003ewq\nto clcsock-\u003ewq during the fallback. But this may cause a crash\nlike this:\n\n general protection fault, probably for non-canonical address 0xdead000000000100: 0000 [#1] PREEMPT SMP PTI\n CPU: 3 PID: 0 Comm: swapper/3 Kdump: loaded Tainted: G E 5.16.0+ #107\n RIP: 0010:__wake_up_common+0x65/0x170\n Call Trace:\n \u003cIRQ\u003e\n __wake_up_common_lock+0x7a/0xc0\n sock_def_readable+0x3c/0x70\n tcp_data_queue+0x4a7/0xc40\n tcp_rcv_established+0x32f/0x660\n ? sk_filter_trim_cap+0xcb/0x2e0\n tcp_v4_do_rcv+0x10b/0x260\n tcp_v4_rcv+0xd2a/0xde0\n ip_protocol_deliver_rcu+0x3b/0x1d0\n ip_local_deliver_finish+0x54/0x60\n ip_local_deliver+0x6a/0x110\n ? tcp_v4_early_demux+0xa2/0x140\n ? tcp_v4_early_demux+0x10d/0x140\n ip_sublist_rcv_finish+0x49/0x60\n ip_sublist_rcv+0x19d/0x230\n ip_list_rcv+0x13e/0x170\n __netif_receive_skb_list_core+0x1c2/0x240\n netif_receive_skb_list_internal+0x1e6/0x320\n napi_complete_done+0x11d/0x190\n mlx5e_napi_poll+0x163/0x6b0 [mlx5_core]\n __napi_poll+0x3c/0x1b0\n net_rx_action+0x27c/0x300\n __do_softirq+0x114/0x2d2\n irq_exit_rcu+0xb4/0xe0\n common_interrupt+0xba/0xe0\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n\nThe crash is caused by privately transferring waitqueue entries from\nsmc socket-\u003ewq to clcsock-\u003ewq. The owners of these entries, such as\nepoll, have no idea that the entries have been transferred to a\ndifferent socket wait queue and still use original waitqueue spinlock\n(smc socket-\u003ewq.wait.lock) to make the entries operation exclusive,\nbut it doesn\u0027t work. The operations to the entries, such as removing\nfrom the waitqueue (now is clcsock-\u003ewq after fallback), may cause a\ncrash when clcsock waitqueue is being iterated over at the moment.\n\nThis patch tries to fix this by no longer transferring wait queue\nentries privately, but introducing own implementations of clcsock\u0027s\ncallback functions in fallback situation. The callback functions will\nforward the wakeup to smc socket-\u003ewq if clcsock-\u003ewq is actually woken\nup and smc socket-\u003ewq has remaining entries."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:14:09.064Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0ef6049f664941bc0f75828b3a61877635048b27"
},
{
"url": "https://git.kernel.org/stable/c/504078fbe9dd570d685361b57784a6050bc40aaa"
},
{
"url": "https://git.kernel.org/stable/c/341adeec9adad0874f29a0a1af35638207352a39"
}
],
"title": "net/smc: Forward wakeup to smc socket waitqueue after fallback",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48721",
"datePublished": "2024-06-20T11:13:12.668Z",
"dateReserved": "2024-06-20T11:09:39.051Z",
"dateUpdated": "2024-09-11T17:34:49.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48767
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
ceph: properly put ceph_string reference after async create attempt
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48767",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:26:12.676837Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T13:26:34.353Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e7be12ca7d3947765b0d7c1c7e0537e748da993a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/36d433ae3242aa714176378850e6d1a5a3e78f18"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a0c22e970cd78b81c94691e6cb09713e8074d580"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/932a9b5870d38b87ba0a9923c804b1af7d3605b9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/ceph/file.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e7be12ca7d39",
"status": "affected",
"version": "9a8d03ca2e2c",
"versionType": "git"
},
{
"lessThan": "36d433ae3242",
"status": "affected",
"version": "9a8d03ca2e2c",
"versionType": "git"
},
{
"lessThan": "a0c22e970cd7",
"status": "affected",
"version": "9a8d03ca2e2c",
"versionType": "git"
},
{
"lessThan": "932a9b5870d3",
"status": "affected",
"version": "9a8d03ca2e2c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/ceph/file.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.7"
},
{
"lessThan": "5.7",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: properly put ceph_string reference after async create attempt\n\nThe reference acquired by try_prep_async_create is currently leaked.\nEnsure we put it."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:15:02.723Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e7be12ca7d3947765b0d7c1c7e0537e748da993a"
},
{
"url": "https://git.kernel.org/stable/c/36d433ae3242aa714176378850e6d1a5a3e78f18"
},
{
"url": "https://git.kernel.org/stable/c/a0c22e970cd78b81c94691e6cb09713e8074d580"
},
{
"url": "https://git.kernel.org/stable/c/932a9b5870d38b87ba0a9923c804b1af7d3605b9"
}
],
"title": "ceph: properly put ceph_string reference after async create attempt",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48767",
"datePublished": "2024-06-20T11:13:43.152Z",
"dateReserved": "2024-06-20T11:09:39.060Z",
"dateUpdated": "2024-08-03T15:25:01.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48712
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
ext4: fix error handling in ext4_fc_record_modified_inode()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:17:55.868Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/62e46e0ffc02daa8fcfc02f7a932cc8a19601b19"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1b6762ecdf3cf12113772427c904aa3c420a1802"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/14aa3f49c7fc6424763f4323bfbc3a807b0727dc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cdce59a1549190b66f8e3fe465c2b2f714b98a94"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48712",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:11:32.374612Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:50.211Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/ext4/fast_commit.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "62e46e0ffc02",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "1b6762ecdf3c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "14aa3f49c7fc",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "cdce59a15491",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/ext4/fast_commit.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.99",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix error handling in ext4_fc_record_modified_inode()\n\nCurrent code does not fully takes care of krealloc() error case, which\ncould lead to silent memory corruption or a kernel bug. This patch\nfixes that.\n\nAlso it cleans up some duplicated error handling logic from various\nfunctions in fast_commit.c file."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:13:53.539Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/62e46e0ffc02daa8fcfc02f7a932cc8a19601b19"
},
{
"url": "https://git.kernel.org/stable/c/1b6762ecdf3cf12113772427c904aa3c420a1802"
},
{
"url": "https://git.kernel.org/stable/c/14aa3f49c7fc6424763f4323bfbc3a807b0727dc"
},
{
"url": "https://git.kernel.org/stable/c/cdce59a1549190b66f8e3fe465c2b2f714b98a94"
}
],
"title": "ext4: fix error handling in ext4_fc_record_modified_inode()",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48712",
"datePublished": "2024-06-20T11:13:06.701Z",
"dateReserved": "2024-06-20T11:09:39.050Z",
"dateUpdated": "2024-09-11T17:34:50.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38629
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-08-02 04:12
Severity ?
EPSS score ?
Summary
dmaengine: idxd: Avoid unnecessary destruction of file_ida
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38629",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T13:46:11.658594Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T13:46:25.705Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9eb15f24a0b9b017b39cde8b8c07243676b63687"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/15edb906211bf53e7b5574f7326ab734d6bff4f9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/76e43fa6a456787bad31b8d0daeabda27351a480"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/dma/idxd/cdev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "9eb15f24a0b9",
"status": "affected",
"version": "e6fd6d7e5f0f",
"versionType": "git"
},
{
"lessThan": "15edb906211b",
"status": "affected",
"version": "e6fd6d7e5f0f",
"versionType": "git"
},
{
"lessThan": "76e43fa6a456",
"status": "affected",
"version": "e6fd6d7e5f0f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/dma/idxd/cdev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"lessThan": "6.4",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Avoid unnecessary destruction of file_ida\n\nfile_ida is allocated during cdev open and is freed accordingly\nduring cdev release. This sequence is guaranteed by driver file\noperations. Therefore, there is no need to destroy an already empty\nfile_ida when the WQ cdev is removed.\n\nWorse, ida_free() in cdev release may happen after destruction of\nfile_ida per WQ cdev. This can lead to accessing an id in file_ida\nafter it has been destroyed, resulting in a kernel panic.\n\nRemove ida_destroy(\u0026file_ida) to address these issues."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:24.013Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/9eb15f24a0b9b017b39cde8b8c07243676b63687"
},
{
"url": "https://git.kernel.org/stable/c/15edb906211bf53e7b5574f7326ab734d6bff4f9"
},
{
"url": "https://git.kernel.org/stable/c/76e43fa6a456787bad31b8d0daeabda27351a480"
}
],
"title": "dmaengine: idxd: Avoid unnecessary destruction of file_ida",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38629",
"datePublished": "2024-06-21T10:18:20.239Z",
"dateReserved": "2024-06-18T19:36:34.946Z",
"dateUpdated": "2024-08-02T04:12:25.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-36481
Vulnerability from cvelistv5
Published
2024-06-21 11:18
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
tracing/probes: fix error check in parse_btf_field()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:05.177Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ad4b202da2c498fefb69e5d87f67b946e7fe1e6a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4ed468edfeb54c7202e559eba74c25fac6a0dad0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e569eb34970281438e2b48a3ef11c87459fcfbcb"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36481",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:08:49.767308Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:44.007Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/trace/trace_probe.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ad4b202da2c4",
"status": "affected",
"version": "c440adfbe302",
"versionType": "git"
},
{
"lessThan": "4ed468edfeb5",
"status": "affected",
"version": "c440adfbe302",
"versionType": "git"
},
{
"lessThan": "e569eb349702",
"status": "affected",
"version": "c440adfbe302",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/trace/trace_probe.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.6"
},
{
"lessThan": "6.6",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/probes: fix error check in parse_btf_field()\n\nbtf_find_struct_member() might return NULL or an error via the\nERR_PTR() macro. However, its caller in parse_btf_field() only checks\nfor the NULL condition. Fix this by using IS_ERR() and returning the\nerror up the stack."
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:47:05.009Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ad4b202da2c498fefb69e5d87f67b946e7fe1e6a"
},
{
"url": "https://git.kernel.org/stable/c/4ed468edfeb54c7202e559eba74c25fac6a0dad0"
},
{
"url": "https://git.kernel.org/stable/c/e569eb34970281438e2b48a3ef11c87459fcfbcb"
}
],
"title": "tracing/probes: fix error check in parse_btf_field()",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-36481",
"datePublished": "2024-06-21T11:18:47.482Z",
"dateReserved": "2024-06-21T11:16:40.616Z",
"dateUpdated": "2024-09-11T17:34:44.007Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38636
Vulnerability from cvelistv5
Published
2024-06-21 10:18
Modified
2024-08-02 04:12
Severity ?
EPSS score ?
Summary
f2fs: multidev: fix to recognize valid zero block address
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38636",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T13:27:13.428552Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T13:27:24.159Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1a9225fdd0ec95fcf32936bcea9ceef0cf1512dc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2b2611a42462c6c685d40b5f3aedcd8d21c27065"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e8b485e39b4d17afa9a2821fc778d5a67abfc03a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/33e62cd7b4c281cd737c62e5d8c4f0e602a8c5c5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/f2fs/data.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "1a9225fdd0ec",
"status": "affected",
"version": "1517c1a7a445",
"versionType": "git"
},
{
"lessThan": "2b2611a42462",
"status": "affected",
"version": "1517c1a7a445",
"versionType": "git"
},
{
"lessThan": "e8b485e39b4d",
"status": "affected",
"version": "1517c1a7a445",
"versionType": "git"
},
{
"lessThan": "33e62cd7b4c2",
"status": "affected",
"version": "1517c1a7a445",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/f2fs/data.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.17"
},
{
"lessThan": "5.17",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: multidev: fix to recognize valid zero block address\n\nAs reported by Yi Zhang in mailing list [1], kernel warning was catched\nduring zbd/010 test as below:\n\n./check zbd/010\nzbd/010 (test gap zone support with F2FS) [failed]\n runtime ... 3.752s\n something found in dmesg:\n [ 4378.146781] run blktests zbd/010 at 2024-02-18 11:31:13\n [ 4378.192349] null_blk: module loaded\n [ 4378.209860] null_blk: disk nullb0 created\n [ 4378.413285] scsi_debug:sdebug_driver_probe: scsi_debug: trim\npoll_queues to 0. poll_q/nr_hw = (0/1)\n [ 4378.422334] scsi host15: scsi_debug: version 0191 [20210520]\n dev_size_mb=1024, opts=0x0, submit_queues=1, statistics=0\n [ 4378.434922] scsi 15:0:0:0: Direct-Access-ZBC Linux\nscsi_debug 0191 PQ: 0 ANSI: 7\n [ 4378.443343] scsi 15:0:0:0: Power-on or device reset occurred\n [ 4378.449371] sd 15:0:0:0: Attached scsi generic sg5 type 20\n [ 4378.449418] sd 15:0:0:0: [sdf] Host-managed zoned block device\n ...\n (See \u0027/mnt/tests/gitlab.com/api/v4/projects/19168116/repository/archive.zip/storage/blktests/blk/blktests/results/nodev/zbd/010.dmesg\u0027\n\nWARNING: CPU: 22 PID: 44011 at fs/iomap/iter.c:51\nCPU: 22 PID: 44011 Comm: fio Not tainted 6.8.0-rc3+ #1\nRIP: 0010:iomap_iter+0x32b/0x350\nCall Trace:\n \u003cTASK\u003e\n __iomap_dio_rw+0x1df/0x830\n f2fs_file_read_iter+0x156/0x3d0 [f2fs]\n aio_read+0x138/0x210\n io_submit_one+0x188/0x8c0\n __x64_sys_io_submit+0x8c/0x1a0\n do_syscall_64+0x86/0x170\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nShinichiro Kawasaki helps to analyse this issue and proposes a potential\nfixing patch in [2].\n\nQuoted from reply of Shinichiro Kawasaki:\n\n\"I confirmed that the trigger commit is dbf8e63f48af as Yi reported. I took a\nlook in the commit, but it looks fine to me. So I thought the cause is not\nin the commit diff.\n\nI found the WARN is printed when the f2fs is set up with multiple devices,\nand read requests are mapped to the very first block of the second device in the\ndirect read path. In this case, f2fs_map_blocks() and f2fs_map_blocks_cached()\nmodify map-\u003em_pblk as the physical block address from each block device. It\nbecomes zero when it is mapped to the first block of the device. However,\nf2fs_iomap_begin() assumes that map-\u003em_pblk is the physical block address of the\nwhole f2fs, across the all block devices. It compares map-\u003em_pblk against\nNULL_ADDR == 0, then go into the unexpected branch and sets the invalid\niomap-\u003elength. The WARN catches the invalid iomap-\u003elength.\n\nThis WARN is printed even for non-zoned block devices, by following steps.\n\n - Create two (non-zoned) null_blk devices memory backed with 128MB size each:\n nullb0 and nullb1.\n # mkfs.f2fs /dev/nullb0 -c /dev/nullb1\n # mount -t f2fs /dev/nullb0 \"${mount_dir}\"\n # dd if=/dev/zero of=\"${mount_dir}/test.dat\" bs=1M count=192\n # dd if=\"${mount_dir}/test.dat\" of=/dev/null bs=1M count=192 iflag=direct\n\n...\"\n\nSo, the root cause of this issue is: when multi-devices feature is on,\nf2fs_map_blocks() may return zero blkaddr in non-primary device, which is\na verified valid block address, however, f2fs_iomap_begin() treats it as\nan invalid block address, and then it triggers the warning in iomap\nframework code.\n\nFinally, as discussed, we decide to use a more simple and direct way that\nchecking (map.m_flags \u0026 F2FS_MAP_MAPPED) condition instead of\n(map.m_pblk != NULL_ADDR) to fix this issue.\n\nThanks a lot for the effort of Yi Zhang and Shinichiro Kawasaki on this\nissue.\n\n[1] https://lore.kernel.org/linux-f2fs-devel/CAHj4cs-kfojYC9i0G73PRkYzcxCTex=-vugRFeP40g_URGvnfQ@mail.gmail.com/\n[2] https://lore.kernel.org/linux-f2fs-devel/gngdj77k4picagsfdtiaa7gpgnup6fsgwzsltx6milmhegmjff@iax2n4wvrqye/"
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T06:49:32.193Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/1a9225fdd0ec95fcf32936bcea9ceef0cf1512dc"
},
{
"url": "https://git.kernel.org/stable/c/2b2611a42462c6c685d40b5f3aedcd8d21c27065"
},
{
"url": "https://git.kernel.org/stable/c/e8b485e39b4d17afa9a2821fc778d5a67abfc03a"
},
{
"url": "https://git.kernel.org/stable/c/33e62cd7b4c281cd737c62e5d8c4f0e602a8c5c5"
}
],
"title": "f2fs: multidev: fix to recognize valid zero block address",
"x_generator": {
"engine": "bippy-c9c4e1df01b2"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-38636",
"datePublished": "2024-06-21T10:18:24.900Z",
"dateReserved": "2024-06-18T19:36:34.947Z",
"dateUpdated": "2024-08-02T04:12:25.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48716
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-08-03 15:17
Severity ?
EPSS score ?
Summary
ASoC: codecs: wcd938x: fix incorrect used of portid
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "aa7152f9f117",
"status": "affected",
"version": "e8ba1e05bdc0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "9167f2712dc8",
"status": "affected",
"version": "e8ba1e05bdc0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "c5c1546a654f",
"status": "affected",
"version": "e8ba1e05bdc0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "affected",
"version": "5.14"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "5.14",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.16",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.17",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unaffected",
"version": "5.17"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48716",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T13:56:06.745366Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T14:04:19.940Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:17:55.862Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/aa7152f9f117b3e66b3c0d4158ca4c6d46ab229f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9167f2712dc8c24964840a4d1e2ebf130e846b95"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c5c1546a654f613e291a7c5d6f3660fc1eb6d0c7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"sound/soc/codecs/wcd938x.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "aa7152f9f117",
"status": "affected",
"version": "e8ba1e05bdc0",
"versionType": "git"
},
{
"lessThan": "9167f2712dc8",
"status": "affected",
"version": "e8ba1e05bdc0",
"versionType": "git"
},
{
"lessThan": "c5c1546a654f",
"status": "affected",
"version": "e8ba1e05bdc0",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"sound/soc/codecs/wcd938x.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.14"
},
{
"lessThan": "5.14",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: codecs: wcd938x: fix incorrect used of portid\n\nMixer controls have the channel id in mixer-\u003ereg, which is not same\nas port id. port id should be derived from chan_info array.\nSo fix this. Without this, its possible that we could corrupt\nstruct wcd938x_sdw_priv by accessing port_map array out of range\nwith channel id instead of port id."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:13:58.171Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/aa7152f9f117b3e66b3c0d4158ca4c6d46ab229f"
},
{
"url": "https://git.kernel.org/stable/c/9167f2712dc8c24964840a4d1e2ebf130e846b95"
},
{
"url": "https://git.kernel.org/stable/c/c5c1546a654f613e291a7c5d6f3660fc1eb6d0c7"
}
],
"title": "ASoC: codecs: wcd938x: fix incorrect used of portid",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48716",
"datePublished": "2024-06-20T11:13:09.315Z",
"dateReserved": "2024-06-20T11:09:39.050Z",
"dateUpdated": "2024-08-03T15:17:55.862Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48715
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
EPSS score ?
Summary
scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:17:55.856Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3a345198a7c2d1db2526dc60b77052f75de019d3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/471085571f926a1fe6b1bed095638994dbf23990"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/003bcee66a8f0e76157eb3af369c173151901d97"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/53e4f71763c61a557283eb43301efd671922d1e8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ec4334152dae175dbd8fd5bde1d2139bbe7b42d0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2f5a1ac68bdf2899ce822ab845081922ea8c588e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2d24336c7214b281b51860e54783dfc65f1248df"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/936bd03405fc83ba039d42bc93ffd4b88418f1d3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48715",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:11:26.064994Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:49.952Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/scsi/bnx2fc/bnx2fc_fcoe.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3a345198a7c2",
"status": "affected",
"version": "d576a5e80cd0",
"versionType": "git"
},
{
"lessThan": "471085571f92",
"status": "affected",
"version": "d576a5e80cd0",
"versionType": "git"
},
{
"lessThan": "003bcee66a8f",
"status": "affected",
"version": "d576a5e80cd0",
"versionType": "git"
},
{
"lessThan": "53e4f71763c6",
"status": "affected",
"version": "d576a5e80cd0",
"versionType": "git"
},
{
"lessThan": "ec4334152dae",
"status": "affected",
"version": "d576a5e80cd0",
"versionType": "git"
},
{
"lessThan": "2f5a1ac68bdf",
"status": "affected",
"version": "d576a5e80cd0",
"versionType": "git"
},
{
"lessThan": "2d24336c7214",
"status": "affected",
"version": "d576a5e80cd0",
"versionType": "git"
},
{
"lessThan": "936bd03405fc",
"status": "affected",
"version": "d576a5e80cd0",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/scsi/bnx2fc/bnx2fc_fcoe.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.16"
},
{
"lessThan": "3.16",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.300",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.265",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.178",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.99",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.22",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bnx2fc: Make bnx2fc_recv_frame() mp safe\n\nRunning tests with a debug kernel shows that bnx2fc_recv_frame() is\nmodifying the per_cpu lport stats counters in a non-mpsafe way. Just boot\na debug kernel and run the bnx2fc driver with the hardware enabled.\n\n[ 1391.699147] BUG: using smp_processor_id() in preemptible [00000000] code: bnx2fc_\n[ 1391.699160] caller is bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc]\n[ 1391.699174] CPU: 2 PID: 4355 Comm: bnx2fc_l2_threa Kdump: loaded Tainted: G B\n[ 1391.699180] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013\n[ 1391.699183] Call Trace:\n[ 1391.699188] dump_stack_lvl+0x57/0x7d\n[ 1391.699198] check_preemption_disabled+0xc8/0xd0\n[ 1391.699205] bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc]\n[ 1391.699215] ? do_raw_spin_trylock+0xb5/0x180\n[ 1391.699221] ? bnx2fc_npiv_create_vports.isra.0+0x4e0/0x4e0 [bnx2fc]\n[ 1391.699229] ? bnx2fc_l2_rcv_thread+0xb7/0x3a0 [bnx2fc]\n[ 1391.699240] bnx2fc_l2_rcv_thread+0x1af/0x3a0 [bnx2fc]\n[ 1391.699250] ? bnx2fc_ulp_init+0xc0/0xc0 [bnx2fc]\n[ 1391.699258] kthread+0x364/0x420\n[ 1391.699263] ? _raw_spin_unlock_irq+0x24/0x50\n[ 1391.699268] ? set_kthread_struct+0x100/0x100\n[ 1391.699273] ret_from_fork+0x22/0x30\n\nRestore the old get_cpu/put_cpu code with some modifications to reduce the\nsize of the critical section."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T11:13:57.024Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3a345198a7c2d1db2526dc60b77052f75de019d3"
},
{
"url": "https://git.kernel.org/stable/c/471085571f926a1fe6b1bed095638994dbf23990"
},
{
"url": "https://git.kernel.org/stable/c/003bcee66a8f0e76157eb3af369c173151901d97"
},
{
"url": "https://git.kernel.org/stable/c/53e4f71763c61a557283eb43301efd671922d1e8"
},
{
"url": "https://git.kernel.org/stable/c/ec4334152dae175dbd8fd5bde1d2139bbe7b42d0"
},
{
"url": "https://git.kernel.org/stable/c/2f5a1ac68bdf2899ce822ab845081922ea8c588e"
},
{
"url": "https://git.kernel.org/stable/c/2d24336c7214b281b51860e54783dfc65f1248df"
},
{
"url": "https://git.kernel.org/stable/c/936bd03405fc83ba039d42bc93ffd4b88418f1d3"
}
],
"title": "scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe",
"x_generator": {
"engine": "bippy-7d53e8ef8be4"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48715",
"datePublished": "2024-06-20T11:13:08.654Z",
"dateReserved": "2024-06-20T11:09:39.050Z",
"dateUpdated": "2024-09-11T17:34:49.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading...